named+dhcpd DDNS <?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" />

 

一、概述

1.        操作系统为RHEL4,所使用软件包均为系统自带。

2.        域名:aptech.com,主机名称:ns,主机IP地址:192.168.1.200

3.        所需软件包:

dhcp-<?xml:namespace prefix = st1 ns = "urn:schemas-microsoft-com:office:smarttags" />3.0.1-12_EL.i386.rpm

bind-9.2.4-2.i386.rpm

 

二、准备工作

#修改机器名

[root@localhost ~]# vi /etc/sysconfig/network

NETWORKING=yes

HOSTNAME=ns.aptech.com

[root@localhost ~]# vi /etc/hosts

127.0.0.1               localhost.localdomain localhost

192.168.1.200             ns.aptech.com ns

 

#修改网卡IP配置

[root@localhost ~]#vi /etc/sysconfig/network-scripts/ifcfg-eth0

DEVICE=eth0

BOOTPROTO=static

ONBOOT=yes

TYPE=Ethernet

IPADDR=192.168.1.200

NETMASK=255.255.255.0

GATEWAY=192.168.1.1

NETWORK=192.168.1.0

BROADCAST=192.168.1.255

 

#修改DNS

[root@localhost ~]# vi /etc/host.conf

order bind,hosts

[root@localhost ~]# vi /etc/resolv.conf

search aptech.com

nameserver 192.168.1.200

 

[root@localhost ~]#reboot

 

三、配置DHCP

使用rpm包安装之后,生成有一个样本/usr/share/doc/dhcp-3.0.1/dhcpd.conf.sample,利用这个文件。

确认存在/var/lib/dhcp/dhcpd.leases这个文件,这是记录用户租约的文件。

 

[root@ns /]# cp /usr/share/doc/dhcp-3.0.1/dhcpd.conf.sample /etc/dhcpd.conf

 

[root@ns ~]# vi etc/dhcpd.conf

ddns-update-style interim;

ignore client-updates;

subnet 192.168.1.0 netmask 255.255.255.0 {

        option routers                  192.168.1.1;

        option subnet-mask              255.255.255.0;

        option domain-name              "aptech.com";

        option domain-name-servers      192.168.1.200;

        option time-offset              -18000; # Eastern Standard Time

        range dynamic-bootp 192.168.1.100 192.168.1.200;

        default-lease-time 21600;

        max-lease-time 43200;

}

 

[root@ns ~]# chkconfig --level 3 dhcpd on

[root@ns ~]# service dhcpd start dhcpd

 

四、配置DNS

 [root@ns ~]# vi /etc/named.conf

#增加以下数行

zone "aptech.com" IN {

        type master;

        file "aptech.com.zone";

        allow-update { none; };

};

 

zone "1.168.192.in-addr.arpa" IN {

        type master;

        file "192.168.1.arpa";

        allow-update { none; };

};

 

[root@ns ~]# cd /var/named/

[root@ns named]# touch aptech.com.zone

[root@ns named]# touch 192.168.1.arpa

[root@ns named]# chown named:named aptech.com.zone

[root@ns named]# chown named:named 192.168.1.arpa

[root@ns named]# chown named:named /var/named

 

 

[root@ns named]# vi aptech.com.zone

#正向解析。参照localdomain.zone。注意完整主机名后面跟一个“.

$TTL    86400

@               IN SOA  ns.aptech.com.     root.aptech.com. (

                           2007100800      ; serial (d. adams)

                           3H              ; refresh

                           15M             ; retry

                           1W              ; expiry

                           1D )            ; minimum

 

                IN NS           ns.aptech.com.

                IN MX   10      mail

                IN A            192.168.1.200

ns              IN A            192.168.1.200

mail            CNAME           ns

 

[root@ns named]# vi 192.168.1.arpa

#反向解析。参照named.local。注意完整主机名后面跟一个“.

$TTL    86400

@       IN      SOA     1.168.192.in-addr.arpa.  root.aptech.com.  (

                                      2007100800 ; Serial

                                      3h         ; Refresh

                                      15m        ; Retry

                                      1w         ; Expire

                                      1d    )    ; Minimum

              IN      NS      ns.aptech.com.

 

200           IN       PTR     ns.aptech.com.

 

#启动服务

[root@ns named]# service named start

Starting named: [  OK  ]

 

#测试

[root@ns named]# nslookup

> ns

Server:         192.168.1.200

Address:        192.168.1.200#53

 

Name:   ns.aptech.com

Address: 192.168.1.200

> mail

Server:         127.0.0.1

Address:        127.0.0.1#53

 

mail.aptech.com    canonical name = ns.aptech.com.

Name:   ns.aptech.com

Address: 192.168.1.200

> 192.168.1.200

Server:         192.168.1.200

Address:        192.168.1.200#53

 

200.1.168.192.in-addr.arpa        name = ns.aptech.com.

> exit

[root@ns named]#

 

#至此,基本的DNSDHCP已经可以工作,连接到网络的客户机也可以自动获取IP地址等信息。但是使用nslookup还是无法解析客户端的IP地址或主机名,需要配置DDNS解决。

 

#关于rndc

#默认情况下,安装bind包的时候,在/etc下已经生成了rndc.confrndc.key文件,#如果没有,可用以下命令生成 rndc-confgen >/etc/rndc.conf

rndc是控制DNS服务器的软件,

 

五、配置DDNS

DDNS的配置,需要在nameddhcp的配置文件中声名一个相同的key

#通过命令dnssec-keygen生成两个文件,其中包含key

[root@ns ~]# dnssec-keygen -a HMAC-MD5 -b 128 -n USER dhcp_updater

Kdhcp_updater.+157+19856

[root@ns ~]# cat Kdhcp_updater.+157+19856.private

Private-key-format: v1.2

Algorithm: 157 (HMAC_MD5)

Key: AEmzoO5VvkZGgDqco1L+og==

 

#根据以上Key值,修改named.confdhcpd.conf文件

A:

[root@ns ~]# vi /etc/named.conf

options {

directory "/var/named";

dump-file "/var/named/data/cache_dump.db";

statistics-file "/var/named/data/named_stats.txt";

};

 

 

zone "aptech.com" {

type master;

file "aptech.com.zone";

allow-update { key "dhcp_updater";};

};

zone "1.168.192.in-addr.arpa" {

type master;

file "192.168.1.arpa";

allow-update { key "dhcp_updater";};

};

key dhcp_updater {

        algorithm HMAC-MD5.SIG-ALG.REG.INT;

        secret AEmzoO5VvkZGgDqco1L+og==;

};

include "/etc/rndc.key";

 

B:

[root@ns ~]# vi /etc/dhcpd.conf

ddns-update-style interim;

ignore client-updates;

 

key dhcp_updater {

        algorithm HMAC-MD5.SIG-ALG.REG.INT;

        secret AEmzoO5VvkZGgDqco1L+og==;

}

zone aptech.com. {

primary 192.168.1.200;

key "dhcp_updater";

}

 

zone 1.168.192.in-addr.arpa. {

primary 192.168.1.200;

key "dhcp_updater";

}

subnet 192.168.1.0 netmask 255.255.255.0 {

 

option routers         192.168.1.1;

option subnet-mask     255.255.255.0;

 

option domain-name     "aptech.com";

option domain-name-servers 192.168.1.200;

 

option time-offset     -18000;    # Eastern Standard Time

 

range dynamic-bootp 192.168.1.128 192.168.1.254;

default-lease-time 21600;

max-lease-time 43200;

}

 

<?xml:namespace prefix = v ns = "urn:schemas-microsoft-com:vml" />