Jerin RHCE: Yadda ake Saita da Gwaji Tsayayyen Hanyar Sadarwar Sadarwar - Kashi na 1
RHCE (Red Hat Certified Engineer) takaddun shaida ne daga kamfanin Red Hat, wanda ke ba da tsarin aiki mai buɗewa da software ga al'ummomin kasuwancin, Hakanan yana ba da horo, tallafi da sabis na shawarwari ga kamfanoni.
Wannan RHCE (Jan Hat Certified Engineer) jarrabawa ce ta tushen aiki (lambar suna EX300), wanda ya mallaki ƙarin ƙwarewa, ilimi, da iyawar da ake buƙata na babban manajan tsarin da ke da alhakin tsarin Red Hat Enterprise Linux (RHEL).
Muhimmi: Ana buƙatar takardar shedar Red Hat Certified System Administrator (RHCSA) don samun takardar shedar RHCE.
Masu zuwa sune makasudin jarrabawa bisa sigar Red Hat Enterprise Linux 7 na jarrabawar, wanda zai rufe a cikin wannan jerin RHCE:
Don duba kudade da rajista don jarrabawa a ƙasarku, duba shafin Takaddarwar RHCE.
A cikin wannan Sashe na 1 na jerin RHCE da na gaba, za mu gabatar da asali, duk da haka na yau da kullun, lokuta inda ƙa'idodin tuƙi, tace fakiti, da fassarar adireshin cibiyar sadarwa suka shiga cikin wasa.
Da fatan za a lura cewa ba za mu rufe su da zurfi ba, sai dai tsara waɗannan abubuwan cikin hanyar da za ta taimaka wajen ɗaukar matakai na farko da ginawa daga can.
Matsayin Tsaya a cikin Red Hat Enterprise Linux 7
Wani abin al’ajabi na sadarwar zamani shi ne yadda ake samun na’urori masu yawa da za su iya haɗa rukunin kwamfutoci, walau a cikin adadi kaɗan kuma a keɓe a ɗaki ɗaya ko na’urori da yawa a cikin gini ɗaya, ko birni, ƙasa, ko nahiyoyin duniya.
Koyaya, don aiwatar da hakan yadda ya kamata a kowane yanayi, ana buƙatar fakitin hanyar sadarwa, ko kuma a wasu kalmomi, hanyar da suke bi daga tushe zuwa maƙasudi dole ne a sarrafa ko ta yaya.
Tsayayyen hanya shine tsari na tantance hanya don fakitin cibiyar sadarwa ban da tsoho, wanda na'urar cibiyar sadarwa ke samarwa da aka sani da tsohuwar ƙofa. Sai dai in an bayyana in ba haka ba ta hanyar a tsaye, fakitin cibiyar sadarwa ana kai su zuwa tsohuwar ƙofar; tare da tsayayyen hanya, an ayyana wasu hanyoyi bisa ƙayyadaddun ƙayyadaddun ƙayyadaddun ƙayyadaddun ƙayyadaddun ƙayyadaddun ƙayyadaddun ƙayyadaddun ƙayyadaddun ƙayyadaddun bayanai, kamar wurin fakitin.
Bari mu ayyana yanayin wannan koyawa. Muna da akwatin Red Hat Enterprise Linux 7 mai haɗawa zuwa na'ura mai ba da hanya tsakanin hanyoyin sadarwa #1 [192.168.0.1] don samun damar Intanet da injuna a cikin 192.168.0.0/24.
Na biyu na'ura mai ba da hanya tsakanin hanyoyin sadarwa (na'ura mai ba da hanya tsakanin hanyoyin sadarwa #2) tana da katunan sadarwa guda biyu: enp0s3 kuma an haɗa shi da na'ura mai ba da hanya tsakanin hanyoyin sadarwa #1 don samun damar Intanet da sadarwa tare da akwatin RHEL 7 da sauran na'urori a cikin hanyar sadarwa ɗaya, yayin da sauran (enp0s8) ake amfani da su. don ba da dama ga hanyar sadarwar 10.0.0.0/24 inda sabis na ciki ke zaune, kamar yanar gizo da/ko uwar garken bayanai.
An kwatanta wannan yanayin a cikin zanen da ke ƙasa:
A cikin wannan labarin za mu mai da hankali ne kawai kan saita tebur na tuƙi akan akwatin RHEL 7 don tabbatar da cewa yana iya shiga Intanet ta hanyar na'ura mai ba da hanya tsakanin hanyoyin sadarwa #1 da cibiyar sadarwa ta ciki ta hanyar na'ura mai ba da hanya tsakanin hanyoyin sadarwa #2.
