练习在CentOS6上配置DHCP, TFTP, DNS服务
1. 首先按下图所示搭建网络拓扑图
2017-07-11 151425-001.png
-
Server1 服务器
IP: 192.168.20.101/24
GATEWAY: 192.168.20.2
DNS: 192.168.20.2 -
Server2 服务器
IP: 192.168.20.102/24
GATEWAY: 192.168.20.2
DNS: 192.168.20.2 -
Client 的IP, DNS 等地址通过DHCP服务获得
2. Server1上安装、配置DHCP服务
2.1. 将Server1的网络地址配置为静态地址, 修改文件/etc/sysconfig/network-scripts/ifcfg-eth0后重启网络服务
- 修改网络配置文件
[zb01@zb01 Desktop]$ cat /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=eth0
HWADDR=00:0C:29:40:FD:FE
TYPE=Ethernet
UUID=3ce1f7dd-97af-44fa-942d-e0f988ec5842
ONBOOT=yes
NM_CONTROLLED=yes
BOOTPROTO=static
IPADDR=192.168.20.101
NETMASK=255.255.255.0
GATEWAY=192.168.20.2
DNS1=192.168.20.2
- 重启网络服务
[zb01@zb01 Desktop]$ service network restart
2.2 安装DHCP
[root@zb01 ~]# yum -y install dhcp
2.3 对于CentOS6系统需指定DHCP服务监听的网卡,在此指定为eth0,即DHCPARGS=eth0
[root@zb01 ~]# cat /etc/sysconfig/dhcpd
# Command line options here
DHCPDARGS=eth0
2.4 配置DHCP,在/etc/dhcp/dhcpd.conf中配置dhcp服务分发地址的网段及地址池,域名等
[root@zb01 ~]# cat /etc/dhcp/dhcpd.conf
#
# DHCP Server Configuration file.
# see /usr/share/doc/dhcp*/dhcpd.conf.sample
# see 'man 5 dhcpd.conf'
#
subnet 192.168.20.0 netmask 255.255.255.0 {
range 192.168.20.200 192.168.20.220;
option domain-name-servers 192.168.20.102;
}
2.5 关闭防火墙,此处直接关闭,若熟悉iptables配置的,配置而不是关闭
[root@zb01 ~]# service iptables stop
2.6 启动DHPC服务
[root@zb01 ~]# service dhcpd start
Starting dhcpd:
2.7. Clinet客户端测试是否能通过Server1的DHPC服务获得IP地址,重启客户端网络服务,并查看eth0网卡的地址
Shutting down loopback interface: [ OK ]
Bringing up loopback interface: [ OK ]
Bringing up interface eth0: Active connection state: activating
Active connection path: /org/freedesktop/NetworkManager/ActiveConnection/9
state: activated
Connection activated
[ OK ]
[root@localhost ~]# ifconfig eth0
eth0 Link encap:Ethernet HWaddr 00:0C:29:62:90:70
inet addr:192.168.20.201 Bcast:192.168.20.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fe62:9070/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:24628 errors:0 dropped:0 overruns:0 frame:0
TX packets:9427 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:35293902 (33.6 MiB) TX bytes:579888 (566.2 KiB)
3. Server1上安装配置TFTP服务(tftp-server), 在Clinet客户端上安装TFTP客户端(tftp)
3.1 安装TFTP服务和xinetd守护进程
[root@zb01 ~]# yum -y install tftp tftp-server
[root@zb01 ~]# yum -y install xinetd
3.2 通过chkconfig 命令让dhcpd,xinetd开机启动
[root@zb01 ~]# chkconfig dhcpd on
[root@zb01 ~]# chkconfig xinetd on
[root@zb01 ~]# chkconfig --list dhcpd
dhcpd 0:off 1:off 2:on 3:on 4:on 5:on 6:off
[root@zb01 ~]# chkconfig --list xinetd
xinetd 0:off 1:off 2:on 3:on 4:on 5:on 6:off
3.3 启动xinetd服务,centos6上启动的是xinetd而不是dhcpd喔。。
[root@zb01 ~]# service xinetd start
Starting xinetd: [ OK ]
3.4 同样关闭防火墙
service iptables stop
3.5 在默认的共享路径/var/lib/tftpboot/路径下新建测试文件1.txt, 随便写入一些内容做测试
[root@zb01 ~]# ls /var/lib/tftpboot/1.txt
/var/lib/tftpboot/1.txt
[root@zb01 ~]# cat /var/lib/tftpboot/1.txt
