Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
email: pkgupta73@hotmail.com
1. subnet 192.168.0.0 netmask 255.255.255.0 { 2. range 192.168.0.10 192.168.0.250; 3. default-lease-time 86400; 4. max-lease-time 259200; 5. option subnet-mask 255.255.255.0; 6. option broadcast-address 192.168.0.255; 7. option routers 192.168.0.254; 8. option domain-name-servers 192.168.1.254; 9. option domain-name "prateek.com"; 10. } Lets look at these lines a bit more closely. The first line specifies the (sub) network that the DHCP server is to manage or maintain. Within this network, we have to configure different parameters (written within the curly braces). The next line contains the range from which the server picks up IP addresses to allocate. The starting and ending IP addresses are entered here. Line 3 contains the default lease time. A lease is the amount of time that a particular machine can hold an IP address before having to renew the lease with the server. The value is given in number of seconds, so 86400 stands for one day. The next line, max-lease-time, specifies the maximum amount of time that a machine can hold on to a specific IP address. Then come other options that will also be transmitted to the machine. These include the subnet mask, the router, the domain name server, and the domain name. Once this is done, you need to create a file called dhcpd.leases, also in the /etc/ directory, which will contain information about which IP address has been allocated to which machine. Since all this will be done by the server, all you need to do is create a 0 byte file with the command, touch /etc/dhcpd.leases. The next step requires you to add a broadcast route. Do this by appending the line /sbin/route add host 255.255.255.255 dev eth0 to /etc/rc.d/rc.local.
-1 -
email: pkgupta73@hotmail.com
Finally, make sure DHCP is started at bootup. You can do this by running Setup, choosing ntsysv, and enabling dhcpd. Restart the machine, by giving the command sync, followed by reboot. Your DHCP server will be up and running after the machine starts up. Any machine that logs on the network will receive an IP address and all other parameters automatically. If its a Win 95 client, you can check all the settings by running winipcfg in the Run dialog box. There may be cases when you need to assign a particular machine the same IP address always. You can either hardwire the information in the computer or add the following lines to the dhcpd.conf file. host mynotebook { hardware ethernet 00:80:C8:85:B5:D2; fixed-address 192.168.0.20; option host-name "mynotebook"; } This specifies the ethernet address, which will be unique, the IP address that will always be allocated to that machine, and a host name. With DHCP, the network administrators nightmare of correctly setting up IP addresses on machines simply vanishes. Youll never need to manually configure another machine ever again. If you have Linux Workstation, then you can download dhcpcd daemon (client version of dhcpcd) to get dynamic IP assignment from your DHCP server.
-2 -
email: pkgupta73@hotmail.com
The leftmost column is the IP address to be resolved. The next column is the hostname corresponding to that IP address. Any subsequent columns are aliases for that host. In the second line, for example, the address 192.168.0.2 is for the host maggie. Another name for maggie is mailhub. The domain name is automatically appended to the hostname by the system; however many people append it themselves for clarity. At the very least, oyu need to have the entries for Localhost Your NIS server (if you use NIS or NIS+)
-3 -
email: pkgupta73@hotmail.com
Any systems from which you mount disks The host itself
The software of DNS To configure a DNS for your site, you need to be familiar with the following tools: Named The resolver library Nslookup Traceroute
named The named daemon needs to run on DNS servers to handle queries. If named cannot answer a query, it forwards the request to a server that can. Along with queries, nameed is responsible for performing zone transfers. Zone transferring is the method by which changed DNS information is propagated across the Internet. You need to install the named daemon from the bind distribution, available from Red Hat CD-ROM. bind-4.9.5p1-2.i386.rpm The Resolver Library The resolver library enables client programs to perform DNS queries. The library is built in to the standard library under Linux. nslookup The nslookup command is a utility invoked from the command line to ensure that both the resolver and the DNS server being queried are configured correctly. It does this by resolving either a hostname into an IP address or an IP address into a domain name. To use nslookup, simply provide the address you want to resolve as a command line argument. For example:
