第三单元
高速缓存 DNS
一.DNS 总揽
•权威名称服务器
– 存储并提供某区域 ( 整个 DNS 域或 DNS 域的一部分 ) 的实际数据。权威名称服务器的类型包括
1•Master : 包含原始区域数据。有时称作 “ 主要 ” 名称服务器
2•Slave : 备份服务器 , 通过区域传送从 Master 服务器获得的区域数据的副本。有时称作 “ 次要 ” 名称服务器
•非权威 / 递归名称服务器
– 客户端通过其查找来自权威名称服务器的数据。递归名称服务器的类型包括
1•仅缓存名称服务器 : 仅用于查找 , 对于非重要数据之外的任何内容都不具有权威性
•DNS 查找
1.客户端上的 Stub 解析器 将查询发送至 /etc/resolv.conf 中的名称服务器
2.如果名称服务器对于请求的信息具有权威性 , 会将权威答案发送至客户端
3.否则 , 如果名称服务器在其缓存中有请求的信息 , 则会将非权威答案发送至客户端
4.如果缓存只能该没有信息 , 名称服务器将搜索权威名称服务器以查找信息 , 从根区域开始 , 按照DNS 层次结构向下搜素 , 直至对于信息具有权威性的名称服务器 , 以此为客户端获得答案。在此情况中, 名 ch 称服务器将信息传递至客户端并在自己的缓存中保留一个副本 , 以备以后查找
二.DNS 资源记录
• DNS 区域采用资源记录的形式存储信息。每条资源记录均具有一个类型 , 表明其保留的数据类型
– A : 名称至 IPv4 地址
– AAAA : 名称至 IPv6 地址
– CNAME : 名称至 ” 规范名称 “ ( 包含 A/AAAA 记录的另一个名称 )
– PTR : IPv4/IPv6 地址至名称
– MX : 用于名称的邮件交换器 ( 向何处发送其电子邮件 )
– NS : 域名的名称服务器
– SOA :” 授权起始 “ , DNS 区域的信息 ( 管理信息 )
三.DNS 排错
• 它显示来自 DNS 查找的详细信息 , 其中包括为什么查询失败 :
– NOERROR : 查询成功
– NXDOMAIN : DNS 服务器提示不存在这样的名称
– SERVFAIL : DNS 服务器停机或 DNSSEC 响应验证失败
– REFUSED : DNS 服务器拒绝回答 ( 也许是出于访问控制原因 )
四.dig 输出的部分内容
• 标题指出关于查询和答案的信息 , 其中包括响应状态和设置的任何特殊标记 ( aa 表示权威答案 , 等等 )
– QUESTION : 提出实际的 DNS 查询
– ANSWER : 响应 ( 如果有 )
– AUTHORITY : 负责域 / 区域的名称服务器
– ADDITIONAL : 提供的其他信息 , 通常是关于名称服务器
– 底部的注释指出发送查询的递归名称服务器以及获得响应所花费的时间
五.缓存 DNS 服务器
•BIND 是最广泛使用的开源名称服务器
•在 RHEL 中 , 通过 bind 软件包提供防火墙开启端口 53/TCP 和 53/UDP
•BIND 的主配置文件是 /etc/named.conf
•/var/named 目录包含名称服务器所使用的其他数据文件
六./etc/named.conf 的语法
• // 或 # 至行末尾是注释 ; /* 与 */ 之间的文本也是注释 ( 可以跨越多行 )
• 指令以分号结束 (;)
• 许多指令认为地址匹配列表放在大括号中、以CIDR 表示法表示的 IP 地址或子网列表中 , 或者命名的 ACL 中 ( 例如 ; [ 所有主机 ] 和none; [ 无主机 ] )
• 文件以 options 块开始 , 其中包含控制 named如何运作的指令
• zone 块控制 named 如何查对于其具有权威性的根名称服务器和区域
七.一些重要的 options 指令
•listen-on 控制 named 侦听的 IPv4 地址
•listen-on-v6 控制 named 侦听的 IPv6 地址
•allow-query 控制哪些客户端可以向 DNS 服务器询问信息
•forwarders 包含 DNS 查询将转发至的名称服务器的列表( 而不是直接联系外部名称服务器 ; 在设有防火 墙的情况中很有用 )
• 所有这些指令会将打括号中以分号分隔的元素视为地址匹配列表 . 如
– listen-on { any; };
– allow-query { 127.0.0.1; 10.0.0.0/8 };
八.配置名称服务器
• 安装 bind 软件包
– yum install -y bind
• 编辑 /etc/named.conf
1.listen-on port 53 { any; };
2.listen-on-v6 port 53 { any; };
3.allow-query { any; };
4.forwarders { 172.25.254.254; };
• 启动并启用 DNS 服务器
- systemctl start named
- systemctl enable named
• 从 desktopX 进行测试
– dig classroom.example.com
[root@dns-server ~]# yum install bind.x86_64 -y
[root@dns-server ~]# systemctl stop firewalld
[root@dns-server ~]# ll /etc/rndc.key
ls: cannot access /etc/rndc.key: No such file or directory
[root@dns-server ~]# cat /etc/rndc.key
cat: /etc/rndc.key: No such file or directory
[root@dns-server ~]# cat /etc/rndc.key
key "rndc-key" {
algorithm hmac-md5;
secret "HGpmOwLWEIYZjkjtCAuLCg==";
};
[root@dns-server ~]# ll /etc/rndc.key
-rw-r-----. 1 root named 77 May 5 22:10 /etc/rndc.key
[root@dns-server ~]# systemctl start named
[root@dns-server ~]# netstat -antlpe | grep named
