+ Responder ao Tópico



  1. meu rei faz assim instala na sua distro o dnsmasq q vai resolver sua vida.

    INSTALAÇAO E CONFIGURAÇAO DO DNSMASQ NO CENTOS 5.1
    Para instalar o DNSMASQ basta utilizar o comando abaixo:
    Yum –y install dnsmasq
    Algumas considerações:
    ETH0 = porta de entrada: rede 10.*.*.* servidor (rede externa)
    ETH1 = porta de saída: servidor rede 192.168.1.* (rede interna)
    LIBERAR NO FIREWALL AS PORTAS 67 E 68 UDP PARA O DHCP FUNCIONAR
    Iptables –A INPUT –p udp –dport 67 –j ACCEPT
    Iptables –A INPUT –p udp –dport 68 –j ACCEPT
    Editar o arquivo /etc/dnsmasq.conf
    vim /etc/dnsmasq.conf
    Inserir o seguinte conteúdo, no caso da rede:
    # Never forward plain names (without a dot or domain part)
    domain-needed
    # Never forward addresses in the non-routed address spaces.
    bogus-priv
    # Add other name servers here, with domain specs if they are for
    # non-public domains.
    #server=/localnet/192.168.0.1
    # Example of routing PTR queries to nameservers: this will send all
    # address->name queries for 192.168.3/24 to nameserver 10.1.2.3 server=/1.16.172.in-addr.arpa/208.67.222.222
    # Add local-only domains here, queries in these domains are answered
    # from /etc/hosts or DHCP only. local=/cluster.lab/
    # If you want dnsmasq to listen for DHCP and DNS requests only on
    # specified interfaces (and the loopback) give the name of the
    # interface (eg eth0) here.# Repeat the line for more than one interface.
    interface=eth1
    # Or you can specify which interface _not_ to listen on
    except-interface=eth0
    # Or which to listen on by address (remember to include 127.0.0.1 if
    # you use this.)
    #listen-address=
    # If you want dnsmasq to provide only DNS service on an interface,
    # configure it as shown above, and then use the following line to
    # disable DHCP on it.
    #no-dhcp-interface=eth1
    no-dhcp-interface=eth0
    # Set this (and domain: see below) if you want to have a domain
    # automatically added to simple names in a hosts-file.
    expand-hosts
    # Set the domain for dnsmasq. this is optional, but if it is set, it
    # does the following things.
    # 1) Allows DHCP hosts to have fully qualified domain names, as long# as the domain part matches this setting.
    # 2) Sets the "domain" DHCP option thereby potentially setting the
    # domain of all systems configured by DHCP
    # 3) Provides the domain part for "expand-hosts"
    domain=cluster.lab
    # Uncomment this to enable the integrated DHCP server, you need
    # to supply the range of addresses available for lease and optionally
    # a lease time. If you have more than one network, you will need to
    # repeat this for each network on which you want to supply DHCP
    # service.
    #####################################
    CONFIGURACAO DHCP PARA O CLUSTER #####################################
    ### Range de distribuição do DHCP ###
    dhcp-range=172.16.1.10,172.16.1.250,255.255.255.0,150h
    #clt01dhcp-host=00:1c:c0:1b:3c:f6,clt01,172.16.1.11,infinite #clt02dhcp-host=00:1c:c0:1c:02:02,clt02,172.16.1.12,infinite ################################################## # This is an example of a DHCP range where the netmask is given. This# is needed for networks we reach the dnsmasq DHCP server via a relay# agent. If you don't know what a DHCP relay agent is, you probably# don't need to worry about this.#dhcp-range=192.168.0.50,192.168.0.150,255.255.255.0,12h # This is an example of a DHCP range with a network-id, so that# some DHCP options may be set only for this network.#dhcp-range=red,192.168.0.50,192.168.0.150 # Supply parameters for specified hosts using DHCP. There are lots# of valid alternatives, so we will give examples of each. Note that# IP addresses DO NOT have to be in the range given above, they just# need to be on the same network. The order of the parameters in these# do not matter, it's permissble to give name,adddress and MAC in any order # Always allocate the host with ethernet address 11:22:33:44:55:66# The IP address 192.168.0.60#dhcp-host=11:22:33:44:55:66,192.168.0.60 # Always set the name of the host with hardware address# 11:22:33:44:55:66 to be "fred"#dhcp-host=11:22:33:44:55:66,fred #############################
    CONFIGURACAO THINCLIENTS #############################
    #dhcp-host=18:40:14:00:45:f7,thin01
    dhcp-boot=pxelinux.0,thinserv,192.168.1.1
    #dhcp-host=00:04:75:79:45:3F,thin-teste#dhcp-boot=/tftp-teste/pxelinux.0,thinserv,192.168.1.1 ############################## # If this line is uncommented, dnsmasq will read /etc/ethers and act# on the ethernet-address/IP pairs found there just as if they had# been given as --dhcp-host options. Useful if you keep# MAC-address/host mappings there for other purposes.
    read-ethers
    # Set the NTP time server addresses to 192.168.0.4 and 10.10.0.5 ### Servidor Observatorio Nacional ###
    dhcp-option=option:ntp-server,200.20.186.75 #192.168.0.4,10.10.0.5

