綜合實驗(所有設備關閉防火墻和selinux)

1. 在appsrv上部署主dns，為example.com提供域名解析

   安裝bind bind-chroot

   root@appsrv ~]# yum install bind bind-chroot -y
   

   編輯主配置文件，全局配置文件，正向解析文件

   [root@appsrv ~]# vim /etc/named.conf 
   options {listen-on port 53 { any; };listen-on-v6 port 53 { any; };directory       "/var/named";dump-file       "/var/named/data/cache_dump.db";statistics-file "/var/named/data/named_stats.txt";memstatistics-file "/var/named/data/named_mem_stats.txt";recursing-file  "/var/named/data/named.recursing";secroots-file   "/var/named/data/named.secroots";allow-query     { any; };
   

   [root@appsrv ~]# cd /var/named/
   [root@appsrv named]# cp -p named.localhost xie.com
   [root@appsrv named]# cp -p named.empty com.xi
   

   [root@appsrv ~]# vim /etc/named.rfc1912.zones
   zone "example.com" IN {type master;file "xie.com";allow-update { none; };
   };zone "100.168.192.in-addr.arpa" IN {type master;file "com.xie";allow-update { none; };
   };
   

   [root@appsrv ~]# vim /var/named/xie.com
   $TTL 1D
   @       IN SOA  appsrv.example.com. root.example.com. (2025082301      ; serial1D      ; refresh1H      ; retry1W      ; expire3H )    ; minimumNS      appsrv.example.com.
   appsrv IN  A 192.168.100.10
   www  IN  A 192.168.100.10
   

   [root@appsrv ~]# systemctl restart named
   [root@appsrv ~]# systemctl enable named
   

   2.配置DHCP服務器，為client客戶端網絡分配地址，地址池范圍：192.168.0.110-192.168.0.190/24

   安裝 dhcp

   [root@storagesrv ~]# yum install dhcp -y
   

   覆蓋dhcp主配置文件

   [root@storagesrv ~]# cp -p /usr/share/doc/dhcp*/dhcpd.conf.example /etc/dhcp/dhcpd.conf
   cp: overwrite ‘/etc/dhcp/dhcpd.conf’? y
   

   編輯dhcp主配置文件

   [root@storagesrv ~]# vim /etc/dhcp/dhcpd.confsubnet 192.168.100.0 netmask 255.255.255.0 {
   }subnet 192.168.0.0 netmask 255.255.255.0 {range 192.168.0.110 192.168.0.190;option routers 192.168.0.254;default-lease-time 600;max-lease-time 7200;
   }
   

   STORAGESRV:

   一、NFS服務

   1、共享/webdata目錄

   2、用于存儲appsrv主機的web數據

   3、僅允許appsrv主機訪問該共享

   安裝 nfs-utils rpcbind

[root@storagesrv ~]# yum install nfs-utils rpcbind -y

創建共享目錄

[root@storagesrv ~]# mkdir /webdata
[root@storagesrv ~]# vim /etc/exports/webdata 192.168.100.10/24(rw)
[root@storagesrv ~]# chmod o+w /webdata

[root@storagesrv ~]# systemctl restart rpcbind
[root@storagesrv ~]# systemctl enable rpcbind
[root@storagesrv ~]# systemctl restart nfs
[root@storagesrv ~]# systemctl enable nfs

nfs客戶端（在主dns上完成）

創建掛載點/luoqi

[root@appsrv ~]# mkdir /luoqi

永久掛載共享目錄/webdata

[root@appsrv ~]# vim /etc/fstab
192.168.100.20:/webdata /luoqi nfs defaults 0 0

WEB服務

1、DocumentRoot為/luoqi

2、要求通過http://www.example.com能夠成功訪問該站點，內容為welcome to luoqi.

安裝httpd

[root@appsrv ~]# yum install httpd -y

復制虛擬主機的配置文件到/etc/httpd/conf.d/

[root@appsrv ~]# cp -p /usr/share/doc/httpd-2.4.6/httpd-vhosts.conf /etc/httpd/conf.d/

編輯虛擬主機配置文件

[root@appsrv ~]# vim /etc/httpd/conf.d/httpd-vhosts.conf<VirtualHost 192.168.100.10:80>    DocumentRoot "/luoqi"ServerName www.example.com<Directory "/luoqi">AllowOverride NoneRequire all granted
</Directory>
</VirtualHost>[root@appsrv ~]# systemctl restart httpd
[root@appsrv ~]# systemctl enable httpd

[root@appsrv ~]# cd /luoqi
[root@appsrv luoqi]# ls
[root@appsrv luoqi]# echo welcome to luoqi > index.html

配置dhcp中繼，開啟ip轉發功能使client能夠自動獲取ip

dhcp中繼

NAT模式網卡ip地址：192.168.100.254

僅主機模式網卡ip為：192.168.0.254

client

主機名：client.example.com

網卡為僅主機模式，自動獲取ip地址，獲取的ip地址的網段為192.168.0.0/24

dhcp中繼nat網卡配置

[root@routersrv ~]# vim /etc/sysconfig/network-scripts/ifcfg-ens33IPADDR=192.168.100.254

僅主機網卡配置

[root@routersrv ~]# nmcli connection 
NAME                UUID                                  TYPE      DEVICE 
ens33               c96bc909-188e-ec64-3a96-6a90982b08ad  ethernet  ens33  
virbr0              906c8b56-9adf-4276-aaf4-dc767b596e7b  bridge    virbr0 
Wired connection 1  f7f4387c-ce62-3ed3-b7dc-674fb781fcd9  ethernet  ens36

[root@routersrv ~]# nmcli connection delete Wired\ connection\ 1
[root@xieyuhui3 ~]# nmcli connection add con-name ens36 ifname ens36 type ethernet 
[root@xieyuhui3 ~]# nmcli connection modify ens36 ipv4.addresses 192.168.0.254/24 ipv4.gateway 192.168.0.254 ipv4.method manual connection.autoconnect yes
[root@routersrv ~]# nmcli connection up ens36

[root@routersrv ~]# systemctl restart network

client網卡配置

TYPE=Ethernet
PROXY_METHOD=none
BROWSER_ONLY=no
BOOTPROTO=dhcp
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_FAILURE_FATAL=no
IPV6_ADDR_GEN_MODE=stable-privacy
NAME=ens33
DEVICE=ens33
ONBOOT=yes

dhcp中繼安裝dhcp，開啟IP轉發

[root@routersrv yum.repos.d]# yum install dhcp -y
[root@routersrv ~]# vim /etc/sysctl.confnet.ipv4.ip_forward = 1[root@routersrv ~]# sysctl -pnet.ipv4.ip_forward = 1[root@routersrv ~]# dhcrelay 192.168.100.10

1、在storagesrv使用nslookup命令解析www.example.com，并截圖

2.在client中的網卡的配置文件截圖

3.在client中執行ip a show ens33命令，并截圖

4.在appsrv中執行df -Th命令，并截圖

5.在storagesrv中執行cat /etc/exports并截圖

6.在storagesrv中使用命令curl http://www.example.com，并截圖