Scribd Logo
Upload

Welcome to Scribd!

  • Lession 15 - DNS

    Uploaded by

    Nam Vu
    7 views39 pages
    GIới thiệu về DNS trên Linux

    Copyright

    © © All Rights Reserved

    Available Formats

    PPTX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    GIới thiệu về DNS trên Linux

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    7 views39 pages

    Lession 15 - DNS

    Uploaded by

    Nam Vu
    GIới thiệu về DNS trên Linux

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 39

    DNS Server

    Ni dung
    Gii thiu dch v DNS.
    Hot ng ca dch v DNS
    Fully Qualified Domain Name (FQDN)
    The in-addr.arpa Domain
    Phn gii request DNS
    Types of DNS server

    Ci t dch v DNS
    Cu hnh dch v DNS
    DNS tools

    Gii thiu dch v DNS


    my tnh ny c th lin lc vi my tnh kia,

    cn phi bit a ch IP.


    Ngi s dng kh khn trong vic nh a ch
    IP. Ngi s dng mun lin lc vi my tnh
    khc trong mng bng tn my tnh.
    Cn c mt bng map gia a ch IP v tn my
    tnh.
    Vi h thng mng nh, dng file text qun
    l.
    Vi mng Internet, s dng dch v DNS.

    Gii thiu dch v


    DNS
    Dch v DNS Domain Name Service l dch

    v phn gii tn min.


    Dch v DNS s nh x t tn min sang a
    ch IP.
    Dch v DNS cho php ngi dng truy cp
    n cc my tnh khc bng tn, khng cn
    nh n a ch IP.
    Dch v DNS c hin thc bng phn mm
    Berkely Internet Name Domain system
    (BIND).

    Phn gii request


    DNS
    request -> server DNS

    request (domain

    -> IP (a.b.c.d)
    domain name: tn
    min do Athena qun l.
    domain name: tn
    min do VNNIC qun l.
    domain name: tn
    min quc t.

    name) -> server DNS ->


    IP (a.b.c.d)
    server DNS: DNS ca
    Athena.
    server DNS: DNS ca
    nh cung cp khc.

    Phn gii request


    DNS (tt)
    Tn min do Athena qun l:
    request -> Athena -> answer.
    domain name: tn min do VNNIC qun l.
    request -> Athena -> VNNIC -> ISP -> answer.
    domain name: tn min quc t.
    request -> Athena -> Root servers -> DNS

    primary -> answer.

    Phn gii request


    DNS (tt)
    DNS Athena:
    request -> Viettel -> answer.
    DNS ca nh cung cp khc:
    request -> DNS server -> answer.
    request -> DNS server -> VNNIC -> Athena ->

    answer.

    Phn gii request DNS (tt)


    Chi tit x l request ca DNS khng h tr

    mode recursive:

    Phn gii request


    DNS (tt)
    Chi tit x l request ca DNS h tr mode

    recursive:

    Type of DNS server


    Primary DNS server
    Secondary DNS server
    Caching/ Forwarding DNS server

    Ci t dch v DNS
    Ci t dch v DNS bng cc gi bind
    bind-utils-[version]
    bind-libs-[version]
    bind-[version]
    File cu hnh chnh ca dch v DNS:
    named.conf

    Cu hnh dch v
    DNS (tt)
    Option
    chung

    Root servers

    nh ngha
    domain

    Cu hnh dch v DNS (tt)


    DNS h tr cc bn ghi: SOA, NS, PTR, MX, A,

    CNAME.

    Squid Server

    Ni dung
    Gii thiu Squid server
    Cu hnh Squid server
    Option
    Cu hnh ACL

    Squid Authentication

    Gii thiu Squid server


    Squid l mt caching proxy server. Squid server

    c t gia Web client v Web server.


    Khi c request yu cu Web page, Squid s
    kim tra, xc nhn tnh hp l ca request da
    trn nhng policy c nh ngha trong
    Squid.
    Sau , truy vn Web page tr v kt qu
    cho request. Nu kt qu c trong cache ca
    Squid, th Squid tr kt qu v ngay cho
    request.

    Gii thiu Squid server (tt)


    Squid server c th c ci t bng source

    hoc bng rpm.


