20160502 리눅스 네트워크
=============================================메모=============================================
1. 저번주 생긴 문제
modprobe.conf 파일 다시 수정하고
/etc/sysconfig/network-scripts/ifcfg-eth0.bak
/etc/sysconfig/networking/devices/ifcfg-eth0.bak
/etc/sysconfig/networking/profiles/default/ifcfg-eth0.bak
파일삭제 후 system-config-network-tui 에서 확인하면 없어져있음
출처 http://blog.naver.com/silzon/30032721827
2-1. 클론에서 telnet 접속하려 했는데 에러메시지가
telnet: Unable to connect to remote host: No route to host
서브넷마스크가 문제라고 하는데 확인을 못해봤다
출처 http://hkebi.tistory.com/85
2-2. 핑은 정상적인데 텔넷만 안됨
방화벽 문제? 라고 하는데 신뢰가.. 그 외의 정보는 참고할만한듯
출처 http://blog.naver.com/npolarbear/220021579054
2-3. No route to host에 대한 분석
원인: 시스템이 목적지 호스트에 패킷을 라우트하지 못하면 발생한다.
이것은 기본 라우트가 없거나 케이블이 연결되지 않았을 때 발생한다.
netstat -rn의 결과를 확인하고 접근하려는 호스트에 맞는 라우트가 있는지 확인한다.
출처 http://blog.naver.com/moonv11/60159642546
2-4. Subnet Mask와 Default Gateway
되게 정리를 잘 해놓았음 아마도 서브넷마스크나 아이피 지정할때 오타가 있었던거 같음
출처 http://www.netmanias.com/ko/post/blog/5403/subnet-mask-ip/subnet-mask-and-default-gateway
2-5. 아마도 넷마스크 때문이 아닌가?
출처 https://kldp.org/node/146863
=============================================복습=============================================
=============================================강의=============================================
=============================================실습=============================================
----- bond0(192.168.10.100) -------+----- eth0(Active) -----
|
+------ eth1(Active) -----
(작업순서) 이더채널 본딩(EtherChannel Bonding)
◾ /etc/modprobe.conf 파일 설정
◾ /etc/sysconfig/network-scripts/ifcfg-bond0 파일 설정
◾ /etc/sysconfig/network-scripts/ifcfg-eth0 파일 설정
◾ /etc/sysconfig/network-scripts/ifcfg-eth1 파일 설정
alias bond0 bonding <----- 새로운 라인 추가
② /etc/sysconfig/network-scripts/ifcfg-bond0 파일 설정
# cd /etc/sysconfig/network-scripts
# cp ifcfg-eth0 ifcfg-bond0
# vi ifcfg-bond0
[수정후]
# Advanced Micro Devices [AMD] 79c970 [PCnet32 LANCE]
DEVICE=bond0
BOOTPROTO=none
BROADCAST=192.168.10.255
IPADDR=192.168.10.100
NETMASK=255.255.255.0
NETWORK=192.168.10.0
ONBOOT=yes
USERCTL=no
BONDING_OPTS="mode=0 miimon=100"
③ /etc/sysconfig/network-scripts/ifcfg-eth0 파일 설정
# vi ifcfg-eth0
[수정후]
# Advanced Micro Devices [AMD] 79c970 [PCnet32 LANCE]
DEVICE=eth0
BOOTPROTO=none
ONBOOT=yes
MASTER=bond0
SLAVE=yes
USERCTL=no
④ /etc/sysconfig/network-scripts/ifcfg-eth1 파일 설정
# vi ifcfg-eth1 (# cp ifcfg-eth0 ifcfg-eth1)
[수정후]
DEVICE=eth1
BOOTPROTO=none
ONBOOT=yes
MASTER=bond0
SLAVE=yes
USERCTL=no
[root@linux220 ~]# vi /etc/modprobe.conf
[root@linux220 ~]# cat /etc/modprobe.conf
alias eth0 pcnet32
alias scsi_hostadapter mptbase
alias scsi_hostadapter1 mptspi
alias scsi_hostadapter2 ata_piix
alias snd-card-0 snd-ens1371
options snd-card-0 index=0
options snd-ens1371 index=0
remove snd-ens1371 { /usr/sbin/alsactl store 0 >/dev/null 2>&1 || : ; }; /sbin/modprobe -r --ignore-remove snd-ens1371
alias eth1 pcnet32
alias bond0 bonding
[root@linux220 ~]# cd /etc/sysconfig/network-scripts/
[root@linux220 /etc/sysconfig/network-scripts]# ls
ifcfg-eth0 ifdown-ipv6 ifup ifup-isdn ifup-tunnel
ifcfg-eth1 ifdown-isdn ifup-aliases ifup-plip ifup-wireless
ifcfg-lo ifdown-post ifup-bnep ifup-plusb init.ipv6-global
ifdown ifdown-ppp ifup-eth ifup-post net.hotplug
ifdown-bnep ifdown-routes ifup-ippp ifup-ppp network-functions
ifdown-eth ifdown-sit ifup-ipsec ifup-routes network-functions-ipv6
ifdown-ippp ifdown-sl ifup-ipv6 ifup-sit
ifdown-ipsec ifdown-tunnel ifup-ipx ifup-sl
[root@linux220 /etc/sysconfig/network-scripts]# cp ifcfg-eth0 ifcfg-bond0
[root@linux220 /etc/sysconfig/network-scripts]# vi ifcfg-bond0
[root@linux220 /etc/sysconfig/network-scripts]# cat ifcfg-bond0
# Advanced Micro Devices [AMD] 79c970 [PCnet32 LANCE]
DEVICE=bond0
BOOTPROTO=none
BROADCAST=192.168.10.255
IPADDR=192.16.10.100
NETMASK=255.255.255.0
NETWORK=192.168.10.0
ONBOOT=yes
USERCTL=no
BONDING_OPTS="mode=0 miimon=100"
[root@linux220 /etc/sysconfig/network-scripts]# vi ifcfg-eth0
[root@linux220 /etc/sysconfig/network-scripts]# cat ifcfg-eth0
# Advanced Micro Devices [AMD] 79c970 [PCnet32 LANCE]
DEVICE=eth0
BOOTPROTO=none
ONBOOT=yes
MASTER=bond0
SLAVE=yes
USERCTL=no
[root@linux220 /etc/sysconfig/network-scripts]# cp ifcfg-eth0 ifcfg-eth1
cp: overwrite `ifcfg-eth1'? y
[root@linux220 /etc/sysconfig/network-scripts]# vi ifcfg-eth1
[root@linux220 /etc/sysconfig/network-scripts]# cat ifcfg-eth1
# Advanced Micro Devices [AMD] 79c970 [PCnet32 LANCE]
DEVICE=eth1
BOOTPROTO=none
ONBOOT=yes
MASTER=bond0
SLAVE=yes
USERCTL=no
[root@linux220 /etc/sysconfig/network-scripts]#
⑤ 이더채널 본딩 설정 확인
# reboot
부팅이 된 이후 root 사용자로 로그인
# ifconfig
# cat /proc/net/bonding/bond0
[root@linux220 ~]# ifconfig
bond0 Link encap:Ethernet HWaddr 00:0C:29:1F:D6:BF
inet addr:192.16.10.100 Bcast:192.168.10.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fe1f:d6bf/64 Scope:Link
UP BROADCAST RUNNING MASTER MULTICAST MTU:1500 Metric:1
RX packets:57 errors:0 dropped:0 overruns:0 frame:0
TX packets:41 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:10204 (9.9 KiB) TX bytes:6266 (6.1 KiB)
eth0 Link encap:Ethernet HWaddr 00:0C:29:1F:D6:BF
UP BROADCAST RUNNING SLAVE MULTICAST MTU:1500 Metric:1
RX packets:28 errors:0 dropped:0 overruns:0 frame:0
TX packets:23 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:5198 (5.0 KiB) TX bytes:3167 (3.0 KiB)
Interrupt:67 Base address:0x2000
eth1 Link encap:Ethernet HWaddr 00:0C:29:1F:D6:BF
UP BROADCAST RUNNING SLAVE MULTICAST MTU:1500 Metric:1
RX packets:29 errors:0 dropped:0 overruns:0 frame:0
TX packets:18 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:5006 (4.8 KiB) TX bytes:3099 (3.0 KiB)
Interrupt:67 Base address:0x2080
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:1488 errors:0 dropped:0 overruns:0 frame:0
TX packets:1488 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:2537472 (2.4 MiB) TX bytes:2537472 (2.4 MiB)
(4-2) 이더채널 본딩 Mode 1(Active-Standby) 설정
(전제조건)
◾ 서버에 NIC 2장 존재해야 한다.
◾ NIC는 같은 네트워크에 존재해야 한다.