-4 -
email: pkgupta73@hotmail.com
nslookup rane.prateek.com The result should look something like this: [root@linux /root]# nslookup rane.prateek.com Server: ns.prateek.com Address: 192.168.0.254 Non-authoritative answer: Name: rane.prateek.com Address: 192.168.0.8 traceroute The traceroute utility enables you to determine the path a packet is taking across your network and into other networks. This is very useful for debugging network connection problem, especially when you suspect the trouble is located in someone elses network. Using the ICMP protocol (same as ping), traceroute looks up each machine along the path to a destination host and display the corresponding name and IP address for that site. With each name is the number of milliseconds each of the three tiers took to get to the destination. Preceding each name is a number that indicates the distance to that host in terms of hops. The number of hops to a host indicates the number of intermediate machine that had to process the packet. As you can guess, a machine that is 1 or 2 hops away is usually much closer than a machine that is 30 hops away. To use traceroute, give the destination hostname or IP address as a command-line argument. For example: traceroute www.hyperreal.org If you see any start characters (such as *) instead of a hostname, that machine is likely unavailable for a variety of reasons, with network failure and firewall protection being the most common. By using a traceroute, you can also get a good measure of the connectivity of a site. If you are in the process of evaluating an ISP, try doing a traceroute from its site to a number of other site, especially to a large communication companies such as Sprint and MCI.
There are two types of mappings possible: forward and reverse. Forward stores the host name to IP mappings and Reverse stores the opposite, that is, IP to host name mappings. Linux stores all the mappings and other information in simple ASCII format in four different files. Before you set these files up, you need to create or modify a file called named.boot in the /etc directory. This file contains information required to start the DNS. The structure of the file is like this:
directory dir_name cache filename dns_typedomain filename dns_typedomain filename dns_typedomain filename
-5 -
email: pkgupta73@hotmail.com
forwarders
ip_addr
[]
Here the directory specifies the full path to the files that store the mappings (for example, /var/named), the cache specifies the name of the cache file that stores the list of the root DNS server on the Net. The dns_type is usually set to primary and the domain to your domain name. You need three entries, one each for the local database, a forward mapping and a reverse mapping file. The forwarders line tells named where DNS queries should be forwarded if it cannot resolve queries on its own. If you are running a caching-only server, this should be the secondary or primary server for your site. A typical named.boot file would look like the following:
# Sample file for named.boot in /etc. ; ; a caching only nameserver config ; directory cache . primary 0.0.127.in-addr.arpa primary prateek.com primary 0.168.192.in-addr.arpa
Youll notice that the IP addresses are given in reverse order, with the last octet removed. This is to mimic the way that domain naming works, which is the reverse of the way that IP works. The IN-ADDR.ARPA domain contains all the reverse mappings possible. Now youre all set to create the files named above. Remember to replace prateek.com with your domain name. For Our convenience we have a ready made script on the PCQ CD-ROM, called makensfiles, which creates these files. You may need to update the files with information pertaining to your domain. The named.ca stores the names of all the root servers on the Internet. This file can be just downloaded from ftp://rs.internic.net/domain/named.root and saved here. You can even add the names of your ISP (VSNL) to this, right at the top. Just follow the structure already existing in the file.