    # Enable dnsmasq's built-in TFTP
    serverenable-tftp
    # Set the root directory for files availble via FTP.tftp-root=/tftpboot
    # The DHCP server needs somewhere on disk to keep its lease database.# This defaults to a sane location, but if you want to change it, use# the line below.
    dhcp-leasefile=/var/lib/misc/dnsmasq.leases
    # Set the DHCP server to authoritative mode. In this mode it will barge in# and take over the lease for any client which broadcasts on the network,# whether it has a record of the lease or not. This avoids long timeouts# when a machine wakes up on a new network. DO NOT enable this if there's# the slighest chance that you might end up accidentally configuring a DHCP# server for your campus/company accidentally. The ISC server uses# the same option, and this URL provides more information:# http://www.isc.org/index.pl?/sw/dhcp/authoritative.php dhcp-authoritative
    # Run an executable when a DHCP lease is created or destroyed.# The arguments sent to the script are "add" or "del",# then the MAC address, the IP address and finally the hostname# if there is one.#dhcp-script=/bin/echo # Set the cachesize here.
    cache-size=1024

    # If you want to disable negative caching, uncomment this.#no-negcache Configurando o /etc/hosts (extremamente necessário para o dnsmasq)
    127.0.0.1 localhost192.168.1.1 thinserv.cluster.lab thinserv10.0.0.2 viradouro.if.uff.int viradouro #clt01192.168.1.11 clt01.cluster.lab clt01 # The following lines are desirable for IPv6 capable hosts::1 ip6-localhost ip6-loopbackfe00::0 ip6-localnetff00::0 ip6-mcastprefixff02::1 ip6-allnodesff02::2 ip6-allroutersff02::3 ip6-allhosts Agora é só iniciar o DNSMASQ:
    Service dnsmasq start Colocar o dnsmasq para inicializar junto com o LinuxNtsysv e marcar o dnsmasq Agora é possível “pingar” as máquinas:

    No próximo passo devemos configurar o DNS do nosso ISP no arquivo /etc/resolv.conf, para que funcione o cache-dns para nossa rede local colocaremos a seguinte linha.
    nameserver 127.0.0.1
    nameserver 208.67.222.222
    nameserver 208.67.220.220
    Esta linha tem q esta antes dos IPS dos servidores DNS

    Para colocar ele na inicialização do sistema utilize
    Chkconfig dnsmasq on
    Para olhar o log do dnsmasq digite:
    Tail –f /var/log/messages |grep dnsmasq
    Por ultimo vamos usar o “dig”:
    DIG com-sl.org
    Que ira nos da um resultado parecido com este:
    ; <<>> DiG 9.3.3rc2 <<>> com-sl.org
    ;; global options: printcmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 53608
    ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 0

    ;; QUESTION SECTION:
    ;com-sl.org. IN A

    ;; ANSWER SECTION:
    com-sl.org. 14400 IN A 72.232.248.106

    ;; AUTHORITY SECTION:
    com-sl.org. 86400 IN NS ns10.iipanel.net.
    com-sl.org. 86400 IN NS ns11.iipanel.net.