---------------- VMWare 환경 ---------------
(ㄱ) (서버1) eth0 : Bridge -> NAT
(ㄴ) (서버1)
# chkconfig —list kudzu
# chkconfig kudzu on
VMWare > VM > Setting > Add > Network Adapter
eth2 추가(NAT)
eht3 추가(NAT)
# reboot
부팅이 된 이후에 새로 장착된 NIC에 대해서 본딩설정
---------------- VMWare 환경 ---------------
----- bond1(192.168.10.200) -------+----- eth2(Active) -----
|
+------ eth3(Standby) -----
[참고] bond1(Active-Standby) 설정 예
(작업순서) 이더 채널 본딩
◾ /etc/modprobe.conf 파일 설정
◾ /etc/sysconfig/network-scripts/ifcfg-bond1 파일 설정
◾ /etc/sysconfig/network-scripts/ifcfg-eth2 파일 설정
◾ /etc/sysconfig/network-scripts/ifcfg-eth3 파일 설정
① /etc/modprobe.conf 파일 설정
# vi /etc/modprobe.conf
alias eth1 pcnet32
alias bond0 bonding
alias bond1 bonding <----- 새로운 라인 추가
alias eth2 pcnet32
alias eth3 pcnet32
② /etc/sysconfig/network-scripts/ifcfg-bond1 파일 설정
# cd /etc/sysconfig/netowrk-scripts
# cp ifcfg-bond0 ifcfg-bond1
# vi ifcfg-bond1
③ /etc/sysconfig/network-scripts/ifcfg-eth2 파일 설정
# vi ifcfg-eth2 (# cp ifcfg-eth0 ifcfg-eth2)
[수정후]
DEVICE=eth2
BOOTPROTO=none
ONBOOT=yes
MASTER=bond1
SLAVE=yes
USERCTL=no
④ /etc/sysconfig/network-scripts/ifcfg-eth3 파일 설정
# vi ifcfg-eth3 (# cp ifcfg-eth0 ifcfg-eth3)
[수정후]
DEVICE=eth3
BOOTPROTO=none
ONBOOT=yes
MASTER=bond1
SLAVE=yes
USERCTL=no
[root@linux220 ~]# vi /etc/modprobe.conf
[root@linux220 ~]# cat /etc/modprobe.conf
alias eth0 vmnics
alias eth0 pcnet32
alias scsi_hostadapter mptbase
alias scsi_hostadapter1 mptspi
alias scsi_hostadapter2 ata_piix
alias snd-card-0 snd-ens1371
options snd-card-0 index=0
options snd-ens1371 index=0
remove snd-ens1371 { /usr/sbin/alsactl store 0 >/dev/null 2>&1 || : ; }; /sbin/modprobe -r --ignore-remove snd-ens1371
alias eth1 pcnet32
alias bond0 bonding
alias bond1 bonding
alias eth2 pcnet32
alias eth3 pcnet32
[root@linux220 ~]# cd /etc/sysconfig/network-scripts/
[root@linux220 /etc/sysconfig/network-scripts]# ls
ifcfg-bond0 ifdown-ippp ifdown-tunnel ifup-isdn ifup-wireless
ifcfg-eth0 ifdown-ipsec ifup ifup-plip init.ipv6-global
ifcfg-eth1 ifdown-ipv6 ifup-aliases ifup-plusb net.hotplug
ifcfg-eth2 ifdown-isdn ifup-bnep ifup-post network-functions
ifcfg-eth3 ifdown-post ifup-eth ifup-ppp network-functions-ipv6
ifcfg-lo ifdown-ppp ifup-ippp ifup-routes
ifdown ifdown-routes ifup-ipsec ifup-sit
ifdown-bnep ifdown-sit ifup-ipv6 ifup-sl
ifdown-eth ifdown-sl ifup-ipx ifup-tunnel
[root@linux220 /etc/sysconfig/network-scripts]# cp ifcfg-bond0 ifcfg-bond1
[root@linux220 /etc/sysconfig/network-scripts]# vi ifcfg-bond1
[root@linux220 /etc/sysconfig/network-scripts]# cat ifcfg-bond1
# Advanced Micro Devices [AMD] 79c970 [PCnet32 LANCE]
DEVICE=bond1
BOOTPROTO=none
BROADCAST=192.168.10.255
IPADDR=192.168.10.200
NETMASK=255.255.255.0
NETWORK=192.168.10.0
ONBOOT=yes
USERCTL=no
BONDING_OPTS="mode=1 miimon=100 primary=eth2"
[root@linux220 /etc/sysconfig/network-scripts]# cp ifcfg-eth0 ifcfg-eth2
cp: overwrite `ifcfg-eth2'? y
[root@linux220 /etc/sysconfig/network-scripts]# cp ifcfg-eth0 ifcfg-eth3
cp: overwrite `ifcfg-eth3'? y
[root@linux220 /etc/sysconfig/network-scripts]# vi ifcfg-eth2
[root@linux220 /etc/sysconfig/network-scripts]# cat ifcfg-eth2
# Advanced Micro Devices [AMD] 79c970 [PCnet32 LANCE]
DEVICE=eth2
BOOTPROTO=none
ONBOOT=yes
MASTER=bond1
SLAVE=yes
USERCTL=no
[root@linux220 /etc/sysconfig/network-scripts]# vi ifcfg-eth3
[root@linux220 /etc/sysconfig/network-scripts]# cat ifcfg-eth3
# Advanced Micro Devices [AMD] 79c970 [PCnet32 LANCE]
DEVICE=eth3
BOOTPROTO=none
ONBOOT=yes
MASTER=bond1
SLAVE=yes
USERCTL=no
[root@linux220 /etc/sysconfig/network-scripts]# vi /etc/modprobe.conf
[root@linux220 /etc/sysconfig/network-scripts]# cat /etc/modprobe.conf
alias eth0 vmnics
alias scsi_hostadapter mptbase
alias scsi_hostadapter1 mptspi
alias scsi_hostadapter2 ata_piix
alias snd-card-0 snd-ens1371
options snd-card-0 index=0
options snd-ens1371 index=0
remove snd-ens1371 { /usr/sbin/alsactl store 0 >/dev/null 2>&1 || : ; }; /sbin/modprobe -r --ignore-remove snd-ens1371
# Added by VMware Tools
install pciehp /sbin/modprobe -q --ignore-install acpiphp; /bin/true
install pcnet32 (/sbin/modprobe -q --ignore-install vmxnet || /sbin/modprobe –q --ignore-install pcnet32 $CMDLINE_OPTS);/bin/true
alias eth1 pcnet32
alias bond0 bonding
alias bond1 bonding
alias eth2 pcnet32
alias eth3 pcnet32
[root@linux220 /etc/sysconfig/network-scripts]#
⑤ 이더채널 본딩 설정 확인
# reboot
부팅이 된 이후 root 사용자로 로그인
# ifconfig
# cat /proc/net/bonding/bond1
[root@linux220 ~]# ifconfig
bond0 Link encap:Ethernet HWaddr 00:0C:29:1F:D6:BF
inet addr:192.16.10.100 Bcast:192.168.10.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fe1f:d6bf/64 Scope:Link
UP BROADCAST RUNNING MASTER MULTICAST MTU:1500 Metric:1
RX packets:146 errors:0 dropped:0 overruns:0 frame:0
TX packets:40 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:25633 (25.0 KiB) TX bytes:6127 (5.9 KiB)
bond1 Link encap:Ethernet HWaddr 00:0C:29:1F:D6:D3
inet addr:192.168.10.200 Bcast:192.168.10.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fe1f:d6d3/64 Scope:Link
UP BROADCAST RUNNING MASTER MULTICAST MTU:1500 Metric:1
RX packets:60 errors:0 dropped:0 overruns:0 frame:0
TX packets:42 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:10209 (9.9 KiB) TX bytes:6217 (6.0 KiB)
eth0 Link encap:Ethernet HWaddr 00:0C:29:1F:D6:BF
UP BROADCAST RUNNING SLAVE MULTICAST MTU:1500 Metric:1
RX packets:74 errors:0 dropped:0 overruns:0 frame:0
TX packets:22 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:13185 (12.8 KiB) TX bytes:2913 (2.8 KiB)
Interrupt:67 Base address:0x2000
eth1 Link encap:Ethernet HWaddr 00:0C:29:1F:D6:BF
UP BROADCAST RUNNING SLAVE MULTICAST MTU:1500 Metric:1
RX packets:72 errors:0 dropped:0 overruns:0 frame:0
TX packets:18 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:12448 (12.1 KiB) TX bytes:3214 (3.1 KiB)
Interrupt:67 Base address:0x2080
eth2 Link encap:Ethernet HWaddr 00:0C:29:1F:D6:D3
UP BROADCAST RUNNING SLAVE MULTICAST MTU:1500 Metric:1
RX packets:53 errors:0 dropped:0 overruns:0 frame:0
TX packets:42 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:9789 (9.5 KiB) TX bytes:6217 (6.0 KiB)
Interrupt:75 Base address:0x2400
eth3 Link encap:Ethernet HWaddr 00:0C:29:1F:D6:D3
UP BROADCAST RUNNING SLAVE MULTICAST MTU:1500 Metric:1
RX packets:7 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:420 (420.0 b) TX bytes:0 (0.0 b)
Interrupt:51 Base address:0x2480
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:1593 errors:0 dropped:0 overruns:0 frame:0
TX packets:1593 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:2743124 (2.6 MiB) TX bytes:2743124 (2.6 MiB)
[root@linux220 ~]# cat /proc/net/bonding/bond1
Ethernet Channel Bonding Driver: v3.4.0-2 (October 7, 2008)
Bonding Mode: fault-tolerance (active-backup)
Primary Slave: eth2 (primary_reselect always)
Currently Active Slave: eth2
MII Status: up
MII Polling Interval (ms): 100
Up Delay (ms): 0
Down Delay (ms): 0
Slave Interface: eth2
MII Status: up
Speed: Unknown
Duplex: Unknown
Link Failure Count: 0
Permanent HW addr: 00:0c:29:1f:d6:d3
Slave Interface: eth3
MII Status: up
Speed: Unknown
Duplex: Unknown
Link Failure Count: 0
Permanent HW addr: 00:0c:29:1f:d6:dd
[root@linux220 ~]#
bond0 아이피 수정
[root@linux220 ~]# ifconfig
bond0 Link encap:Ethernet HWaddr 00:0C:29:1F:D6:BF
inet addr:192.16.10.100 Bcast:192.168.10.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fe1f:d6bf/64 Scope:Link
UP BROADCAST RUNNING MASTER MULTICAST MTU:1500 Metric:1
RX packets:734 errors:0 dropped:0 overruns:0 frame:0
TX packets:40 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:113819 (111.1 KiB) TX bytes:6127 (5.9 KiB)
bond1 Link encap:Ethernet HWaddr 00:0C:29:1F:D6:D3
inet addr:192.168.10.200 Bcast:192.168.10.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fe1f:d6d3/64 Scope:Link
UP BROADCAST RUNNING MASTER MULTICAST MTU:1500 Metric:1
RX packets:485 errors:0 dropped:0 overruns:0 frame:0
TX packets:42 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:65889 (64.3 KiB) TX bytes:6217 (6.0 KiB)
eth0 Link encap:Ethernet HWaddr 00:0C:29:1F:D6:BF
UP BROADCAST RUNNING SLAVE MULTICAST MTU:1500 Metric:1
RX packets:368 errors:0 dropped:0 overruns:0 frame:0
TX packets:22 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:57278 (55.9 KiB) TX bytes:2913 (2.8 KiB)
Interrupt:67 Base address:0x2000
eth1 Link encap:Ethernet HWaddr 00:0C:29:1F:D6:BF
UP BROADCAST RUNNING SLAVE MULTICAST MTU:1500 Metric:1
RX packets:366 errors:0 dropped:0 overruns:0 frame:0
TX packets:18 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:56541 (55.2 KiB) TX bytes:3214 (3.1 KiB)
Interrupt:67 Base address:0x2080
eth2 Link encap:Ethernet HWaddr 00:0C:29:1F:D6:D3
UP BROADCAST RUNNING SLAVE MULTICAST MTU:1500 Metric:1
RX packets:347 errors:0 dropped:0 overruns:0 frame:0
TX packets:42 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:53882 (52.6 KiB) TX bytes:6217 (6.0 KiB)
Interrupt:75 Base address:0x2400
eth3 Link encap:Ethernet HWaddr 00:0C:29:1F:D6:D3
UP BROADCAST RUNNING SLAVE MULTICAST MTU:1500 Metric:1
RX packets:138 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:12007 (11.7 KiB) TX bytes:0 (0.0 b)
Interrupt:51 Base address:0x2480
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:1593 errors:0 dropped:0 overruns:0 frame:0
TX packets:1593 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:2743124 (2.6 MiB) TX bytes:2743124 (2.6 MiB)
[root@linux220 ~]# cd /etc/sysconfig/network
network networking/ network-scripts/
[root@linux220 ~]# cd /etc/sysconfig/network-scripts/
[root@linux220 /etc/sysconfig/network-scripts]# ls
ifcfg-bond0 ifdown-eth ifdown-sl ifup-ipx ifup-tunnel
ifcfg-bond1 ifdown-ippp ifdown-tunnel ifup-isdn ifup-wireless
ifcfg-eth0 ifdown-ipsec ifup ifup-plip init.ipv6-global
ifcfg-eth1 ifdown-ipv6 ifup-aliases ifup-plusb net.hotplug
ifcfg-eth2 ifdown-isdn ifup-bnep ifup-post network-functions
ifcfg-eth3 ifdown-post ifup-eth ifup-ppp network-functions-ipv6
ifcfg-lo ifdown-ppp ifup-ippp ifup-routes
ifdown ifdown-routes ifup-ipsec ifup-sit
ifdown-bnep ifdown-sit ifup-ipv6 ifup-sl
[root@linux220 /etc/sysconfig/network-scripts]# vi ifcfg-bond0
[root@linux220 /etc/sysconfig/network-scripts]# cat ifcfg-bond0
# Advanced Micro Devices [AMD] 79c970 [PCnet32 LANCE]
DEVICE=bond0
BOOTPROTO=none
BROADCAST=192.168.10.255
IPADDR=192.168.10.100
NETMASK=255.255.255.0
NETWORK=192.168.10.0
ONBOOT=yes
USERCTL=no
BONDING_OPTS="mode=0 miimon=100"
[root@linux220 /etc/sysconfig/network-scripts]#
(4-3) 이더채널 본딩 설정 테스트
(4-3-1) 이더채널 본딩 Mode 0 테스트
(Test System) linux1XX
l 테스트용 시스템에 "putty" 사용해서 root 사용자로 접속한다.(192.168.10.150)
# ping 192.168.10.100
(Bonding 설정 서버) linux2XX
[TERM1] # watch cat /proc/net/bonding/bond0
[TERM2] # ifconfig eth1 down
(Test System) linux1XX
ping 테스트 화면 확인
(Bonding 설정 서버) linux2XX
# cat /proc/net/bonding/bond0
# ifconfig bond0
# ifconfig eth0
# ifconfig eth1
# ifconfig eth1 up
#
(Test System) linux1XX
ping 테스트 화면 확인
(Bonding 설정 서버) linux2XX
# cat /proc/net/bonding/bond0
# ifconfig bond0
# ifconfig eth0
# ifconfig eth1
(4-3-2) 이더채널 본딩 Mode 1 테스트
(Test System) linux1XX
l 테스트용 시스템에 "putty" 사용해서 root 사용자로 접속한다.(192.168.10.150)
[TERM1] # ping 192.168.10.200
[TERM2] # telnet 192.168.10.200
root 사용자로 로그인
# while true
> do
> echo "----------------`date`--------------"
> ls
> sleep 1
> done
(Bonding 설정 서버) linux2XX
[TERM1] # watch cat /proc/net/bonding/bond1
[TERM2] # ifconfig eth2 down
(Test System)
ping 테스트 화면 확인 -> (주의) 넘어가는데 약간의 시간이 걸릴수 있다.(테스트에서는 약 30초 정도 걸렸다.)