tcp 0 0 127.0.0.1:953 0.0.0.0:* LISTEN 25 109507 5769/named
tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN 25 109502 5769/named
tcp6 0 0 ::1:953 :::* LISTEN 25 109508 5769/named
tcp6 0 0 ::1:53 :::* LISTEN 25 109504 5769/named
[root@dns-server ~]# vim /etc/named.conf
[root@dns-server ~]# systemctl restart named
[root@dns-server ~]# dig www.baidu.com
; <<>> DiG 9.9.4-RedHat-9.9.4-14.el7 <<>> www.baidu.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 57603
;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 13, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;www.baidu.com. IN A
;; ANSWER SECTION:
www.baidu.com. 360 IN CNAME www.a.shifen.com.
www.a.shifen.com. 284 IN A 183.232.231.172
www.a.shifen.com. 284 IN A 183.232.231.173
;; AUTHORITY SECTION:
. 513203 IN NS e.root-servers.net.
. 513203 IN NS m.root-servers.net.
. 513203 IN NS k.root-servers.net.
. 513203 IN NS g.root-servers.net.
. 513203 IN NS a.root-servers.net.
. 513203 IN NS l.root-servers.net.
. 513203 IN NS c.root-servers.net.
. 513203 IN NS d.root-servers.net.
. 513203 IN NS j.root-servers.net.
. 513203 IN NS i.root-servers.net.
. 513203 IN NS h.root-servers.net.
. 513203 IN NS b.root-servers.net.
. 513203 IN NS f.root-servers.net.
;; Query time: 12 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Fri May 05 22:17:19 EDT 2017
;; MSG SIZE rcvd: 312
[root@dns-server ~]# vim /etc/named.rfc1912.zones
[root@dns-server ~]# cd /var/named/
[root@dns-server named]# pwd
/var/named
[root@dns-server named]# ls
data dynamic named.ca named.empty named.localhost named.loopback slaves
[root@dns-server named]# ll
total 16
drwxrwx---. 2 named named 22 May 5 22:10 data
drwxrwx---. 2 named named 30 May 5 22:14 dynamic
-rw-r-----. 1 root named 2076 Jan 28 2013 named.ca
-rw-r-----. 1 root named 152 Dec 15 2009 named.empty
-rw-r-----. 1 root named 152 Jun 21 2007 named.localhost
-rw-r-----. 1 root named 168 Dec 15 2009 named.loopback
drwxrwx---. 2 named named 6 Jan 29 2014 slaves
[root@dns-server named]# cp -p named.localhost westos.com.zone
[root@dns-server named]# vim westos.com.zone
[root@dns-server named]# systemctl restart named
测试:
[root@dns-desktop ~]# vim /etc/resolv.conf
You have mail in /var/spool/mail/root
[root@dns-desktop ~]# dig www.baidu.com
; <<>> DiG 9.9.4-RedHat-9.9.4-14.el7 <<>> www.baidu.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 60389
;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 13, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;www.baidu.com. IN A
;; ANSWER SECTION:
www.baidu.com. 1124 IN CNAME www.a.shifen.com.
www.a.shifen.com. 119 IN A 183.232.231.173
www.a.shifen.com. 119 IN A 183.232.231.172
;; AUTHORITY SECTION:
. 512730 IN NS k.root-servers.net.
. 512730 IN NS h.root-servers.net.