    ;; Query time: 369 msec
    ;; SERVER: 127.0.0.1#53(127.0.0.1)
    ;; WHEN: Mon May 12 21:20:32 2008

    ;; MSG SIZE rcvd: 93



    O Sr. não gasta mais de 5 min para configura-lo !!!
    Segue um exemplo de configuração do /etc/dnsmasq.conf , que está funcionando no meu gateway/firewall :

    domain-needed
    bogus-priv
    except-interface=eth0
    expand-hosts
    domain=seudominio.com
    dhcp-range=192.168.1.100,192.168.1.254,255.255.255.0,infinite
    dhcp-option=42,192.168.0.1 # set ntp server
    dhcp-option=44,192.168.0.1 # set netbios-over-TCP/IP nameserver(s) aka WINS server(s)
    dhcp-option=45,192.168.0.1 # netbios datagram distribution server
    dhcp-option=46,8 # netbios node type
    dhcp-authoritative

    Sim, isto é tudo que é necessário !!!


    fiz algumas pequenas alteraçoes mais esse tuto foi criado por:

    Fábio Rabelo
    Última edição por noir; 05-02-2009 às 16:24.

  2. Citação Postado originalmente por Izzyt Ver Post
    Mas ai que tá, sendo um arquivo editavel como qualquer arquivo de configuração, o resolv.conf tem que estar gravando, dependendo do usuário que vc tá usando, se for um que possui leitura e escrita neste arquivo e na pasta tb (pois o vi e vim geram copias dos arquivos em caso de recuperação), vc tá escrevendo nele com essas permissões?
    Não sei o que houve ou o que eu fiz... Pois editei o "/etc/resolv.conf" e depois de alguns reboots o mesmo não apagou mais.

    Outra coisa: Esse problema com os DNSs ficando em BRANCO, fazia com que o PROXY/SQUID não deixasse a estações navegando corretamente. Isso é certo, tem sentido ou eu estou enganado enganado?

    Obrigado pela sua atenção e aguardo comentário.

    Abraço.



  3. Citação Postado originalmente por noir Ver Post
    meu rei faz assim instala na sua distro o dnsmasq q vai resolver sua vida.


