meu rei faz assim instala na sua distro o dnsmasq q vai resolver sua vida.
INSTALAÇAO E CONFIGURAÇAO DO DNSMASQ NO CENTOS 5.1
Para instalar o DNSMASQ basta utilizar o comando abaixo:
Yum y install dnsmasq
Algumas considerações:
ETH0 = porta de entrada: rede 10.*.*.*
⇒ servidor (rede externa)
ETH1 = porta de saída: servidor
⇒ rede 192.168.1.* (rede interna)
LIBERAR NO FIREWALL AS PORTAS 67 E 68 UDP PARA O DHCP FUNCIONAR
Iptables A INPUT p udp dport 67 j ACCEPT
Iptables A INPUT p udp dport 68 j ACCEPT
Editar o arquivo /etc/dnsmasq.conf
vim /etc/dnsmasq.conf
Inserir o seguinte conteúdo, no caso da rede:
# Never forward plain names (without a dot or domain part)
domain-needed
# Never forward addresses in the non-routed address spaces.
bogus-priv
# Add other name servers here, with domain specs if they are for
# non-public domains.
#server=/localnet/192.168.0.1
# Example of routing PTR queries to nameservers: this will send all
# address->name queries for 192.168.3/24 to nameserver 10.1.2.3
server=/1.16.172.in-addr.arpa/208.67.222.222
# Add local-only domains here, queries in these domains are answered
# from /etc/hosts or DHCP only.
local=/cluster.lab/
# If you want dnsmasq to listen for DHCP and DNS requests only on
# specified interfaces (and the loopback) give the name of the
# interface (eg eth0) here.# Repeat the line for more than one interface.
interface=eth1
# Or you can specify which interface _not_ to listen on
except-interface=eth0
# Or which to listen on by address (remember to include 127.0.0.1 if
# you use this.)
#listen-address=
# If you want dnsmasq to provide only DNS service on an interface,
# configure it as shown above, and then use the following line to
# disable DHCP on it.
#no-dhcp-interface=eth1
no-dhcp-interface=eth0
# Set this (and domain: see below) if you want to have a domain
# automatically added to simple names in a hosts-file.
expand-hosts
# Set the domain for dnsmasq. this is optional, but if it is set, it
# does the following things.
# 1) Allows DHCP hosts to have fully qualified domain names, as long# as the domain part matches this setting.
# 2) Sets the "domain" DHCP option thereby potentially setting the
# domain of all systems configured by DHCP
# 3) Provides the domain part for "expand-hosts"
domain=cluster.lab
# Uncomment this to enable the integrated DHCP server, you need
# to supply the range of addresses available for lease and optionally
# a lease time. If you have more than one network, you will need to
# repeat this for each network on which you want to supply DHCP
# service.
#####################################
CONFIGURACAO DHCP PARA O CLUSTER #####################################
### Range de distribuição do DHCP ###
dhcp-range=172.16.1.10,172.16.1.250,255.255.255.0,150h
#clt01
dhcp-host=00:1c:c0:1b:3c:f6,clt01,172.16.1.11,infinite #clt02
dhcp-host=00:1c:c0:1c:02:02,clt02,172.16.1.12,infinite ################################################## # This is an example of a DHCP range where the netmask is given. This# is needed for networks we reach the dnsmasq DHCP server via a relay# agent. If you don't know what a DHCP relay agent is, you probably# don't need to worry about this.#dhcp-range=192.168.0.50,192.168.0.150,255.255.255.0,12h # This is an example of a DHCP range with a network-id, so that# some DHCP options may be set only for this network.#dhcp-range=red,192.168.0.50,192.168.0.150 # Supply parameters for specified hosts using DHCP. There are lots# of valid alternatives, so we will give examples of each. Note that# IP addresses DO NOT have to be in the range given above, they just# need to be on the same network. The order of the parameters in these# do not matter, it's permissble to give name,adddress and MAC in any order # Always allocate the host with ethernet address 11:22:33:44:55:66# The IP address 192.168.0.60#dhcp-host=11:22:33:44:55:66,192.168.0.60 # Always set the name of the host with hardware address# 11:22:33:44:55:66 to be "fred"#dhcp-host=11:22:33:44:55:66,fred #############################
CONFIGURACAO THINCLIENTS #############################
#dhcp-host=18:40:14:00:45:f7,thin01
dhcp-boot=pxelinux.0,thinserv,192.168.1.1
#dhcp-host=00:04:75:79:45:3F,thin-teste#dhcp-boot=/tftp-teste/pxelinux.0,thinserv,192.168.1.1 ############################## # If this line is uncommented, dnsmasq will read /etc/ethers and act# on the ethernet-address/IP pairs found there just as if they had# been given as --dhcp-host options. Useful if you keep# MAC-address/host mappings there for other purposes.
