Documentos de Académico
Documentos de Profesional
Documentos de Cultura
I/ Cu hnh IP: Cu hnh IP trn my lm Router gm c 2 Card l eth1 v eth0. Card eth1 ni vi router k tip, card eth0 ni vi mng bn trong. Cu hnh IP ca my lm Router 1:
Cu hnh IP ca my lm Router 2:
Cc my thuc mng bn trong c mt card mng eth0. Ni trc tip vi Router v tr Default Gateway v IP ca Router c ni.
Tin hnh kim tra s lin lc gia 2 my thuc mng 172.16.2.2/24 v 172.16.3.2/24 bng lnh ping. Kt qu: Destination Net Unreachable => T my ny ko th ti c my kia. Kt qu ping t my 172.16.3.2
Kt qu ping t my 172.16.2.2
cc my khc mng c th lin lc c vi nhau, ta cn cu hnh nh tuyn! II - Tin hnh cu hnh Static Route: Ta xem qua ni dung bng Routing ca cc my lm router thi im hin ti. Bng Routing ca my 172.16.1.1
Cc bng Routing trn khng h cha cc ng route ti cc mng khc => 2 my nu trn khng lin lc c vi nhau. Trc khi i vo cu hnh Routing, trn 2 my lm Router m file sysctl.conf vi /etc/sysctl.conf Gi tr net.ipv4.ip_forward = 0 i thnh net.ipv4.ip_forward = 1 => Lu li file.
cu hnh Route, ta c th s dng lnh Route add hoc cu hnh trc tip bng file. y mnh s cu hnh trn file. Trn my Router, vo /etc/sysconfig/network-scripts/ v to file vi cch t tn l route-ethX vi X l s hiu ca Card hng ra mng k tip. V d:Trn my Router 172.16.1.1 c ni dung file route-eth1 nh sau 172.16.3.0/24 via 172.16.1.2 dev eth1 dng trn: 172.16.3.0/24 l mng cn i ti 172.16.1.2 l a ch IP ca Router k tip (Next hop) eth1 l Card hng ra Router k tip Sau khi cu hnh file 172.16.1.1 xong, tin hnh khi ng li dch v mng service network restart
Tng t trn my Router 172.16.1.2 ta cng thm 1 file mi l route-eth1 vi ni dung 172.16.2.0/24 via 172.16.1.1 dev eth1 Khi ng li dch v mng v kim tra bng nh tuyn my Router 172.16.1.2
Cu hnh nh tuyn tnh nh vy l xong. Th kim tra li kt ni gia 2 my 172.16.2.2 v 172.16.3.2 bng lnh ping s c kt qu nh hnh di.
nh tuyn ng trong Linux s dng RIP Trong bi trc, mnh trnh by cch cu hnh nh tuyn tnh trn Linux s dng h iu hnh CentOS. Trong bi ny, trnh by cc cch cu hnh nh tuyn ng. Bi u tin s l nh tuyn ng s dng Routing Information Protocol (RIP) . I - V RIP: RIP l giao thc nh tuyn vector khong cch in hnh, ng gi ton b routing table ra tt c cc active interface u n theo chu k l 30 giy. RIP ch s dng metric l hop count tnh ra tuyn ng tt nht ti remote network. Thut ton mRIP s dng xy dng nn routing table l Bellman-Ford. II M hnh: Mnh s dng li m hnh ca bi nh tuyn tnh bi trc. Trong ny s c 4 my chy h iu hnh CentOS. Cc my c Card mng v IP nh hnh bn di.