. 512730 IN NS c.root-servers.net.
. 512730 IN NS b.root-servers.net.
. 512730 IN NS a.root-servers.net.
. 512730 IN NS g.root-servers.net.
. 512730 IN NS m.root-servers.net.
. 512730 IN NS j.root-servers.net.
. 512730 IN NS f.root-servers.net.
. 512730 IN NS i.root-servers.net.
. 512730 IN NS d.root-servers.net.
. 512730 IN NS l.root-servers.net.
. 512730 IN NS e.root-servers.net.
;; Query time: 5 msec
;; SERVER: 172.25.254.157#53(172.25.254.157)
;; WHEN: Fri May 05 22:25:13 EDT 2017
;; MSG SIZE rcvd: 312
[root@dns-desktop ~]# dig www.westos.com
; <<>> DiG 9.9.4-RedHat-9.9.4-14.el7 <<>> www.westos.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 55965
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;www.westos.com. IN A
;; ANSWER SECTION:
www.westos.com. 86400 IN A 172.25.254.158
;; AUTHORITY SECTION:
westos.com. 86400 IN NS dns.westos.com.
;; ADDITIONAL SECTION:
dns.westos.com. 86400 IN A 172.25.254.157
;; Query time: 1 msec
;; SERVER: 172.25.254.157#53(172.25.254.157)
;; WHEN: Wed May 10 07:05:27 EDT 2017
;; MSG SIZE rcvd: 93
[root@dns-desktop ~]# dig music.westos.com
; <<>> DiG 9.9.4-RedHat-9.9.4-14.el7 <<>> music.westos.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 50803
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 1, ADDITIONAL: 2
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;music.westos.com. IN A
;; ANSWER SECTION:
music.westos.com. 86400 IN CNAME music.a.westos.com.
music.a.westos.com. 86400 IN A 172.25.254.222
music.a.westos.com. 86400 IN A 172.25.254.111
;; AUTHORITY SECTION:
westos.com. 86400 IN NS dns.westos.com.
;; ADDITIONAL SECTION:
dns.westos.com. 86400 IN A 172.25.254.157
;; Query time: 0 msec
;; SERVER: 172.25.254.157#53(172.25.254.157)
;; WHEN: Wed May 10 07:22:01 EDT 2017
;; MSG SIZE rcvd: 133
[root@dns-desktop ~]# dig -t mx westos.com
; <<>> DiG 9.9.4-RedHat-9.9.4-14.el7 <<>> -t mx westos.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 35066
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;westos.com. IN MX
;; ANSWER SECTION:
westos.com. 86400 IN MX 1 172.25.254.157.
;; AUTHORITY SECTION:
westos.com. 86400 IN NS dns.westos.com.
;; ADDITIONAL SECTION:
dns.westos.com. 86400 IN A 172.25.254.157
;; Query time: 0 msec
;; SERVER: 172.25.254.157#53(172.25.254.157)
;; WHEN: Wed May 10 07:23:46 EDT 2017
;; MSG SIZE rcvd: 103
[root@dns-server ~]# virt-manager 添加虚拟网卡
[root@dns-server ~]# cd /etc/sysconfig/network-scripts/
[root@dns-server network-scripts]# ls
ifcfg-eth0 ifdown-ppp ifup-eth ifup-sit
ifcfg-lo ifdown-routes ifup-ippp ifup-Team
ifdown ifdown-sit ifup-ipv6 ifup-TeamPort
ifdown-bnep ifdown-Team ifup-isdn ifup-tunnel
ifdown-eth ifdown-TeamPort ifup-plip ifup-wireless
ifdown-ippp ifdown-tunnel ifup-plusb init.ipv6-global
ifdown-ipv6 ifup ifup-post network-functions
ifdown-isdn ifup-aliases ifup-ppp network-functions-ipv6
ifdown-post ifup-bnep ifup-routes
[root@dns-server network-scripts]# cp ifcfg-eth0 ifcfg-eth1
[root@dns-server network-scripts]# vim ifcfg-eth1
[root@dns-server network-scripts]# systemctl restart network
[root@dns-server network-scripts]# systemctl restart named
[root@dns-server network-scripts]# ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.25.254.157 netmask 255.255.255.0 broadcast 172.25.254.255
inet6 fe80::5054:ff:fe00:390b prefixlen 64 scopeid 0x20<link>
ether 52:54:00:00:39:0b txqueuelen 1000 (Ethernet)
RX packets 9370 bytes 664589 (649.0 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 9244 bytes 12326515 (11.7 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
eth1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.25.0.157 netmask 255.255.255.0 broadcast 172.25.0.255
inet6 fe80::5054:ff:fe7a:b5fb prefixlen 64 scopeid 0x20<link>
ether 52:54:00:7a:b5:fb txqueuelen 1000 (Ethernet)
