Scribd Logo
Cargar

¡Te damos la bienvenida a Scribd!

  • Lab Linux

    Cargado por

    duyluan
    404 vistas22 páginas

    Derechos de autor

    © Attribution Non-Commercial (BY-NC)

    Formatos disponibles

    DOCX, PDF, TXT o lea en línea desde Scribd

    ¿Le pareció útil este documento?

    ¿Este contenido es inapropiado?

    Denunciar este documento

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Descargue como DOCX, PDF, TXT o lea en línea desde Scribd
    Marcar por contenido inapropiado
    404 vistas22 páginas

    Lab Linux

    Cargado por

    duyluan

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Descargue como DOCX, PDF, TXT o lea en línea desde Scribd
    Marcar por contenido inapropiado
    de 22

    Cu hnh nh tuyn tnh trong Linux Trong bi ny, mnh s trnh by cch cu hnh nh tuyn tnh trn Linux.

    H iu hnh s dng l CentOS 5.5. M hnh s dng nh sau:

    I/ Cu hnh IP: Cu hnh IP trn my lm Router gm c 2 Card l eth1 v eth0. Card eth1 ni vi router k tip, card eth0 ni vi mng bn trong. Cu hnh IP ca my lm Router 1:

    Cu hnh IP ca my lm Router 2:

    Cc my thuc mng bn trong c mt card mng eth0. Ni trc tip vi Router v tr Default Gateway v IP ca Router c ni.

    Cu hnh IP ca my thuc mng 127.16.2.0/24

    Cu hnh IP ca my thuc mng 172.16.3.0/24

    Tin hnh kim tra s lin lc gia 2 my thuc mng 172.16.2.2/24 v 172.16.3.2/24 bng lnh ping. Kt qu: Destination Net Unreachable => T my ny ko th ti c my kia. Kt qu ping t my 172.16.3.2

    Kt qu ping t my 172.16.2.2

    cc my khc mng c th lin lc c vi nhau, ta cn cu hnh nh tuyn! II - Tin hnh cu hnh Static Route: Ta xem qua ni dung bng Routing ca cc my lm router thi im hin ti. Bng Routing ca my 172.16.1.1

    Bng Routing ca my 172.16.1.2

    Cc bng Routing trn khng h cha cc ng route ti cc mng khc => 2 my nu trn khng lin lc c vi nhau. Trc khi i vo cu hnh Routing, trn 2 my lm Router m file sysctl.conf vi /etc/sysctl.conf Gi tr net.ipv4.ip_forward = 0 i thnh net.ipv4.ip_forward = 1 => Lu li file.

    cu hnh Route, ta c th s dng lnh Route add hoc cu hnh trc tip bng file. y mnh s cu hnh trn file. Trn my Router, vo /etc/sysconfig/network-scripts/ v to file vi cch t tn l route-ethX vi X l s hiu ca Card hng ra mng k tip. V d:Trn my Router 172.16.1.1 c ni dung file route-eth1 nh sau 172.16.3.0/24 via 172.16.1.2 dev eth1 dng trn: 172.16.3.0/24 l mng cn i ti 172.16.1.2 l a ch IP ca Router k tip (Next hop) eth1 l Card hng ra Router k tip Sau khi cu hnh file 172.16.1.1 xong, tin hnh khi ng li dch v mng service network restart

    By gi kim tra li bng nh tuyn ca my Router 172.16.1.1 c ng mng 172.16.3.0/24

    Tng t trn my Router 172.16.1.2 ta cng thm 1 file mi l route-eth1 vi ni dung 172.16.2.0/24 via 172.16.1.1 dev eth1 Khi ng li dch v mng v kim tra bng nh tuyn my Router 172.16.1.2

    Cu hnh nh tuyn tnh nh vy l xong. Th kim tra li kt ni gia 2 my 172.16.2.2 v 172.16.3.2 bng lnh ping s c kt qu nh hnh di.