Nh ta thy, 2 my tnh c IP l 172.16.3.2 v 172.16.2.2 khc mng nn chng khng lin lc c vi nhau!. Chng ta s tin hnh cu hnh nh tuy trn 2 my CentOS cn li, ng vai tr l Router. III Ci t phn mm nh tuyn: V Quagga: Quagga l gi phn mm nh tuyn chy trn cc h iu hnh Linux h tr cc giao thc nh tuyn nh RIPv1, RIPv2, RIPng, OSPFv2, OSPFv3, BGP-4, v BGP-4+. Quagga h tr nh tuyn tt c trn nn IPv4 ln IPv6 . Quagga thc ra l phin bn c k tha t Zebra ngng pht trin t lu! . Ci t Quagga: Bn c th download Quagga 0.99.17 ti y: http://centos.alt.ru/pub/quagga/0.99.17/RHEL/RPMS/i386/quagga-0.99.171.el5.i386.rpm
IV Cu hnh nh tuyn: Mc nh, cc file cu hnh nh tuyn ca Quagga s c cha th mc /etc/quagga/. u tin chng ta s cu hnh file zebra.conf G lnh: vi /etc/quagga/zebra.conf Thit t file c ni dung nh sau: hostname khanh.com.vn password zebra enable password zebra Trong , zebra chnh l mt khu!. Tin hnh lu li file zebra.conf v khi ng dch v zebra: service zebra start Tip tc, ta s dng Telnet cu hnh IP v nh tuyn. G lnh kt ni v ng nhp vi mt khu zebra to trn. G lnh: telnet 127.0.0.1 2601
Sau khi ng nhp thnh cng. Tin hnh cu hnh IP nh hnh di y. Vi 172.16.2.1/24 v 172.16.1.1/24 ln lt l IP ca 2 card eth0 v eth1 ca my CentOS lm Router.
Sau khi cu hnh IP xong, khi ng li dch v zebra: service zebra restart Ch : Nu trong qu trnh lu file zebra.conf gp li Can't open configuration file /etc/zebra/zebra.conf th bn lm nh sau: vi /etc/selinux/config i SENLINUX=enforcing thnh SELINUX=permissive => Khi ng li my. Tip tc ta tin hnh cu hnh nh tuyn RIP. G lnh vi /etc/quagga/ripd.conf Lu file trn vi ni dung nh sau: hostname khanh.com.vn-rip password zebra enable password zebra Sau khi ng dch v ripd: service ripd start
ng nhp thnh cng. Tin hnh cu hnh nh tuyn RIP nh hnh di y. Vi 172.16.1.0/24 v 172.16.2.0/24l a ch mng m my CentOS lm Router ang kt ni trc tip ti.
Tin hnh khi ng li dch v ripd service ripd restart Vy l cu hnh xong trn my Router th 1. my Router th 2 ta thit lp hon ton tng t Sau khi cu hnh file zebra.conf nh trn xong. Tin hnh telnet vo cng 2601
Tng t, ta tip tc cu hnh ni dung file ripd.conf nh my Router 1. Sau khi ng dch v ripd
Sau khi cu hnh nh tuyn trn 2 my Router xong. Tin hnh kim tra li bng nh tuyn ca 2 my Router ny. Nu cu hnh thnh cng th trong bng nh tuyn ta s c ng NET nhng hnh bn di.
Ch : Trong RIP th c 30s Router s cp nht li ni dung bng nh tuyn OK. By gi kim tra kt ni gia 2 my 172.16.2.2 v 172.16.3.2
Trong bi trc, mnh trnh by cch nh tuyn ng trong Linux s dng RIP . Tip tc vi nh tuyn ng, trong bi ny mnh s trnh by cch cu hnh nh tuyn ng trn Linux s dng Open Shortest Path First (OSPF). I V OSPF: OSPF l giao thc nh tuyn dng Link-Sate da trn chun c pht trin thay th cc phng thc Distance Vector (RIP s dng). OSPF ph hp vi cc mng ln, c kh nng m rng, khng xy ra loop trong mng. Cc u im ca OSPF: Tc hi t nhanh. H tr mng con (VLSM). C th p dng cho mng lp. Chn ng theo trng thi ng link hiu qu hn Distance Vector. Chn ng i linh hat hn. H tr xc thc (Authenticate). II M hnh: Mnh s dng li m hnh ca bi nh tuyn trc. Trong ny s c 4 my chy h iu hnh CentOS. Cc my c Card mng v IP nh hnh bn di.