RX packets 568 bytes 32608 (31.8 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 30 bytes 4081 (3.9 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 0 (Local Loopback)
RX packets 4078 bytes 348556 (340.3 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 4078 bytes 348556 (340.3 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
[root@dns-server network-scripts]# netstat -antlpe | grep named
tcp 0 0 127.0.0.1:953 0.0.0.0:* LISTEN 25 58990 4555/named
tcp 0 0 172.25.0.157:53 0.0.0.0:* LISTEN 25 64144 4555/named
tcp 0 0 172.25.254.157:53 0.0.0.0:* LISTEN 25 63846 4555/named
tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN 25 58983 4555/named
tcp6 0 0 ::1:953 :::* LISTEN 25 58991 4555/named
tcp6 0 0 ::1:53 :::* LISTEN 25 58987 4555/named
更新:
[root@dns-server named]# cp -p westos.com.zone westos.com.inter
[root@dns-server named]# ls
data named.ca named.localhost slaves westos.com.zone
dynamic named.empty named.loopback westos.com.inter
[root@dns-server named]# vim westos.com.inter
[root@dns-server named]# ls
data named.ca named.localhost slaves westos.com.zone
dynamic named.empty named.loopback westos.com.inter
[root@dns-server named]# cp -p /etc/named.rfc1912.zones /etc/named.rfc1912.inter
cp: overwrite ‘/etc/named.rfc1912.inter’? y
[root@dns-server named]# vim /etc/named.rfc1912.inter
[root@dns-server named]# ll /etc/named.rfc1912.inter
-rw-r-----. 1 root named 1043 May 10 09:29 /etc/named.rfc1912.inter
[root@dns-server named]# vim /etc/named.conf
[root@dns-server named]# vim westos.com.inter
[root@dns-server named]# ls
data named.ca named.localhost slaves westos.com.zone
dynamic named.empty named.loopback westos.com.inter
[root@dns-server named]# cp -p named.loopback westos.com.ptr
[root@dns-server named]# vim westos.com.ptr
[root@dns-server named]# vim westos.com.inter
[root@dns-server named]# systemctl restart named
[root@dns-server named]# cd
[root@dns-server ~]# cp -p /var/named/westos.com.zone /mnt
[root@dns-server ~]# cd /mnt
[root@dns-server mnt]# ls
westos.com.zone
[root@dns-server mnt]# cd
[root@dns-server ~]# vim /etc/named.rfc1912.zones
[root@dns-server ~]# systemctl restart named
[root@dns-server ~]# cd /var/named
[root@dns-server named]# ls -ld
drwxr-x---. 5 root named 4096 May 10 09:45 .
[root@dns-server named]# chmod 770 /var/named/
[root@dns-server named]# setsebool -P named_write_master_zones 1
测试:
[root@dns-desktop ~]# nsupdate
> server 172.25.254.157
> update add hello.westos.com 86400 A 172.25.254.222
> send
update failed: SERVFAIL
> server 172.25.254.157
> update add hello.westos.com 86400 A 172.25.254.222
> send
>
[root@dns-desktop ~]# nsupdate
> server 172.25.254.157
> update delete hello.westos.com
> send
>
[root@dns-desktop ~]# nsupdate
> server 172.25.254.157
> update add hello.westos.com 86400 A 172.25.254.222
> send
> quit
[root@dns-desktop ~]# dig hello.westos.com
; <<>> DiG 9.9.4-RedHat-9.9.4-14.el7 <<>> hello.westos.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 62303
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;hello.westos.com. IN A
;; ANSWER SECTION:
hello.westos.com. 86400 IN A 172.25.254.222
;; AUTHORITY SECTION:
westos.com. 86400 IN NS dns.westos.com.
;; ADDITIONAL SECTION:
dns.westos.com. 86400 IN A 172.25.254.157
;; Query time: 0 msec
;; SERVER: 172.25.254.157#53(172.25.254.157)
;; WHEN: Wed May 10 12:58:26 EDT 2017
;; MSG SIZE rcvd: 95
加密:
[root@dns-server mnt]# cd
[root@dns-server ~]# cd /var/named
[root@dns-server named]# ls
data named.empty slaves westos.com.zone
dynamic named.localhost westos.com.inter westos.com.zone.jnl
named.ca named.loopback westos.com.ptr
[root@dns-server named]# vim westos.com.zone
[root@dns-server named]# systemctl restart named
[root@dns-server named]# vim westos.com.zone
[root@dns-server named]# rm -fr westos.com.zone westos.com.zone.jn1
[root@dns-server named]# cp -p /mnt/westos.com.zone .