A cikin RHEL 7, za ku yi amfani da umarnin ip don daidaitawa da nuna na'urori da kuma yin amfani da layin umarni. Waɗannan canje-canje na iya yin tasiri nan da nan akan tsarin aiki amma tunda ba su dagewa a cikin sake yin aiki, za mu yi amfani da ifcfg-enp0sX da fayilolin enp0sX a cikin /etc/sysconfig/network-scripts don adana tsarin mu na dindindin.
Don farawa, bari mu buga tebur ɗin mu na yanzu:
# ip route show
Daga abin da aka fitar a sama, muna iya ganin abubuwa masu zuwa:
- Adireshin IP na tsoho shine 192.168.0.1 kuma ana iya shiga ta enp0s3 NIC. Lokacin da tsarin ya tashi, ya kunna hanyar sifiri zuwa 169.254.0.0/16 (kawai idan). A cikin 'yan kalmomi, idan an saita na'ura don samun adireshin IP ta hanyar DHCP amma ta kasa yin haka saboda wasu dalilai, ana sanya ta atomatik adireshi a cikin wannan hanyar sadarwa. Ƙashin ƙasa shine, wannan hanya za ta ba mu damar sadarwa, kuma ta hanyar enp0s3, tare da wasu na'urori waɗanda suka kasa samun adireshin IP daga uwar garken DHCP.
- A ƙarshe, amma ba kalla ba, za mu iya sadarwa tare da wasu akwatuna a cikin hanyar sadarwar 192.168.0.0/24 ta hanyar enp0s3, wanda adireshin IP ɗin 192.168.0.18.
Waɗannan su ne ayyuka na yau da kullun waɗanda za ku yi a cikin irin wannan saitin. Sai dai in ba haka ba, ya kamata a yi waɗannan ayyuka a cikin na'ura mai ba da hanya tsakanin hanyoyin sadarwa #2:
Tabbatar cewa an shigar da duk NICs da kyau:
# ip link show
Idan daya daga cikinsu ya kasa, kawo shi:
# ip link set dev enp0s8 up
kuma sanya adireshin IP a cikin hanyar sadarwar 10.0.0.0/24 zuwa gare shi:
# ip addr add 10.0.0.17 dev enp0s8
Kash! Mun yi kuskure a cikin adireshin IP. Dole ne mu cire wanda muka sanya a baya sannan mu ƙara wanda ya dace (10.0.0.18):
# ip addr del 10.0.0.17 dev enp0s8 # ip addr add 10.0.0.18 dev enp0s8
Yanzu, da fatan za a lura cewa kawai za ku iya ƙara hanya zuwa cibiyar sadarwar da aka nufa ta hanyar ƙofa wadda ta riga ta isa. Don haka, muna buƙatar sanya adireshin IP a cikin kewayon 192.168.0.0/24 zuwa enp0s3 domin akwatin RHEL 7 ɗinmu ya iya sadarwa tare da shi:
# ip addr add 192.168.0.19 dev enp0s3
A ƙarshe, za mu buƙaci kunna fakitin turawa:
# echo "1" > /proc/sys/net/ipv4/ip_forward
kuma dakatar/musaki (kawai na ɗan lokaci - har sai mun rufe tacewa fakiti a cikin labarin na gaba) Tacewar zaɓi:
# systemctl stop firewalld # systemctl disable firewalld
Komawa cikin akwatin RHEL 7 (192.168.0.18), bari mu saita hanya zuwa 10.0.0.0/24 zuwa 192.168.0.19 (enp0s3 a cikin na'ura mai ba da hanya tsakanin hanyoyin sadarwa #2):
# ip route add 10.0.0.0/24 via 192.168.0.19
Bayan haka, tebur ɗin da aka keɓe ya kasance kamar haka:
# ip route show
Hakanan, ƙara hanyar da ta dace a cikin injin (s) da kuke ƙoƙarin isa ga 10.0.0.0/24:
# ip route add 192.168.0.0/24 via 10.0.0.18
Kuna iya gwada haɗin kai ta asali ta amfani da ping:
A cikin akwatin RHEL 7, gudu
# ping -c 4 10.0.0.20
inda 10.0.0.20 shine adireshin IP na sabar yanar gizo a cikin hanyar sadarwar 10.0.0.0/24.
A cikin sabar gidan yanar gizo (10.0.0.20), gudu
# ping -c 192.168.0.18
inda 192.168.0.18 yake, kamar yadda zaku tuna, adireshin IP na injin RHEL 7 ɗinmu.
A madadin, za mu iya amfani da tcpdump (zaka iya buƙatar shigar da shi tare da yum shigar tcpdump) don duba hanyar sadarwa ta hanyar 2 akan TCP tsakanin akwatin RHEL 7 na mu da sabar yanar gizo a 10.0.0.20.
Don yin haka, bari mu fara shiga cikin na'ura ta farko da:
# tcpdump -qnnvvv -i enp0s3 host 10.0.0.20
kuma daga wani tashar tashar a cikin wannan tsarin bari mu telnet zuwa tashar jiragen ruwa 80 a cikin sabar yanar gizo (zaton Apache yana sauraron wannan tashar jiragen ruwa; in ba haka ba, nuna tashar tashar dama a cikin umarni mai zuwa):
# telnet 10.0.0.20 80
Ya kamata log ɗin tcpdump ya kasance kamar haka:
Inda aka fara haɗin haɗin da kyau, kamar yadda za mu iya faɗa ta hanyar kallon hanyar sadarwa ta hanyar 2 tsakanin akwatin RHEL 7 (192.168.0.18) da sabar yanar gizo (10.0.0.20).
Da fatan za a tuna cewa waɗannan canje-canje za su tafi lokacin da kuka sake kunna tsarin. Idan kuna son sanya su dagewa, kuna buƙatar gyara (ko ƙirƙira, idan basu wanzu ba) fayiloli masu zuwa, a cikin tsarin da muka aiwatar da umarnin da ke sama.
Kodayake ba lallai ba ne don shari'ar gwajin mu, ya kamata ku sani cewa /etc/sysconfig/network ya ƙunshi sigogin cibiyar sadarwa mai fa'ida. Halin /etc/sysconfig/network yayi kama da haka:
# Enable networking on this system? NETWORKING=yes # Hostname. Should match the value in /etc/hostname HOSTNAME=yourhostnamehere # Default gateway GATEWAY=XXX.XXX.XXX.XXX # Device used to connect to default gateway. Replace X with the appropriate number. GATEWAYDEV=enp0sX
Idan ya zo ga saita takamaiman masu canji da ƙima ga kowane NIC (kamar yadda muka yi don na'ura mai ba da hanya tsakanin hanyoyin sadarwa #2), dole ne ku gyara/sauransu/sysconfig/scripts-network/ifcfg-enp0s3 da /etc/sysconfig/network-scripts/ifcfg -0s8.
A biyo mu,
TYPE=Ethernet BOOTPROTO=static IPADDR=192.168.0.19 NETMASK=255.255.255.0 GATEWAY=192.168.0.1 NAME=enp0s3 ONBOOT=yes
kuma
TYPE=Ethernet BOOTPROTO=static IPADDR=10.0.0.18 NETMASK=255.255.255.0 GATEWAY=10.0.0.1 NAME=enp0s8 ONBOOT=yes
don enp0s3 da enp0s8, bi da bi.
Amma game da tuƙi a cikin injin abokinmu (192.168.0.18), za mu buƙaci gyara /etc/sysconfig/network-scripts/route-enp0s3:
10.0.0.0/24 via 192.168.0.19 dev enp0s3
Yanzu sake kunna tsarin ku kuma ya kamata ku ga wannan hanyar a teburin ku.
Takaitawa
A cikin wannan labarin mun rufe abubuwan da suka dace na daidaitawa a cikin Red Hat Enterprise Linux 7. Ko da yake al'amuran na iya bambanta, shari'ar da aka gabatar a nan tana kwatanta ka'idodin da ake bukata da hanyoyin da za a yi wannan aikin. Kafin rufewa, Ina so in ba ku shawarar ku duba Babi na 4 na sashin Tsaro da Inganta Linux a cikin Shafin Ayyukan Takardun Linux don ƙarin cikakkun bayanai kan batutuwan da aka rufe anan.
Littafin ebook kyauta akan Tabbatarwa & Inganta Linux: Maganin Hacking (v.3.0) - Wannan 800+ eBook ya ƙunshi cikakken tarin shawarwarin tsaro na Linux da yadda ake amfani da su cikin aminci da sauƙi don saita aikace-aikace da sabis na tushen Linux.
A cikin labarin na gaba za mu yi magana game da tace fakiti da fassarar adireshin cibiyar sadarwa don taƙaita ainihin ƙwarewar sadarwar da ake buƙata don takaddun shaida na RHCE.
Kamar yadda aka saba, muna sa ran sauraron ku, don haka ku ji daɗin barin tambayoyinku, sharhi, da shawarwari ta amfani da fom ɗin da ke ƙasa.