(Bonding 설정 서버) linux2XX
# cat /proc/net/bonding/bond1
# ifconfig bond1
# ifconfig eth2
# ifconfig eth3
# ifconfig eth2 up
(Test System)
ping 테스트 화면 확인
(Bonding 설정 서버)
# cat /proc/net/bonding/bond1
# ifconfig bond0
# ifconfig eth2
# ifconfig eth3
(4-4) 이더채널 본딩 삭제
(삭제 절차)
(네트워크 설정 복구)
eth0 - NAT -> Bridge (IP/Netmask: 172.16.9.2XX/255.255.0.0)
eth1 - NAT -> NAT (IP/Netmask: 192.168.10.2XX/255.255.255.0)
eth2 - NAT
eth3 - NAT
(본딩 삭제)
/etc/modprobe.conf 편집
/etc/sysconfig/network-scripts/ifcfg-bond0 삭제
/etc/sysconfig/network-scripts/ifcfg-bond1 삭제
/etc/sysconfig/network-scripts/ifcfg-eth0 편집 /etc/sysconfig/network-scripts/ifcfg-eth1 편집 /etc/sysconfig/network-scripts/ifcfg-eth2 삭제 /etc/sysconfig/network-scripts/ifcfg-eth3 삭제 /etc/sysconfig/networking/* 확인
① 현재 설정 확인
# ifconfig
# ls /proc/net/bonding
# cat /proc/net/bonding/bond0
# cat /proc/net/bonding/bond1
② eth0 인터페이스의 네트워크 설정 변경
eth0 : NAT -> Bridge
③ /etc/modprobe.conf 편집 # vi /etc/modprobe.conf
④ /etc/sysconfig/network-scripts/ifcfg-* 파일 편집 및 삭제 # cd /etc/sysconfig/network-scripts
# ls
# rm -f ifcfg-bond0 ifcfg-bond1
# rm -f ifcfg-eth2 ifcfg-eth3
# system-config-network-tui
=> "Edit Devices"
=> "eth0 (eth0) - Advanced Micro Devices, Inc. [AMD] 79c97 [PCnet32 LANCE]"
=> "Devernet Configuration"
-----------------------------------------------
Name eth0
Device eth0
Use DHCP [ ]
Static IP 172.16.9.2XX
Netmask 255.255.0.0
Default gateway IP 172.16.0.1
-----------------------------------------------
=> "eth1 (eth1) - Advanced Micro Devices, Inc. [AMD] 79c97 [PCnet32 LANCE]"
=> "Devernet Configuration"
-----------------------------------------------
Name eth1
Device eth1
Use DHCP [ ]
Static IP 192.168.10.2XX
Netmask 255.255.255.0
Default gateway IP
-----------------------------------------------
=> "Edit DNS configuration"
-----------------------------------------------
Hostname linux2XX.exam.com
Primary DNS 168.126.63.1
Secondary DNS
Tertiary DNS
Search example.com
-----------------------------------------------
# vi ifcfg-eth0
-> bonding 설정이 자동으로 지워지는 것은 아니다. 따라서 직접 지워야 한다.
# vi ifcfg-eth1
-> bonding 설정이 자동으로 지워지는 것은 아니다. 따라서 직접 지워야 한다.
# cd /etc/sysconfig/networking
# ls
# cd devices
# ls
# rm -rf /etc/sysconfig/networking/devices/*
# cd ../profiles/default
# ls
# rm –rf /etc/sysconfig/networking/profiles/default/*
#
⑤ 시스템 셧다운 및 하드웨어 제거 & 서버 부팅 # poweroff
VMware > VM > Settings > Remove > Network Adapter 3/Network Adapter 4 > OK
서버 Power ON
⑥ 재부팅 이후에 설정 확인 및 변경 # ifconfig # ifconfig -a
-> eth0, eth1, lo 확인
# netstat –nr (# route)
-> defaultrouter 추가 필요
# cat /etc/resolv.conf
-> 설정 변경 필요
[root@linux220 ~]# vi /etc/modprobe.conf
[root@linux220 ~]# cd /etc/sysconfig/network-scripts/
[root@linux220 /etc/sysconfig/network-scripts]# ls
ifcfg-bond0 ifdown-eth ifdown-sl ifup-ipx ifup-tunnel
ifcfg-bond1 ifdown-ippp ifdown-tunnel ifup-isdn ifup-wireless
ifcfg-eth0 ifdown-ipsec ifup ifup-plip init.ipv6-global
ifcfg-eth1 ifdown-ipv6 ifup-aliases ifup-plusb net.hotplug
ifcfg-eth2 ifdown-isdn ifup-bnep ifup-post network-functions
ifcfg-eth3 ifdown-post ifup-eth ifup-ppp network-functions-ipv6
ifcfg-lo ifdown-ppp ifup-ippp ifup-routes
ifdown ifdown-routes ifup-ipsec ifup-sit
ifdown-bnep ifdown-sit ifup-ipv6 ifup-sl
[root@linux220 /etc/sysconfig/network-scripts]# rm -f ifcif-bond0 ifcfg-bond1
[root@linux220 /etc/sysconfig/network-scripts]# rm -f ifcif-eth2 ifcfg-eth3
[root@linux220 /etc/sysconfig/network-scripts]# ls
ifcfg-bond0 ifdown-ippp ifdown-sl ifup-ipv6 ifup-sit
ifcfg-eth0 ifdown-ipsec ifdown-tunnel ifup-ipx ifup-sl
ifcfg-eth1 ifdown-ipv6 ifup ifup-isdn ifup-tunnel
ifcfg-eth2 ifdown-isdn ifup-aliases ifup-plip ifup-wireless
ifcfg-lo ifdown-post ifup-bnep ifup-plusb init.ipv6-global
ifdown ifdown-ppp ifup-eth ifup-post net.hotplug
ifdown-bnep ifdown-routes ifup-ippp ifup-ppp network-functions
ifdown-eth ifdown-sit ifup-ipsec ifup-routes network-functions-ipv6
[root@linux220 /etc/sysconfig/network-scripts]# rm -f ifcfg-eth2 ifcfg-eth3
[root@linux220 /etc/sysconfig/network-scripts]# ls
ifcfg-bond0 ifdown-ipsec ifdown-tunnel ifup-ipx ifup-sl
ifcfg-eth0 ifdown-ipv6 ifup ifup-isdn ifup-tunnel
ifcfg-eth1 ifdown-isdn ifup-aliases ifup-plip ifup-wireless
ifcfg-lo ifdown-post ifup-bnep ifup-plusb init.ipv6-global
ifdown ifdown-ppp ifup-eth ifup-post net.hotplug
ifdown-bnep ifdown-routes ifup-ippp ifup-ppp network-functions
ifdown-eth ifdown-sit ifup-ipsec ifup-routes network-functions-ipv6
ifdown-ippp ifdown-sl ifup-ipv6 ifup-sit
[root@linux220 /etc/sysconfig/network-scripts]# rm -f ifcfg-bond0
[root@linux220 /etc/sysconfig/network-scripts]# ls
ifcfg-eth0 ifdown-ipv6 ifup ifup-isdn ifup-tunnel
ifcfg-eth1 ifdown-isdn ifup-aliases ifup-plip ifup-wireless
ifcfg-lo ifdown-post ifup-bnep ifup-plusb init.ipv6-global
ifdown ifdown-ppp ifup-eth ifup-post net.hotplug
ifdown-bnep ifdown-routes ifup-ippp ifup-ppp network-functions
ifdown-eth ifdown-sit ifup-ipsec ifup-routes network-functions-ipv6
ifdown-ippp ifdown-sl ifup-ipv6 ifup-sit
ifdown-ipsec ifdown-tunnel ifup-ipx ifup-sl
[root@linux220 /etc/sysconfig/network-scripts]# system-config-network-tui
[root@linux220 /etc/sysconfig/network-scripts]# vi ifcfg-eth0
[root@linux220 /etc/sysconfig/network-scripts]# cat ifcfg-eth0
# Advanced Micro Devices [AMD] 79c970 [PCnet32 LANCE]
DEVICE=eth0
BOOTPROTO=none
ONBOOT=yes
USERCTL=no
NETMASK=255.255.0.0
IPADDR=172.16.6.220
GATEWAY=172.16.0.1
TYPE=Ethernet
[root@linux220 /etc/sysconfig/network-scripts]# vi ifcfg-eth1
[root@linux220 /etc/sysconfig/network-scripts]# cat ifcfg-eth1
# Advanced Micro Devices [AMD] 79c970 [PCnet32 LANCE]
DEVICE=eth1
BOOTPROTO=none
ONBOOT=yes
USERCTL=no
NETMASK=255.255.255.0
IPADDR=192.168.10.220
TYPE=Ethernet
[root@linux220 /etc/sysconfig/network-scripts]# cd /etc/sysconfig/networking
[root@linux220 /etc/sysconfig/networking]# ls
devices profiles
[root@linux220 /etc/sysconfig/networking]# cd devices/
[root@linux220 /etc/sysconfig/networking/devices]# ls
ifcfg-eth0 ifcfg-eth1
[root@linux220 /etc/sysconfig/networking/devices]# rm -rf /etc/sysconfig/networking/devices/*
[root@linux220 /etc/sysconfig/networking/devices]# ls
[root@linux220 /etc/sysconfig/networking/devices]# cd ../profiles/default/
[root@linux220 /etc/sysconfig/networking/profiles/default]# ls
hosts ifcfg-eth0 ifcfg-eth1 network resolv.conf
[root@linux220 /etc/sysconfig/networking/profiles/default]# rm -rf /etc/sysconfig/networking/profiles/default/*
[root@linux220 /etc/sysconfig/networking/profiles/default]# ls
[root@linux220 /etc/sysconfig/networking/profiles/default]#
poweroff
[root@linux220 ~]# ifconfig
eth0 Link encap:Ethernet HWaddr 00:0C:29:1F:D6:BF
inet addr:172.16.6.220 Bcast:172.16.255.255 Mask:255.255.0.0
inet6 addr: fec0:1234::20c:29ff:fe1f:d6bf/64 Scope:Site
inet6 addr: fe80::20c:29ff:fe1f:d6bf/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:1043 errors:0 dropped:0 overruns:0 frame:0
TX packets:39 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:140623 (137.3 KiB) TX bytes:6036 (5.8 KiB)
Interrupt:67 Base address:0x2000
eth1 Link encap:Ethernet HWaddr 00:0C:29:1F:D6:C9
inet addr:192.168.10.220 Bcast:192.168.10.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fe1f:d6c9/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:13 errors:0 dropped:0 overruns:0 frame:0
TX packets:42 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:2317 (2.2 KiB) TX bytes:6268 (6.1 KiB)
Interrupt:67 Base address:0x2080
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:1892 errors:0 dropped:0 overruns:0 frame:0
TX packets:1892 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:2705476 (2.5 MiB) TX bytes:2705476 (2.5 MiB)
[root@linux220 ~]# cat /etc/resolv.conf
search example.com
nameserver 168.126.63.1
[root@linux220 ~]#
서버어드민 - 스왑 (저번에 안한것)
■ SWAP 추가 방법 - SWAP File(EX: /swap/swapfile)
(ㄱ) 큰 파일 생성 # dd if=/dev/zero of=/swap/swapfile bs=1M count=10240
(ㄴ) 스왑 파일시스템 생성 # mkswap /swap/swapfile
(ㄷ) 스왑 Activate
# swapon /swap/swapfile
(ㄹ) /etc/fstab 파일 설정 # vi /etc/fstab
- SWAP Partition(EX: /dev/sdb1)
(ㄱ) 파티션 준비 # fdisk /dev/sdb (System ID : 82)
(ㄴ) 스왑 파일시스템 생성 # mkswap /dev/sdb1
(ㄷ) 스왑 ON
# swapon /dev/sdb1
(ㄹ) /etc/fstab 파일 설정 # vi /etc/fstab
(1) 스왑 확인 방법
현재 스왑 공간(스왑 공간, 스왑 전체크기, 스왑사용량)을 확인하는 방법은
(ㄱ) free 명령어를 사용하는 방법이나
(ㄴ) top 명령어를 통해 확인하는 방법 (ㄷ) /proc/swaps 파일을 확인하는 방법 (ㄹ) /proc/meminfo 파일을 확인하는 방법 등이 있다.