[root@dns-server named]# ls -l
total 36
drwxrwx---. 2 named named 22 May 5 22:10 data
drwxrwx---. 2 named named 4096 May 6 04:08 dynamic
-rw-r-----. 1 root named 2076 Jan 28 2013 named.ca
-rw-r-----. 1 root named 152 Dec 15 2009 named.empty
-rw-r-----. 1 root named 152 Jun 21 2007 named.localhost
-rw-r-----. 1 root named 168 Dec 15 2009 named.loopback
drwxrwx---. 2 named named 6 Jan 29 2014 slaves
-rw-r-----. 1 root named 372 May 6 02:47 westos.com.inter
-rw-r-----. 1 root named 229 May 6 03:25 westos.com.ptr
-rw-r-----. 1 root named 382 May 5 23:28 westos.com.zone
-rw-r--r--. 1 named named 924 May 6 04:06 westos.com.zone.jnl
[root@dns-server mnt]# dnssec-keygen -a HMAC-MD5 -b 256 -n HOST westoskey
eeKwestoskey.+157+16326
[root@dns-server mnt]# ls
Kwestoskey.+157+16326.key Kwestoskey.+157+16326.private westos.com.zone
[root@dns-server mnt]# cat Kwestoskey.+157+16326.key
westoskey. IN KEY 512 3 157 dassi2H/cdyTBf2iygyOGTz7ipFcGlSMT1ZLtUBch6w=
[root@dns-server mnt]# cat Kwestoskey.+157+16326.private
Private-key-format: v1.3
Algorithm: 157 (HMAC_MD5)
Key: dassi2H/cdyTBf2iygyOGTz7ipFcGlSMT1ZLtUBch6w=
Bits: AAA=
Created: 20170506085807
Publish: 20170506085807
Activate: 20170506085807
[root@dns-server mnt]# vim /etc/westos.key
[root@dns-server mnt]# vim /etc/named.conf
[root@dns-server mnt]# vim /etc/named.rfc1912.zones
[root@dns-server mnt]# systemctl restart named
[root@dns-server mnt]# ls
Kwestoskey.+157+16326.key Kwestoskey.+157+16326.private westos.com.zone
[root@dns-server mnt]# scp Kwestoskey.+157+16326.* root@172.25.254.158:/mnt/
root@172.25.254.204's password:
Kwestoskey.+157+16326.key 100% 73 0.1KB/s 00:00
Kwestoskey.+157+16326.private 100% 185 0.2KB/s 00:00
测试:
> [root@dns-desktop ~]# nsupdate
> server 172.25.254.104
> update add hello.westos.com 86400 A 172.25.254.111
> send
\update failed: REFUSED
[root@dns-desktop ~]# cd /mnt
[root@dns-desktop mnt]# nsupdate -k Kwestoskey.+157+16326.private
> server 172.25.254.157
> update add hello.westos.com 86400 A 172.25.254.111
> send
>
dhcp:
[root@dns-server ~]# cd /var/named
[root@dns-server named]# ls
data named.ca slaves
dynamic named.empty westos.com.inter
Kwestoskey.+157+50837.key named.localhost westos.com.ptr
Kwestoskey.+157+50837.private named.loopback westos.com.zone
[root@dns-server named]# yum install dhcp -y
Loaded plugins: langpacks
rhel_dvd | 4.1 kB 00:00
Resolving Dependencies
--> Running transaction check
---> Package dhcp.x86_64 12:4.2.5-42.el7 will be installed
--> Processing Dependency: dhcp-common = 12:4.2.5-42.el7 for package: 12:dhcp-4.2.5-42.el7.x86_64
--> Processing Dependency: dhcp-libs(x86-64) = 12:4.2.5-42.el7 for package: 12:dhcp-4.2.5-42.el7.x86_64
--> Running transaction check
---> Package dhcp-common.x86_64 12:4.2.5-27.el7 will be updated
--> Processing Dependency: dhcp-common = 12:4.2.5-27.el7 for package: 12:dhclient-4.2.5-27.el7.x86_64
---> Package dhcp-common.x86_64 12:4.2.5-42.el7 will be an update
---> Package dhcp-libs.x86_64 12:4.2.5-27.el7 will be updated
---> Package dhcp-libs.x86_64 12:4.2.5-42.el7 will be an update
