Pulogalamu ya ProHoster > Blog > Ulamuliro > Bwezeretsani zoni ku magawo ochepera /24 mu BIND. Momwe zimagwirira ntchito

Bwezeretsani zoni ku magawo ochepera /24 mu BIND. Momwe zimagwirira ntchito

Tsiku lina ndinayang'anizana ndi ntchito yopatsa mmodzi wa makasitomala anga ufulu wokonza zolemba za PTR za /28 subnet yomwe adapatsidwa. Ndilibe makina osinthira a BIND kuchokera kunja. Chifukwa chake, ndinaganiza zotengera njira ina - kupereka kwa kasitomala gawo la PTR la subnet / 24 subnet.

Zikuwoneka - ndi chiyani chomwe chingakhale chophweka? Timangolembetsa subnet momwe tikufunikira ndikuwongolera ku NS yomwe tikufuna, monga zimachitikira ndi subdomain. Koma ayi. Sizophweka (ngakhale kuti zenizeni nthawi zambiri zimakhala zachikale, koma chidziwitso sichingathandize), ndichifukwa chake ndikulemba nkhaniyi.

Aliyense amene akufuna kudziwerengera yekha akhoza kuwerenga RFC
Amene akufuna njira yokonzekera, kulandiridwa kwa mphaka.

Kuti ndisachedwetse anthu omwe amakonda njira ya kopi-paste, ndiyika gawo lothandizira, kenako gawo lofotokozera.

1. Yesetsani. Malo ogawa /28

Tinene kuti tili ndi subnet 7.8.9.0/24. Tiyenera kupereka subnet 7.8.9.240/28 ku dns kasitomala 7.8.7.8 (ns1.client.domain).

Pa DNS ya wothandizira muyenera kupeza fayilo yomwe imafotokoza chigawo chakumbuyo cha subnet iyi. Zilekeni zikhale chomwecho Onetsani: 9.8.7.in-addr.arpa.
Timathirira ndemanga pazolemba kuyambira 240 mpaka 255, ngati zilipo. Ndipo kumapeto kwa fayilo timalemba izi:

255-240  IN  NS      7.8.7.8
$GENERATE 240-255 $ CNAME $.255-240

musaiwale kuwonjezera zone siriyo ndi kuchita 

rndc reload

Izi zimamaliza gawo la operekera. Tiyeni tipite ku kasitomala dns.

Choyamba, tiyeni tipange fayilo /etc/bind/master/255-240.9.8.7.in-addr.arpa zotsatirazi:

$ORIGIN 255-240.9.8.7.in-addr.arpa.
$TTL 1W
@                       1D IN SOA       ns1.client.domain. root.client.domain. (
                        2008152607      ; serial
                        3H              ; refresh
                        15M             ; retry
                        1W              ; expiry
                        1D )            ; minimum
@                       IN NS        ns1.client.domain.
@                       IN NS        ns2.client.domain.
241                     IN PTR          test.client.domain.
242                     IN PTR          test2.client.domain.
245                     IN PTR          test5.client.domain.

Ndipo wotchedwa.conf onjezani kufotokozera za fayilo yathu yatsopano:

zone "255-240.9.8.7.in-addr.arpa." IN {
        type master;
        file "master/255-240.9.8.7.in-addr.arpa";
};

B kuyambitsanso ndondomeko yomanga.

/etc/init.d/named restart

Zonse. Tsopano mutha kuyang'ana.

#>  host 7.8.9.245 
245.9.8.7.in-addr.arpa is an alias for 245.255-240.9.8.7.in-addr.arpa.
245.255-240.9.8.7.in-addr.arpa domain name pointer test5.client.domain.

Chonde dziwani kuti si mbiri ya PTR yokha yomwe imaperekedwa, komanso CNAME. Ndi momwe ziyenera kukhalira. Ngati mukudabwa chifukwa chake, landirani kumutu wotsatira.

2. Chiphunzitso. Momwe zimagwirira ntchito.

Ndizovuta kukonza ndi kukonza bokosi lakuda. Ndikosavuta ngati mumvetsetsa zomwe zikuchitika mkati.

Pamene tigawira subdomain mu domain ankalamulira, kenako timalemba motere:

client.domain.	NS	ns1.client.domain.
ns1.client.domain.	A	7.8.7.8

Timauza aliyense amene afunsa kuti sitili ndi udindo pa tsamba ili ndikuwuza yemwe ali ndi udindo. Ndipo zopempha zonse client.domain tumizani ku 7.8.7.8. Tikayang'ana, tiwona chithunzi chotsatirachi (tidzasiya zomwe kasitomala ali nazo. Zilibe kanthu):

# host test.client.domain
test.client.domain has address 7.8.9.241

Iwo. tidadziwitsidwa kuti pali mbiri ya A ndipo ip yake ndi 7.8.9.241. Palibe zambiri zosafunika.