스왑을 추가하고 확인하거나 스왑을 삭제하고 확인할 때는 /proc/swaps 또는 free 명령어를 사용하는 방법이 적 당하다. 스왑 사용량을 모니터링 할 때는 top 명령어를 사용하는 것이 좋다.
---+-------------+---
| |
| |
| ext3 | <---- # df -h (# df -h -T)
| |
| |
+-------------+
| swapfs | <---- # cat /proc/swaps (# swapon -s)
+-------------+
| minfree |
---+-------------+---
(1) 스왑(SWAP)이란?
MEM(RAM) DISK
+--------+---------+ +--------------+
| | | | |
| | | | File System | <---- # df -h
| | | | (ext3) |
| | | | |
+--------+---------+ +--------------+
| | | | |
| | | | SWAP | <---- # cat /proc/swaps (# swapon -s)
| | | | |
| | | | |
+--------+---------+ +--------------+
[참고] 페이징(Paging) 발생
Paging 증가 -> MEM(RAM) 부족 -> 성능 떨어짐 -> MEM 증설 고려
스왑(SWAP)은 메모리 내의 데이터 페이지 또는 세그먼트를 교체하는 것이다. 스왑핑은 컴퓨터가 주기억장치보다 더 큰 프로그램이나 데이터 파일을 다룰 수 있게 하는 유용한 테크닉이다.
운영체계는 주기억장치 내에 가능한 한 많 은 데이터를 복사해 넣고, 나머지는 디스크 상에 남겨둔다.
운영체계가 디스크에 있는 데이터를 필요로할 때, 주기 억장치 내의 데이터 일부를 디스크 상의 데이터와 교체한다.
DOS는 스왑핑을 수행하지 않지만, OS/2, 윈도우, 유닉 스 등을 포함한 많은 운영체계들이 스왑핑을 수행한다. 스왑핑은 때로, 페이징이라고 불리기도 한다.
페이징 = 페이지인 + 페이지아웃
■ 스왑 관련 이슈(SWAP Issue)?
- 언제 스왑을 추가하는가? 물리적 메모리 사용량이 80% 넘게되면 스왑공간 추가준비를 해야한다
- 스왑 공간의 크기?
(초기 설치시) 아래에 있는 권장사항 테이블을 참고하여
(운영시) 설치되는/사용하는 소프트웨어에 따라 달라진다
- 스왑을 추가하면 성능이 좋아지는가? 추가한다고 성능이 좋아지진 않는다
메모리상에서 속도가 1초면 디스크에서 페이징하는 속도는 20~30초 정도
페이징이 증가하면 메모리가 부족하다는 뜻이다 -> 증설해야한다
메모리에 20%는 운영체제의 캐싱기능으로 사용된다 -> 실제로는 남는공간이 아니다
넘으면? 실제로는 1초 걸릴 작업이 20~30초 걸리게 된다 -> 성능이 엄청 엄청 떨어진다
WAS나 DB 프로그램에서 요구하는 스왑공간이 있다 -> 개발자에게 물어보라 -> 별도의 가이드가 있다
스왑공간이 늘어난다고 성능이 좋아지는게 아니라 물리적메모리를 증가시켜야 성능이 올라간다
그러면 왜 스왑공간을 늘려야하나? -> 멈추지말라고(hang행상태에 빠지지말라고) -> 나중에 줄이지않아도 돼
실무에서는 정답이 없다 -> 장애만 없으면 된다, 잘못된 설정은 없다(문제만 없으면)
■ 스왑 공간 크기에 대한 권장사항
--------------------------------------------
RAM SIZE SWAP SIZE
--------------------------------------------
4GB 이하이면 minimum 2GB
4GB ~ 16GB minimum 4GB
16GB ~ 64GB minimum 8GB
64GB ~ 256GB minimum 16GB
256G ~ 512GB minimum 32GB
--------------------------------------------
스왑공간은 디스크내에 존재하는 가상적인 메모리공간처럼 쓰인다
■ SWAP 추가 방법 - SWAP File(EX: /swap/swapfile)
(ㄱ) 큰 파일 생성 # dd if=/dev/zero of=/swap/swapfile bs=1M count=10240
(ㄴ) 스왑 파일시스템 생성 # mkswap /swap/swapfile
(ㄷ) 스왑 Activate
# swapon /swap/swapfile
(ㄹ) /etc/fstab 파일 설정 # vi /etc/fstab
- SWAP Partition(EX: /dev/sdb1)
(ㄱ) 파티션 준비 # fdisk /dev/sdb (System ID : 82)
(ㄴ) 스왑 파일시스템 생성 # mkswap /dev/sdb1
(ㄷ) 스왑 ON
# swapon /dev/sdb1
(ㄹ) /etc/fstab 파일 설정 # vi /etc/fstab
(1) 스왑 확인 방법
현재 스왑 공간(스왑 공간, 스왑 전체크기, 스왑사용량)을 확인하는 방법은
(ㄱ) free 명령어를 사용하는 방법이나
(ㄴ) top 명령어를 통해 확인하는 방법 (ㄷ) /proc/swaps 파일을 확인하는 방법 (ㄹ) /proc/meminfo 파일을 확인하는 방법 등이 있다.
스왑을 추가하고 확인하거나 스왑을 삭제하고 확인할 때는 /proc/swaps 또는 free 명령어를 사용하는 방법이 적 당하다. 스왑 사용량을 모니터링 할 때는 top 명령어를 사용하는 것이 좋다.
[root@linux220 ~]# fdisk -l
Disk /dev/sda: 42.9 GB, 42949672960 bytes
255 heads, 63 sectors/track, 5221 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Device Boot Start End Blocks Id System
/dev/sda1 * 1 4770 38314993+ 83 Linux
/dev/sda2 4771 4901 1052257+ 82 Linux swap / Solaris
/dev/sda3 4902 4965 514080 83 Linux
/dev/sda4 4966 5221 2056320 5 Extended
/dev/sda5 4966 5029 514048+ 83 Linux
/dev/sda6 5030 5093 514048+ 83 Linux
/dev/sda7 5094 5157 514048+ 83 Linux
/dev/sda8 5158 5221 514048+ 83 Linux
Disk /dev/sdb: 1073 MB, 1073741824 bytes
255 heads, 63 sectors/track, 130 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Device Boot Start End Blocks Id System
/dev/sdb1 1 130 1044193+ 83 Linux
[root@linux220 ~]# cat /proc/swaps
Filename Type Size Used Priority
/dev/sda2 partition 1052248 0 -1
[root@linux220 ~]# swapon -s
Filename Type Size Used Priority
/dev/sda2 partition 1052248 0 -1
[root@linux220 ~]# free
total used free shared buffers cached
Mem: 1034556 490928 543628 0 32500 332684
-/+ buffers/cache: 125744 908812
Swap: 1052248 0 1052248
[root@linux220 ~]# top -n 1 | head -20
top - 18:40:32 up 44 min, 2 users, load average: 0.02, 0.02, 0.00
Tasks: 170 total, 1 running, 168 sleeping, 0 stopped, 1 zombie
Cpu(s): 0.1%us, 0.1%sy, 0.0%ni, 99.1%id, 0.6%wa, 0.0%hi, 0.0%si, 0.0%st
Mem: 1034556k total, 491252k used, 543304k free, 32556k buffers
Swap: 1052248k total, 0k used, 1052248k free, 332660k cached
PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND
1 root 15 0 2172 640 552 S 0.0 0.1 0:00.66 init
2 root RT -5 0 0 0 S 0.0 0.0 0:00.10 migration/0
3 root 34 19 0 0 0 S 0.0 0.0 0:00.00 ksoftirqd/0
4 root RT -5 0 0 0 S 0.0 0.0 0:00.09 migration/1
5 root 34 19 0 0 0 S 0.0 0.0 0:00.00 ksoftirqd/1
6 root RT -5 0 0 0 S 0.0 0.0 0:00.08 migration/2
7 root 34 19 0 0 0 S 0.0 0.0 0:00.00 ksoftirqd/2
8 root RT -5 0 0 0 S 0.0 0.0 0:00.07 migration/3
9 root 34 19 0 0 0 S 0.0 0.0 0:00.00 ksoftirqd/3
10 root 10 -5 0 0 0 S 0.0 0.0 0:00.00 events/0
11 root 10 -5 0 0 0 S 0.0 0.0 0:00.00 events/1
12 root 10 -5 0 0 0 S 0.0 0.0 0:00.00 events/2
13 root 10 -5 0 0 0 S 0.0 0.0 0:00.00 events/3
[root@linux220 ~]# cat /proc/meminfo
MemTotal: 1034556 kB
MemFree: 543320 kB
Buffers: 32580 kB
Cached: 332752 kB
SwapCached: 0 kB
Active: 158028 kB
Inactive: 299608 kB
HighTotal: 131008 kB
HighFree: 260 kB
LowTotal: 903548 kB
LowFree: 543060 kB
SwapTotal: 1052248 kB
SwapFree: 1052248 kB
Dirty: 0 kB
Writeback: 0 kB
AnonPages: 92288 kB
Mapped: 47540 kB
Slab: 19672 kB
PageTables: 3580 kB
NFS_Unstable: 0 kB
Bounce: 0 kB
CommitLimit: 1569524 kB
Committed_AS: 351228 kB
VmallocTotal: 114680 kB
VmallocUsed: 5644 kB
VmallocChunk: 108868 kB
HugePages_Total: 0
HugePages_Free: 0
HugePages_Rsvd: 0
Hugepagesize: 4096 kB
[root@linux220 ~]#
top 모니터링, free 사용량 확인할때
(2) 스왑(SWAP) 추가 방법
스왑은 파일 형태와 파티션 형태로 추가가 가능하며, 스왑을 현재 추가 할때는 mkswap, swapon 명령어를 사용하고 부팅시에 스왑을 마운트 할 수 있도록 하기 위해서는 /etc/fstab 파일을 사용한다. 스왑 관리에 관련된 명령어는
dd, mkswap, swapon, swapoff, rm 명령어등이 있다.
