 |
|
как настроить с укороченными масками /27
привет всем!
имеется bind-9.2.4-16.EL4, dhcp-3.0.1-58.EL4,
работает всё в связке, сеть /24.
подскажите как настроить dns с сетью например /27.
настройки в сетевой поменял, в dhcp, named тоже, но записи в прямой и reverse зоне не появляются
как настроить прямую и обратную зону для работы с такими сетями?
прямая
читать дальше »
Код:
$ORIGIN .
$TTL 86400 ; 1 day
samba.linux IN SOA server.samba.linux. root.samba.linux. (
21524 ; serial
10800 ; refresh (3 hours)
900 ; retry (15 minutes)
604800 ; expire (1 week)
86400 ; minimum (1 day)
)
NS server.samba.linux.
$ORIGIN samba.linux.
$TTL 10800 ; 3 hours
computerr A 192.168.11.52
TXT "3145ec994f614886c5328c42a60ab8bcbe"
latitude120l A 192.168.13.99
TXT "316b6fb2acaca4bd925b1dc4c287930e86"
$TTL 86400 ; 1 day
server A 192.168.11.254
A 192.168.12.254
A 192.168.13.254
$TTL 10800 ; 3 hours
ws002 A 192.168.13.104
TXT "319beac242c4f7af33d8a4f6b1af98cf64"
ws003 A 192.168.11.35
TXT "3132ecb08e768d7875481ce1d95c6425dd"
ws004 A 192.168.13.120
...
reverse zone
читать дальше »
Код:
$ORIGIN .
$TTL 86400 ; 1 day
13.168.192.in-addr.arpa IN SOA server.samba.linux. root.samba.linux. (
12357 ; serial
10800 ; refresh (3 hours)
900 ; retry (15 minutes)
604800 ; expire (1 week)
86400 ; minimum (1 day)
)
NS server.samba.linux.
$ORIGIN 13.168.192.in-addr.arpa.
$TTL 10800 ; 3 hours
104 PTR ws002.samba.linux.
...
named.conf
читать дальше »
Код:
//
// named.conf for Red Hat caching-nameserver
//
acl "trusted" {
127.0.0.1;
localhost;
192.168.11.0/24;
192.168.12.0/24;
192.168.13.0/24;
};
#key "rndckey" {
# algorithm hmac-md5;
# secret "9ZH8r+JLkNEaeoI6nqVi2w==";
#};
key "rndckey" {
algorithm hmac-md5;
secret "6zRG6qMj3LROX895cUrnJZ6yY2AJIDj4j8qU6Ynv3DF4iQb3hufGPF7DrKm9";
};
#key DHCP_UPDATER {
# algorithm HMAC-MD5.SIG-ALG.REG.INT;
# secret f521tjw29aLiP90B0PV1XA==;
#};
options {
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
zone-statistics yes;
listen-on { 127.0.0.1; 192.168.11.254; 192.168.12.254; 192.168.13.254; };
allow-transfer { none; };
allow-query { trusted; };
allow-recursion { trusted; };
};
//
// a caching only nameserver config
//
controls {
inet 127.0.0.1 allow { localhost; } keys { rndckey; };
};
zone "." IN {
type hint;
file "named.ca";
};
zone "localdomain" IN {
type master;
file "localdomain.zone";
allow-update { none; };
};
zone "localhost" IN {
type master;
file "localhost.zone";
allow-update { none; };
};
zone "0.0.127.in-addr.arpa" IN {
type master;
file "named.local";
allow-update { none; };
};
zone "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN {
type master;
file "named.ip6.local";
allow-update { none; };
};
zone "255.in-addr.arpa" IN {
type master;
file "named.broadcast";
allow-update { none; };
};
zone "0.in-addr.arpa" IN {
type master;
file "named.zero";
allow-update { none; };
};
zone "samba.linux" IN {
type master;
file "/var/named/samba";
allow-update { key rndckey; };
notify no;
};
zone "11.168.192.in-addr.arpa" IN {
type master;
file "/var/named/11.168.192.in-addr.arpa";
allow-update { key rndckey; };
notify no;
};
zone "12.168.192.in-addr.arpa" IN {
type master;
file "/var/named/12.168.192.in-addr.arpa";
allow-update { key rndckey; };
notify no;
};
zone "13.168.192.in-addr.arpa" IN {
type master;
file "/var/named/13.168.192.in-addr.arpa";
allow-update { key rndckey; };
notify no;
};
#include "/etc/rndc.key";
dhcp.conf
читать дальше »
Код:
authoritative;
ddns-update-style interim;
#ignore client-updates;
allow client-updates;
ddns-domainname "samba.linux";
#dns-updates on;
use-host-decl-names on;
key "rndckey" {
algorithm hmac-md5;
secret "6zRG6qMj3LROX895cUrnJZ6yY2AJIDj4j8qU6Ynv3DF4iQb3hufGPF7DrKm9";
};
#key DHCP_UPDATER {
# algorithm HMAC-MD5.SIG-ALG.REG.INT;
# secret f521tjw29aLiP90B0PV1XA==;
#}
zone samba.linux. {
primary 127.0.0.1;
key rndckey;
}
zone 11.168.192.IN-ADDR.ARPA. {
primary 127.0.0.1;
key rndckey;
}
zone 12.168.192.IN-ADDR.ARPA. {
primary 127.0.0.1;
key rndckey;
}
zone 13.168.192.IN-ADDR.ARPA. {
primary 127.0.0.1;
key rndckey;
}
zone 14.168.192.IN-ADDR.ARPA. {
primary 127.0.0.1;
key rndckey;
}
subnet 192.168.11.0 netmask 255.255.255.0 {
# --- default gateway
option routers 192.168.11.254;
option subnet-mask 255.255.255.0;
#option nis-domain "domain.org";
option domain-name "samba.linux";
option domain-name-servers server;
option time-offset -18000; # Eastern Standard Time