Kodi chinthu chomwecho chingachitidwe bwanji ndi subnet?

Chifukwa seva yathu ya DNS idalembetsedwa ku RIPE, ndiye popempha adilesi ya PTR IP kuchokera pamaneti athu, pempho loyamba lidzakhala kwa ife. logic ndi chimodzimodzi ndi madambwe. Koma mumalowetsa bwanji subnet mu fayilo ya zone?

Tiyeni tiyese kuziyika motere:

255-240  IN  NS      7.8.7.8

Ndipo ... chozizwitsa sichinachitike. Sitikulandira kupempha kwina kulikonse. Chowonadi ndichakuti Bind samadziwa kuti zomwe zalembedwa mu fayilo ya reverse zone ndi ma adilesi a IP, ndipo koposa zonse samamvetsetsa zolowera. Kwa iye, uwu ndi mtundu wina chabe wa subdomain yophiphiritsira. Iwo. chifukwa kumanga sipadzakhala kusiyana"255-240"Ndipo"wapamwamba wathu". Ndipo kuti pempho lipite kumene likuyenera kupita, adilesi yomwe ili mu pempho iyenera kuwoneka motere: 241.255-240.9.8.7.in-addr.arpa. Kapena monga chonchi ngati tigwiritsa ntchito subdomain: 241.kasitomala wathu wamkulu.9.8.7.in-addr.arpa. Izi ndi zosiyana ndi zanthawi zonse: Onetsani: 241.9.8.7.in-addr.arpa.

Zidzakhala zovuta kupanga pempho lotere pamanja. Ndipo ngakhale zikugwira ntchito, sizikudziwikabe momwe angagwiritsire ntchito m'moyo weniweni. Ndipotu, popempha 7.8.9.241 DNS ya woperekayo imayankhabe kwa ife, osati ya kasitomala.

Ndipo apa ndipamene amayamba kusewera CNAME.

Kumbali ya wothandizira, muyenera kupanga ma alias a ma adilesi onse a IP a subnet mumtundu womwe ungatumize pempho kwa kasitomala DNS.

255-240  IN  NS      ns1.client.domain.
241     IN  CNAME   241.255-240
242     IN  CNAME   242.255-240
ΠΈ Ρ‚.Π΄.

Izi ndi za olimbikira =).

Ndipo kwa aulesi, mapangidwe omwe ali pansipa ndi abwino kwambiri:

255-240  IN  NS      ns1.client.domain.
$GENERATE 240-255 $ CNAME $.255-240

Tsopano funsani zambiri pa 7.8.9.241 kuchokera Onetsani: 241.9.8.7.in-addr.arpa pa seva ya DNS yopereka idzasinthidwa kukhala 241.255-240.9.8.7.in-addr.arpa ndikupita ku dns kasitomala.

Mbali ya kasitomala iyenera kuthana ndi zopempha zotere. Chifukwa chake, timapanga zone 255-240.9.8.7.in-addr.arpa. Mmenemo, tikhoza, makamaka, kuyika zolembera zam'mbuyo pa ip iliyonse ya / 24 subnet yonse, koma adzatifunsa za zomwe opereka amapereka kwa ife, kotero sitidzatha kusewera mozungulira =).
Kuti tifotokozere, ndiperekanso chitsanzo cha zomwe zili mufayilo ya reverse zone kuchokera kumbali ya kasitomala:

$ORIGIN 255-240.9.8.7.in-addr.arpa.
$TTL 1W
@                       1D IN SOA       ns1.client.domain. root.client.domain. (
                        2008152607      ; serial
                        3H              ; refresh
                        15M             ; retry
                        1W              ; expiry
                        1D )            ; minimum
@                       IN NS        ns1.client.domain.
@                       IN NS        ns2.client.domain.
241                     IN PTR          test.client.domain.
242                     IN PTR          test2.client.domain.
245                     IN PTR          test5.client.domain.

Ndi chifukwa chakuti timagwiritsa ntchito CNAME kumbali ya wothandizira, ndipo poyankha pempho la deta ndi adilesi ya IP timalandira zolemba ziwiri, osati imodzi.

#>  host 7.8.9.245 
245.9.8.7.in-addr.arpa is an alias for 245.255-240.9.8.7.in-addr.arpa.
245.255-240.9.8.7.in-addr.arpa domain name pointer test5.client.domain.

Ndipo musaiwale kukonza ACL molondola. Chifukwa sizomveka kudzitengera PTR zone osati kuyankha aliyense wakunja =).

Source: www.habr.com

Kuwonjezera ndemanga