    nh tuyn ng trong Linux s dng RIP Trong bi trc, mnh trnh by cch cu hnh nh tuyn tnh trn Linux s dng h iu hnh CentOS. Trong bi ny, trnh by cc cch cu hnh nh tuyn ng. Bi u tin s l nh tuyn ng s dng Routing Information Protocol (RIP) . I - V RIP: RIP l giao thc nh tuyn vector khong cch in hnh, ng gi ton b routing table ra tt c cc active interface u n theo chu k l 30 giy. RIP ch s dng metric l hop count tnh ra tuyn ng tt nht ti remote network. Thut ton mRIP s dng xy dng nn routing table l Bellman-Ford. II M hnh: Mnh s dng li m hnh ca bi nh tuyn tnh bi trc. Trong ny s c 4 my chy h iu hnh CentOS. Cc my c Card mng v IP nh hnh bn di.

    Nh ta thy, 2 my tnh c IP l 172.16.3.2 v 172.16.2.2 khc mng nn chng khng lin lc c vi nhau!. Chng ta s tin hnh cu hnh nh tuy trn 2 my CentOS cn li, ng vai tr l Router. III Ci t phn mm nh tuyn: V Quagga: Quagga l gi phn mm nh tuyn chy trn cc h iu hnh Linux h tr cc giao thc nh tuyn nh RIPv1, RIPv2, RIPng, OSPFv2, OSPFv3, BGP-4, v BGP-4+. Quagga h tr nh tuyn tt c trn nn IPv4 ln IPv6 . Quagga thc ra l phin bn c k tha t Zebra ngng pht trin t lu! . Ci t Quagga: Bn c th download Quagga 0.99.17 ti y: http://centos.alt.ru/pub/quagga/0.99.17/RHEL/RPMS/i386/quagga-0.99.171.el5.i386.rpm

    Sau khi ti v xong, s dng lnh ci t n: rpm ivh quagga-0.99.17-1.el5.i386.rpm

    IV Cu hnh nh tuyn: Mc nh, cc file cu hnh nh tuyn ca Quagga s c cha th mc /etc/quagga/. u tin chng ta s cu hnh file zebra.conf G lnh: vi /etc/quagga/zebra.conf Thit t file c ni dung nh sau: hostname khanh.com.vn password zebra enable password zebra Trong , zebra chnh l mt khu!. Tin hnh lu li file zebra.conf v khi ng dch v zebra: service zebra start Tip tc, ta s dng Telnet cu hnh IP v nh tuyn. G lnh kt ni v ng nhp vi mt khu zebra to trn. G lnh: telnet 127.0.0.1 2601

    Sau khi ng nhp thnh cng. Tin hnh cu hnh IP nh hnh di y. Vi 172.16.2.1/24 v 172.16.1.1/24 ln lt l IP ca 2 card eth0 v eth1 ca my CentOS lm Router.

    Sau khi cu hnh IP xong, khi ng li dch v zebra: service zebra restart Ch : Nu trong qu trnh lu file zebra.conf gp li Can't open configuration file /etc/zebra/zebra.conf th bn lm nh sau: vi /etc/selinux/config i SENLINUX=enforcing thnh SELINUX=permissive => Khi ng li my. Tip tc ta tin hnh cu hnh nh tuyn RIP. G lnh vi /etc/quagga/ripd.conf Lu file trn vi ni dung nh sau: hostname khanh.com.vn-rip password zebra enable password zebra Sau khi ng dch v ripd: service ripd start

    Tin hnh telnet vo cng 2602 (khng phi 2601 nh trn u nh

    ng nhp thnh cng. Tin hnh cu hnh nh tuyn RIP nh hnh di y. Vi 172.16.1.0/24 v 172.16.2.0/24l a ch mng m my CentOS lm Router ang kt ni trc tip ti.