# option ntp-servers 192.168.1.1;
# option netbios-name-servers 192.168.1.1;
# --- Selects point-to-point node (default is hybrid). Don't change this unless
# -- you understand Netbios very well
# option netbios-node-type 2;
range dynamic-bootp 192.168.11.30 192.168.11.70;
default-lease-time 21600;
max-lease-time 43200;
# we want the nameserver to appear at a fixed address
host ns {
next-server marvin.redhat.com;
hardware ethernet 12:34:56:78:AB:CD;
fixed-address 207.175.42.254;
}
}
subnet 192.168.12.0 netmask 255.255.255.0 {
option routers 192.168.12.254;
option subnet-mask 255.255.255.0;
option domain-name "samba.linux";
option domain-name-servers server;
option time-offset -18000;
range dynamic-bootp 192.168.12.100 192.168.12.110;
default-lease-time 21600;
max-lease-time 43200;
}
subnet 192.168.13.0 netmask 255.255.255.0 {
option routers 192.168.13.254;
option subnet-mask 255.255.255.0;
option domain-name "samba.linux";
option domain-name-servers server;
option time-offset -18000;
range dynamic-bootp 192.168.13.97 192.168.13.125;
default-lease-time 21600;
max-lease-time 43200;
}
subnet 192.168.14.184 netmask 255.255.255.248 {
option routers 192.168.14.191;
option subnet-mask 255.255.255.248;
option domain-name "samba.linux";
option domain-name-servers server;
option time-offset -18000;
range dynamic-bootp 192.168.14.185 192.168.14.189;
default-lease-time 21600;
max-lease-time 43200;
}
|
Цитата:
Цитата slaine
как настроить прямую и обратную зону для работы с такими сетями? »
|
зоны должны прописываться независимо от сетей. Главное чтобы клиент мог записать тута, и ДНС разрешил туда запись из таких-то сетей.
но я вижу у вас доверенные сети - только /24:
Код:
acl "trusted" {
127.0.0.1;
localhost;
192.168.11.0/24;
192.168.12.0/24;
192.168.13.0/24;
};
|
настройки изменил:
named
Код:
acl "trusted" {
127.0.0.1;
localhost;
192.168.11.0/24;
192.168.12.0/24;
192.168.13.96/27;
};
...
listen-on { 127.0.0.1; 192.168.11.254; 192.168.12.254; 192.168.13.126; };
...
zone "96/27.13.168.192.in-addr.arpa" IN {
type master;
file "/var/named/13.168.192.in-addr.arpa";
allow-update { key rndckey; };
notify no;
};
dhcp
Код:
zone 96/27.13.168.192.IN-ADDR.ARPA. {
primary 127.0.0.1;
key rndckey;
}
...
subnet 192.168.13.96 netmask 255.255.255.224 {
option routers 192.168.13.126;
option subnet-mask 255.255.255.224;
option domain-name "samba.linux";
option domain-name-servers server;
option time-offset -18000;
range dynamic-bootp 192.168.13.97 192.168.13.125;
default-lease-time 21600;
max-lease-time 43200;
}
вот лог:
не пойму, где ошибся
Код:
Jul 21 13:00:02 server named[8121]: starting BIND 9.2.4 -u named -t /var/named/chroot
Jul 21 13:00:02 server named[8121]: using 2 CPUs
Jul 21 13:00:02 server named[8121]: loading configuration from '/etc/named.conf'
Jul 21 13:00:02 server named[8121]: listening on IPv4 interface lo, 127.0.0.1#53
Jul 21 13:00:02 server named[8121]: listening on IPv4 interface eth0, 192.168.11.254#53
Jul 21 13:00:02 server named[8121]: listening on IPv4 interface eth2, 192.168.12.254#53
Jul 21 13:00:02 server named[8121]: listening on IPv4 interface eth3, 192.168.13.126#53
Jul 21 13:00:02 server named[8121]: command channel listening on 127.0.0.1#953
Jul 21 13:00:02 server named[8121]: zone 0.in-addr.arpa/IN: loaded serial 42
Jul 21 13:00:02 server named[8121]: zone 0.0.127.in-addr.arpa/IN: loaded serial 1997022700
Jul 21 13:00:02 server named[8121]: zone 11.168.192.in-addr.arpa/IN: loaded serial 11576
Jul 21 13:00:02 server named[8121]: zone 12.168.192.in-addr.arpa/IN: loaded serial 7399
Jul 21 13:00:02 server named[8121]: dns_master_load: /var/named/13.168.192.in-addr.arpa:11: 13.168.192.in-addr.arpa: not at top of zone
Jul 21 13:00:02 server named[8121]: zone 96/27.13.168.192.in-addr.arpa/IN: loading master file /var/named/13.168.192.in-addr.arpa: not at top of zone
Jul 21 13:00:02 server named[8121]: zone 255.in-addr.arpa/IN: loaded serial 42
Jul 21 13:00:02 server named[8121]: zone 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN: loaded serial 1997022700
Jul 21 13:00:02 server named[8121]: zone samba.linux/IN: loaded serial 21528
Jul 21 13:00:02 server named[8121]: zone localdomain/IN: loaded serial 42
Jul 21 13:00:02 server named[8121]: zone localhost/IN: loaded serial 42
Jul 21 13:00:02 server named[8121]: running
Jul 21 13:00:02 server named: запуск named succeeded
|
Время: 13:27.
© OSzone.net 2001-