User Tools
настройка_стендов_слушателей
Table of Contents
Настройка стендов слушателей
Настройка виртуальных систем Unix
- Адаптер 1 - eth0/em0 - “Внутренняя сеть” или “Виртуальный адаптер хоста” (уточните у преподавателя)
- Адаптер 2 - eth1/em1 - Сетевой мост
Общие файлы конфигурации
Debian/Ubuntu
# cat /etc/hosts
127.0.0.1 localhost #192.168.X.1 gate.corpX.un gate #192.168.X.10 server.corpX.un server #192.168.X.30 client1.corpX.un client1 #192.168.100+X.10 lan.corpX.un lan 172.16.1.254 proxy 172.16.1.254 rep
# cat /etc/resolv.conf
search corpX.un nameserver 172.16.1.254
Debian/Ubuntu
Gate
root@localhost:~# cat /etc/hostname
gate.corpX.un
root@localhost:~# cat /etc/network/interfaces
auto lo
iface lo inet loopback
auto eth0
iface eth0 inet static
address 192.168.X.1
netmask 255.255.255.0
auto eth1
iface eth1 inet static
address 172.16.1.X
netmask 255.255.255.0
gateway 172.16.1.254
root@localhost:~# cat /etc/sysctl.conf
... net.ipv4.ip_forward = 1 ...
root@localhost:~# init 6 ... root@gate:~# apt update
Server
root@localhost:~# cat /etc/hostname
server.corpX.un
root@localhost:~# cat /etc/network/interfaces
auto lo
iface lo inet loopback
auto eth0
iface eth0 inet static
address 192.168.X.10
netmask 255.255.255.0
gateway 192.168.X.1
root@localhost:~# init 6 ... root@server:~# apt update
FreeBSD
Gate
# cat /etc/rc.conf
hostname="gate.corpX.un" ifconfig_em0="192.168.X.1/24" ifconfig_em1="172.16.1.X/24" defaultrouter=172.16.1.254 gateway_enable=yes keyrate="fast" sshd_enable=yes
# init 6 # pkg update -f # pkg install pkg
Server
# cat /etc/rc.conf
hostname="server.corpX.un" ifconfig_em0="192.168.X.10/24" defaultrouter=192.168.X.1 keyrate="fast" sshd_enable=yes
# init 6 # pkg update -f # pkg install pkg
Скрипты автоконфигурации
# git clone http://val.bmstu.ru/unix/conf.git
gate.corpX.un
# cat net_gate.sh
X=$1
if test -z $X
then
echo -n "enter X: "
read X
fi
cat > /etc/hosts <<EOF
127.0.0.1 localhost
192.168.$X.1 gate.corp$X.un gate
172.16.1.254 proxy
172.16.1.254 rep
EOF
cat > /etc/resolv.conf <<EOF
search corp$X.un
nameserver 172.16.1.254
#nameserver 192.168.$X.10
EOF
echo gate.corp$X.un > /etc/hostname
cat > /etc/network/interfaces <<EOF
auto lo
iface lo inet loopback
auto eth0
iface eth0 inet static
address 192.168.$X.1
netmask 255.255.255.0
auto eth1
iface eth1 inet static
address 172.16.1.$X
netmask 255.255.255.0
gateway 172.16.1.254
#auto eth2
#iface eth2 inet static
# address 192.168.$((100+$X)).1
# netmask 255.255.255.0
EOF
echo "net.ipv4.ip_forward = 1" >> /etc/sysctl.conf
timedatectl set-timezone Europe/Moscow
echo Success
exit 0
server.corpX.un
# cat net_server.sh
X=$1
if test -z $X
then
echo -n "enter X: "
read X
fi
cat > /etc/hosts <<EOF
127.0.0.1 localhost
192.168.$X.10 server.corp$X.un server
172.16.1.254 proxy
172.16.1.254 rep
EOF
cat > /etc/resolv.conf <<EOF
search corp$X.un
nameserver 172.16.1.254
#nameserver 192.168.$X.10
EOF
echo server.corp$X.un > /etc/hostname
cat > /etc/network/interfaces <<EOF
auto lo
iface lo inet loopback
auto eth0
iface eth0 inet static
address 192.168.$X.10
netmask 255.255.255.0
gateway 192.168.$X.1
EOF
timedatectl set-timezone Europe/Moscow
echo Success
exit 0
dhcp
# cat dhcp.sh
X=$1
if test -z $X
then
echo -n "enter X: "
read X
fi
apt update
apt install -y isc-dhcp-server
echo 'INTERFACES="eth0"' > /etc/default/isc-dhcp-server
echo '#INTERFACES="eth0 eth2"' >> /etc/default/isc-dhcp-server
cat > /etc/dhcp/dhcpd.conf <<EOF
ddns-update-style none;
default-lease-time 600;
max-lease-time 7200;
option domain-name "corp$X.un";
option domain-name-servers 192.168.$X.10;