■ SWAP 추가 방법 - SWAP File(EX: /swap/swapfile)
# dd if=/dev/zero of=/swap/swapfile bs=1M count=10240
# mkswap /swap/swapfile
# swapon /swap/swapfile
# vi /etc/fstab
- SWAP Partition(EX: /dev/sdb1)
# fdisk /dev/sdb (System ID : 82)
# mkswap /dev/sdb1
# swapon /dev/sdb1
# vi /etc/fstab
(3) 스왑 삭제 방법
■ SWAP 추가 방법
- SWAP File(EX: /swap/swapfile)
# dd if=/dev/zero of=/swap/swapfile bs=1M count=10240
# mkswap /swap/swapfile
# swapon /swap/swapfile
# vi /etc/fstab
# swapoff /swap/swapfile
# vi /etc/fstab
- SWAP Partition(EX: /dev/sdb1)
# fdisk /dev/sdb (System ID : 82)
# mkswap /dev/sdb1
# swapon /dev/sdb1
# vi /etc/fstab
# swapoff /dev/sdb1
# vi /etc/fstab
[root@linux220 ~]# free
total used free shared buffers cached
Mem: 1034556 490684 543872 0 32660 332752
-/+ buffers/cache: 125272 909284
Swap: 1052248 0 1052248
[root@linux220 ~]# cat /proc/swaps
Filename Type Size Used Priority
/dev/sda2 partition 1052248 0 -1
[root@linux220 ~]# mkdir /swap
[root@linux220 ~]# dd if=/dev/zero of=/swap/swapfile bs=1024 count=102400
102400+0 records in
102400+0 records out
104857600 bytes (105 MB) copied, 0.953388 seconds, 110 MB/s
[root@linux220 ~]# cd /swap
[root@linux220 /swap]# ls
swapfile
[root@linux220 /swap]# ls -ls
total 101M
101M -rw-r--r-- 1 root root 100M May 2 18:42 swapfile
[root@linux220 /swap]# mkswap /swap/swapfile
Setting up swapspace version 1, size = 104853 kB
[root@linux220 /swap]# swapon /swap/swapfile
[root@linux220 /swap]# swapon -s
Filename Type Size Used Priority
/dev/sda2 partition 1052248 0 -1
/swap/swapfile file 102392 0 -2
[root@linux220 /swap]# free
total used free shared buffers cached
Mem: 1034556 595660 438896 0 33012 435312
-/+ buffers/cache: 127336 907220
Swap: 1154640 0 1154640
[root@linux220 /swap]# vi /etc/fstab
[root@linux220 /swap]# cat /etc/fstab
LABEL=/ / ext3 defaults 1 1
LABEL=/data1 /data1 ext3 defaults 1 2
LABEL=/data2 /data2 ext3 defaults 1 2
LABEL=/data3 /data3 ext3 defaults 1 2
LABEL=/data4 /data4 ext3 defaults 1 2
LABEL=/home /home ext3 defaults 1 2
tmpfs /dev/shm tmpfs defaults 0 0
devpts /dev/pts devpts gid=5,mode=620 0 0
sysfs /sys sysfs defaults 0 0
proc /proc proc defaults 0 0
LABEL=SWAP-sda2 swap swap defaults 0 0
#
# (1) Specific Configuration(EX: Normal Disk Works)
#
#/dev/sdb1 /testmount ext3 defaults 1 2
#LABEL=/testmount /testmount ext3 defaults 1 2
#
# (2) Oracle Disk Mount
#
#/dev/sdc1 /oracle ext3 defaults 1 2
#
# (3) LVM Configuration
#
#/dev/mapper/vg1-lv1 /lv1 ext3 defaults 1 2
#/dev/vg1/lv2 /lv2 ext3 defaults 1 2
#/dev/VG1/LV1 /lvm1 ext3 defaults 1 2
#/dev/VG1/LV2 /lvm2 ext3 defaults 1 2
#/dev/VG2/LV3 /lvm3 ext3 defaults 1 2
#/dev/VG2/LV4 /lvm4 ext3 defaults 1 2
#
# (4) RAID Configuration
#
#/dev/md0 /raid0 ext3 defaults 1 2
#/dev/md0 /raid1 ext3 defaults 1 2
#/dev/md0 /raid5 ext3 defaults 1 2
#
# (5) SWAP Configuration
#
/swap/swapfile swap swap defaults 0 0
[root@linux220 /swap]# cat /proc/swaps
Filename Type Size Used Priority
/dev/sda2 partition 1052248 0 -1
/swap/swapfile file 102392 0 -2
[root@linux220 /swap]# swapoff /swap/swapfile
[root@linux220 /swap]# swapon -s
Filename Type Size Used Priority
/dev/sda2 partition 1052248 0 -1
[root@linux220 /swap]# free
total used free shared buffers cached
Mem: 1034556 598792 435764 0 33368 437656
-/+ buffers/cache: 127768 906788
Swap: 1052248 0 1052248
[root@linux220 /swap]# ls -lh /swap
total 101M
-rw-r--r-- 1 root root 100M May 2 18:43 swapfile
[root@linux220 /swap]# rm /swap/swapfile
rm: remove regular file `/swap/swapfile'? y
[EX] 추가적인 실습(스왑 파티션 추가(EX: /dev/sdb1))
(전제조건) /dev/sdb 디스크가 사용중이면 안된다.
# fdisk -l /dev/sdb
# fdisk /dev/sdb
/dev/sdb1(System ID : 83)
# swapon /dev/sdb1
# cat /proc/swaps
# free
# vi /etc/fstab
# swapoff /dev/sdb1
# cat /proc/swaps
# free
# vi /etc/fstab
# fdisk /dev/sdb
/dev/sdb1(System ID :82)
# mkfs.ext3 /dev/sdb1
[root@linux220 ~]# fdisk -l /dev/sdb
Disk /dev/sdb: 1073 MB, 1073741824 bytes
255 heads, 63 sectors/track, 130 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Device Boot Start End Blocks Id System
/dev/sdb1 1 130 1044193+ 83 Linux
[root@linux220 ~]# fdisk /dev/sdb
Command (m for help): t
Selected partition 1
Hex code (type L to list codes): 82
Changed system type of partition 1 to 82 (Linux swap / Solaris)
Command (m for help): p
Disk /dev/sdb: 1073 MB, 1073741824 bytes
255 heads, 63 sectors/track, 130 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Device Boot Start End Blocks Id System
/dev/sdb1 1 130 1044193+ 82 Linux swap / Solaris
Command (m for help): w
The partition table has been altered!
Calling ioctl() to re-read partition table.
Syncing disks.
[root@linux220 ~]# fdisk -l /dev/sdb
Disk /dev/sdb: 1073 MB, 1073741824 bytes
255 heads, 63 sectors/track, 130 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Device Boot Start End Blocks Id System
/dev/sdb1 1 130 1044193+ 82 Linux swap / Solaris
[root@linux220 ~]# mkswap /dev/sdb1
Setting up swapspace version 1, size = 1069248 kB
[root@linux220 ~]# swapon /dev/sdb1
[root@linux220 ~]# cat /proc/swaps
Filename Type Size Used Priority
/dev/sda2 partition 1052248 0 -1
/dev/sdb1 partition 1044184 0 -3
[root@linux220 ~]# free
total used free shared buffers cached
Mem: 1034556 496788 537768 0 33756 336556
-/+ buffers/cache: 126476 908080
Swap: 2096432 0 2096432
[root@linux220 ~]# vi /etc/fstab
[root@linux220 ~]# cat /etc/fstab
LABEL=/ / ext3 defaults 1 1
LABEL=/data1 /data1 ext3 defaults 1 2
LABEL=/data2 /data2 ext3 defaults 1 2
LABEL=/data3 /data3 ext3 defaults 1 2
LABEL=/data4 /data4 ext3 defaults 1 2
LABEL=/home /home ext3 defaults 1 2
tmpfs /dev/shm tmpfs defaults 0 0
devpts /dev/pts devpts gid=5,mode=620 0 0
sysfs /sys sysfs defaults 0 0
proc /proc proc defaults 0 0
LABEL=SWAP-sda2 swap swap defaults 0 0
#
# (1) Specific Configuration(EX: Normal Disk Works)
#
#/dev/sdb1 /testmount ext3 defaults 1 2
#LABEL=/testmount /testmount ext3 defaults 1 2
#
# (2) Oracle Disk Mount
#
#/dev/sdc1 /oracle ext3 defaults 1 2
#
# (3) LVM Configuration
#
#/dev/mapper/vg1-lv1 /lv1 ext3 defaults 1 2
#/dev/vg1/lv2 /lv2 ext3 defaults 1 2
#/dev/VG1/LV1 /lvm1 ext3 defaults 1 2
#/dev/VG1/LV2 /lvm2 ext3 defaults 1 2
#/dev/VG2/LV3 /lvm3 ext3 defaults 1 2
#/dev/VG2/LV4 /lvm4 ext3 defaults 1 2
#
# (4) RAID Configuration
#
#/dev/md0 /raid0 ext3 defaults 1 2
#/dev/md0 /raid1 ext3 defaults 1 2
#/dev/md0 /raid5 ext3 defaults 1 2
#
# (5) SWAP Configuration
#
/swap/swapfile swap swap defaults 0 0
/dev/sdb1 swap swap defaults 0 0
[root@linux220 ~]# vi /etc/fstab
[root@linux220 ~]# cat /etc/fstab | tail -5
#
# (5) SWAP Configuration
#
#/swap/swapfile swap swap defaults 0 0
#/dev/sdb1 swap swap defaults 0 0
[root@linux220 ~]# cat /proc/swaps
Filename Type Size Used Priority
/dev/sda2 partition 1052248 0 -1
/dev/sdb1 partition 1044184 0 -3
[root@linux220 ~]# swapoff /dev/sdb1
[root@linux220 ~]# free
total used free shared buffers cached
Mem: 1034556 496912 537644 0 33920 336616
-/+ buffers/cache: 126376 908180
Swap: 1052248 0 1052248
[root@linux220 ~]# fdisk /dev/sdb
Command (m for help): t
Selected partition 1
Hex code (type L to list codes): 83
Changed system type of partition 1 to 83 (Linux)
Command (m for help): p
Disk /dev/sdb: 1073 MB, 1073741824 bytes
255 heads, 63 sectors/track, 130 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Device Boot Start End Blocks Id System
/dev/sdb1 1 130 1044193+ 83 Linux
Command (m for help): w
The partition table has been altered!
Calling ioctl() to re-read partition table.
Syncing disks.
[root@linux220 ~]#
[참고] SWAP 추가하는 경우
MEM 사용량 80% 이상 -> SWAP 공간 추가(File or Partition) -> 결정(EX: /swap/swapfile)
(정리) SWAP File 추가하는 방법 (ㄱ) 큰 파일 생성 # mkdir /swap
# dd if=/dev/zero of=/swap/swapfile bs=1024 count=102400
(ㄴ) swapfs 파일시스템 생성 # mkswap /swap/swapfile
(ㄷ) SWAP ON
# swapon /swap/swapfile
(ㄹ) /etc/fstab 편집 # vi /etc/fstab
/swap/swapfile swap swap defaults 0 0
SWAP File 삭제하는 방법 (ㄱ) SWAP OFF
# swapoff /swap/swapfile
(ㄴ) /etc/fstab 편집
# vi /etc/fstab
(ㄷ) 스왑 파일 삭제 # rm /swap/swapfile
SWAP 확인 방법 # free
# cat /proc/swaps
# top
1. DNS(Domain Name System) 개요
■ DNS (Domain Name System)
DNS[디에네스]는 인터넷 도메인 이름들의 위치를 알아내기 위한 IP 주소로 바꾸어주는 시스템이다. 도메인 이름은
인터넷 주소로서 사람들이 기억하기 쉽고, 의미있게 붙인 이름이지만, 인터넷에서 어떤 컴퓨터를 실제로 찾기 위해 서는 숫자 체계로 된 IP 주소가 필요하다.
