ProHoster > Blog > Tsamaiso > Khutlisetsa phetisetso ea libaka ho li-subnet tse ka tlase ho /24 ho BIND. Kamoo e sebetsang kateng

Khutlisetsa phetisetso ea libaka ho li-subnet tse ka tlase ho /24 ho BIND. Kamoo e sebetsang kateng

Ka letsatsi le leng ke ne ke tobane le mosebetsi oa ho fa e mong oa bareki ba ka tokelo ea ho hlophisa litlaleho tsa PTR tsa /28 subnet eo ae filoeng. Ha ke na automation ea ho hlophisa litlhophiso tsa BIND ho tsoa kantle. Ka hona, ke nkile qeto ea ho nka tsela e fapaneng - ho abela moreki karolo ea sebaka sa PTR sa subnet /24.

E ka bonahala - ke eng e ka bang bonolo ho feta? Re ngolisa feela subnet kamoo ho hlokahalang ebe re e lebisa ho NS e lakatsehang, joalo ka ha ho etsoa ka subdomain. Empa che. Ha se ntho e bonolo hakaalo (le hoja ha e le hantle e le ea khale, empa intuition e ke ke ea thusa), ke kahoo ke ngolang sehlooho sena.

Mang kapa mang ea batlang ho ipalla eona a ka ipalla RFC
Ke mang ea batlang tharollo e lokiselitsoeng, amohela katse.

E le hore ke se ke ka liehisa ba ratang mokhoa oa ho kopitsa-ho beha, ke tla beha karolo e sebetsang pele, ebe ke karolo ea theory.

1. Itloaetse. Sebaka sa ho abela ba bang /28

Ha re re re na le subnet 7.8.9.0/24. Re hloka ho fana ka subnet 7.8.9.240/28 ho dns client 7.8.7.8 (ns1.client.domain).

Ho DNS ea mofani oa litšebeletso u hloka ho fumana faele e hlalosang sebaka se ka morao sa subnet ena. E tlohelle 9.8.7.in-addr.harepa.
Re fana ka maikutlo ka likenyo ho tloha ho 240 ho isa ho 255, haeba ho na le. 'Me qetellong ea faele re ngola tse latelang:

255-240  IN  NS      7.8.7.8
$GENERATE 240-255 $ CNAME $.255-240

u se ke ua lebala ho eketsa sebaka sa serial le ho se etsa 

rndc reload

Sena se phethela karolo ea mofani. Ha re feteleng ho dns ea bareki.

Pele, ha re theheng faele /etc/bind/master/255-240.9.8.7.in-addr.arpa litaba tse latelang:

$ORIGIN 255-240.9.8.7.in-addr.arpa.
$TTL 1W
@                       1D IN SOA       ns1.client.domain. root.client.domain. (
                        2008152607      ; serial
                        3H              ; refresh
                        15M             ; retry
                        1W              ; expiry
                        1D )            ; minimum
@                       IN NS        ns1.client.domain.
@                       IN NS        ns2.client.domain.
241                     IN PTR          test.client.domain.
242                     IN PTR          test2.client.domain.
245                     IN PTR          test5.client.domain.

Le ho e bitsoang.conf Kenya tlhaloso ea faele ea rona e ncha:

zone "255-240.9.8.7.in-addr.arpa." IN {
        type master;
        file "master/255-240.9.8.7.in-addr.arpa";
};

B qala hape ts'ebetso ea ho tlama.

/etc/init.d/named restart

Tsohle. Joale u ka hlahloba.

#>  host 7.8.9.245 
245.9.8.7.in-addr.arpa is an alias for 245.255-240.9.8.7.in-addr.arpa.
245.255-240.9.8.7.in-addr.arpa domain name pointer test5.client.domain.

Ka kopo hlokomela hore ha se rekoto ea PTR feela e fanoeng, empa hape le CNAME. Ho lokela hoba jwalo. Haeba u ntse u ipotsa hore na ke hobane'ng, joale amohela khaolo e latelang.

2. Khopolo. Kamoo e sebetsang kateng.

Ho thata ho hlophisa le ho lokisa lebokose le letšo. Ho bonolo haholo haeba u utloisisa se etsahalang ka hare.

Ha re abela subdomain sebakeng domain name, ebe re ngola ntho e kang ena:

client.domain.	NS	ns1.client.domain.
ns1.client.domain.	A	7.8.7.8

Re bolella motho e mong le e mong ea botsang hore ha re ikarabelle bakeng sa sebaka sena sa marang-rang mme re bolelle hore na ke mang ea ikarabellang. Le likopo tsohle bakeng sa client.domain fetisetsa ho 7.8.7.8. Ha re hlahloba, re bona setšoantšo se latelang (re tla siea seo moreki a nang le sona moo. Ha ho na taba):

# host test.client.domain
test.client.domain has address 7.8.9.241

Tseo. re ile ra tsebisoa hore ho na le tlaleho e joalo ea A mme ip ea eona ke 7.8.9.241. Ha ho lintlha tse sa hlokahaleng.