    INSTALAÇAO E CONFIGURAÇAO DO DNSMASQ NO CENTOS 5.1


    Para instalar o DNSMASQ basta utilizar o comando abaixo:
    Yum –y install dnsmasq
    Algumas considerações:
    ETH0 = porta de entrada: rede 10.*.*.* servidor (rede externa)
    ETH1 = porta de saída: servidor rede 192.168.1.* (rede interna)
    LIBERAR NO FIREWALL AS PORTAS 67 E 68 UDP PARA O DHCP FUNCIONAR
    Iptables –A INPUT –p udp –dport 67 –j ACCEPT
    Iptables –A INPUT –p udp –dport 68 –j ACCEPT
    Editar o arquivo /etc/dnsmasq.conf
    vim /etc/dnsmasq.conf
    Inserir o seguinte conteúdo, no caso da rede:
    # Never forward plain names (without a dot or domain part)
    domain-needed
    # Never forward addresses in the non-routed address spaces.
    bogus-priv
    # Add other name servers here, with domain specs if they are for
    # non-public domains.
    #server=/localnet/192.168.0.1
    # Example of routing PTR queries to nameservers: this will send all
    # address->name queries for 192.168.3/24 to nameserver 10.1.2.3 server=/1.16.172.in-addr.arpa/208.67.222.222
    # Add local-only domains here, queries in these domains are answered
    # from /etc/hosts or DHCP only. local=/cluster.lab/
    # If you want dnsmasq to listen for DHCP and DNS requests only on
    # specified interfaces (and the loopback) give the name of the
    # interface (eg eth0) here.# Repeat the line for more than one interface.
    interface=eth1
    # Or you can specify which interface _not_ to listen on
    except-interface=eth0
    # Or which to listen on by address (remember to include 127.0.0.1 if
    # you use this.)
    #listen-address=
    # If you want dnsmasq to provide only DNS service on an interface,
    # configure it as shown above, and then use the following line to
    # disable DHCP on it.
    #no-dhcp-interface=eth1
    no-dhcp-interface=eth0
    # Set this (and domain: see below) if you want to have a domain
    # automatically added to simple names in a hosts-file.
    expand-hosts
    # Set the domain for dnsmasq. this is optional, but if it is set, it
    # does the following things.
    # 1) Allows DHCP hosts to have fully qualified domain names, as long# as the domain part matches this setting.
    # 2) Sets the "domain" DHCP option thereby potentially setting the
    # domain of all systems configured by DHCP
    # 3) Provides the domain part for "expand-hosts"
    domain=cluster.lab
    # Uncomment this to enable the integrated DHCP server, you need
    # to supply the range of addresses available for lease and optionally
    # a lease time. If you have more than one network, you will need to
    # repeat this for each network on which you want to supply DHCP
    # service.
    #####################################
    CONFIGURACAO DHCP PARA O CLUSTER #####################################
    ### Range de distribuição do DHCP ###
    dhcp-range=172.16.1.10,172.16.1.250,255.255.255.0,150h
    #clt01dhcp-host=00:1c:c0:1b:3c:f6,clt01,172.16.1.11,infinite #clt02dhcp-host=00:1c:c0:1c:02:02,clt02,172.16.1.12,infinite ################################################## # This is an example of a DHCP range where the netmask is given. This# is needed for networks we reach the dnsmasq DHCP server via a relay# agent. If you don't know what a DHCP relay agent is, you probably# don't need to worry about this.#dhcp-range=192.168.0.50,192.168.0.150,255.255.255.0,12h # This is an example of a DHCP range with a network-id, so that# some DHCP options may be set only for this network.#dhcp-range=red,192.168.0.50,192.168.0.150 # Supply parameters for specified hosts using DHCP. There are lots# of valid alternatives, so we will give examples of each. Note that# IP addresses DO NOT have to be in the range given above, they just# need to be on the same network. The order of the parameters in these# do not matter, it's permissble to give name,adddress and MAC in any order # Always allocate the host with ethernet address 11:22:33:44:55:66# The IP address 192.168.0.60#dhcp-host=11:22:33:44:55:66,192.168.0.60 # Always set the name of the host with hardware address# 11:22:33:44:55:66 to be "fred"#dhcp-host=11:22:33:44:55:66,fred #############################
    CONFIGURACAO THINCLIENTS #############################
    #dhcp-host=18:40:14:00:45:f7,thin01
    dhcp-boot=pxelinux.0,thinserv,192.168.1.1
    #dhcp-host=00:04:75:79:45:3F,thin-teste#dhcp-boot=/tftp-teste/pxelinux.0,thinserv,192.168.1.1 ############################## # If this line is uncommented, dnsmasq will read /etc/ethers and act# on the ethernet-address/IP pairs found there just as if they had# been given as --dhcp-host options. Useful if you keep# MAC-address/host mappings there for other purposes.
    read-ethers
    # Set the NTP time server addresses to 192.168.0.4 and 10.10.0.5 ### Servidor Observatorio Nacional ###
    dhcp-option=option:ntp-server,200.20.186.75 #192.168.0.4,10.10.0.5
    # Enable dnsmasq's built-in TFTP
    serverenable-tftp
    # Set the root directory for files availble via FTP.tftp-root=/tftpboot
    # The DHCP server needs somewhere on disk to keep its lease database.# This defaults to a sane location, but if you want to change it, use# the line below.
    dhcp-leasefile=/var/lib/misc/dnsmasq.leases
    # Set the DHCP server to authoritative mode. In this mode it will barge in# and take over the lease for any client which broadcasts on the network,# whether it has a record of the lease or not. This avoids long timeouts# when a machine wakes up on a new network. DO NOT enable this if there's# the slighest chance that you might end up accidentally configuring a DHCP# server for your campus/company accidentally. The ISC server uses# the same option, and this URL provides more information:# http://www.isc.org/index.pl?/sw/dhcp/authoritative.php dhcp-authoritative
    # Run an executable when a DHCP lease is created or destroyed.# The arguments sent to the script are "add" or "del",# then the MAC address, the IP address and finally the hostname# if there is one.#dhcp-script=/bin/echo # Set the cachesize here.
    cache-size=1024
    # If you want to disable negative caching, uncomment this.#no-negcache Configurando o /etc/hosts (extremamente necessário para o dnsmasq)
    127.0.0.1 localhost192.168.1.1 thinserv.cluster.lab thinserv10.0.0.2 viradouro.if.uff.int viradouro #clt01192.168.1.11 clt01.cluster.lab clt01 # The following lines are desirable for IPv6 capable hosts::1 ip6-localhost ip6-loopbackfe00::0 ip6-localnetff00::0 ip6-mcastprefixff02::1 ip6-allnodesff02::2 ip6-allroutersff02::3 ip6-allhosts Agora é só iniciar o DNSMASQ:
    Service dnsmasq start Colocar o dnsmasq para inicializar junto com o LinuxNtsysv e marcar o dnsmasq Agora é possível “pingar” as máquinas:

    No próximo passo devemos configurar o DNS do nosso ISP no arquivo /etc/resolv.conf, para que funcione o cache-dns para nossa rede local colocaremos a seguinte linha.
    nameserver 127.0.0.1
    nameserver 208.67.222.222
    nameserver 208.67.220.220
    Esta linha tem q esta antes dos IPS dos servidores DNS

    Para colocar ele na inicialização do sistema utilize
    Chkconfig dnsmasq on
    Para olhar o log do dnsmasq digite:
    Tail –f /var/log/messages |grep dnsmasq
    Por ultimo vamos usar o “dig”:
    DIG com-sl.org
    Que ira nos da um resultado parecido com este:
    ; <<>> DiG 9.3.3rc2 <<>> com-sl.org
    ;; global options: printcmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 53608
    ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 0
    ;; QUESTION SECTION:
    ;com-sl.org. IN A
    ;; ANSWER SECTION:
    com-sl.org. 14400 IN A 72.232.248.106
    ;; AUTHORITY SECTION:
    com-sl.org. 86400 IN NS ns10.iipanel.net.
    com-sl.org. 86400 IN NS ns11.iipanel.net.
    ;; Query time: 369 msec
    ;; SERVER: 127.0.0.1#53(127.0.0.1)
    ;; WHEN: Mon May 12 21:20:32 2008
    ;; MSG SIZE rcvd: 93


    O Sr. não gasta mais de 5 min para configura-lo !!!
    Segue um exemplo de configuração do /etc/dnsmasq.conf , que está funcionando no meu gateway/firewall :

    domain-needed
    bogus-priv
    except-interface=eth0
    expand-hosts
    domain=seudominio.com
    dhcp-range=192.168.1.100,192.168.1.254,255.255.255.0,infinite
    dhcp-option=42,192.168.0.1 # set ntp server
    dhcp-option=44,192.168.0.1 # set netbios-over-TCP/IP nameserver(s) aka WINS server(s)
    dhcp-option=45,192.168.0.1 # netbios datagram distribution server
    dhcp-option=46,8 # netbios node type
    dhcp-authoritative

    Sim, isto é tudo que é necessário !!!


    fiz algumas pequenas alteraçoes mais esse tuto foi criado por:

    Fábio Rabelo
    Olá noir,

    Gostei da sua dica, mas como já estou cheio de coisa por fazer... vou tirar um tempinho para por em prática as sua recomendações.

    Obrigado pela sua atenção.

    Abraço.

  4. Colegas,

    Acho que o problema foi solucionado. Reditei o "/etc/networking/interfaces" e o "/etc/resolv.conf" na "mão grossa"... dessa vez não utilizei nenhum utilitário pra configurar os script em questão, e percebi que o problema no qual os DNSs ficavam em BRANCO após o REBOOT, acabaram.

    Outra coisa: Qual o utilitário que posso estar utlizando para configurar as interfaces de rede via shell (modo texto)? Antigamente em versões anteriores do Debian, eu utilizava o NETCONF ou NETCONFIG (acho que era isso). Mas o mesmo sumiu!!!

    Obrigado a todos pela atenção e aguardo comentários.



  5. Cara, outro dia li sobre o debconf e acho que ele faz isso pra vc. Pelo que entendi ele é uma versão "debianica" do linuxconf dos antigos RedHat's.






Tópicos Similares

  1. Respostas: 1
    Último Post: 24-09-2003, 14:34
  2. Linux Mandrake 8.1, conecta mais nao navega???
    Por no fórum Servidores de Rede
    Respostas: 1
    Último Post: 23-09-2003, 12:48
  3. local host nao navega
    Por PcGuy no fórum Servidores de Rede
    Respostas: 11
    Último Post: 26-03-2003, 11:09
  4. Seu Speedy é PPPOE ? Não conecta? Não navega??
    Por zerocoolll no fórum Servidores de Rede
    Respostas: 0
    Último Post: 24-03-2003, 09:09
  5. Respostas: 2
    Último Post: 08-03-2003, 10:59

Visite: BR-Linux ·  VivaOLinux ·  Dicas-L