--> Running transaction check
---> Package dhclient.x86_64 12:4.2.5-27.el7 will be updated
---> Package dhclient.x86_64 12:4.2.5-42.el7 will be an update
--> Finished Dependency Resolution
Dependencies Resolved
================================================================================
Package Arch Version Repository Size
================================================================================
Installing:
dhcp x86_64 12:4.2.5-42.el7 rhel_dvd 511 k
Updating for dependencies:
dhclient x86_64 12:4.2.5-42.el7 rhel_dvd 279 k
dhcp-common x86_64 12:4.2.5-42.el7 rhel_dvd 172 k
dhcp-libs x86_64 12:4.2.5-42.el7 rhel_dvd 128 k
Transaction Summary
================================================================================
Install 1 Package
Upgrade ( 3 Dependent packages)
Total download size: 1.1 M
Downloading packages:
No Presto metadata available for rhel_dvd
(1/4): dhclient-4.2.5-42.el7.x86_64.rpm | 279 kB 00:00
(2/4): dhcp-4.2.5-42.el7.x86_64.rpm | 511 kB 00:00
(3/4): dhcp-common-4.2.5-42.el7.x86_64.rpm | 172 kB 00:00
(4/4): dhcp-libs-4.2.5-42.el7.x86_64.rpm | 128 kB 00:00
--------------------------------------------------------------------------------
Total 5.7 MB/s | 1.1 MB 00:00
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Updating : 12:dhcp-libs-4.2.5-42.el7.x86_64 1/7
Updating : 12:dhcp-common-4.2.5-42.el7.x86_64 2/7
Installing : 12:dhcp-4.2.5-42.el7.x86_64 3/7
Updating : 12:dhclient-4.2.5-42.el7.x86_64 4/7
Cleanup : 12:dhclient-4.2.5-27.el7.x86_64 5/7
Cleanup : 12:dhcp-common-4.2.5-27.el7.x86_64 6/7
Cleanup : 12:dhcp-libs-4.2.5-27.el7.x86_64 7/7
Verifying : 12:dhcp-common-4.2.5-42.el7.x86_64 1/7
Verifying : 12:dhcp-4.2.5-42.el7.x86_64 2/7
Verifying : 12:dhclient-4.2.5-42.el7.x86_64 3/7
Verifying : 12:dhcp-libs-4.2.5-42.el7.x86_64 4/7
Verifying : 12:dhcp-common-4.2.5-27.el7.x86_64 5/7
Verifying : 12:dhcp-libs-4.2.5-27.el7.x86_64 6/7
Verifying : 12:dhclient-4.2.5-27.el7.x86_64 7/7
Installed:
dhcp.x86_64 12:4.2.5-42.el7
Dependency Updated:
dhclient.x86_64 12:4.2.5-42.el7 dhcp-common.x86_64 12:4.2.5-42.el7
dhcp-libs.x86_64 12:4.2.5-42.el7
Complete!
[root@dns-server named]# cd
[root@dns-server ~]# cp /usr/share/doc/dhcp-4.2.5/dhcpd.conf.example /etc/dhcp/dhcpd.conf
cp: overwrite ‘/etc/dhcp/dhcpd.conf’? y
[root@dns-server ~]# vim /etc/dhcp/dhcpd.conf
[root@dns-server ~]# cd /mnt
[root@dns-server mnt]# ls
Kwestoskey.+157+23306.key Kwestoskey.+157+23306.private westos.com.zone
[root@dns-server mnt]# cat Kwestoskey.+157+23306.private
Private-key-format: v1.3
Algorithm: 157 (HMAC_MD5)
Key: g04OufcLBqwhg7/Oz2WhL6w6dUe5ZjdXOlJLb5ikQyA=
Bits: AAA=
Created: 20170510171414
Publish: 20170510171414
Activate: 20170510171414
[root@dns-server mnt]# cd
[root@dns-server ~]# vim /etc/dhcp/dhcpd.conf
[root@dns-server ~]# vim /etc/westos.key
[root@dns-server ~]# vim /etc/dhcp/dhcpd.conf
[root@dns-server ~]# systemctl restart dhcpd
[root@dns-server ~]# systemctl restart named
[root@dns-server ~]# systemctl stop firewalld
测试:
5035
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