Nh ta thy, 2 my tnh c IP l 172.16.3.2 v 172.16.2.2 khc mng nn chng khng lin lc c vi nhau!. Chng ta s tin hnh cu hnh nh tuy trn 2 my CentOS cn li, ng vai tr l Router. III Ci t phn mm nh tuyn: V Quagga: Quagga l gi phn mm nh tuyn chy trn cc h iu hnh Linux h tr cc giao thc nh tuyn nh RIPv1, RIPv2, RIPng, OSPFv2, OSPFv3, BGP-4, v BGP-4+. Quagga h tr nh tuyn tt c trn nn IPv4 ln IPv6 . Quagga thc ra l phin bn c k tha t Zebra ngng pht trin t lu! . Ci t Quagga: Bn c th download Quagga 0.99.17 ti y: http://centos.alt.ru/pub/quagga/0.99.17/RHEL/RPMS/i386/quagga-0.99.171.el5.i386.rpm
IV Cu hnh nh tuyn: Mc nh, cc file cu hnh nh tuyn ca Quagga s c cha th mc /etc/quagga/. u tin chng ta s cu hnh file zebra.conf G lnh: vi /etc/quagga/zebra.conf Thit t file c ni dung nh sau: hostname khanh.com.vn password zebra enable password zebra Trong , zebra chnh l mt khu!. Tin hnh lu li file zebra.conf v khi ng dch v zebra: service zebra start Tip tc, ta s dng Telnet cu hnh IP v nh tuyn. G lnh kt ni v ng nhp vi mt khu zebra to trn. G lnh: telnet 127.0.0.1 2601
Sau khi ng nhp thnh cng. Tin hnh cu hnh IP nh hnh di y. Vi 172.16.2.1/24 v 172.16.1.1/24 ln lt l IP ca 2 card eth0 v eth1 ca my CentOS lm Router.
Sau khi cu hnh IP xong, khi ng li dch v zebra: service zebra restart Ch : Nu trong qu trnh lu file zebra.conf gp li Can't open configuration file /etc/zebra/zebra.conf th bn lm nh sau: vi /etc/selinux/config i SENLINUX=enforcing thnh SELINUX=permissive => Khi ng li my. - Tip tc, ta tin hnh cu hnh nh tuyn ng s dng OSPF: vi /etc/quagga/ospfd.conf Lu file trn vi ni dung nh sau: hostname khanh.com.vn-ospf password zebra enable password zebra
Sau khi ng dch v ospfd: service ospfd start Tin hnh telnet vo cng 2604
ng nhp thnh cng. Tin hnh cu hnh nh tuyn RIP nh hnh di y. Vi 172.16.1.0/24 v 172.16.2.0/24l a ch mng m my CentOS lm Router ang kt ni trc tip ti. S dng area 0
Vy l cu hnh xong trn my Router th 1. my Router th 2 ta thit lp hon ton tng t . Trn my Router 2. Sau khi cu hnh file zebra.conf nh trn xong. Tin hnh telnet vo cng 2601
Tng t, ta tip tc cu hnh ni dung file ospfd.conf nh my Router 1. Sau khi ng dch v ospfd.conf service ospfd start Tin hnh telnet vo cng 2604
Sau khi cu hnh nh tuyn trn 2 my Router xong. Tin hnh kim tra li bng nh tuyn ca 2 my Router ny. Nu cu hnh thnh cng th trong bng nh tuyn ta s c ng NET nhng hnh bn di.
- Qu trnh chng thc user khng c m ha. Xem thm thng tin v hng dn NIS bng ting anh ti a ch http://www.tldp.org/HOWTO/NIS-HOWTO/ M hnh 2 my, mt my l NIS server c ip l 192.168.9.117 v mt my client c ip l 192.168.9.217. My NIS server s chng thc cho cc user ng nhp qua nhng my client. 1. Ci t Step 1: Ci t gi ypserv-2.19-5 c trong a DVD CentOS Step 2: Khai bo nis domain M file /etc/sysconfig/network thm vo mt dng sau y vo cui file: NISDOMAIN =youdomain.com Trong yourdomain.com l tn domain ca bn. M file /etc/yp.conf Thm dng cui vo ypserver 127.0.0.1 Ti y tham s 127.0.0.1 cho php user log ti my ch NIS, tc l khi user log on ti my ch th n dng my ch l chnh n logon. Tip tc bn khi ng cc dch v sau: [root@may1 ~]# service [root@may1 ~]# service [root@may1 ~]# chkconfig [root@may1 ~]# chkconfig yppasswdd on G lnh rpcinfo -p localhost xem cc port ng k. [root@may1 program 100000 100000 100024 100024 100004 100004 100004 100004 100009 1 udp ~]# vers 2 2 1 1 2 1 2 1 793 yppasswdd tcp udp udp tcp udp udp tcp tcp rpcinfo proto 111 111 712 715 780 780 783 783 -p localhost port portmapper portmapper status status ypserv ypserv ypserv ypserv ypserv yppasswdd ypserv start start on
