กรุณาปิด โปรแกรมบล๊อกโฆษณา เพราะเราอยู่ได้ด้วยโฆษณาที่ท่านเห็น
Please close the adblock program. Because we can live with the ads you see

[บทความ] [Linux] Installing,configuring DNS,DHCP and Dynamic DNS on CENTOS 7

admin

Staff Member
Administrator
In this article i will show you how to set-up DNS and DHCP server,and how to configure Dynamic DNS.
So,let’s jump in !
We’ll install DNS server in secluded environment.
The chroot is a process of creating a virtualized environment in Linux, separating it from operating system and directory structure. This creates a confined space, with its own root directory, to run software programs. Software program run in this environment cannot access files outside of that directory tree. This confined virtual environment is often called a “chroot jail”.
Install packages:
Then edit /etc/named.conf.file
check config files for typo errors:
[root@server1 dhcpd]# named-checkconf /etc/named.conf
of course,at this moment it’ll throw errors that files example.com and reverse.example.com.db
cannot be found,they don’t exist (yet).
It’s high time now to create these files.
Template zone file is located at /usr/share/doc/bind-9.9.4/sample/var/named/named.localhost
we can use it as a template for our zone files.
Copy that file to /var/named/chroot/etc/named/ and save as example.com.db
open example.com.db file in your favorite text editor and start editing:
Lets’s “decipher” these entries
@ means this zone
SOA:The SOA record stores information about the name of the server that supplied the data for the zone
root.example.com. (don’t forget period at the end) is mail address resposibile person for zone
(although it dosen’t seems as e-mail address),remeber @ means “this zone in this case
2015052601 is serial zone number.It’s purpose in DNS zone files is to provide a way for the server to verify that the contents of a zone file are up-to-date. If the serial number in a zone file hasn’t changed since that zone was last loaded, named figures that it can ignore the file.I put datetime as number,followed with 01 at the end,you can put any number you like
Refresh: Indicates the time when the slave will try to refresh the zone from the master (if we have another DNS server which transfers zone files from master server)
Retry:Defines the time between retries if the slave (secondary) fails to contact the master when refresh (above) has expired
Expire:Indicates when the zone data are considered incorrect by slave server,then slave tries to get update from master server
Minimum: defines the duration in seconds that the record may be cached
We don’t have slave server so accept default values
@ IN NS server1.example.com. don’t forget period at the end,if you ommit it then server name would
be appended at the end (server1.example.com.server1-is Name server for zone (our server)
server1 IN A 192.168.122.200 host (A) record our server
Copy that file as reverse.example.com.db (zone file for our reverse lookup zone)
Check both files for errors
Open firewall port (53)
set folder permissons
restart named service
and check if service listens on port 53:
untitled51.png
Point client computer to our DNS server:
Edit interface file in /etc/sysconfig/network-scripts/
restart network service and test DNS server:
search our zone,example,com:
So far so good,
Lets now
Install and configure DHCP server:
Install dhcp package
yum install dhcp -y
Then copy dhcpd.conf.example in /etc/dhcp folder:
Here is dhcpd.conf file:
dhcpd.conf
check file for errors:
If you didn’t installed this server on KVM switch (and set virtual adapter to receive address from host DHCP),you can start DHCP service.
Othervise,we must first disable DHCP service on interface,othervise,our client won’t receive DHCP DIscover and DHCP offer packets from our DHCP server but from KVM host,and our log file will be receiving
“Unknown lease” .
in terminal,type
[remove the element, save, exit]
Restart your Virtual machine and then start dhcp service on KVM virtual machine (server1.example.com)
Configure client to receive address from our DHCP server:
Edit interface file:
restart network,and type ifconfig:
Switch to server and check log file:
untitled11.png
Now we can finally set Dynamic DNS Updates
DNS client computers can use dynamic update to register and dynamically update their resource records with a DNS server whenever changes occur. This reduces the need for manual administration of zone records, especially for clients that frequently move or change locations and use Dynamic Host Configuration Protocol (DHCP) to obtain an IP address,to do it securely, wee need to first create a secret key. This secret key will be used to authenticate our dns update clients with the dns server.
First,generate the key:
The output is the file prefix. If you do ls Kdhcpupdate.+157+06009* will see two files. The .key file is most useful,open the .key file:
The selected part will be used for authentication:
untitled81.png
Let’s configure our dhcp server for Secure DNS updates:
make changes to dhcpd.conf file (I bold updates)
Lease info is written in leases files in /var/lib/dhcpd folder:
[root@server1 dhcpd]# ls
dhcpd6.leases dhcpd.leases dhcpd.leases~
Now edit named.conf:
(Changes bolded)
But,we are not done yet,
We now must configure SELinux policy to allow user named to create journal files
othervise,we’ll receive this error:
untitled22.png
Check system time on the server (if it’s not synchronized with time server you won’t be able to access
the internet
Now restart named and dhcpd service on server,and network service on client and
check log file on server,client should be updated in example.com.db file:
untitled31.png
credit
 
แก้ไขล่าสุดเมื่อ:


Top

AdBlock Detected

เราเข้าใจแล้วโฆษณานั้นน่ารำคาญ!

แน่นอนว่าซอฟต์แวร์บล็อกโฆษณาทำงานได้ดีเยี่ยมในการบล็อกโฆษณา แต่ก็ยังบล็อกคุณสมบัติที่มีประโยชน์และสำคัญบางอย่างของเว็บไซต์ของเรา เพื่อประสบการณ์การใช้งานเว็บไซต์ที่ดีที่สุดโปรดสละเวลาสักครู่เพื่อปิดการใช้งาน AdBlocker ของคุณ เพราะเราอยู่ได้ด้วยโฆษณาที่ท่านเห็น

ขอขอบคุณสำหรับความเข้าใจและความร่วมมือของคุณ!

ตกลงปิด AdBlock
ไม่ปิด