#Sample file in var/named/named.ca ; This file holds the information on root name servers needed to ; initialize cache of Internet domain name servers ; (e.g. reference this file in the "cache . <file>" ; configuration file of BIND domain name servers). ; ; This file is made available by InterNIC registration services ; under anonymous FTP as ; file /domain/named.root ; on server FTP.RS.INTERNIC.NET ; -OR- under Gopher at RS.INTERNIC.NET ; under menu InterNIC Registration Services (NSI) ; submenu InterNIC Registration Archives ; file named.root ; ; last update: Aug 22, 1997 ; related version of root zone: 1997082200 ; ; ; formerly NS.INTERNIC.NET
-6 -
email: pkgupta73@hotmail.com
; . 3600000 IN NS A.ROOT-SERVERS.NET. 3600000 A ; ; formerly NS1.ISI.EDU ; . 3600000 NS B.ROOT-SERVERS.NET. 3600000 A ; ; formerly C.PSI.NET ; . 3600000 NS C.ROOT-SERVERS.NET. 3600000 A ; ; formerly TERP.UMD.EDU ; . 3600000 NS D.ROOT-SERVERS.NET. 3600000 A ; ; formerly NS.NASA.GOV ; . 3600000 NS E.ROOT-SERVERS.NET. 3600000 A ; ; formerly NS.ISC.ORG ; . 3600000 NS F.ROOT-SERVERS.NET. 3600000 A ; ; formerly NS.NIC.DDN.MIL ; . 3600000 NS G.ROOT-SERVERS.NET. 3600000 A ; ; formerly AOS.ARL.ARMY.MIL ; . 3600000 NS H.ROOT-SERVERS.NET. 3600000 A ; ; formerly NIC.NORDU.NET ; . 3600000 NS I.ROOT-SERVERS.NET. 3600000 A ; ; temporarily housed at NSI (InterNIC) ; . 3600000 NS J.ROOT-SERVERS.NET. 3600000 A ; ; housed in LINX, operated by RIPE NCC ; . 3600000 NS K.ROOT-SERVERS.NET. 3600000 A ; ; temporarily housed at ISI (IANA) ; . 3600000 NS L.ROOT-SERVERS.NET. 3600000 A ; ; housed in Japan, operated by WIDE ; . 3600000 NS M.ROOT-SERVERS.NET. 3600000 A
A.ROOT-SERVERS.NET. 198.41.0.4
B.ROOT-SERVERS.NET. 128.9.0.107
C.ROOT-SERVERS.NET. 192.33.4.12
D.ROOT-SERVERS.NET. 128.8.10.90
E.ROOT-SERVERS.NET. 192.203.230.10
F.ROOT-SERVERS.NET. 192.5.5.241
G.ROOT-SERVERS.NET. 192.112.36.4
H.ROOT-SERVERS.NET. 128.63.2.53
I.ROOT-SERVERS.NET. 192.36.148.17
J.ROOT-SERVERS.NET. 198.41.0.10
K.ROOT-SERVERS.NET. 193.0.14.129
L.ROOT-SERVERS.NET. 198.32.64.12
M.ROOT-SERVERS.NET. 202.12.27.33
-7 -
email: pkgupta73@hotmail.com
; End of File
The named.prateek.com.forward file ( as shown below) stores the host name to IP address mappings for your domain. That is if your domain is linux.prateek.com, each line specifies hosts in this domain. Each line takes the form: name IN A IP_address. By default, all the hosts in the file are numbered from p2, p100, maggie, mmx, work and so on, and corresponding IP addresses in your network. For example, work would map to, say, 192.168.0.253. You can then access it by work.prateek.com. If you need to map different host names, just change the name for that particular address. You can also add other address which may not be part of your network. For example, if you have a mail server in the US called mail.abc.com with an IP address as 202.34.56.12, just add the line mail IN A 202.34.56.12. You can test your forward DNS setup by pinging any host name. For example, ping work.prateek.com should receive a response from 192.168.0.253. #Sample file in var/named/named.prateek.com.forward @ IN SOA linux.prateek.com. hostmaster.linux.prateek.com. ( 1999101101 ; serial 3600 ; refresh 900 ; retry 1209600 ; expire 43200 ; default_ttl ) @ IN MX 5 linux.prateek.com. @ IN NS linux.prateek.com. @ IN A 192.168.0.254 p2 IN A 192.168.0.1 maggie IN A 192.168.0.2 p100 IN A 192.168.0.3 mmx IN A 192.168.0.5 work IN A 192.168.0.253 linux IN A 192.168.0.254 www CNAME linux ; End of File
The named.prateek.com.reverse stores just the opposite of the above. It stores the last octet of your network with the complete host name for the IP address. For the same machine in the example above, there will be an entry like 253 IN PTR work.prateek.com. All you need to do in this file is to change the host names (that too only if you need to) for machines that have a different entry in the forward file. You do not need to add mappings for addresses outside your domain.
