Shigar kuma Sanya Caching-Only DNS Server a cikin RHEL/CentOS 7 - Kashi na 10

Sabar DNS ta zo da nau'ikan nau'ikan nau'ikan nau'ikan nau'ikan nau'ikan nau'ikan nau'ikan nau'ikan nau'ikan nau'ikan nau'ikan nau'ikan nau'ikan nau'ikan nau'ikan nau'ikan nau'ikan nau'ikan nau'ikan nau'ikan nau'ikan nau'ikan nau'ikan nau'ikan nau'ikan nau'ikan suna zuwa kamar su master, bawa, turawa da cache, don sunaye ƴan misalan, tare da cache-kawai DNS shine wanda ya fi sauƙin saitawa. Tunda DNS yana amfani da ka'idar UDP, yana inganta lokacin tambaya saboda baya buƙatar sanarwa.

Sabar DNS mai cache-kawai kuma ana kiranta da mai warwarewa, wanda zai bincika bayanan DNS kuma zai debo duk bayanan DNS daga wasu sabobin, kuma ya adana kowace buƙatar tambaya a cikin cache ɗin ta don amfani daga baya ta yadda idan muka yi wannan buƙatar nan gaba. zai yi aiki daga cache ɗin sa, don haka rage lokacin amsawa har ma da ƙari.

Idan kuna neman saita uwar garken Caching-kawai na DNS a cikin CentOS/RHEL 6, bi wannan jagorar anan:

DNS server		:	dns.tecmintlocal.com (Red Hat Enterprise Linux 7.1)
Server IP Address	:	192.168.0.18
Client			:	node1.tecmintlocal.com (CentOS 7.1)
Client IP Address	:	192.168.0.29

Mataki 1: Sanya Cache-Only DNS Server a cikin RHEL/CentOS 7

1. Sabar uwar garken DNS-Kawai, ana iya shigar da ita ta kunshin ɗaure. Idan baku tuna sunan kunshin ba, zaku iya yin bincike mai sauri don sunan kunshin ta amfani da umarnin da ke ƙasa.

# yum search bind

2. A cikin sakamakon da ke sama, zaku ga fakiti da yawa. Daga waɗancan, muna buƙatar zaɓi da shigar da fakitin ɗaure da ɗaure kawai ta amfani da bin umarnin yum.

# yum install bind bind-utils -y

Mataki 2: Sanya Cache-Only DNS a cikin RHEL/CentOS 7

3. Da zarar an shigar da fakitin DNS za mu iya ci gaba da saita DNS. Buɗe kuma shirya /etc/name.conf ta amfani da editan rubutu da kuka fi so. Yi canje-canjen da aka ba da shawara a ƙasa (ko za ku iya amfani da saitunanku kamar yadda ake buƙata).

listen-on port 53 { 127.0.0.1; any; };
allow-query     { localhost; any; };
allow-query-cache       { localhost; any; };

Waɗannan umarnin suna ba da umarni ga uwar garken DNS don sauraron tashar tashar UDP 53, kuma don ba da damar tambayoyi da bayanan caches daga localhost da duk wata na'ura da ta isa uwar garken.

4. Yana da mahimmanci a lura cewa ikon mallakar wannan fayil dole ne a saita shi zuwa tushen: mai suna sannan kuma idan an kunna SELinux, bayan gyara fayil ɗin sanyi muna buƙatar tabbatar da cewa an saita mahallinsa zuwa. mai suna_conf_t kamar yadda aka nuna a cikin siffa 4 (abu ɗaya ga fayil ɗin taimako /etc/named.rfc1912.zones):

# ls -lZ /etc/named.conf
# ls -lZ /etc/named.rfc1912.zones

In ba haka ba, saita mahallin SELinux kafin ci gaba:

# semanage fcontext -a -t named_conf_t /etc/named.conf
# semanage fcontext -a -t named_conf_t /etc/named.rfc1912.zones

5. Bugu da ƙari, muna buƙatar gwada sanyi na DNS yanzu don wasu kuskuren syntax kafin fara sabis ɗin ɗaure:

# named-checkconf /etc/named.conf

6. Bayan da syntax tabbatar da sakamakon da alama cikakke, zata sake farawa da mai suna sabis don ɗaukar sabon canje-canje a cikin tasiri da kuma sanya sabis don fara atomatik a fadin tsarin takalma, sa'an nan kuma duba matsayinsa:

# systemctl restart named
# systemctl enable named
# systemctl status named

7. Na gaba, buɗe tashar jiragen ruwa 53 akan Tacewar zaɓi.

# firewall-cmd --add-port=53/udp
# firewall-cmd --add-port=53/udp --permanent

Mataki 3: Chroot Cache-Sabar DNS kawai a cikin RHEL da CentOS 7

8. Idan kuna son tura uwar garken DNS na Cache-kawai a cikin yanayin chroot, kuna buƙatar shigar da kunshin chroot akan tsarin kuma ba a buƙatar ƙarin daidaitawa kamar yadda ta tsohuwa hard-link zuwa chroot.

# yum install bind-chroot -y

Da zarar an shigar da kunshin chroot, zaku iya sake kunna suna don aiwatar da sabbin canje-canje:

# systemctl restart named

9. Na gaba, ƙirƙirar hanyar haɗi ta alama (kuma mai suna /etc/name.conf) cikin /var/named/chroot/etc/:

# ln -s /etc/named.conf /var/named/chroot/etc/named.conf

Mataki 4: Sanya DNS akan Injin Client

10. Ƙara sabobin Cache na DNS IP 192.168.0.18 a matsayin mai warwarewa ga injin abokin ciniki. Shirya /etc/sysconfig/network-scripts/ifcfg-enp0s3 kamar yadda aka nuna a wannan adadi:

DNS=192.168.0.18

Kuma /etc/resolv.conf kamar haka:

nameserver 192.168.0.18

11. A ƙarshe lokaci ya yi da za a duba uwar garken cache ɗin mu. Don yin wannan, zaku iya amfani da umarnin nslookup.

Zabi kowane gidan yanar gizo kuma yi tambaya sau biyu (za mu yi amfani da facebook.com a matsayin misali). Lura cewa tare da tono a karo na biyu an kammala tambayar da sauri saboda ana ba da ita daga cache.

# dig facebook.com

Hakanan zaka iya amfani da nslookup don tabbatar da cewa uwar garken DNS yana aiki kamar yadda aka zata.

# nslookup facebook.com

Takaitawa

A cikin wannan labarin mun bayyana yadda ake saita uwar garken Cache-kawai na DNS a cikin Red Hat Enterprise Linux 7 da CentOS 7, kuma mun gwada shi a cikin injin abokin ciniki. Jin kyauta don sanar da mu idan kuna da wasu tambayoyi ko shawarwari ta amfani da fom ɗin da ke ƙasa.