ddns 的配置

ddns:dhcp + dns
首先安装dns：yum install bind* -y (推荐安装bind-chroot)
ll /var/named/chroot/etc/   只有三个文件
localtime  named  pki
/etc/init.d/named start
ll /var/named/chroot/etc/   就有7个文件
localtime  named  named.conf  named.iscdlv.key  named.rfc1912.zones  pki  rndc.key
配置dns时必须在/var/named/chroot/etc/ 目录下修改named.conf,named.rfc1912.zones这两个文件才会生效
cd /var/named/chroot/etc/
vim named.rfc1912.zones  添加 zone
zone "example.com" IN {
    type master；
    file “example.com.zone";
    allow-update {none};
};
cd /var/named/chroot/var/named
cp -p named.localhost  example.com.zone
vim  example.com.zone
$TTL 86400      ; 1 day
example.com.             IN SOA  example.com. root\@example.com. (
                                7          ; serial
                                86400      ; refresh (1 day)
                                3600       ; retry (1 hour)
                                604800     ; expire (1 week)
                                10800      ; minimum (3 hours)
                                )
                        NS      desktop84.example.com.
desktop84               A       192.168.0.84
www                     A       192.168.0.84
启动dns前需确保：/var/named/chroot/var/named/ 目录的权限为770，
/etc/init.d/named start
下面配置dns 的update
cd ~
dnssec-keygen -a HMAC-MD5 -b 128 -n HOST smart  #-n HOST 是基于主机，smart是名字
vim /var/named/chroot/etc/named.conf
allow-query     { localhost; localnets; };
        dnssec-enable yes;
        dnssec-validation yes;
        dnssec-lookaside auto;
key "smart" {
        algorithm hmac-md5;
        secret "KqooZTfvdXvQb1wrqWIr1Q==";
};
修改：vim /var/named/chroot/etc/named.rfc1912.zones
allow-update {key smart;};
ddns需确保3个条件：
/var/named/chroot/var/named/ 目录的权限为770
allow-update {key smart;};
如果selinux开启，则需 named_write_master_zones=on
/etc/init.d/named  restart
nsupdate
>server 192.168.0.84 （如果后面报can not get address的话，需添加server）
>zone example.com
>update delete www.example.com A
>send
update failed:REFUSED   因为update设置了密钥，则需私钥才可更新

如果提示 update  failed:NOTAUTH   是因为nsupdate 没有带密钥

需要

nsupdate -y smart：KqooZTfvdXvQb1wrqWIr1Q==

如果提示 update  failed：SERVFAIL 是因为权限不对

需要chown  named.named   /var/named/chroot/var/named  -R 

cd ～
cat Ksmart.+157+02026.private  会有私钥
nsupdate -y smart：KqooZTfvdXvQb1wrqWIr1Q==
>server 192.168.0.84
>zone example.com
>update delete www.example.com A
>send      此时就好了
>quit    
dig www.example.com   就不能解析了
ll /var/named/chroot/var/named/
-rw-r--r-- 1 named named 2480 Aug 27 05:42 example.com.zone.jnl 多了此文件

下面安装dhcp：yum install dhcp -y
cp /usr/share/doc/dhcp-4.1.1/dhcpd.conf.sample /etc/dhcp/dhcpd.conf
vim /etc/dhcp/dhcpd.conf
option domain-name "example.com";
option domain-name-servers desktop84.example.com;

default-lease-time 600;
max-lease-time 7200;
ddns-update-style interim;
authoritative;             权威解析
log-facility local7;
subnet 192.168.0.0 netmask 255.255.255.0 {
        range dynamic-bootp 192.168.0.223 192.168.0.225;
        option routers 192.168.0.254;

}
/etc/init.d/dhcpd start
netstat -anulpe    会有udp 67端口

此时配置客户端（linux系统，windows不需配置）dhcp获取地址：
在dhcp server 端  cat /var/lib/dhcpd/dhcpd.lease   会有分配IP的记录

在dhcp selease 192.168.0.223 {
  starts 0 2012/08/26 21:27:21;
  ends 0 2012/08/26 21:37:21;
  tstp 0 2012/08/26 21:37:21;
  cltt 0 2012/08/26 21:27:21;
  binding state free;
  hardware ethernet 52:54:00:9f:9d:cb;
rver 端：
vim  /etc/dhcp/dhcpd.conf   添加以下
key "smart" {
        algorithm hmac-md5;
        secret "KqooZTfvdXvQb1wrqWIr1Q==";
};
zone example.com. {
        primary 127.0.0.1;
        key smart;
}
/etc/init.d/dhcpd restart
rndc  reload     重新加载ddns
此时ddns server 端配置好了

下面dhcp 客户端（linux）
vim /etc/dhcp/dhclient.conf
send fqdn.fqdn  "desktop84.example.com.";
send fqdn.encoded on;
send fqdn.server-update on;       此时客户端也配置好了。
/etc/init.d/network  restart    分配的IP为223
dig  desktop98.example.com     就会有解析

vim  /etc/dhcp/dhcpd.conf
range dynamic-bootp 192.168.0.22 192.168.0.225;

客户端：
/etc/init.d/network  restart    分配的IP为224
dig  desktop98.example.com      还会有解析

此时在dhcp server 端：
cat /var/lib/dhcpd/dhcpd.lease   会有分配IP的记录
lease 192.168.0.224 {
  starts 0 2012/08/26 21:58:24;
  ends 0 2012/08/26 22:08:24;
  cltt 0 2012/08/26 21:58:24;
  binding state active;
  next binding state free;
  hardware ethernet 52:54:00:af:23:4a;
  set ddns-txt = "009e1e936c8da7b2a6f7bebc2f8700033a";
  set ddns-fwd-name = "desktop98.example.com";