    Tin hnh khi ng li dch v ripd service ripd restart Vy l cu hnh xong trn my Router th 1. my Router th 2 ta thit lp hon ton tng t Sau khi cu hnh file zebra.conf nh trn xong. Tin hnh telnet vo cng 2601

    Thit t IP cc card eth0 v eth1

    Tng t, ta tip tc cu hnh ni dung file ripd.conf nh my Router 1. Sau khi ng dch v ripd

    Tin hnh telnet vo cng 2602

    Khai bo cc mng m my Router 2 kt ni trc tip ti.

    Sau khi cu hnh nh tuyn trn 2 my Router xong. Tin hnh kim tra li bng nh tuyn ca 2 my Router ny. Nu cu hnh thnh cng th trong bng nh tuyn ta s c ng NET nhng hnh bn di.

    Ch : Trong RIP th c 30s Router s cp nht li ni dung bng nh tuyn OK. By gi kim tra kt ni gia 2 my 172.16.2.2 v 172.16.3.2

    nh tuyn ng trong Linux s dng OSPF

    Trong bi trc, mnh trnh by cch nh tuyn ng trong Linux s dng RIP . Tip tc vi nh tuyn ng, trong bi ny mnh s trnh by cch cu hnh nh tuyn ng trn Linux s dng Open Shortest Path First (OSPF). I V OSPF: OSPF l giao thc nh tuyn dng Link-Sate da trn chun c pht trin thay th cc phng thc Distance Vector (RIP s dng). OSPF ph hp vi cc mng ln, c kh nng m rng, khng xy ra loop trong mng. Cc u im ca OSPF: Tc hi t nhanh. H tr mng con (VLSM). C th p dng cho mng lp. Chn ng theo trng thi ng link hiu qu hn Distance Vector. Chn ng i linh hat hn. H tr xc thc (Authenticate). II M hnh: Mnh s dng li m hnh ca bi nh tuyn trc. Trong ny s c 4 my chy h iu hnh CentOS. Cc my c Card mng v IP nh hnh bn di.

    Nh ta thy, 2 my tnh c IP l 172.16.3.2 v 172.16.2.2 khc mng nn chng khng lin lc c vi nhau!. Chng ta s tin hnh cu hnh nh tuy trn 2 my CentOS cn li, ng vai tr l Router. III Ci t phn mm nh tuyn: V Quagga: Quagga l gi phn mm nh tuyn chy trn cc h iu hnh Linux h tr cc giao thc nh tuyn nh RIPv1, RIPv2, RIPng, OSPFv2, OSPFv3, BGP-4, v BGP-4+. Quagga h tr nh tuyn tt c trn nn IPv4 ln IPv6 . Quagga thc ra l phin bn c k tha t Zebra ngng pht trin t lu! . Ci t Quagga: Bn c th download Quagga 0.99.17 ti y: http://centos.alt.ru/pub/quagga/0.99.17/RHEL/RPMS/i386/quagga-0.99.171.el5.i386.rpm

    Sau khi ti v xong, s dng lnh ci t n: rpm ivh quagga-0.99.17-1.el5.i386.rpm

    IV Cu hnh nh tuyn: Mc nh, cc file cu hnh nh tuyn ca Quagga s c cha th mc /etc/quagga/. u tin chng ta s cu hnh file zebra.conf G lnh: vi /etc/quagga/zebra.conf Thit t file c ni dung nh sau: hostname khanh.com.vn password zebra enable password zebra Trong , zebra chnh l mt khu!. Tin hnh lu li file zebra.conf v khi ng dch v zebra: service zebra start Tip tc, ta s dng Telnet cu hnh IP v nh tuyn. G lnh kt ni v ng nhp vi mt khu zebra to trn. G lnh: telnet 127.0.0.1 2601

    Sau khi ng nhp thnh cng. Tin hnh cu hnh IP nh hnh di y. Vi 172.16.2.1/24 v 172.16.1.1/24 ln lt l IP ca 2 card eth0 v eth1 ca my CentOS lm Router.

