ProHoster > Блог > Whakahaerenga > Whakahokia te tuku rohenga ki nga kupenga iti iho i te /24 i te BIND. Me pehea te mahi

Whakahokia te tuku rohenga ki nga kupenga iti iho i te /24 i te BIND. Me pehea te mahi

I tetahi ra i anga ahau ki te tuku mana ki tetahi o aku kaihoko ki te whakatika i nga rekoata PTR o te kupengaroto /28 i whakawhiwhia ki a ia. Kaore au i te mahi aunoa mo te whakatika i nga tautuhinga BIND mai i waho. Na reira, i whakatau ahau ki te whai huarahi rereke - ki te tuku ki te kiritaki tetahi wahi o te rohe PTR o te kupengaroto /24.

Te ahua nei - he aha te mea ngawari ake? Ka rehita noa matou i te kupenga-roto i te mea e hiahiatia ana ka tukuna ki te NS e hiahiatia ana, pera me te mahi ki te subdomain. Engari kaore. Ehara i te mea ngawari (ahakoa ko te tikanga he mea taketake, engari kare te maarama e awhina), na reira ahau i tuhi ai i tenei tuhinga.

Ka taea e te tangata e hiahia ana ki te mohio ki a ia ano te panui RFC
Ko wai e hiahia ana ki te otinga kua rite, nau mai ki te ngeru.

Kia kore ai e whakaroa te hunga e pai ana ki te tikanga kape-whakapiri, ka whakairihia e au te wahanga mahi i te tuatahi, katahi ka te wahanga ariā.

1. Parakatihi. Rohe tuku /28

Me kii he kupengaroto ta tatou 7.8.9.0/24. Me tuku te kupengaroto 7.8.9.240/28 ki te kiritaki dns 7.8.7.8 (ns1.client.domain).

I runga i te DNS o te kaiwhakarato me rapu koe i tetahi konae e whakaatu ana i te rohe whakamuri o tenei kupengaroto. Waiho 9.8.7.in-addr.harp.
Ka korero matou mo nga whakaurunga mai i te 240 ki te 255, mena kei reira. A i te mutunga o te konae ka tuhia e matou enei e whai ake nei:

255-240  IN  NS      7.8.7.8
$GENERATE 240-255 $ CNAME $.255-240

kaua e wareware ki te whakanui ake i te rohe rangatū me te mahi 

rndc reload

Ka whakaoti tenei i te waahanga kaiwhakarato. Me neke atu ki te dns kiritaki.

Tuatahi, me hanga he konae /etc/bind/master/255-240.9.8.7.in-addr.arpa te ihirangi e whai ake nei:

$ORIGIN 255-240.9.8.7.in-addr.arpa.
$TTL 1W
@                       1D IN SOA       ns1.client.domain. root.client.domain. (
                        2008152607      ; serial
                        3H              ; refresh
                        15M             ; retry
                        1W              ; expiry
                        1D )            ; minimum
@                       IN NS        ns1.client.domain.
@                       IN NS        ns2.client.domain.
241                     IN PTR          test.client.domain.
242                     IN PTR          test2.client.domain.
245                     IN PTR          test5.client.domain.

Na ka ingoa.conf tāpirihia he whakaahuatanga o tā mātou kōnae hōu:

zone "255-240.9.8.7.in-addr.arpa." IN {
        type master;
        file "master/255-240.9.8.7.in-addr.arpa";
};

B whakaara ano i te tukanga here.

/etc/init.d/named restart

Katoa. Inaianei ka taea e koe te tirotiro.

#>  host 7.8.9.245 
245.9.8.7.in-addr.arpa is an alias for 245.255-240.9.8.7.in-addr.arpa.
245.255-240.9.8.7.in-addr.arpa domain name pointer test5.client.domain.

Kia mahara ehara ko te rekoata PTR anake ka hoatu, engari ko te CNAME hoki. Me penei tonu. Mena kei te whakaaro koe he aha, nau mai ki te upoko e whai ake nei.

2. Tikanga. Pehea te mahi.

He uaua ki te whirihora me te patuiro i te pouaka pango. He maamaa ake mena ka mohio koe ki nga mahi o roto.

Ina tukuna e matou he roheroto i roto i te rohe rohe, ka tuhia e matou he penei:

client.domain.	NS	ns1.client.domain.
ns1.client.domain.	A	7.8.7.8

Ka kii atu matou ki nga tangata katoa e patai ana kaore matou i te kawenga mo tenei papaanga me te kii ko wai te kawenga. Me nga tono katoa mo kiritaki.domain anga ki te 7.8.7.8. I te wa e tirotirohia ana, ka kite tatou i te pikitia e whai ake nei (ka waiho e matou nga mea kei reira te kaihoko. Kare he mea nui):

# host test.client.domain
test.client.domain has address 7.8.9.241

Ko era. i whakamohiotia mai he rekoata penei A ko tona ip ko 7.8.9.241. Kaore he korero koretake.