DNS 서버는 도메인 이름과 이에 대응하는 IP 주소에 관한 데이터베이스를 유지하고 있다가 원하는 컴퓨터에게 제공 한다. 예를 들어, 만약 www.terms.co.kr 이라는 도메인 이름을 DNS 서버에게 제공하면, 211.47.67.126 이라는 IP
주소를 알려주는 것이다. 그러나, 도메인이름과 IP 주소를 대응시키는 목록을 중앙에 1개 만을 유지하는 것은 비현 실적이고 비효율적이기 때문에, 도메인 이름과 IP 주소 목록은 기관별 체계에 따라 인터넷 도처에 분산되어 있다.
아마도 모든 사용자들이 각자 자신의 인터넷 서비스 공급자에게 문의하면, 지리적으로 가까운 곳 어딘가에 자신을
위한 DNS 서버가 존재하고 있다는 것을 확인할 수 있을 것이다.
■ 네임서버(Name Server)
네임서버란 , 어떤 이름을 한 형태에서 다른 형태로 변환시키는 프로그램을 말한다. 예를 들어, 인터넷은 도메인
이름을 IP 주소로 변환하는 도메인 이름 서버, 즉 DNS에 의지하고 있다.
■ 동적 DNS(DDNS, Dynamic DNS)
DDNS는 주로 유동 IP 주소를 사용하는 컴퓨터들의 경우에도 DNS 정보를 쉽게 유지할 수 있도록 해주는 방법이다.
일반적으로, 인터넷 서비스 제공사업자는 사용자가 인터넷에 접속해오면 그 시점 현재 사용되지 않는 IP 주소 중
하나를 임의로 골라 할당하게 되는데, 이 주소는 오직 그 사용자가 인터넷에 접속하고 있는 동안에만 독점적으로
제공된다. 이런 방식을 사용하면 각 컴퓨터마다 고정된 IP 주소를 할당하는 방식에 비해 같은 개수의 IP 주소를 가 지고도 훨씬 더 많은 수의 컴퓨터를 지원할 수 있게 된다.
그러나 자신의 도메인 이름과 IP 주소를 DNS에 등록해 사용하는 컴퓨터의 경우, 접속할 때마다 자주 IP 주소가 바 뀌게 되므로 매우 불편한 일이다. DDNS 서비스 제공자는 사용자 컴퓨터에서 실행되는 특별한 프로그램을 이용, 인 터넷 서비스 제공사업자에 의해 IP 주소가 새로이 부여될 때 마다 DNS 데이터베이스를 자동으로 갱신해 준다.
이렇게 하면, 특정 도메인 이름에 대응되는 IP 주소가 자주 바뀌더라도 다른 사용자들이 그 컴퓨터에 접속하기 위 해 새로 변경된 IP 주소를 알 필요 없이 전과 같이 도메인 이름을 이용해 쉽게 접속할 수 있게 되는 것이다.
■ 리눅스 서버가 주로 사용되는 서비스 목록:
-> DNS, MAIL, FTP, WEB(WAS), CVS, Cluster Server, ....
■ 일반적인 회사에서 많이 사용되고 있는 서비스 목록:
-> DNS, WEB, MAIL, FTP, DHCP, NTP, DB(Oracle), ....
2. 도메인(Domain) 관련 용어
DNS 서버에서 사용하는 도메인에 대한 명확한 용어의 개념을 알아 보자.
URL : "http://www.soldesk.com" "http://cafe.daum.net" "http://www.yahoo.co.kr"
www : Hostname (Zonename)
soldesk.com : Domainname
www.soldesk.com : FQDN(Fully Qualified Domain Name)
+----------- soldesk.com ------------+
| [DNS Server] |
| IP1 --> www * (www) |
| IP2 --> mail |
| IP3 --> ftp * (mail) |
| |
| * (ftp) |
| |
+------------------------------------+
[참고] 일반적인 Domainname : www.soldesk.com
3. DNS(Domain Name System) 동작 원리
(1). 초기의 도메인 관리
+-------------Domain-----------------+
| |
| SERVER -------+------> SERVERA |
| HOST.TXT | |
| +------> SERVERB |
| | |
| +------> SERVERC |
| | |
| +------> ..... |
| |
+------------------------------------+
[Main Server] -------------------> [Domin Server]
HOST.TXT /etc/hosts
(Domain <--> IP)
[그림] 초기의 도메인 관리
(2). 현재의 도메인 관리
BIND는 BSD 기반의 유닉스 시스템을 위해 설계된 DNS 이다. BIND는 서버와 resolver 라이브러리로 구성되어 있다.
네임서버는 클라이언트들이 이름 자원들이나 객체들에 접근하여, 네트웍 내의 다른 객체들과 함께 이러한 정보를
공유할 수 있게 해주는 네트웍 서비스이다. 이것은 사실상, 컴퓨터 네트웍 내의 객체들을 위한 분산 데이터베이스
시스템이다. BIND는 호스트 이름과 주소를 저장하고 검색하는데 사용되기 위한 BSD 네트웍 프로그램(버전 4.3 이 상)에 완전히 통합되어 있다.
시스템 관리자는 BIND를 네트웍 호스트들의 file(/etc/hosts) 내에 있는 호스트 테이블 룩업의 대체용으로 사용하 도록 시스템을 설정할 수 있다. BSD의 기본 설정은 BIND를 사용하는 것이다.
DNS(Domain Name System), BIND(Berkeley Internet Name Domain)
- BIND 4.X
- BIND 8.X
- BIND 9.X
- BIND 10.X
그림1
------------------------------------------------------
도메인 설 명 ------------------------------------------------------
. - Nameless Root Domain
.com - 1차 도메인(국가 도메인 포함)
(예) kr, jp, ....
(예) .com, .org, ....
.soldesk.com - 2차 도메인 (예) yahoo.com, soldesk.com, daum.net
.yahoo.co.kr - 3차 도메인 ------------------------------------------------------
(예) www.yahoo.co.kr
A A A
| | |
(a) (b)(c)
(a) : 3차 도메인 (b) : 2차 도메인 (c) : 1차 도메인
[그림] 도메인 이름 체계
▪ 수업시에 사용하는 도메인 이름 체계 (예) www.linuxXXX.example.com (= www.yahoo.co.kr)
4. DNS 실습 1
[root@linux220 ~]# nslookup www.naver.com
Server: 168.126.63.1
Address: 168.126.63.1#53
Non-authoritative answer:
www.naver.com canonical name = www.naver.com.nheos.com.
Name: www.naver.com.nheos.com
Address: 202.179.177.22
Name: www.naver.com.nheos.com
Address: 202.179.177.21
[root@linux220 ~]# vi /etc/resolv.conf
[root@linux220 ~]# cat /etc/resolv.conf
search example.com
#nameserver 168.126.63.1
[root@linux220 ~]# firefox &
[1] 5812
[root@linux220 ~]#
(Gecko:5812): GLib-GObject-WARNING **: IA__g_object_notify: object class `MozContainer' has no property named `window'
(Gecko:5812): GLib-GObject-WARNING **: IA__g_object_notify: object class `MozContainer' has no property named `window'
console.error:
[CustomizableUI]
Custom widget with id loop-button does not return a valid node
console.error:
[CustomizableUI]
Custom widget with id loop-button does not return a valid node
(Gecko:5812): GLib-GObject-WARNING **: IA__g_object_notify: object class `MozContainer' has no property named `window'
[1]+ Done firefox
[root@linux220 ~]#
그림2
[root@linux220 ~]# vi /etc/hosts
[root@linux220 ~]# cat /etc/hosts
# Do not remove the following line, or various programs
# that require network functionality will fail.
127.0.0.1 localhost.localdomain localhost
::1 localhost6.localdomain6 localhost6
172.16.6.220 linux220.example.com linux220
#
# DNS Test
#
202.179.177.22 www.naver.com
[root@linux220 ~]# firefox
(Gecko:5899): GLib-GObject-WARNING **: IA__g_object_notify: object class `MozContainer' has no property named `window'
(Gecko:5899): GLib-GObject-WARNING **: IA__g_object_notify: object class `MozContainer' has no property named `window'
console.error:
[CustomizableUI]
Custom widget with id loop-button does not return a valid node
console.error:
[CustomizableUI]
Custom widget with id loop-button does not return a valid node
(Gecko:5899): Gtk-CRITICAL **: gtk_clipboard_set_with_data: assertion `targets != NULL' failed
(Gecko:5899): GLib-GObject-WARNING **: IA__g_object_notify: object class `MozContainer' has no property named `window'
[root@linux220 ~]#
그림3
[root@linux220 ~]# vi /etc/hosts
[root@linux220 ~]# cat /etc/hosts
# Do not remove the following line, or various programs
# that require network functionality will fail.
127.0.0.1 localhost.localdomain localhost
::1 localhost6.localdomain6 localhost6
172.16.6.220 linux220.example.com linux220
#
# DNS Test
#
202.179.177.22 dodogau.js.yun
[root@linux220 ~]# firefox &
[1] 6147
[root@linux220 ~]#
(Gecko:6147): GLib-GObject-WARNING **: IA__g_object_notify: object class `MozContainer' has no property named `window'
(Gecko:6147): GLib-GObject-WARNING **: IA__g_object_notify: object class `MozContainer' has no property named `window'
console.error:
[CustomizableUI]
Custom widget with id loop-button does not return a valid node
console.error:
[CustomizableUI]
Custom widget with id loop-button does not return a valid node
(Gecko:6147): Gtk-CRITICAL **: gtk_clipboard_set_with_data: assertion `targets != NULL' failed
(Gecko:6147): GLib-GObject-WARNING **: IA__g_object_notify: object class `MozContainer' has no property named `window'
[1]+ Done firefox
[root@linux220 ~]#
그림4
(복원)
[root@linux220 ~]# vi /etc/resolv.conf
[root@linux220 ~]# cat /etc/resolv.conf
search example.com
nameserver 168.126.63.1
[root@linux220 ~]# vi /etc/hosts
[root@linux220 ~]# cat /etc/hosts
# Do not remove the following line, or various programs
# that require network functionality will fail.
127.0.0.1 localhost.localdomain localhost
::1 localhost6.localdomain6 localhost6
172.16.6.220 linux220.example.com linux220
#
# DNS Test
#
#202.179.177.22 dodogau.js.yun
4. DNS 실습 2 (NIND DNS Server 구축)
(DNS Server의 종류)
l Master DNS Server : 해당 도메인을 관리하는 DNS 서버(Primary DNS Server)
l Slave DNS Server : 해당 도메인에 대한 백업 복사(Copy)를 유지하는 DNS 서버(Secondary DNS Server)
l Cache only DNS Server : 캐싱 기능만 갖는 DNS 서버
l Forwarding DNS Server : 포워딩 기능만 갖는 DNS 서버
Slave(또는 Secondary)는 Master(또는 Primary) DNS 서버가 비정상 운행될 때와 부하를 분산시키기 위해 운용하 며, 다수가 존재할 수 있다.
보통 도메인을 관리하기 위해서는 Primary, Secondary 서버가 필요하게 되며,
Secondary는 원칙적으론 외부 네트워 크에 위치시켜 정전 등의 사태로 Primary가 다운되었을 때를 대비한다.
따라서, 도메인을 운영하기 위해서는 최소 2대 (Primary * 1, Secondary * n) 이상의 네임서버가 요구된다.
(참고 : 기술적으로 Resolver의 입장에서는 Primary와 Secondary가 구분되지 않기에 Primary 만으로도 운영은 가능하나 권고되진 않는다.)
Cache only server는 도메인에 대한 데이터를 관리하지는 않고, resolving 만을 처리해 준다.
만약, 본사와 지사가 있고 이 회사의 Primary, Secondary Name server가 모두 본사에 위치한다고 할 때, 지사에 위치한 네트워크 유저들 은 Local DNS server가 없게 된다.