read-ethers
# Set the NTP time server addresses to 192.168.0.4 and 10.10.0.5 ### Servidor Observatorio Nacional ###
dhcp-option=option:ntp-server,200.20.186.75 #192.168.0.4,10.10.0.5
# Enable dnsmasq's built-in TFTP
server
enable-tftp
# Set the root directory for files availble via FTP.
tftp-root=/tftpboot
# The DHCP server needs somewhere on disk to keep its lease database.# This defaults to a sane location, but if you want to change it, use# the line below.
dhcp-leasefile=/var/lib/misc/dnsmasq.leases
# Set the DHCP server to authoritative mode. In this mode it will barge in# and take over the lease for any client which broadcasts on the network,# whether it has a record of the lease or not. This avoids long timeouts# when a machine wakes up on a new network. DO NOT enable this if there's# the slighest chance that you might end up accidentally configuring a DHCP# server for your campus/company accidentally. The ISC server uses# the same option, and this URL provides more information:#
http://www.isc.org/index.pl?/sw/dhcp/authoritative.php dhcp-authoritative
# Run an executable when a DHCP lease is created or destroyed.# The arguments sent to the script are "add" or "del",# then the MAC address, the IP address and finally the hostname# if there is one.#dhcp-script=/bin/echo # Set the cachesize here.
cache-size=1024
# If you want to disable negative caching, uncomment this.#no-negcache Configurando o /etc/hosts (extremamente necessário para o dnsmasq)
127.0.0.1 localhost192.168.1.1 thinserv.cluster.lab thinserv10.0.0.2 viradouro.if.uff.int viradouro #clt01192.168.1.11 clt01.cluster.lab clt01 # The following lines are desirable for IPv6 capable hosts::1 ip6-localhost ip6-loopbackfe00::0 ip6-localnetff00::0 ip6-mcastprefixff02::1 ip6-allnodesff02::2 ip6-allroutersff02::3 ip6-allhosts Agora é só iniciar o DNSMASQ:
Service dnsmasq start
Colocar o dnsmasq para inicializar junto com o LinuxNtsysv e marcar o dnsmasq Agora é possível pingar as máquinas:
No próximo passo devemos configurar o DNS do nosso ISP no arquivo /etc/resolv.conf, para que funcione o cache-dns para nossa rede local colocaremos a seguinte linha.
nameserver 127.0.0.1
nameserver 208.67.222.222
nameserver 208.67.220.220
Esta linha tem q esta antes dos IPS dos servidores DNS
Para colocar ele na inicialização do sistema utilize
Chkconfig dnsmasq on
Para olhar o log do dnsmasq digite:
Tail f /var/log/messages |grep dnsmasq
Por ultimo vamos usar o dig:
DIG com-sl.org
Que ira nos da um resultado parecido com este:
; <<>> DiG 9.3.3rc2 <<>> com-sl.org
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 53608
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 0
;; QUESTION SECTION:
;com-sl.org. IN A
;; ANSWER SECTION:
com-sl.org. 14400 IN A 72.232.248.106
;; AUTHORITY SECTION:
com-sl.org. 86400 IN NS ns10.iipanel.net.
com-sl.org. 86400 IN NS ns11.iipanel.net.
;; Query time: 369 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Mon May 12 21:20:32 2008
;; MSG SIZE rcvd: 93
O Sr. não gasta mais de 5 min para configura-lo !!!
Segue um exemplo de configuração do /etc/dnsmasq.conf , que está funcionando no meu gateway/firewall :
domain-needed
bogus-priv
except-interface=eth0
expand-hosts
domain=seudominio.com
dhcp-range=192.168.1.100,192.168.1.254,255.255.255.0,infinite
dhcp-option=42,192.168.0.1 # set ntp server
dhcp-option=44,192.168.0.1 # set netbios-over-TCP/IP nameserver(s) aka WINS server(s)
dhcp-option=45,192.168.0.1 # netbios datagram distribution server
dhcp-option=46,8 # netbios node type
dhcp-authoritative
Sim, isto é tudo que é necessário !!!
fiz algumas pequenas alteraçoes mais esse tuto foi criado por:
Fábio Rabelo
Linux não navega
Postado originalmente por Magnun
Citação
