Linux System Learning 15th Day-<< Engineer Technology >>

Virtual Machine A
1. Set the firewall state to trusted
2.SELinux currently modified to permissive
3.SELinux permanent status modified to permissive
4. Clear the Yum cache to check if Yum is available

Virtual Machine B
1. Set the firewall state to trusted
2.SELinux currently modified to permissive
3.SELinux permanent status modified to permissive
4. Clear the Yum cache to check if Yum is available

/etc/selinux/config (Permanent status profile)

########################################################
? Why a DNS system is required
–www.baidu.com and 119.75.217.56, which is better to remember?
– 114 Directory Assistance/Navigator in the Internet

? Features of the DNS server
– Forward parsing: Find its corresponding IP address based on the registered domain name
– Reverse Resolution: Find the corresponding registered domain name based on the IP address, not commonly used

. Root domain

? Full qualified Domain name, fully qualified host name
–= site name. Domain name suffix
–= the site name. .. .. . Level two domain. First-level domain

? Common top-level/first-level domains
– Country/region:. CN,. US,. KR,. HK,. TW 、.. ..
– Organization domain:. com,. NET,. edu,. org,. gov,. Mil 、.. ..

? Bind server-side programs
– Main execution procedure:/usr/sbin/named
– System services: named
– Default port: TCP/UDP 53
– Virtual root environment at runtime:/var/named/chroot/

? Master profile:/etc/named.conf Specifies the domain name responsible for parsing tedu.cn
? Address library file:/var/named/host name and IP address

Normal parsing: UDP 53

Master-Slave synchronization: TCP 53

Virtual Machine A:

1. Build a basic DNS service, install Bind-chroot, bind
[[email protected] ~]# yum-y install bind-chroot bind

2. Modify the/etc/named.conf Master profile to specify that the domain name responsible for parsing is tedu.cn

Options {
Directory "/var/named"; #指定地址库文件存放位置
};
Zone "tedu.cn" in {#指定本机负责解析的域名
Type master; #指定为权威服务器
File "Tedu.cn.zone"; #指定地址库文件, file name
};

3. Create the/var/named address library file "Tedu.cn.zone"
[Email protected] named]# cd/var/named
[Email protected] named]# cp-p named.localhost tedu.cn.zone

[Email protected] named]# ls-l Tedu.cn.zone

[Email protected] named]# vim Tedu.cn.zone

tedu.cn. NS svr7 #指定本域名DNS服务器主机名
SVR7 A 192.168.4.7 #指定本域名DNS服务器IP地址
www A 1.1.1.1
FTP A 2.2.2.2

4. Restart named service, set up named to open the service

Verify:

On virtual machine B:
[Email protected] ~]# vim/etc/resolv.conf #指定DNS服务器
NameServer 192.168.4.7

[email protected] ~]# nslookup www.tedu.cn

####################################################

Multi-zone DNS servers
Virtual Machine A:
1. Modify the/etc/named.conf Master profile to specify that the domain name responsible for parsing is tedu.cn
Append Write

Zone "Qq.com" in {#指定本机负责解析的域名
Type master; #指定为权威服务器
File "Qq.com.zone"; #指定地址库文件, file name
};

2. Create the/var/named address library file "Qq.com.zone"
[Email protected] named]# vim Qq.com.zone

qq.com. NS svr7 #指定本域名DNS服务器主机名
SVR7 A 192.168.4.7 #指定本域名DNS服务器IP地址
www A 1.1.1.1
FTP A 2.2.2.2

4. Restart named service, set up named to open the service

########################################################

DNS load balancing, polling for parsing results

DNS-based Site load Balancing
– One domain---> multiple different IP addresses
– Mirror Service content for each IP

#######################################################
Special parsing Records

Pan Domain Name Resolution
? Match any host address that is not defined in this domain
– Match directly with * entries
– typically used only in forward zone files

Regular pan-domain name resolution

stu1.tedu.cn--------> 192.168.10.1
stu2.tedu.cn--------> 192.168.10.2

stu3.tedu.cn--------> 192.168.10.3
......