    Sau khi cu hnh IP xong, khi ng li dch v zebra: service zebra restart Ch : Nu trong qu trnh lu file zebra.conf gp li Can't open configuration file /etc/zebra/zebra.conf th bn lm nh sau: vi /etc/selinux/config i SENLINUX=enforcing thnh SELINUX=permissive => Khi ng li my. - Tip tc, ta tin hnh cu hnh nh tuyn ng s dng OSPF: vi /etc/quagga/ospfd.conf Lu file trn vi ni dung nh sau: hostname khanh.com.vn-ospf password zebra enable password zebra

    Sau khi ng dch v ospfd: service ospfd start Tin hnh telnet vo cng 2604

    ng nhp thnh cng. Tin hnh cu hnh nh tuyn RIP nh hnh di y. Vi 172.16.1.0/24 v 172.16.2.0/24l a ch mng m my CentOS lm Router ang kt ni trc tip ti. S dng area 0

    Vy l cu hnh xong trn my Router th 1. my Router th 2 ta thit lp hon ton tng t . Trn my Router 2. Sau khi cu hnh file zebra.conf nh trn xong. Tin hnh telnet vo cng 2601

    Thit t IP cc card eth0 v eth1

    Tng t, ta tip tc cu hnh ni dung file ospfd.conf nh my Router 1. Sau khi ng dch v ospfd.conf service ospfd start Tin hnh telnet vo cng 2604

    Khai bo cc mng m my Router 2 kt ni trc tip ti.

    Sau khi cu hnh nh tuyn trn 2 my Router xong. Tin hnh kim tra li bng nh tuyn ca 2 my Router ny. Nu cu hnh thnh cng th trong bng nh tuyn ta s c ng NET nhng hnh bn di.

    OK. By gi kim tra kt ni gia 2 my 172.16.2.2 v 172.16.3.2

    Lab Linux Network Information Service NIS


    NIS l mt dch v cho php chng thc user tp trung. Mt vi c im ng ch nh sau: - CSDL user lu trn NIS server theo cu trc phng, tc l khng c OU

    - Qu trnh chng thc user khng c m ha. Xem thm thng tin v hng dn NIS bng ting anh ti a ch http://www.tldp.org/HOWTO/NIS-HOWTO/ M hnh 2 my, mt my l NIS server c ip l 192.168.9.117 v mt my client c ip l 192.168.9.217. My NIS server s chng thc cho cc user ng nhp qua nhng my client. 1. Ci t Step 1: Ci t gi ypserv-2.19-5 c trong a DVD CentOS Step 2: Khai bo nis domain M file /etc/sysconfig/network thm vo mt dng sau y vo cui file: NISDOMAIN =youdomain.com Trong yourdomain.com l tn domain ca bn. M file /etc/yp.conf Thm dng cui vo ypserver 127.0.0.1 Ti y tham s 127.0.0.1 cho php user log ti my ch NIS, tc l khi user log on ti my ch th n dng my ch l chnh n logon. Tip tc bn khi ng cc dch v sau: [root@may1 ~]# service [root@may1 ~]# service [root@may1 ~]# chkconfig [root@may1 ~]# chkconfig yppasswdd on G lnh rpcinfo -p localhost xem cc port ng k. [root@may1 program 100000 100000 100024 100024 100004 100004 100004 100004 100009 1 udp ~]# vers 2 2 1 1 2 1 2 1 793 yppasswdd tcp udp udp tcp udp udp tcp tcp rpcinfo proto 111 111 712 715 780 780 783 783 -p localhost port portmapper portmapper status status ypserv ypserv ypserv ypserv ypserv yppasswdd ypserv start start on

