###################dhcp--dns############################
server:
一,附加:key(加密)
1,mk keyfile
cd /mnt/
dnssec-keygen -a HMAC-MD5 -b 256 -n HOST westoskey
2,mk key configfile
cp -p /etc/rndc.key /etc/westos.key
vim /etc/westos.key
key "westoskey" {
algorithm hmac-md5;
secret "J2Jm7MEOtIreeug2fi8VgshguvQL+uJzWHWNYsFp1bs=";
};
[root@dns-server mnt]# cat Kwestoskey.+157+21161.private
Private-key-format: v1.3
Algorithm: 157 (HMAC_MD5)
Key: J2Jm7MEOtIreeug2fi8VgshguvQL+uJzWHWNYsFp1bs=
Bits: AAA=
Created: 20170509125240
Publish: 20170509125240
3,config dns
vim /etc/named.conf
41 };
42 include "/etc/westos.key";
vim /etc/named.rfc1912.zones
25 zone "westos.com" IN {
26 type master;
27 file "westos.com.zone";
28 allow-update { key westoskey; }; ---> 由key westoskey来进行dns更新
29 };
systemctl restart named
4,send key to client:
scp Kwestoskey.+157+21161.* root@172.25.254.235:/mnt/
二,dhcp的安装及配置
1,install software
yum clean all
yum install dhcp -y
2,mk configfile
cp /usr/share/doc/dhcp-4.2.5/dhcpd.conf.example /etc/dhcp/dhcpd.conf
3,change configfile
vim /etc/dhcp/dhcp.conf
7 option domain-name "westos.com";
8 option domain-name-servers 172.25.254.135;
14 ddns-update-style interim;
28 # This is a very basic subnet declaration.
29
30 subnet 172.25.254.0 netmask 255.255.255.0 { ---> 网段及子网掩码
31 range 172.25.254.88 172.25.254.199; ---> 动态ip范围
32 option routers 172.25.254.90;
33 }
34 key westoskey {
35 algorithm hmac-md5;
36 secret J2Jm7MEOtIreeug2fi8VgshguvQL+uJzWHWNYsFp1bs=;
37 };
38
39 zone westos.com. {
40 primary 127.0.0.1;
41 key westoskey;
42 }
43
systemctl restart dhcpd
二,client (测试)
1,拔掉网线;
hostnamectl set-hostname test.westos.com
2,vim /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=eth0
BOOTPROTO=dhcp ---->dhcp动态ip
ONBOOT=yes
TYPE=Ethernet
USERCTL=yes
PEERDNS=yes
IPV6INIT=no
PERSISTENT_DHCLIENT=1
systemctl restart network
vim /etc/resolv.conf
# Generated by NetworkManager
domain westos.com
search westos.com
nameserver 172.25.254.135
3,[root@test ~]# dig test.westos.com
; <<>> DiG 9.9.4-RedHat-9.9.4-14.el7 <<>> test.westos.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 19488
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;test.westos.com. IN A
;; ANSWER SECTION:
test.westos.com. 300 IN A 172.25.254.88 ---->动态ip
;; AUTHORITY SECTION:
westos.com. 86400 IN NS dns.westos.com.
;; ADDITIONAL SECTION:
dns.westos.com. 86400 IN A 172.25.254.135
;; Query time: 1 msec
;; SERVER: 172.25.254.135#53(172.25.254.135)
;; WHEN: Tue May 09 10:16:29 EDT 2017
;; MSG SIZE rcvd: 94