이럴 경우 도메인 resolving이 요구될 때마다 다른 네트워크(본사)로 접속을 시 도하게 되므로 약간의 딜레이가 생기게 되며, 본사 네트워크가 단절 되었을시 지사도 실질적으로 인터넷 사용이 불 가능한 단점이 있다.
이럴 때 지사에 Cache only server를 운용하면 효과적으로 문제를 해결할 수 있다. 한번 사용 한 주소지에 대해서는 Client(Resolver)요청에 대한 응답을 Cache Server에 남겨두어 재 요청을 하지 않아도 되도 록 구성되어 있다.
단, 일정 시간이 지나면 지워지기 때문에 영구보존 되지 않는 정보이다.
보통 하나의 마스터 두개의 슬레이브
[root@linux220 ~]# nslookup -q=NS naver.com
Server: 168.126.63.1
Address: 168.126.63.1#53
Non-authoritative answer:
naver.com nameserver = ns2.naver.com.
naver.com nameserver = ns1.naver.com.
naver.com nameserver = ns3.naver.com.
Authoritative answers can be found from:
ns1.naver.com internet address = 125.209.248.6
ns2.naver.com internet address = 125.209.249.6
ns3.naver.com internet address = 61.247.195.250
[root@linux220 ~]# nslookup -q=NS snu.ac.kr
Server: 168.126.63.1
Address: 168.126.63.1#53
Non-authoritative answer:
snu.ac.kr nameserver = hektor.snu.ac.kr.
snu.ac.kr nameserver = ns12.wixdns.net.
snu.ac.kr nameserver = ercc.snu.ac.kr.
snu.ac.kr nameserver = ns.pidl.snu.ac.kr.
snu.ac.kr nameserver = ns.awawaw.snu.ac.kr.
Authoritative answers can be found from:
ercc.snu.ac.kr internet address = 147.46.80.1
ns12.wixdns.net internet address = 216.239.36.101
hektor.snu.ac.kr internet address = 147.46.37.10
[root@linux220 ~]# nslookup -q=NS seoul.ac.kr
Server: 168.126.63.1
Address: 168.126.63.1#53
Non-authoritative answer:
seoul.ac.kr nameserver = ercc.snu.ac.kr.
seoul.ac.kr nameserver = hektor.snu.ac.kr.
Authoritative answers can be found from:
ercc.snu.ac.kr internet address = 147.46.80.1
hektor.snu.ac.kr internet address = 147.46.37.10
CentOS 5.4 버전에서는 BIND 9.3.6 버전이 설치 되어 있다.
패키지 : bind-chroot,bind-utils,bind,bind-libs + caching-nameserver
--------------------------------------------
=========== DNS Server ===========
named(53)
/var/named/chroot/etc/named.caching-nameserver.conf
/var/named/chroot/etc/named.rfc1912.zones
DB : /var/named/chroot/var/named
==================================
- Forward Zone File(D==>IP)
- Reverse Zone File(IP==>D)
- localhost Zone File(Caching)
- hint File(named.ca)
--------------------------------------------
[EX1] DNS 기본 설정 사항 점검
l 서버의 설정 사항을 확인해 본다.
[root@linux220 ~]# rpm -qa | egrep '(bind|nameserver)'
bind-utils-9.3.6-25.P1.el5_11.8
bind-libs-9.3.6-25.P1.el5_11.8
ypbind-1.19-12.el5_6.1
bind-chroot-9.3.6-25.P1.el5_11.8
bind-9.3.6-25.P1.el5_11.8
[root@linux220 ~]# yum -y install caching-nameserver
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* base: ftp.daumkakao.com
* extras: ftp.daumkakao.com
* updates: ftp.daumkakao.com
base | 1.1 kB 00:00
extras | 2.1 kB 00:00
updates | 1.9 kB 00:00
Setting up Install Process
Resolving Dependencies
--> Running transaction check
---> Package caching-nameserver.i386 30:9.3.6-25.P1.el5_11.8 set to be updated
--> Finished Dependency Resolution
Dependencies Resolved
================================================================================
Package Arch Version Repository Size
================================================================================
Installing:
caching-nameserver i386 30:9.3.6-25.P1.el5_11.8 updates 64 k
Transaction Summary
================================================================================
Install 1 Package(s)
Upgrade 0 Package(s)
Total download size: 64 k
Downloading Packages:
caching-nameserver-9.3.6-25.P1.el5_11.8.i386.rpm | 64 kB 00:00
Running rpm_check_debug
Running Transaction Test
Finished Transaction Test
Transaction Test Succeeded
Running Transaction
Installing : caching-nameserver 1/1
Installed:
caching-nameserver.i386 30:9.3.6-25.P1.el5_11.8
Complete!
[root@linux220 ~]# ls /var/named
chroot localdomain.zone named.broadcast named.ip6.local named.zero
data localhost.zone named.ca named.local slaves
[root@linux220 ~]# ls /var/named/chroot
dev etc var
[root@linux220 ~]# ls /var/named/chroot/etc
localtime named.caching-nameserver.conf named.rfc1912.zones rndc.key
[root@linux220 ~]# ls /var/named/chroot/var/named
data localhost.zone named.ca named.local slaves
localdomain.zone named.broadcast named.ip6.local named.zero
[root@linux220 ~]# ls -l /var/named/chroot/etc
total 24K
-rw-r--r-- 1 root root 3.5K Feb 27 2006 localtime
-rw-r----- 1 root named 1.3K Mar 16 22:18 named.caching-nameserver.conf
-rw-r----- 1 root named 955 Mar 16 22:18 named.rfc1912.zones
-rw-r----- 1 root named 113 Apr 12 03:36 rndc.key
[root@linux220 ~]# ls -l /var/named/chroot/var/named
total 44K
drwxrwx--- 2 named named 4.0K Aug 26 2004 data
-rw-r----- 1 root named 198 Mar 16 22:18 localdomain.zone
-rw-r----- 1 root named 195 Mar 16 22:18 localhost.zone
-rw-r----- 1 root named 427 Mar 16 22:18 named.broadcast
-rw-r----- 1 root named 1.9K Mar 16 22:18 named.ca
-rw-r----- 1 root named 424 Mar 16 22:18 named.ip6.local
-rw-r----- 1 root named 426 Mar 16 22:18 named.local
-rw-r----- 1 root named 427 Mar 16 22:18 named.zero
drwxrwx--- 2 named named 4.0K Jul 27 2004 slaves
[root@linux220 ~]# which named
/usr/sbin/named
[root@linux220 ~]# named -v
BIND 9.3.6-P1-RedHat-9.3.6-25.P1.el5_11.8
[root@linux220 ~]# grep domain /etc/services
domain 53/tcp # name-domain server
domain 53/udp
odsi 1308/tcp # Optical Domain Service Interconnect (ODSI)
odsi 1308/udp # Optical Domain Service Interconnect (ODSI)
domaintime 9909/tcp # domaintime
domaintime 9909/udp # domaintime
[root@linux220 ~]# yum -h
Loaded plugins: fastestmirror
usage: yum [options] COMMAND
List of Commands:
check-update Check for available package updates
clean Remove cached data
deplist List a package's dependencies
downgrade downgrade a package
erase Remove a package or packages from your system
groupinfo Display details about a package group
groupinstall Install the packages in a group on your system
grouplist List available package groups
groupremove Remove the packages in a group from your system
help Display a helpful usage message
info Display details about a package or group of packages
install Install a package or packages on your system
list List a package or groups of packages
localinstall Install a local RPM
makecache Generate the metadata cache
provides Find what package provides the given value
reinstall reinstall a package
repolist Display the configured software repositories
resolvedep Determine which package provides the given dependency
search Search package details for the given string
shell Run an interactive yum shell
update Update a package or packages on your system
upgrade Update packages taking obsoletes into account
options:
-h, --help show this help message and exit
-t, --tolerant be tolerant of errors
-C run entirely from cache, don't update cache
-c [config file] config file location
-R [minutes] maximum command wait time
-d [debug level] debugging output level
--showduplicates show duplicates, in repos, in list/search commands
-e [error level] error output level
-q, --quiet quiet operation
-v, --verbose verbose operation
-y answer yes for all questions
--version show Yum version and exit
--installroot=[path] set install root
--enablerepo=[repo] enable one or more repositories (wildcards allowed)
--disablerepo=[repo] disable one or more repositories (wildcards allowed)
-x [package], --exclude=[package]
exclude package(s) by name or glob
--disableexcludes=[repo]
disable exclude from main, for a repo or for
everything
--obsoletes enable obsoletes processing during updates
--noplugins disable Yum plugins
--nogpgcheck disable gpg signature checking
--disableplugin=[plugin]
disable plugins by name
--enableplugin=[plugin]
enable plugins by name
--skip-broken skip packages with depsolving problems
--color=COLOR control whether color is used
Plugin Options:
[root@linux220 ~]# rpm -ql caching-nameserver
/etc/named.caching-nameserver.conf
/etc/named.conf
/etc/named.rfc1912.zones
/usr/share/doc/caching-nameserver-9.3.6
/usr/share/doc/caching-nameserver-9.3.6/Copyright
/usr/share/doc/caching-nameserver-9.3.6/rfc1912.txt
/var/named/chroot/etc/named.caching-nameserver.conf
/var/named/chroot/etc/named.conf
/var/named/chroot/etc/named.rfc1912.zones
/var/named/chroot/var/named/localdomain.zone
/var/named/chroot/var/named/localhost.zone
/var/named/chroot/var/named/named.broadcast
/var/named/chroot/var/named/named.ca
/var/named/chroot/var/named/named.ip6.local
/var/named/chroot/var/named/named.local
/var/named/chroot/var/named/named.zero
/var/named/localdomain.zone
/var/named/localhost.zone
/var/named/named.broadcast
/var/named/named.ca
/var/named/named.ip6.local
/var/named/named.local
/var/named/named.zero
[root@linux220 ~]# ls -l /etc/named.*
lrwxrwxrwx 1 root named 51 May 2 21:04 /etc/named.caching-nameserver.conf -> /var/named/chroot/etc/named.caching-nameserver.conf
lrwxrwxrwx 1 root named 41 May 2 21:04 /etc/named.rfc1912.zones -> /var/named/chroot/etc/named.rfc1912.zones
[root@linux220 ~]# ls -l /var/named
total 24K
drwxr-x--- 5 root named 4.0K Mar 16 22:17 chroot
drwxrwx--- 2 named named 4.0K Mar 16 22:17 data
lrwxrwxrwx 1 root named 44 May 2 21:04 localdomain.zone -> /var/named/chroot/var/named/localdomain.zone
lrwxrwxrwx 1 root named 42 May 2 21:04 localhost.zone -> /var/named/chroot/var/named/localhost.zone
lrwxrwxrwx 1 root named 43 May 2 21:04 named.broadcast -> /var/named/chroot/var/named/named.broadcast
lrwxrwxrwx 1 root named 36 May 2 21:04 named.ca -> /var/named/chroot/var/named/named.ca
lrwxrwxrwx 1 root named 43 May 2 21:04 named.ip6.local -> /var/named/chroot/var/named/named.ip6.local
lrwxrwxrwx 1 root named 39 May 2 21:04 named.local -> /var/named/chroot/var/named/named.local
lrwxrwxrwx 1 root named 38 May 2 21:04 named.zero -> /var/named/chroot/var/named/named.zero
drwxrwx--- 2 named named 4.0K Mar 16 22:17 slaves
[root@linux220 ~]# service named restart
Stopping named: [ OK ]
Starting named: [ OK ]
캐싱네임서버 설치하기전에 확인해야하는데 실수로 먼저 설치함
[root@linux220 ~]# chkconfig named on
[root@linux220 ~]# chkconfig --list named
named 0:off 1:off 2:on 3:on 4:on 5:on 6:off
[root@linux220 ~]#
[EX2] DNS 서버 구축
(DNS 설정 파일)
실습시에는 다음과 같은 파일을 설정한다.
