This is an old revision of the document!
# cat /etc/hosts
127.0.0.1 localhost #192.168.X.1 gate.corpX.un gate #192.168.X.10 server.corpX.un server #192.168.X.30 client1.corpX.un client1 #192.168.100+X.10 lan.corpX.un lan 172.16.1.254 proxy 172.16.1.254 rep
# cat /etc/resolv.conf
search corpX.un nameserver 172.16.1.254
root@localhost:~# cat /etc/hostname
gate.corpX.un
root@localhost:~# cat /etc/network/interfaces
auto lo iface lo inet loopback auto eth0 iface eth0 inet static address 192.168.X.1 netmask 255.255.255.0 auto eth1 iface eth1 inet static address 172.16.1.X netmask 255.255.255.0 gateway 172.16.1.254
root@localhost:~# cat /etc/sysctl.conf
... net.ipv4.ip_forward = 1 ...
root@localhost:~# init 6 ... root@gate:~# apt update
root@localhost:~# cat /etc/hostname
server.corpX.un
root@localhost:~# cat /etc/network/interfaces
auto lo iface lo inet loopback auto eth0 iface eth0 inet static address 192.168.X.10 netmask 255.255.255.0 gateway 192.168.X.1
root@localhost:~# init 6 ... root@server:~# apt update
# cat /etc/rc.conf
hostname="gate.corpX.un" ifconfig_em0="192.168.X.1/24" ifconfig_em1="172.16.1.X/24" defaultrouter=172.16.1.254 gateway_enable=yes keyrate="fast" sshd_enable=yes
# init 6 # pkg update -f # pkg install pkg
# cat /etc/rc.conf
hostname="server.corpX.un" ifconfig_em0="192.168.X.10/24" defaultrouter=192.168.X.1 keyrate="fast" sshd_enable=yes
# init 6 # pkg update -f # pkg install pkg
# cat net_gate.sh
X=$1 if test -z $X then echo -n "enter X: " read X fi cat > /etc/hosts <<EOF 127.0.0.1 localhost 192.168.$X.1 gate.corp$X.un gate 172.16.1.254 proxy 172.16.1.254 rep EOF cat > /etc/resolv.conf <<EOF search corp$X.un nameserver 172.16.1.254 #nameserver 192.168.$X.10 EOF echo gate.corp$X.un > /etc/hostname cat > /etc/network/interfaces <<EOF auto lo iface lo inet loopback auto eth0 iface eth0 inet static address 192.168.$X.1 netmask 255.255.255.0 auto eth1 iface eth1 inet static address 172.16.1.$X netmask 255.255.255.0 gateway 172.16.1.254 #auto eth2 #iface eth2 inet static # address 192.168.$((100+$X)).1 # netmask 255.255.255.0 EOF echo "net.ipv4.ip_forward = 1" >> /etc/sysctl.conf timedatectl set-timezone Europe/Moscow echo Success exit 0
# cat net_server.sh
X=$1 if test -z $X then echo -n "enter X: " read X fi cat > /etc/hosts <<EOF 127.0.0.1 localhost 192.168.$X.10 server.corp$X.un server 172.16.1.254 proxy 172.16.1.254 rep EOF cat > /etc/resolv.conf <<EOF search corp$X.un nameserver 172.16.1.254 #nameserver 192.168.$X.10 EOF echo server.corp$X.un > /etc/hostname cat > /etc/network/interfaces <<EOF auto lo iface lo inet loopback auto eth0 iface eth0 inet static address 192.168.$X.10 netmask 255.255.255.0 gateway 192.168.$X.1 EOF timedatectl set-timezone Europe/Moscow echo Success exit 0
# cat dhcp.sh
X=$1 if test -z $X then echo -n "enter X: " read X fi apt update apt install -y isc-dhcp-server echo 'INTERFACES="eth0"' > /etc/default/isc-dhcp-server echo '#INTERFACES="eth0 eth2"' >> /etc/default/isc-dhcp-server cat > /etc/dhcp/dhcpd.conf <<EOF ddns-update-style none; default-lease-time 600; max-lease-time 7200; option domain-name "corp$X.un"; option domain-name-servers 192.168.$X.10; #### For provisioning #### #option tftp-server-name code 66 = string; # RFC 2132 #option tftp-server-address code 150 = ip-address; # RFC 5859 #option tftp-server-name "server.corp$X.un"; #option tftp-server-address 192.168.$X.10; shared-network LAN1 { subnet 192.168.$X.0 netmask 255.255.255.0 { range 192.168.$X.101 192.168.$X.199; option routers 192.168.$X.1; } } #shared-network LAN2 { # subnet 192.168.$((100 + $X)).0 netmask 255.255.255.0 { # range 192.168.$((100 + $X)).101 192.168.$((100 + $X)).199; # option routers 192.168.$((100 + $X)).1; # } #} EOF dhcpd -t && service isc-dhcp-server start echo Success exit 0
# cat dns.sh
X=$1 if test -z $X then echo -n "enter X: " read X fi apt update apt install -y bind9 dnsutils cat > /etc/bind/named.conf <<EOF options { directory "/var/cache/bind"; allow-recursion { any; }; forwarders { 172.16.1.254; }; empty-zones-enable no; }; view "inside" { match-clients { // 192.168.$X/24; // 127/8; 0/0; }; zone "corp$X.un" { type master; file "/etc/bind/corp$X.un"; }; }; view "outside" { zone "corp$X.un" { type master; file "/etc/bind/corp$X.un.out"; }; }; EOF cat > /etc/bind/corp$X.un <<EOF \$TTL 3h @ SOA ns root.ns 1 1d 12h 1w 3h NS ns A 192.168.$X.10 MX 1 server ns A 192.168.$X.10 gate A 192.168.$X.1 server A 192.168.$X.10 ;_sip._udp SRV 0 0 5060 server ;_xmpp-client._tcp SRV 0 0 5222 server ;_kerberos._udp SRV 01 00 88 server ;_kerberos._tcp SRV 01 00 88 server ;_kerberos TXT CORP$X.UN EOF cat > /etc/bind/corp$X.un.out <<EOF \$TTL 3h @ SOA ns root.ns 1 1d 12h 1w 3h NS ns ns A 172.16.1.$X gate A 172.16.1.$X server A 172.16.1.$X ;_sip._udp SRV 00 00 6050 server EOF named-checkconf -z && service bind9 restart echo Success exit 0