-8 -
email: pkgupta73@hotmail.com
#Sample file in var/named/named.prateek.com.reverse @ IN SOA linux.prateek.com. hostmaster.linux.prateek.com. ( 1999101101 ; serial 3600 ; refresh 900 ; retry 1209600 ; expire 43200 ; default_ttl ) @ IN NS linux.prateek.com. 3 IN PTR p100.prateek.com. 1 IN PTR p2.prateek.com. 5 IN PTR mmx.prateek.com. 253 IN PTR work.prateek.com. 2 IN PTR account.prateek.com. 254 IN PTR linux.prateek.com. 200 IN PTR chip.com. ; End of File Since we have use so many types of resource records in our DNS setup, lets have a quick look on to the important record type and their uses. SOA: Start of Authority The SOA record starts the description of a sites entries. The format of this entry is as follows: @ IN SOA linux.prateek.com. hostmaster.linux.prateek.com. ( 1999101101 ; serial 3600 ; refresh 900 ; retry 1209600 ; expire 43200 ; default_ttl ) The first line begins with the domain for which this SOA record is authoritative. This entry is followed by IN to indicate that the Internet standard is being used. The column after the IN is the primary nameserver for this domain., hten the email address of the admin user. There is a open parenthesis which tells that the line continues on the next line, thereby making the file easier to read. The five values presented in subsequent line; first one is the serial number which is necessary to change if you have secondary nameserver for zone transfer. The second value is the refresh tare in seconds. The third value is the retry rate in seconds, for the secondary to contact primary DNS server.The fourth value indicates when secondary server cannot contact primary they should discard the value after the specified number of seconds.The final value, the minimum entry tells caching servers how long they should wait before expiring the entry if they cannot contact the primary DNS server. NS: Nameserver The NS record specifies the authoritative nameserver for a given domain. In the above example linux.prateek.com is the nameserver. These are fully qualified hostnames, so they need the period to suffix them.
-9 -
email: pkgupta73@hotmail.com
A: Address Record The address record is used for providing translation from hostnames to IP addresses. There should be an A record for each machine that need a publicly resolvable hostname. PTR: Pointer Record The pointer record, also known as the reverse resolution record, tells the named how to turn an IP address into a hostname. Notice that the IP address to be reverse-resolved is in reverse order and is suffixed with a period.
MX: Mail Exchanger The mail exchanger record enables you to specify which host in your network is in charge of receiving mail from the outside. Sendmail uses this record to determine the correct machine to which mail needs to be sent. The number after the MX indicates a priority level for that entry. Lower numbers mean higher priority. CNAME: Canonical Name The CNAME record makes it possible to alias hostnames via DNS. This is useful for giving common names to servers. In the case above www is an alias and linux is the real name of the server. For setting up the defaults, run the pcqupdt script from the PCQUPDT directory on the CDROM, if you havent already done so. One of the steps asks you whether you wish to set up DNS on your server. Select yes here, and the script automatically creates default files and places them in the correct directories. All you need to do is edit the required files for customizing your server. You must remember to restart the name server daemon after all the changes are done by using the command: /etc/rc.d/init.d/named restart. Your Domain Name Server should be up and running if youve done everything correctly.
- 10 -
email: pkgupta73@hotmail.com
The HUP signal can be sent to the named daemon each time a zone database is changed. The HUP signal re-reads the databases without having to kill and restart the in.named daemon. The following example sends the HUP signal to in.named: Kill HUP cat /etc/named.pid
- 11 -
email: pkgupta73@hotmail.com
- 12 -