Me pehea te mahi pera me te kupengaroto?

No te mea kua rehitatia to tatou tūmau DNS i roto i te RIPE, katahi ka tono he wahitau IP PTR mai i ta maatau whatunga, ko te tono tuatahi ki a maatau tonu. He rite te arorau ki nga rohe. Engari me pehea te whakauru i tetahi kupengaroto ki roto i te konae rohe?

Me ngana ki te whakauru penei:

255-240  IN  NS      7.8.7.8

Na ... karekau te merekara i puta. Kaore matou e whiwhi tono anga whakamua. Ko te mea ko te here kaore i te mohio ko enei urunga kei roto i te konae rohe whakamuri he wahitau IP, karekau e mohio ki te urunga awhe. Mo ia, he ahua noa tenei o te subdomain tohu. Ko era. mo te here karekau he rereketanga i waenganui i "255-240»Na«to tatou kaihoko". A mo te tono kia haere ki te wahi e tika ana kia haere, me penei te ahua o te wahi noho o te tono: 241.255-240.9.8.7.in-addr.arpa. Ka penei ranei mena ka whakamahi tatou i te ingoa-roto-roto: 241.oursuperclient.9.8.7.in-addr.arpa. He rereke tenei i te tikanga o mua: 241.9.8.7.in-addr.harp.

He uaua ki te tuku a-ringa i taua tono. A ahakoa e mahi ana, kaore i te maarama me pehea te whakamahi i roto i te ao. I muri i nga mea katoa, i runga i te tono 7.8.9.241 Ko te DNS a te kaiwhakarato kei te whakautu tonu ki a matou, ehara i ta te kiritaki.

Na konei ka uru ratou ki te takaro CNAME.

I te taha o te kaiwhakarato, me hanga e koe he ingoa ingoa mo nga wahitau IP katoa o te kupengaroto i roto i te whakatakotoranga ka tukuna te tono ki te DNS kiritaki.

255-240  IN  NS      ns1.client.domain.
241     IN  CNAME   241.255-240
242     IN  CNAME   242.255-240
и т.д.

Mo te hunga pukumahi tenei =).

Na mo te hunga mangere, he pai ake te hoahoa i raro nei:

255-240  IN  NS      ns1.client.domain.
$GENERATE 240-255 $ CNAME $.255-240

Inaianei tono korero i 7.8.9.241 Tuhinga ka whai mai 241.9.8.7.in-addr.harp i runga i te tūmau DNS o te kaiwhakarato ka tahuri ki 241.255-240.9.8.7.in-addr.arpa ka haere ki te kiritaki dns.

Ma te taha o te kiritaki e whakahaere nga tono penei. Na reira, ka hangaia e matou he rohe 255-240.9.8.7.in-addr.arpa. I roto, ka taea e matou, ko te tikanga, te whakatakoto i nga urunga whakamuri mo tetahi ip o te katoa /24 kupengaroto, engari ka patai noa mai ratou mo nga mea ka tukuna mai e te kaiwhakarato ki a matou, no reira kare e taea e matou te takaro =).
Hei whakaatu, ka hoatu ano e ahau he tauira o nga ihirangi o te konae rohe whakamuri mai i te taha o te kiritaki:

$ORIGIN 255-240.9.8.7.in-addr.arpa.
$TTL 1W
@                       1D IN SOA       ns1.client.domain. root.client.domain. (
                        2008152607      ; serial
                        3H              ; refresh
                        15M             ; retry
                        1W              ; expiry
                        1D )            ; minimum
@                       IN NS        ns1.client.domain.
@                       IN NS        ns2.client.domain.
241                     IN PTR          test.client.domain.
242                     IN PTR          test2.client.domain.
245                     IN PTR          test5.client.domain.

Na te mea kei te whakamahi matou i te CNAME i te taha o te kaiwhakarato, me te whakautu ki te tono mo nga raraunga ma te wahitau IP ka whiwhi matou i nga rekoata e rua, kaore i te kotahi.

#>  host 7.8.9.245 
245.9.8.7.in-addr.arpa is an alias for 245.255-240.9.8.7.in-addr.arpa.
245.255-240.9.8.7.in-addr.arpa domain name pointer test5.client.domain.

A kaua e wareware ki te whirihora tika i te ACL. Na te mea kaore he tikanga ki te tango i tetahi rohe PTR mo koe me te kore e whakautu ki tetahi o waho =).

Source: will.com

Tāpiri i te kōrero