CentOS01 test TFPT File
You are sucessfully
3.6 检查TFTP服务端口运行状态
[root@zb01 ~]# netstat -tulnp | grep :69
udp 0 0 0.0.0.0:69 0.0.0.0:* 4250/xinetd
3.7 在Clinet客户端上安装TFTP客户端
[root@localhost ~]# yum -y install tftp
3.8 关闭客户端防火墙
[root@localhost ~]# service iptables stop
3.9 测试客户端是否能够获取TFTP服务器上共享的文档
ftp IP
get FileName ;下载文件
q ;退出
[root@localhost ~]# tftp 192.168.20.101
tftp> get 1.txt
tftp> q
[root@localhost ~]# cat 1.txt
CentOS01 test TFPT File
You are sucessfully
4. 在Server2上安装BIND(DNS协议的一种实现方式)
4.1 安装BIND(Berkeley Internet Name Daemon), 需安装bind, bind-utils, bind-libs, 默认bind-utils 和bind-libs已安装,只需安装bind即可,如下图所示
[root@zb01 ~]# yum list bind*
Loaded plugins: fastestmirror, refresh-packagekit, security
Loading mirror speeds from cached hostfile
* base: mirrors.btte.net
* extras: mirrors.btte.net
* updates: mirrors.aliyun.com
Installed Packages
bind-libs.x86_64 32:9.8.2-0.62.rc1.el6 @anaconda-CentOS-201703281317.x86_64/6.9
bind-utils.x86_64 32:9.8.2-0.62.rc1.el6 @anaconda-CentOS-201703281317.x86_64/6.9
Available Packages
bind.x86_64
安装bind
yum -y install bind
4.2 bind 的配置文件及区域数据库文件路径
- 配置文件路径:
/etc/named.conf
/etc/named.rfc1912.zones - 区域数据库文件路径
/var/named/
先在/etc/named.conf 或/etc/named.rfc1912.zones中定义区域,然后在/var/named目录下新建区域数据库解析文件,并将该文件属组改为named
4.3 在/etc/named.conf 定义区域zhubiao.com,
[root@zb02 ~]# cat /etc/named.conf
options {
listen-on port 53 {192.168.20.102; }; 此处将监听地址改为eth0网卡地址
directory "/var/named/"; 区域数据库文件路径
allow-query { 192.168.20.0/24;}; 允许客户端查询域名的地址范围
};
zone "zhubiao.com" IN {
type master; 主DNS服务器
file "zhubiao.com.zone"; 区域数据库文件名,此处为相对路径
};
4.4 在/var/named/下建立解析数据库
[root@zb02 ~]# cat /var/named/zhubiao.com.zone
$TTL 86400 若RR(Recourse Record)中未定义TTL则用此TTL
@ IN SOA zb02.zhubiao.com. root.zhubiao.com. (
20170711 ;serial
3600 ;reflesh
1800 ;retry
604800 ;expire
86400 ;Minium
)
@ IN NS zb02.zhubiao.com.
zb02.zhubiao.com. IN A 192.168.20.102
www.zhubiao.com. IN A 192.168.20.102
web.zhubiao.com. IN CNAME www.zhubiao.com.
4.5 修改区域数据库文件zhubiao.come.zone属组为named
chown :named /var/named/zhubiao.come.zone
4.5 使用named-checkconf 和 named-checkzone 分别检测named.conf 和 zhubiao.come.zone是否配置正确,若未抱错如下所示,则正确
[root@zb02 ~]# named-checkconf /etc/named.conf
[root@zb02 ~]# named-checkzone zhubiao.com /var/named/zhubiao.com.zone
zone zhubiao.com/IN: loaded serial 20170711
OK
4.6 关闭防火墙
service iptables stop
4.8 启动DNS服务(此处服务名为named, 不是bind或dns喔。。。)
[root@zb02 ~]# service named start
Starting named:
4.7 测试客户端是否能够通过Server2(DNS)解析www.zhubiao.com
- 首先,查看Client客户端DNS地址是否纸箱Server2 即DNS地址是否为192.168.20.102
[root@localhost ~]# cat /etc/resolv.conf
# Generated by NetworkManager
nameserver 192.168.20.102
- 然后在Clinet 上执行nslookup www.zhubiao.com, 检测是否能解析出IP地址,如下所示说明已正确解析。
[root@localhost ~]# nslookup www.zhubiao.com
Server: 192.168.20.102
Address: 192.168.20.102#53
Name: www.zhubiao.com
Address: 192.168.20.102
网友评论