Chng trnh tm thy 1 my lm NIS Server, n hi chng ta c thm mt my ch khc thnh NIS server hay khng. Bm Ctrl-D thot, tc l ch c 1 my hin ti l NIS server. Chng trnh xy dng cho chng ta mt lot cc file l database, cha trong ng dn/var/yp/nhatnghe17.com/ [root@may1 ~]# ls /var/yp/nhatnghe17.com/ group.bygid hosts.byaddr mail.aliases passwd.byname protocols.byname rpc.bynam e services.byname ypservers group.byname hosts.byname netid.byname passwd.byuid protocols.bynumber rpc.byn umber services.byservicename Khi ng dch v ypbind, dch v ny dng cho Client, v my server cng chnh l client, v tt nhin nhng my client khc cng s c ci dch v ny. [root@may1 ~]# service Binding to the NIS domain: Listening for an NIS domain server.. 2. Qun l user u tin bn to ra cc user theo cch thng thng, tc dng lnh useradd. V d to 3 user: nv1, nv2, nv3 Sau chuyn qua th mc /var/yp. G tip lnh make chng trnh cp nht l database. [root@may1 ~]# [root@may1 yp]# gmake[1]: Entering directory Updating Updating Updating Updating Updating gmake[1]: Leaving directory `/var/yp/nhatnghe17.com cd /var/yp/ make `/var/yp/nhatnghe17.com passwd.byname passwd.byuid group.byname group.bygid netid.byname ypbind [ OK start ]
xem danh sch cc user c cp nht hay cha dng lnh ypcat passwd [root@may1 yp]# ypcat nv2:$1$y0MEmjWO$akc8Zj1fX6t9H96aJzhLQ/:501:501::/home/nv2:/bin/bash nv3:$1$aRmYjNfH$yts1wHcjE2roloK9S39nN0:502:502::/home/nv3:/bin/bash nv1:$1$lfqZedO1$a0bulwCC/BQjrILWgi8gV/:500:500::/home/nv1:/bin/bash 3. Cu hnh cho client logon vo Trn my 2 thc hin cu hnh theo cc bc. passwd
Sau kim tra li bng cch m file /etc/yp.conf bn s tm thy dng cui cng l domain nhatnghe17.com server 192.168.9.117 Trong file /etc/sysconfig/network, bn cng tm thy dng NISDOMAIN=nhatnghe17.com M tip file: /etc/nsswitch.conf Tm dng 33,34,35 c ni dung nh sau: passwd: files nis shadow: files nis group: files nis y l cc dng khai bo th t chng thc. Vi mt user, c th n ang tn ti c hai ni, local v domain. Vy th ng no c u tin chng thc trc. Theo nh cc
dng trn, th chng thc local s c u tin trc, v chng thc nis u tin sau. Bn c th i li th t ny. chng thc c, phi khi ng dch v ypbind [root@localhost ~]# service ypbind start Sau th dng my 2 logon th vo NIS server. du nhc lnh c dng -Bash3.2$ u ny c ngha l nv1 sau khi logon vo h thng vn cha s dng c nhiu lnh shell. V du nhc ny cng cho bit th mc c nhn ca user ny ang nm trn my ch. 4. Trin khai th mc c nhn cho mi user v my cc b Chng ta s trin khai dch v auto mount t ng mount th mc c nhn tn NIS server v my client, khi user logon. Gi ci t cn thit l NFS, bn c th xem bi trc bit cch ci dch v ny. Trn my NIS server: M file /etc/exports thm dng /home * (rw,sync) Sau khi ng dch v nfs bng lnh service nfs start Trn my client: M file /etc/auto.master, thm vo dng cui cng /home /etc/auto.home timeout 300 To mi file /etc/auto.home c ni dung sau: * -fstype=nfs,soft,intr,rsize=8192,wsize=8192,nosuid,tcp 192.168.9.17:/home/& Khi ng li dch v autofs bng lnh service autofs restart Lc ny logon vo my 2 s thy th mc c nhn ca mi user.