    Khi to NIS Domain, g lnh sau: /usr/lib/yp/ypinit -m

    Chng trnh tm thy 1 my lm NIS Server, n hi chng ta c thm mt my ch khc thnh NIS server hay khng. Bm Ctrl-D thot, tc l ch c 1 my hin ti l NIS server. Chng trnh xy dng cho chng ta mt lot cc file l database, cha trong ng dn/var/yp/nhatnghe17.com/ [root@may1 ~]# ls /var/yp/nhatnghe17.com/ group.bygid hosts.byaddr mail.aliases passwd.byname protocols.byname rpc.bynam e services.byname ypservers group.byname hosts.byname netid.byname passwd.byuid protocols.bynumber rpc.byn umber services.byservicename Khi ng dch v ypbind, dch v ny dng cho Client, v my server cng chnh l client, v tt nhin nhng my client khc cng s c ci dch v ny. [root@may1 ~]# service Binding to the NIS domain: Listening for an NIS domain server.. 2. Qun l user u tin bn to ra cc user theo cch thng thng, tc dng lnh useradd. V d to 3 user: nv1, nv2, nv3 Sau chuyn qua th mc /var/yp. G tip lnh make chng trnh cp nht l database. [root@may1 ~]# [root@may1 yp]# gmake[1]: Entering directory Updating Updating Updating Updating Updating gmake[1]: Leaving directory `/var/yp/nhatnghe17.com cd /var/yp/ make `/var/yp/nhatnghe17.com passwd.byname passwd.byuid group.byname group.bygid netid.byname ypbind [ OK start ]

    xem danh sch cc user c cp nht hay cha dng lnh ypcat passwd [root@may1 yp]# ypcat nv2:$1$y0MEmjWO$akc8Zj1fX6t9H96aJzhLQ/:501:501::/home/nv2:/bin/bash nv3:$1$aRmYjNfH$yts1wHcjE2roloK9S39nN0:502:502::/home/nv3:/bin/bash nv1:$1$lfqZedO1$a0bulwCC/BQjrILWgi8gV/:500:500::/home/nv1:/bin/bash 3. Cu hnh cho client logon vo Trn my 2 thc hin cu hnh theo cc bc. passwd

    Sau kim tra li bng cch m file /etc/yp.conf bn s tm thy dng cui cng l domain nhatnghe17.com server 192.168.9.117 Trong file /etc/sysconfig/network, bn cng tm thy dng NISDOMAIN=nhatnghe17.com M tip file: /etc/nsswitch.conf Tm dng 33,34,35 c ni dung nh sau: passwd: files nis shadow: files nis group: files nis y l cc dng khai bo th t chng thc. Vi mt user, c th n ang tn ti c hai ni, local v domain. Vy th ng no c u tin chng thc trc. Theo nh cc

    dng trn, th chng thc local s c u tin trc, v chng thc nis u tin sau. Bn c th i li th t ny. chng thc c, phi khi ng dch v ypbind [root@localhost ~]# service ypbind start Sau th dng my 2 logon th vo NIS server. du nhc lnh c dng -Bash3.2$ u ny c ngha l nv1 sau khi logon vo h thng vn cha s dng c nhiu lnh shell. V du nhc ny cng cho bit th mc c nhn ca user ny ang nm trn my ch. 4. Trin khai th mc c nhn cho mi user v my cc b Chng ta s trin khai dch v auto mount t ng mount th mc c nhn tn NIS server v my client, khi user logon. Gi ci t cn thit l NFS, bn c th xem bi trc bit cch ci dch v ny. Trn my NIS server: M file /etc/exports thm dng /home * (rw,sync) Sau khi ng dch v nfs bng lnh service nfs start Trn my client: M file /etc/auto.master, thm vo dng cui cng /home /etc/auto.home timeout 300 To mi file /etc/auto.home c ni dung sau: * -fstype=nfs,soft,intr,rsize=8192,wsize=8192,nosuid,tcp 192.168.9.17:/home/& Khi ng li dch v autofs bng lnh service autofs restart Lc ny logon vo my 2 s thy th mc c nhn ca mi user.

    También podría gustarte