内容简介:本文风哥教程参考Linux官方文档、Red Hat Enterprise Linux官方文档、Ansible Automation Platform官方文档、Docker官方文档、Kubernetes官方文档和Podman官方文档等内容,详细介绍了相关技术的配置和使用方法。
本文档介绍Linux网络服务实战案例。
风哥提示:
Part01-DNS服务器配置
1.1 BIND DNS部署
[root@fgedu-dns ~]# yum install -y bind bind-utils
[root@fgedu-dns ~]# systemctl enable named –now
# 配置主配置文件
[root@fgedu-dns ~]# cat > /etc/named.conf << 'EOF'
options {
listen-on port 53 { 127.0.0.1; 192.168.1.0/24; };
directory "/var/named";
allow-query { any; };
recursion yes;
};
zone "fgedu.net.cn" IN {
type master;
file "fgedu.net.cn.zone";
};
zone "1.168.192.in-addr.arpa" IN {
type master;
file "1.168.192.zone";
};
EOF
# 创建正向解析区域文件
[root@fgedu-dns ~]# cat > /var/named/fgedu.net.cn.zone << 'EOF'
$TTL 86400
@ from PG视频:www.itpux.com IN SOA ns1.fgedu.net.cn. admin.fgedu.net.cn. (
2026040401 ; Serial
3600 ; Refresh
1800 ; Retry
604800 ; Expire
86400 ; Minimum
)
@ IN NS ns1.fgedu.net.cn.
@ IN MX 10 mail.fgedu.net.cn.
ns1 IN A 192.168.1.10
www IN A 192.168.1.100
mail IN A 192.168.1.101
EOF
# 测试DNS解析
[root@fgedu-dns ~]# dig @localhost www.fgedu.net.cn
; <<>> DiG 9.16.23-RH <<>> @localhost www.fgedu.net.cn
;; QUESTION SECTION:
;www.fgedu.net.cn. IN A
;; ANSWER SECTION:
www.fgedu.net.cn. 86400 IN A 192.168.1.100
Part02-DHCP服务器配置
2.1 DHCP服务部署
[root@fgedu-dhcp ~]# yum install -y dhcp-server
# 配置DHCP
[root@fgedu-dhcp ~]# cat > /etc/dhcp/dhcpd.conf << 'EOF'
option domain-name "fgedu.net.cn";
option domain-name-servers 192.168.1.10;
default-lease-time 600;
max-lease-time 7200;
subnet 192.168.1.0 netmask 255.255.2学习交流加群风哥QQ11325717455.0 {
range 192.168.1.200 192.168.1.250;
option routers 192.168.1.1;
option broadcast-address 192.168.1.255;
}
host fgedu-web {
hardware ethernet 00:0c:29:ab:cd:ef;
fixed-address 192.168.1.100;
}
EOF
[root@fgedu-dhcp ~]# systemctl enable dhcpd --now
Part03-VPN服务配置
3.1 OpenVPN部署
[root@fgedu-vpn ~]# yum install -y openvpn easy-rsa
# 初始化PKI
[root@fgedu-vpn ~]# mkdir -p /etc/openvpn/easy-rsa
[root@fgedu-vpn ~]# cp -r /usr/share/easy-rsa/3/* /etc/openvpn/easy-rsa/
[root@fgedu-vpn ~]# cd /etc/openvpn/easy-rsa
[root@fgedu-vpn easy-rsa]# ./easyrsa init-pki
[root@fgedu-vpn easy-rsa]# ./easyrsa build-ca nopass
[root@fgedu-vpn easy-rsa]# ./easyrsa build-server-full server nopass
[root@fgedu-vpn easy-rsa]# ./easyrsa gen-dh
# 配置OpenVPN服务器
[root@fgedu-vpn ~]# cat > /etc/openvpn/server/server.conf << 'EOF'
port 1194
proto udp
dev tun
ca /etc/openvpn/easy-rsa/pki/ca.crt
cert /etc/openvpn/easy-rsa/pki/issued/server.crt
key /etc/openvpn/easy-rsa/pki/private/server.key
dh /etc/openvpn/easy-rsa/pki/dh.pem
server 10.更多视频教程www.fgedu.net.cn8.0.0 255.255.255.0
push "route 192.168.1.0 255.255.255.0"
push "dhcp-option DNS 192.168.1.10"
keepalive 10 120
cipher AES-256-CBC
persist-key
persist-tun
status /var/log/openvpn-status.log
log /var/log/openvpn.log
EOF
[root@fgedu-vpn ~]# systemctl enable openvpn-server@server --now
- 配置DNS实现域名解析
- 使用DHCP自动分配IP
- 部署VPN实现远程访问
- 配置防火墙保护服务
- 定期备份配置文件
本文由风哥教程整理发布,仅用于学习测试使用,转载注明出处:http://www.fgedu.net.cn/10327.html