stu60.tedu.cn--------> 192.168.10.60

$GENERATE Generating Continuous range numbers

$GENERATE 1-60 stu$.tedu.cn. A 192.168.10.$

On virtual Machine A
1. Modify the Address library file

Vim/var/named/tedu.cn.zone

* A 10.10.10.10
tedu.cn. A 100.200.210.220
$GENERATE 1-60 stu$ A 192.168.10.$

2. Restart named service

Client authentication on virtual machine B:

Nslookup haha.tedu.cn
Nslookup stu57.tedu.cn
Nslookup tedu.cn

#####################################################
DNS Subdomain authorization

Parent domain: www.tedu.cn DNS is responsible for the parent domain tedu.cn

Subdomain: DNS of the www.bj.tedu.cn subdomain is responsible for bj.tedu.cn

1. Parent domain DNS server, capable of resolving tedu.cn end of host name
2. DNS server for child domains, capable of resolving bj.tedu.cn end-of-host names

3. Parent domain DNS server, capable of resolving bj.tedu.cn end of host name
4. DNS server for child domains, capable of resolving tedu.cn end-of-host names

  Virtual machine B:  
1. Build a basic DNS service, install Bind-chroot, bind
2. Modify the/etc/named.conf Master profile
 options {
     Directory      "/var/named";   
 };
  zone  "bj.tedu.cn"   in {            
     Type master;                   
     File "Bj.tedu.cn.zone";      
 };

3. Create the/var/named address library file "Bj.tedu.cn.zone"
[Email protected] named]# cp-p named.localhost bj.tedu.cn.zone
[Email protected] named]# vim Bj.tedu.cn.zone
bj.tedu.cn. NS pc207
pc207 A 192.168.4.207
www A 1.2.3.4
4. Restart named service, set up named to open the service
[email protected]/]# nslookup www.bj.tedu.cn 192.168.4.207

##########################################################

Parent domain DNS server, capable of resolving bj.tedu.cn end-of-host names

Virtual Machine A:
1. Modify the address library file/var/named/tedu.cn.zone
tedu.cn. NS SVR7
bj.tedu.cn. NS pc207
SVR7 A 192.168.4.7
pc207 A 192.168.4.207
www A 1.1.1.1
FTP A 2.2.2.2
* A 10.10.10.10
tedu.cn. A 100.200.210.220
$GENERATE 1-60 stu$ A 192.168.10.$

2. Restart named service

3. Verification: nslookup www.bj.tedu.cn 192.168.4.7

Recursive parsing: A DNS server that interacts with other DNS servers, eventually bringing the results back to the process

Iterative parsing: DNS server, interacting with other DNS servers

#####################################################

DNS server for child domains, capable of resolving tedu.cn end-of-host names

Virtual Machine B:
1. Modify the master configuration file
[Email protected]/]# vim/etc/named.conf

Zone "tedu.cn" in {
Type forward;
Forwarders {192.168.4.7; };
};

2. Restart named service
3. Verification

[email protected]/]# nslookup www.tedu.cn 192.168.4.207

########################################################

Complete Virtual Machine Access extranet

1. In the real machine implementation, bridge equipment creation (BR0)
[[email protected]/]# systemctl status NetworkManager (graphic)
[[email protected]/]# systemctl Status Network (command line)
[[email protected]/]# systemctl stop NetworkManager (graphic)
[[email protected]/]# systemctl Status Network (command line)

Vim/etc/sysconfig/network-scripts/ifcfg-br0

Device=br0 #设备名
Type=bridge #设备类型
Bootproto=none #手工配置IP地址
Onboot=yes #开机自起动
ipaddr=172.40.50.114
netmask=255.255.255.0
gateway=172.40.50.1

2. Let the real machine ENP2S0 Real network card, connect br0, append write
Vim/etc/sysconfig/network-scripts/ifcfg-enp2s0
Bridge=br0

3. Re-start the network

######################################################

Linux System Learning 15th Day-<< Engineer Technology >>