#### For provisioning ####
#option tftp-server-name code 66 = string; # RFC 2132
#option tftp-server-address code 150 = ip-address; # RFC 5859
#option tftp-server-name "server.corp$X.un";
#option tftp-server-address 192.168.$X.10;
shared-network LAN1 {
subnet 192.168.$X.0 netmask 255.255.255.0 {
range 192.168.$X.101 192.168.$X.199;
option routers 192.168.$X.1;
}
}
#shared-network LAN2 {
# subnet 192.168.$((100 + $X)).0 netmask 255.255.255.0 {
# range 192.168.$((100 + $X)).101 192.168.$((100 + $X)).199;
# option routers 192.168.$((100 + $X)).1;
# }
#}
EOF
dhcpd -t && service isc-dhcp-server start
echo Success
exit 0
dns
# cat dns.sh
X=$1
if test -z $X
then
echo -n "enter X: "
read X
fi
apt update
apt install -y bind9 dnsutils
cat > /etc/bind/named.conf <<EOF
options {
directory "/var/cache/bind";
allow-recursion { any; };
forwarders {
172.16.1.254;
};
empty-zones-enable no;
};
view "inside" {
match-clients {
// 192.168.$X/24;
// 127/8;
0/0;
};
zone "corp$X.un" {
type master;
file "/etc/bind/corp$X.un";
};
};
view "outside" {
zone "corp$X.un" {
type master;
file "/etc/bind/corp$X.un.out";
};
};
EOF
cat > /etc/bind/corp$X.un <<EOF
\$TTL 3h
@ SOA ns root.ns 1 1d 12h 1w 3h
NS ns
A 192.168.$X.10
MX 1 server
ns A 192.168.$X.10
gate A 192.168.$X.1
server A 192.168.$X.10
;_sip._udp SRV 0 0 5060 server
;_xmpp-client._tcp SRV 0 0 5222 server
;_kerberos._udp SRV 01 00 88 server
;_kerberos._tcp SRV 01 00 88 server
;_kerberos TXT CORP$X.UN
EOF
cat > /etc/bind/corp$X.un.out <<EOF
\$TTL 3h
@ SOA ns root.ns 1 1d 12h 1w 3h
NS ns
ns A 172.16.1.$X
gate A 172.16.1.$X
server A 172.16.1.$X
;_sip._udp SRV 00 00 6050 server
EOF
named-checkconf -z && service bind9 restart
echo Success
exit 0
Ansible конфигурация
# git clone http://val.bmstu.ru/unix/conf.git
server.isp.un:~/ansible/roles# cat host.yml
- name: Network config for hosts
hosts: corp
strategy: free
roles:
- host
server.isp.un:~/ansible/roles# cat host/tasks/main.yml
- name: Create hosts file template: src=hosts.j2 dest=/etc/hosts - name: Create resolv.conf file template: src=resolv.conf.j2 dest=/etc/resolv.conf - name: Create hostname file template: src=hostname.j2 dest=/etc/hostname - name: Create interfaces file template: src=interfaces.j2 dest=/etc/network/interfaces #- name: Restart system # command: shutdown -r +1
server.isp.un:~/ansible/roles# cat host/vars/main.yml
hostname: server
#hostname: mail
base_domain_prefix: corp
base_domain_suffix: un
base_net: 172.16.1
gateway_octet: 254
dns_ip: 172.16.1.254
X: "{{ ansible_eth0.ipv4.address.split('.')[3] }}"
#X: "{{ ansible_eth0.ipv4.address.split('.')[3] | int - 100 }}"
server.isp.un:~/ansible/roles# cat host/templates/hosts.j2
127.0.0.1 localhost
{{ ansible_eth0.ipv4.address }} {{ hostname }}.{{ base_domain_prefix }}{{ X }}.{{ base_domain_suffix }} {{ hostname }}
{{ base_net }}.254 rep
server.isp.un:~/ansible/roles# cat host/templates/resolv.conf.j2
search {{ base_domain_prefix }}{{ X }}.{{ base_domain_suffix }}
nameserver {{ dns_ip }}
server.isp.un:~/ansible/roles# cat host/templates/hostname.j2
{{ hostname }}.{{ base_domain_prefix }}{{ X }}.{{ base_domain_suffix }}
server.isp.un:~/ansible/roles# cat host/templates/interfaces.j2
auto lo
iface lo inet loopback
auto eth0
iface eth0 inet static
address {{ ansible_eth0.ipv4.address }}
netmask 255.255.255.0
gateway {{ base_net }}.{{ gateway_octet }}
root@server:~/ansible/roles# ansible-playbook host.yml или root@server:~# ansible-playbook ansible/roles/host.yml
настройка_стендов_слушателей.txt · Last modified: 2020/08/22 15:00 by val
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