    Squid server gm nhng file sau trong h
    thng:
    /etc/squid
    /usr/lib/squid
    /usr/sbin/squid
    /var/log/squid

    Cu hnh Squid server


    Mt s option chnh cu hnh Squid server:
    http_port: port Squid server lng nghe request
    phc v. Mc nh l port 3128.
    cache_dir: nh ngha Squid server s cha
    cache u
    cache_dir storage_type directory-name megabytes
    L1 L2 [options]
    cache_dir
    ufs /var/spool/squid 10000
    16
    Director
    Megabyte
    256

    Top level
    directory
    Second level
    directory

    Cu hnh Squid server (tt)


    cache_mem: Squid server s s dng bao

    nhiu memory ca RAM.


    cache_access_log: Squid server ghi nhn li
    cc request query Squid.
    acl: y l phn phc tp nht ca Squid
    server, cho php ngi no s c truy cp
    Web, truy cp nhng trang no.
    acl intranet src 192.168.1.0/24
    http_access allow intranet
    http_access deny all

    Cu hnh Squid server (tt)


    C th dng acl gii hn truy cp bng

    nhiu cch:
    Gii hn truy cp theo thi gian.
    Gii hn truy cp theo IP.
    Gii hn truy cp theo port.
    Gii hn truy cp theo giao thc.
    Gii hn truy cp theo trang web.
    Gii hn file c php download.
    Gii hn bng thng ti a c s dng.

    Cu hnh Squid
    server (tt)

    DHCP Server

    Ni dung
    Gii thiu dch v DHCP
    chc nng
    gi ci t.
    File cu hnh
    /etc/dhcpd.conf.
    /var/lib/dhcpd/dhcpd.leases.

    Lnh dhclient

    Gii thiu dch


    vDHCP
    DHCP l dch v cung cp a ch IP ng cho

    cc my tnh trong h thng.


    DHCP cng cung cp ng cc tham s khc:
    DNS, gateway, cp IP tnh.
    DHCP c ci t bng hai gi:
    dhcp-[version].rpm.
    dhcp-devel-[version].rpm.
    Hoc ci t t gi source.

    File cu hnh chnh:


    /etc/dhcpd.conf.

    File /etc/dhcpd.conf

    File dhcpd.leases
    File dhcpd.leases theo di tnh trng cp pht

    IP ng:

    Lnh dhclient
    C th get IP ng bng cch iu chnh file:
    /etc/sysconfig/network-scripts/ifcfg-eth[n]
    BOOTPROTO = dhcp
    Lnh dhclient: dng get IP ng t DHCP

    server.

    LDAP

    Ni dung
    Gii
    Gii
    Cu
    Gii

    thiu Network Directory


    thiu LDAP protocol
    trc lu tr LDAP Directory
    thiu Openldap

    server side daemon


    client side command

    Network Directory
    Network directory l mt cu trc dng t

    chc lu tr theo dng phn cp hnh cy.


    Network directory c t chc thun tin
    nht cho vic c v tm kim.
    Nu ng dng cn nhiu thao tc insert, update
    th khng nn lu tr theo kiu network
    directory.
    X.500 l mt network directory.

    Gii thiu LDAP


    protocol
    truy vn network directory, ngi ta s

    dng giao thc DAP Directory Access Protocol.


    Giao thc ny qui nh mt tp lnh giao tip gia
    client v server lu tr (network directory) truy
    vn d liu cn thit.
    DAP hot ng da trn giao thc OSI.
    LDAP Lightweight Directory Access Protocol l
    giao thc ra i thay th DAP.
    LDAP nh ngha mt tp lnh giao tip gia
    client/server da trn giao thc TCP truy vn
    d liu directory.

    LDAP protocol (tt)

    LDAP directory

    uid=babs,
    ou=people,
    dc=example, dc=com
    DN: Distinguished

    RDN: Relative Distinguished


    Name

    LDAP directory (tt)


    entry

    cn=gerald carter, ou=people, dc=plainjoe,

    dc=com
    attribute

    LDAP directory (tt)


    Nhng schema v objectclass thng c

    dng u c nh ngha sn trong RFC.


    Khi mun nh ngha mt cu trc cy th
    mc, phn tch, quyt nh cn nhng
    attribute no, sau tm nhng objectclass,
    schema c nhng attribute ny.
    T , xy dng nn cu trc cy th mc.
    Nu khng c schema tha mn yu cu, c
    th nh ngha schema, objectclass mi.

    LDAP directory (tt)

    OPENLDAP (tt)
    Openldap l phn mm m ngun m, dng

    hin thc LDAP chy trn h iu hnh


    Linux/ UNIX.
    Pha server gm c hai dch v chnh:
    slapd: standalone LDAP daemon. Daemon ny

    lng nghe cc request truy vn LDAP t client,


    tin hnh truy vn, v gi cu tr li.
    slurpd: LDAP replication daemon. Daemon ny
    dng ng b nhng thay i t LDAP
    master server sang LDAP slave server.

    OPENLDAP (tt)
    truy vn LDAP, client dng nhng lnh

    sau:
    ldapadd: thm mt entry mi.
    ldapmodify: chnh sa thng tin mt entry.
    ldapdelete: xa mt entry.
    ldapmodrdn: chnh sa RDN ca entry.
    ldapsearch: tm kim thng tin entry.

    Hi & p

    You might also like