1、先创建一个用户myddns
#useradd myddns
2、生成密码
#dnssec-keygen -a HMAC-MD5 -b 128 -n USER myddns
在当前目录下生成了两个文件:
Kmyddns.+157+59363.key
Kmyddns.+157+59363.private
3、配置DNS
#vi /etc/named.conf
添加以下内容:
key myddns {
algorithm HMAC-MD5.SIG-ALG.REG.INT;
secret xEGzMJVu7aT81lC5QRzIg==;
};
其中secrect后的内容是用vi打开Kmyddns.+157+59363.private后,拷贝里面的密码文件得来的!
4、配置DHCP
#vi /etc/dhcpd.conf
先将第二行前面的“#”去掉,再在subnet 上面添加下面一行内容:
ddns-updates on;
在option domain-name 后,改成DNS的域名,例如“sunman.com”
在option domain-name-servers 后,填写好DNS服务器的IP地址,例如:192.168.1.112
然后在里面添加下面几行内容:
key myddns {
algorithm HMAC-MD5.SIG-ALG.REG.INT;
secret xEGzMJVu7aT81lC5QRzIg==;
}
zone sunman.com. {
primary 192.168.1.2;
key myddns;
}
zone 1.168.192.in-addr.arpa. {
primary 192.168.1.2;
key myddns;
}
保存退出!
5、开启DNS和DHCP服务器
#service named start
#service dhcpd start
6、通过下面的命令排错
#tail -n 20 /var/log/messages | grep named (指定显示靠后的20行内容)
#tail /var/log/messages | grep dhcpd (全部显示所有内容)
7、linux客户端通过dhclient命令动态获取到IP,这时在DNS服务器的/var/named/chroot/var/named/下会生成两个扩展名是.jnl的文件。
还有一点要注意,linux客户端还必须执行下面的工作
#cp /usr/share/doc/dhclient-3.0pl2/dhclient.conf.sample /etc/dhclient.conf
生成一个dhclient.conf配置文件
#vi /etc/dhclient.conf
修改第一行内容,将双引号里的内容删掉,添加上自己的主机名。
最后再执行dhclient命令来获取IP。
/etc/named.conf文件内容:
options {
directory "/var/named";
listen-on ports 53 {
127.0.0.1;
192.168.1.112;
};
forward first;
forwarders {202.38.64.1;202.96.199.133;};
};
zone "." IN {
type hint;
file "named.ca";
};
zone "localhost" IN {
type master;
file "localhost.zone";
};
zone "0.0.127.in-addr.arpa" IN {
type master;
file "localhost.arpa";
};
key myddns {
algorithm HMAC-MD5.SIG-ALG.REG.INT;
secret xEGzMJVu7aT81lC5QRzIg==;
};
zone "sunman.com" IN {
type master;
file "sunman.zone";
allow-update { key myddns; };
};
zone "1.168.192.in-addr.arpa" IN {
type master;
file "sunman.arpa";
allow-update { key myddns; };
};
key "rndc-key" {
algorithm hmac-md5;
secret "pq18UO7rODLStf5XVdg17Q==";
};
controls {
inet 127.0.0.1 port 953
allow { 127.0.0.1; } keys { "rndc-key"; };
};
/etc/dhcpd.conf配置文件内容:
ddns-update-style interim;
#ignore client-updates;
ddns-updates on;
subnet 192.168.1.0 netmask 255.255.255.0 {
# --- default gateway
option routers 192.168.1.1;
option subnet-mask 255.255.255.0;
option nis-domain "domain.org";
option domain-name "sunman.com";
option domain-name-servers 192.168.1.112;
option time-offset -18000;
# Eastern Standard Time
# option ntp-servers 192.168.1.1;
# option netbios-name-servers 192.168.1.1;
# --- Selects point-to-point node (default is hybrid). Don't change this unless
# -- you understand Netbios very well
# option netbios-node-type 2;
range 192.168.1.128 192.168.1.255;
range 192.168.1.10 192.168.1.100;
default-lease-time 21600;
max-lease-time 43200;
# we want the nameserver to appear at a fixed address
host ns {
next-server marvin.redhat.com;
hardware ethernet 12:34:56:78:AB:CD;
fixed-address 207.175.42.254;
}
}
key myddns {
algorithm HMAC-MD5.SIG-ALG.REG.INT;
secret xEGzMJVu7aT81lC5QRzIg==;
}
zone sunman.com. {
primary 192.168.1.2;
key myddns;
}
zone 1.168.192.in-addr.arpa. {
primary 192.168.1.2;
key myddns;
}
+6
我很赞同
2009-1-7 19:26
分享至: