Linux system service and Management (services)---------Day Fourth

Virtual Machine A

? ? 1. Set the firewall state to trusted

? 2.SELinux currently modified to permissive

? 3.SELinux permanent status modified to permissive

? ? 4. Clear the Yum cache to check if Yum is available

? ? Virtual Machine B

? ? 1. Set the firewall state to trusted

? 2.SELinux currently modified to permissive

? 3.SELinux permanent status modified to permissive

? ? 4. Clear the Yum cache to check if Yum is available

? ? /etc/selinux/config (Permanent status profile)

########################################################

? Why a DNS system is required

–www.baidu.com and 119.75.217.56, which is better to remember?

– 114 Directory Assistance/Navigator in the Internet

? Features of the DNS server

? – Forward parsing: Find its corresponding IP address based on the registered domain name

? – Reverse Resolution: Find the corresponding registered domain name based on the IP address, not commonly used

? ? ? ?

? ? ? ? ? ? ? ? . ? Root domain?

? ??

? Full qualified Domain name, fully qualified host name

? –= site name. Domain name suffix

? –= the site name. .. .. . Level two domain. First-level domain

? Common top-level/first-level domains

? – Country/region:?. cn,?. US,. KR,. HK,. TW 、.. ..

? – Organization domain:. com,?. NET,?. edu,. org,. gov,. Mil 、.. ..

? Bind server-side programs

?? – Main execution procedure:/usr/sbin/named

?? – System Services: named

?? – Default port: TCP/UDP 53

?? – Virtual root environment at runtime:/var/named/chroot/

?? Master profile:/etc/named.conf?? Specify the domain name that is responsible for parsing? tedu.cn

?? Address library file:/var/named/???? host name and IP address correspondence

??? Normal parsing:? UDP 53

??? master-Slave synchronization:? TCP 53

Virtual Machine A:

1. Build a basic DNS service, install Bind-chroot, bind

[[email protected] ~]# yum-y install bind-chroot bind

2. Modify the/etc/named.conf Master profile to specify that the domain name responsible for parsing is tedu.cn

? Options {

Directory "/var/named";? #指定地址库文件存放位置

? };

? Zone? " Tedu.cn "? In {?????? #指定本机负责解析的域名

Type master;??????? #指定为权威服务器

File "Tedu.cn.zone";??? #指定地址库文件, file name

? };

3. Create a/var/named address library file? " Tedu.cn.zone "

[Email protected] named]# cd/var/named

[email protected] named]# CP?-P? named.localhost? Tedu.cn.zone

[Email protected] named]# ls-l Tedu.cn.zone

[Email protected] named]# vim Tedu.cn.zone

? tedu.cn. ? NS. svr7???????? #指定本域名DNS服务器主机名

? svr7??? A. 192.168.4.7????? #指定本域名DNS服务器IP地址??

? www.??? A? 1.1.1.1

? ftp???? A? 2.2.2.2

4. Restart named service, set up named to open the service

? ? ??

Verify:

? On virtual machine B:

[email protected] ~]#? vim/etc/resolv.conf? #指定DNS服务器

? NameServer? 192.168.4.7

[email protected] ~]# nslookup? www.tedu.cn

####################################################

Multi-zone DNS servers

Virtual Machine A:

1. Modify the/etc/named.conf Master profile to specify that the domain name responsible for parsing is tedu.cn

? Append Write

? Zone? " Qq.com "? In {?????? #指定本机负责解析的域名

Type master;??????? #指定为权威服务器

File "Qq.com.zone";??? #指定地址库文件, file name

? };

2. Create a/var/named address library file? " Qq.com.zone "

[Email protected] named]# vim Qq.com.zone

? qq.com. ? Ns? Svr7??????? #指定本域名DNS服务器主机名

? svr7??? A? 192.168.4.7??? #指定本域名DNS服务器IP地址??

? www.??? A? 1.1.1.1

? ftp???? A? 2.2.2.2

4. Restart named service, set up named to open the service

? ? ??

########################################################

? DNS load balancing, polling for parsing results

?? DNS-based Site load Balancing

? ? ? – One domain---> multiple different IP addresses

? ? ? – Mirror Service content for each IP

#######################################################

Special parsing Records

Pan Domain Name Resolution

? Match any host address that is not defined in this domain

– Match directly with * entries

– typically used only in forward zone files

? regular pan-domain name resolution

? ? stu1.tedu.cn--------> 192.168.10.1

? ? stu2.tedu.cn--------> 192.168.10.2

? ? stu3.tedu.cn--------> 192.168.10.3

? ......