Ntho e tšoanang e ka etsoa joang ka subnet?

Hobane seva sa rona sa DNS se ngolisitsoe ho RIPE, joale ha re kopa aterese ea PTR IP ho marang-rang a rona, kopo ea pele e ntse e tla ba ho rona. The logic e tšoana le ka domains. Empa u kenya subnet joang faeleng ea libaka?

Ha re leke ho e kenya tjena:

255-240  IN  NS      7.8.7.8

Mme ... mohlolo ha oa etsahala. Ha re fumane kopo efe kapa efe ea ho khutlisa. Taba ke hore bind ha e tsebe le hore lintlha tsena tse hlahang faeleng e ka morao ke liaterese tsa IP, mme le ho feta ha li utloisise ho kena ha mefuta. Ho eena, ena ke mofuta o mong oa subdomain ea tšoantšetso. Tseo. hobane tlama ha ho na phapang pakeng tsa "255-240"Le"moreki e moholo". 'Me bakeng sa kopo ea ho ea moo e lokelang ho ea teng, aterese ea kopo e lokela ho shebahala tjena: 241.255-240.9.8.7.in-addr.arpa. Kapa u rate sena haeba re sebelisa sebapali sa subdomain: 241.moreki oa rona.9.8.7.in-addr.arpa. Sena se fapane le se tloaelehileng: 241.9.8.7.in-addr.harepa.

Ho tla ba thata ho etsa kopo e joalo ka letsoho. 'Me le haeba e sebetsa, ho ntse ho sa hlaka hore na e ka e sebelisa joang bophelong ba sebele. Etsoe, ka kopo 7.8.9.241 DNS ea mofani oa thepa e ntse e re araba, eseng ea moreki.

Mme ke hona moo ba kenang teng CNAME.

Ka lehlakoreng la mofani, o hloka ho etsa alias bakeng sa liaterese tsohle tsa IP tsa subnet ka mokhoa o tla fetisetsa kopo ho DNS ea bareki.

255-240  IN  NS      ns1.client.domain.
241     IN  CNAME   241.255-240
242     IN  CNAME   242.255-240
и т.д.

Sena ke sa ba sebetsang ka thata =).

'Me bakeng sa ba botsoa, ​​moralo o ka tlase o loketse haholoanyane:

255-240  IN  NS      ns1.client.domain.
$GENERATE 240-255 $ CNAME $.255-240

Joale kopa lintlha ho 7.8.9.241 ho tswa 241.9.8.7.in-addr.harepa ho seva sa DNS ea mofani e tla fetoloa ho 241.255-240.9.8.7.in-addr.arpa ebe e ea ho moreki oa dns.

Lehlakore la bareki le tla hloka ho sebetsana le likopo tse joalo. Ka hona, re theha sebaka 255-240.9.8.7.in-addr.arpa. Ho eona, re ka, ha e le hantle, ho kenya li-reverse bakeng sa ip efe kapa efe ea subnet eohle / 24, empa ba tla re botsa feela ka tseo mofani a re fang tsona, kahoo re ke ke ra khona ho bapala ho pota =).
Ho etsa mohlala, ke tla boela ke fane ka mohlala oa litaba tsa faele ea reverse zone ho tloha lehlakoreng la bareki:

$ORIGIN 255-240.9.8.7.in-addr.arpa.
$TTL 1W
@                       1D IN SOA       ns1.client.domain. root.client.domain. (
                        2008152607      ; serial
                        3H              ; refresh
                        15M             ; retry
                        1W              ; expiry
                        1D )            ; minimum
@                       IN NS        ns1.client.domain.
@                       IN NS        ns2.client.domain.
241                     IN PTR          test.client.domain.
242                     IN PTR          test2.client.domain.
245                     IN PTR          test5.client.domain.

Ke hobane re sebelisa CNAME ka lehlakoreng la mofani, 'me ho arabela kopo ea data ka aterese ea IP re fumana litlaleho tse peli, eseng e le' ngoe.

#>  host 7.8.9.245 
245.9.8.7.in-addr.arpa is an alias for 245.255-240.9.8.7.in-addr.arpa.
245.255-240.9.8.7.in-addr.arpa domain name pointer test5.client.domain.

'Me u se ke ua lebala ho lokisa ACL ka nepo. Hobane ha ho na kelello ho inkela sebaka sa PTR mme o se ke oa arabela mang kapa mang ea tsoang kantle =).

Source: www.habr.com

Eketsa ka tlhaloso