Yadda zaka Sanya Server na DNS/DHCP Ta Amfani dnsmasq akan CentOS/RHEL 8/7


Sabis na Hostarfafa Hostarfafa Mai Rarraba Mai Rarraba (DHCP) yana sanya adiresoshin IP da sauran sifofin daidaitawar cibiyar sadarwa ga kowane na'ura akan hanyar sadarwa. Mai gabatar da DNS a kan LAN ya gabatar da tambayoyin DNS don sunayen yankin da ba na gida ba don haɓaka sabobin DNS (a waje da hanyar sadarwar). A DNS caching uwar garken amsa recursive buƙatun daga abokan ciniki don haka da cewa DNS tambaya za a iya warware sauri, ta haka ne inganta DNS duba gudu zuwa shafukan da aka ziyarta a baya.

dnsmasq nauyi ne mai sauƙi, mai sauƙin daidaitawa mai tura DNS, software na sabar DHCP da tsarin tallata hanyar sadarwa ta ƙananan hanyoyin sadarwa. Dnsmasq yana tallafawa Linux, * BSD, Mac OS X da Android.

Yana haɓaka tsarin tsarin DNS wanda ke ba da uwar garken DNS na gida don hanyar sadarwar, tare da isar da duk nau'ikan tambayoyin don sake dawo da sabobin DNS da kuma ɓoye nau'ikan rikodin gama gari. DHCP ƙaramin tsarin yana tallafawa DHCPv4, DHCPv6, BOOTP, PXE, da kuma uwar garken TFTP. Kuma tsarin tallan komputa na talla ta hanyar komputa yana tallafawa ainihin kayan aikin atomatik don masu karɓar IPv6.

A cikin wannan labarin, zamu bi ku cikin umarnin kan yadda ake girka da saita saitin DNS/DHCP Server Ta amfani da dnsmasq akan rarraba CentOS/RHEL 8/7.

Shigar dnsmasq a cikin CentOS da RHEL Linux

1. Ana samun kunshin dnsmasq a wuraren da aka tanada kuma za'a iya shigar dasu cikin sauki ta amfani da mai sarrafa kunshin YUM kamar yadda aka nuna.

# yum install dnsmasq

2. Da zarar an gama shigar da kunshin dnsmasq, to kana bukatar fara aikin dnsmasq a yanzu sannan ka bashi damar fara aiki kai tsaye daga boot din system. Bayan haka, bincika matsayinta don tabbatar da cewa yana aiki da gudana ta amfani da umarnin systemctl masu zuwa.

# systemctl start dnsmasq
# systemctl enable dnsmasq
# systemctl status dnsmasq

Saitin Server dnsmasq a cikin CentOS da RHEL Linux

3. Ana iya saita sabar dnsmasq ta fayil din /etc/dnsmasq.conf (wanda ya kunshi yadda aka yi sharhi da bayani sosai), sannan kuma za a iya hada fayilolin sanyi na mai amfani a cikin /etc/dnsmasq.d.

Ana kunna DNS ta tsohuwa, don haka kafin yin canje-canje, tabbatar da ƙirƙirar madadin fayil /etc/dnsmasq.conf.

# cp /etc/dnsmasq.conf /etc/dnsmasq.conf.orig

4. Yanzu buɗe fayil /etc/dnsmasq.conf ta amfani da editan da kuka fi so na rubutu kuma ku sanya saitunan sanyi masu zuwa.

# vi /etc/dnsmasq.conf 

Ana amfani da adireshin-saurare zabin don saita adireshin IP, inda dnsmasq zai saurara. Don amfani da sabar CentOS/RHEL don sauraron DHCP da buƙatun DNS akan LAN, saita zaɓi adreshin saurara zuwa adiresoshin IP na LAN (ku tuna ku haɗa da 127.0.0.1) kamar yadda aka nuna. Lura cewa uwar garken IP dole ne ya zama tsaye.

listen-address=::1,127.0.0.1,192.168.56.10

Dangane da abin da ke sama, za ka iya ƙuntata dnsmasq ɗin yana dubawa ta amfani da zaɓin keɓaɓɓiyar (ƙara ƙarin layi don fiye da ɗaya ke dubawa).

interface=eth0

5. Idan kana son samun yanki (wanda zaka iya saitawa kamar yadda aka nuna a gaba) an ƙara ta atomatik zuwa sunaye masu sauƙi a cikin fayil ɗin runduna, ba damuwa da zaɓin faɗaɗa-masauki .

expand-hosts

6. Don saita yankin don dnsmasq, wanda ke nufin abokan cinikin DHCP zasu sami cikakkun sunayen yanki matukar dai saitin yankin ya yi daidai, kuma ya saita "yankin" DHCP zabin ga dukkan abokan ciniki.

domain=tecmint.lan

7. Na gaba, kuma ka ayyana sabin DNS na gaba don wuraren da ba na gida ba ta amfani da zabin uwar garken (a cikin sigar sabar = dns_server_ip) kamar yadda aka nuna.

# Google's nameservers
server=8.8.8.8
server=8.8.4.4

8. Sannan zaku iya tilasta yankinku zuwa adireshin IP (s) ta amfani da zaɓin adireshin kamar yadda aka nuna.

address=/tecmint.lan/127.0.0.1 
address=/tecmint.lan/192.168.56.10

9. Ajiye fayel din saika duba tsarin hada fayil domin kurakurai kamar yadda aka nuna.

# dnsmasq --test

10. A wannan matakin, kuna buƙatar yin duk tambayoyin da za'a aika zuwa dnsmasq ta ƙara adiresoshin localhost azaman kawai masu izini a cikin fayil /etc/resolv.conf.

# vi /etc/resolv.conf

11. Fayil din /etc/resolv.conf ya samu karbuwa ta hanyar daemon gida musamman umarnin chattr kamar yadda aka nuna.

# chattr +i /etc/resolv.conf
# lsattr /etc/resolv.conf

12. Dnsmasq yana karanta dukkan rundunonin DNS da sunaye daga fayil/etc/runduna, don haka ƙara adireshin IP ɗin rundunoninku na DNS da nau'i-nau'i kamar yadda aka nuna.

127.0.0.1       dnsmasq
192.168.56.10 	dnsmasq 
192.168.56.1   	gateway
192.168.56.100	maas-controller 
192.168.56.20 	nagios
192.168.56.25 	webserver1

Mahimmanci: Hakanan ana iya bayyana sunayen DNS na gida ta shigo da sunaye daga tsarin DHCP, ko ta hanyar daidaita nau'ikan rikodin masu amfani.

13. Don amfani da canje-canjen da ke sama, sake kunna sabis dnsmasq kamar yadda aka nuna.

# systemctl restart dnsmasq

14. Idan kana da sabis na kashe gobara da ke gudana, kana buƙatar buɗe sabis na DNS da DHCP a cikin daidaitawar katangar wuta, don ba da damar buƙatu daga rundunonin kan LAN ɗinka su wuce zuwa sabar dnsmasq.

# firewall-cmd --add-service=dns --permanent
# firewall-cmd --add-service=dhcp --permanent
# firewall-cmd --reload

15. Don gwadawa idan uwar garken DNS na gida ko turawa na aiki lafiya, kuna buƙatar amfani da kayan aiki kamar su nslookup don yin tambayoyin DNS. Waɗannan kayan aikin ana samar dasu ne ta hanyar kunshin kayan aiki wanda bazai yuwu a fara sanya su akan CentOS/RHEL 8 ba, amma zaku iya shigar dashi kamar yadda aka nuna.

# yum install bind-utils

16. Da zarar ka girka, zaka iya gudanar da tambaya mai sauƙi a yankinku kamar yadda aka nuna.

# dig tecmint.lan
OR
# nslookup tecmint.lan

17. Hakanan zaka iya kokarin tambayar FQDN na ɗayan sabar.

# dig webserver1.tecmint.lan
OR
# nslookup webserver1.tecmint.lan

18. Don gwada jujjuyawar neman IP, gudanar da irin wannan umarnin.

# dig -x 192.168.56.25
OR
# nslookup 192.168.56.25

Enable DHCP Server Ta amfani da dnsmasq

19. Kuna iya kunna sabar DHCP ta hanyar rashin damuwa da zaɓin dhcp-range kuma ku samar da zangon adiresoshin da za'a samu domin haya da kuma zaɓi lokacin haya misali (maimaita fiye da cibiyar sadarwa ɗaya).

dhcp-range=192.168.0.50,192.168.0.150,12h

20. Zaɓi mai zuwa yana bayyana inda uwar garken DHCP zata adana bayanan ajiyarta, wannan zai taimaka muku duba adireshin IP ɗin da ta sanya cikin sauƙi.

dhcp-leasefile=/var/lib/dnsmasq/dnsmasq.leases

21. Don yin uwar garken DHCP zuwa yanayin izini, ƙaddamar da zaɓi.

dhcp-authoritative

22. Adana fayil kuma sake kunna dnsmasq sabis don amfani da canje-canje kwanan nan.

# systemctl restart dnsmasq

Wannan shine yakawo mana karshen wannan jagorar. Don isa gare mu don kowane tambayoyi ko tunani da kuke son raba game da wannan jagorar, yi amfani da fom ɗin da ke ƙasa.