? ? stu60.tedu.cn--------> 192.168.10.60

?? $GENERATE generate continuous range numbers

?? $GENERATE 1-60 stu$.tedu.cn. ? ? A? 192.168.10.$

?

On virtual Machine A

1. Modify the Address library file

? Vim? /var/named/tedu.cn.zone

? * ? ? ? ? ? A? 10.10.10.10

? tedu.cn.?? A? 100.200.210.220

? $GENERATE 1-60 stu$? A 192.168.10.$

2. Restart named service

Client authentication on virtual machine B:

? nslookup? haha.tedu.cn

? nslookup? stu57.tedu.cn

? nslookup? tedu.cn

#####################################################

? DNS Subdomain authorization

??

? ? ? ? Parent domain: www.tedu.cn????? The DNS of the parent domain is responsible for tedu.cn

? ? ? ? Subdomain:? Www.bj.tedu.cn??? DNS for subdomain is responsible for bj.tedu.cn?

? ? ?

? ? ? 1. Parent domain DNS server, able to resolve tedu.cn end of host name----------on SVR7

? ? ? 2. DNS server for child domains, capable of parsing bj.tedu.cn end of host name-------on pc207

? ? ? 3. Parent domain DNS server, capable of resolving bj.tedu.cn end of host name

? ? ? 4. DNS server for child domains, capable of resolving tedu.cn end-of-host names

? virtual machine B:?

1. Build a basic DNS service, install Bind-chroot, bind

2. Modify the/etc/named.conf master configuration file

? Options {

Directory "/var/named";??

? };

? Zone? " Bj.tedu.cn "? In {??????

Type master;?????????

File "Bj.tedu.cn.zone";???

? };

3. Create a/var/named address library file? " Bj.tedu.cn.zone "

[email protected] named]# CP?-P? named.localhost? Bj.tedu.cn.zone

[Email protected] named]# vim Bj.tedu.cn.zone

? bj.tedu.cn. ? NS. pc207???????

? pc207???? A? 192.168.4.207???

? www.???? A? 1.2.3.4

4. Restart named service, set up named to open the service

[email protected]/]# nslookup www.bj.tedu.cn 192.168.4.207

##########################################################

The parent domain's DNS server, which resolves the host name at the end of the bj.tedu.cn?

? virtual Machine A:

1. Modify the address library file/var/named/tedu.cn.zone

?? tedu.cn. ? ? NS. svr7

?? bj.tedu.cn. NS. pc207

?? svr7??? A? 192.168.4.7

?? pc207??? A? 192.168.4.207

?? www.??? A? 1.1.1.1

?? ftp???? A? 2.2.2.2

? ?* ? ? ? ? ? A? 10.10.10.10

?? tedu.cn. ? A? 100.200.210.220

?? $GENERATE 1-60 stu$? A 192.168.10.$

2. Restart named service

3. Verification: nslookup www.bj.tedu.cn 192.168.4.7

? Recursive parsing: A DNS server that interacts with other DNS servers, eventually bringing the results back to the process

? Iterative parsing: DNS server, interacting with other DNS servers

#####################################################

The DNS server of the subdomain, able to resolve tedu.cn end of host name

Virtual Machine B:

1. Modify the master configuration file

[Email protected]/]# vim/etc/named.conf?

? Zone "tedu.cn" in {

Type forward;

Forwarders? {192.168.4.7;?};

? };

2. Restart named service

3. Verification

[email protected]/]# nslookup www.tedu.cn? 192.168.4.207

########################################################

? ? Complete virtual machine access extranet??

1. In the real machine implementation, bridge equipment creation (BR0)

[Email protected]/]# systemctl? status? NetworkManager (GRAPHIC)

[Email protected]/]# systemctl Status Network (command line)

[Email protected]/]# systemctl? stop?? NetworkManager (GRAPHIC)

[Email protected]/]# systemctl Status Network (command line)

? ? Vim/etc/sysconfig/network-scripts/ifcfg-br0

? ? Device=br0??????? #设备名

? ? Type=bridge?????? #设备类型

? ? Bootproto=none????? #手工配置IP地址??

? ? Onboot=yes??????? #开机自起动

? ? Ipaddr=172.40.50.114?

? ? netmask=255.255.255.0

? ? gateway=172.40.50.1

2. Let the real machine ENP2S0 Real network card, connect br0, append write

? ? Vim/etc/sysconfig/network-scripts/ifcfg-enp2s0

? ? ? ? Bridge=br0

3. Re-start the network?

Linux system service and Management (services)---------Day Fourth