■ /var/named/chroot/etc/named.caching-nameserver.conf /* 주설정파일 */
■ /var/named/chroot/etc/named.rfc1912.zones /* 주설정파일 */
■ /var/named/chroot/var/named/named.ca /* 힌트 파일 */
■ /var/named/chroot/var/named/exampleXXX.zone /* 포워드 존파일 */
■ /var/named/chroot/var/named/exampleXXX.rev /* 리버스 존파일 */
설정파일들의 이름이 길기 때문에 필요하다면 ~/.bashrc 파일에 Alias로 등록하여 사용한다.
[root@linux220 ~]# vi ~/.bashrc
[root@linux220 ~]# cat ~/.bashrc
# .bashrc
# User specific aliases and functions
alias rm='rm -i'
alias cp='cp -i'
alias mv='mv -i'
# Source global definitions
if [ -f /etc/bashrc ]; then
. /etc/bashrc
fi
#
# Specific Configuration
#
export PS1='[\u@\h \w]\$ '
alias ls='ls --color=tty -h'
alias pps='ps -ef | head -1 ; ps -ef | grep $1'
alias vi='/usr/bin/vim'
alias grep='grep -i --color'
alias a='cd /test && rm -rf /test/*'
alias b='cp /etc/passwd file1 ; cp file1 file2 ; cp file1 file3'
alias c='clear'
alias df='df -h -T'
#
# Log Monitoring
#
alias mlog='tail -f /var/log/messages'
#
# DNS Alias
#
alias named.caching-nameserver.conf='vi /var/named/chroot/etc/named.caching-nameserver.conf'
alias named.rfc1912.zones='vi /var/named/chroot/etc/named.rfc1912.zones'
alias DNS='cd /var/named/chroot/var/named'
#alias named-checkconf='named-checkconf /var/named/chroot/etc/named.caching-nameserver.conf'
[root@linux220 ~]# . ~/.bashrc
[root@linux220 ~]# DNS
[root@linux220 /var/named/chroot/var/named]# named.rfc1912.zones
[root@linux220 /var/named/chroot/var/named]# named.caching-nameserver.conf
[root@linux220 /var/named/chroot/var/named]#
① 주설정 파일 설정
[root@linux220 ~]# vi /etc/named.caching-nameserver.conf
[root@linux220 ~]# cat /etc/named.caching-nameserver.conf
//
// named.caching-nameserver.conf
//
// Provided by Red Hat caching-nameserver package to configure the
// ISC BIND named(8) DNS server as a caching only nameserver
// (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
// DO NOT EDIT THIS FILE - use system-config-bind or an editor
// to create named.conf - edits to this file will be lost on
// caching-nameserver package upgrade.
//
options {
listen-on port 53 { any; };
// listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
// Those options should be used carefully because they disable port
// randomization
// query-source port 53;
// query-source-v6 port 53;
allow-query { any; };
// allow-query-cache { localhost; };
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
view localhost_resolver {
match-clients { any; };
match-destinations { any; };
recursion yes;
include "/etc/named.rfc1912.zones";
};
[root@linux220 ~]#
Ÿ 존(ZONE) 파일? DNS에서의 정보 파일
Ÿ 존(ZONE) 파일안에서의 주석 처리
(ㄱ) ; -> Window에서 사용하는 주석
(ㄴ) # -> Unix/Linux에서 사용하는 주석
(ㄷ) /* */ -> C 주석
(ㄹ) // -> C++ 주석
Ÿ "directory "/var/named"" -> Zone 파일들이 위치할 디렉토리 지정
(예) /var/named/exampleXXX.zone ----> /var/named/chroot/var/named/exampleXXX.zone
/var/named/exampleXXX.rev ----> /var/named/chroot/var/named/exampleXXX.rev
Ÿ "include "/etc/named.rfc1912.zones"" -> 포함시킬 설정 파일 지정
/etc/named.rfc1912.zones 파일에 들어 있는 내용은 /etc/named.caching-nameserver.conf 파일에 존재하는 것 이라고 생각하면 된다.
② 주 설정 파일 설정
[root@linux220 ~]# vi /etc/named.rfc1912.zones
[root@linux220 ~]# cat /etc/named.rfc1912.zones
// named.rfc1912.zones:
//
// Provided by Red Hat caching-nameserver package
//
// ISC BIND named zone configuration for zones recommended by
// RFC 1912 section 4.1 : localhost TLDs and address zones
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
zone "." IN {
type hint;
file "named.ca";
};
zone "localdomain" IN {
type master;
file "localdomain.zone";
allow-update { none; };
};
zone "localhost" IN {
type master;
file "localhost.zone";
allow-update { none; };
};
zone "0.0.127.in-addr.arpa" IN {
type master;
file "named.local";
allow-update { none; };
};
zone "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN {
type master;
file "named.ip6.local";
allow-update { none; };
};
zone "255.in-addr.arpa" IN {
type master;
file "named.broadcast";
allow-update { none; };
};
zone "0.in-addr.arpa" IN {
type master;
file "named.zero";
allow-update { none; };
};
zone "linux220.example.com" IN { /* Forward Zone */
type master;
file "example220.zone"; /* Forward Zone File : /var/named/exampleXXX.zone */
};
zone "6.16.172.in-addr.arpa" IN { /* Reverse Zone */
type master;
file "example220.rev"; /* Reverse Zone File : /var/named/exampleXXX.rev */
};
[root@linux220 ~]#
# named-checkconf /var/named/chroot/etc/named.rfc1912.zones
#
-> namedcheckconf 명령어는 주설정 파일(/etc/named.rfc1912.zones)의 문법 점검 하는 명령어이다.
-> "# named-checkconf <주설정파일의이름>"
-> 아무런 메세지가 없으면 정상적으로 설정된것이다.
③ 힌트(Hint) 파일 생성
# cd /var/named/chroot/var/named
# mv named.ca named.ca.old
# vi named.ca
[root@linux220 ~]# named-checkconf /var/named/chroot/etc/named.rfc1912.zones
[root@linux220 ~]# cd /var/named/chroot/var/named
[root@linux220 /var/named/chroot/var/named]# ls
data localhost.zone named.ca named.local slaves
localdomain.zone named.broadcast named.ip6.local named.zero
[root@linux220 /var/named/chroot/var/named]# vi named.ca
[root@linux220 /var/named/chroot/var/named]# cat named.ca
; <<>> DiG 9.5.0b2 <<>> +bufsize=1200 +norec NS . @a.root-servers.net
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 7033
;; flags: qr aa; QUERY: 1, ANSWER: 13, AUTHORITY: 0, ADDITIONAL: 20
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;. IN NS
;; ANSWER SECTION:
. 518400 IN NS D.ROOT-SERVERS.NET.
. 518400 IN NS E.ROOT-SERVERS.NET.
. 518400 IN NS F.ROOT-SERVERS.NET.
. 518400 IN NS G.ROOT-SERVERS.NET.
. 518400 IN NS H.ROOT-SERVERS.NET.
. 518400 IN NS I.ROOT-SERVERS.NET.
. 518400 IN NS J.ROOT-SERVERS.NET.
. 518400 IN NS K.ROOT-SERVERS.NET.
. 518400 IN NS L.ROOT-SERVERS.NET.
. 518400 IN NS M.ROOT-SERVERS.NET.
. 518400 IN NS A.ROOT-SERVERS.NET.
. 518400 IN NS B.ROOT-SERVERS.NET.
. 518400 IN NS C.ROOT-SERVERS.NET.
;; ADDITIONAL SECTION:
A.ROOT-SERVERS.NET. 3600000 IN A 198.41.0.4
A.ROOT-SERVERS.NET. 3600000 IN AAAA 2001:503:ba3e::2:30
B.ROOT-SERVERS.NET. 3600000 IN A 192.228.79.201
C.ROOT-SERVERS.NET. 3600000 IN A 192.33.4.12
D.ROOT-SERVERS.NET. 3600000 IN A 128.8.10.90
E.ROOT-SERVERS.NET. 3600000 IN A 192.203.230.10
F.ROOT-SERVERS.NET. 3600000 IN A 192.5.5.241
F.ROOT-SERVERS.NET. 3600000 IN AAAA 2001:500:2f::f
G.ROOT-SERVERS.NET. 3600000 IN A 192.112.36.4
H.ROOT-SERVERS.NET. 3600000 IN A 128.63.2.53
H.ROOT-SERVERS.NET. 3600000 IN AAAA 2001:500:1::803f:235
I.ROOT-SERVERS.NET. 3600000 IN A 192.36.148.17
J.ROOT-SERVERS.NET. 3600000 IN A 192.58.128.30
J.ROOT-SERVERS.NET. 3600000 IN AAAA 2001:503:c27::2:30
K.ROOT-SERVERS.NET. 3600000 IN A 193.0.14.129
K.ROOT-SERVERS.NET. 3600000 IN AAAA 2001:7fd::1
L.ROOT-SERVERS.NET. 3600000 IN A 199.7.83.42
M.ROOT-SERVERS.NET. 3600000 IN A 202.12.27.33
M.ROOT-SERVERS.NET. 3600000 IN AAAA 2001:dc3::35
;; Query time: 110 msec
;; SERVER: 198.41.0.4#53(198.41.0.4)
;; WHEN: Tue Feb 26 15:05:57 2008
;; MSG SIZE rcvd: 615
[root@linux220 /var/named/chroot/var/named]# mv named.ca named.ca.old
[root@linux220 /var/named/chroot/var/named]# vi named.ca
[root@linux220 /var/named/chroot/var/named]# cat named.ca
. 86400 IN NS ns1.example.com.
ns1.example.com. 86400 IN A 172.16.9.252
[root@linux220 /var/named/chroot/var/named]#
④ 포워드 존(Forward-Zone) 파일 생성
# cp localdomain.zone example2XX.zone
# vi example2XX.zone
# named-checkzone linux2XX.example.com example2XX.zone
-> 'OK' 라고 나오면 정상적으로 설정된것이다.
-> "named-checkzone <Domain Name> <Zone File>"
[root@linux220 /var/named/chroot/var/named]# cp localdomain.zone example le220.zone
cp: target `le220.zone' is not a directory
[root@linux220 /var/named/chroot/var/named]# cp localdomain.zone examplele220.zone
[root@linux220 /var/named/chroot/var/named]# vi example220.zone
[root@linux220 /var/named/chroot/var/named]# mv examplele220.zone example220.zone
[root@linux220 /var/named/chroot/var/named]# vi example220.zone[root@linux220 /var/named/chroot/var/named]# cat example220.zone
$TTL 4
@ IN SOA ns1.linux220.example.com. root.linux220.example.com. (
42 ; serial (d. adams)
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum
Linux220.example.com. IN NS ns1.linux220.example.com.
ns1.linux220.example.com. IN A 172.16.6.220
[root@linux220 /var/named/chroot/var/named]# named-checkzone linux220.example.com example220.zone
zone linux220.example.com/IN: loaded serial 42
OK
[root@linux220 /var/named/chroot/var/named]#
[root@linux220 /var/named/chroot/var/named]# cp named.local example220.rev
[root@linux220 /var/named/chroot/var/named]# vi example220.rev
[root@linux220 /var/named/chroot/var/named]# cat example220.rev
$TTL 4
@ IN SOA ns1.linux220.example.com. root.linux220.example.com. (
1997022700 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS ns1.linux220.example.con.
220 IN PTR ns1.linux220.example.com.
[root@linux220 /var/named/chroot/var/named]# named-checkzone 6.16.172.in-addr.arpa example220.rev
zone 6.16.172.in-addr.arpa/IN: loaded serial 1997022700
OK
[root@linux220 /var/named/chroot/var/named]#
-> "# named-checkzone <Domain> <Zone File>"
-> 'OK' 라고 나오면 정상적으로 설정된것이다.
⑥ 파일에 링크걸기 및 설정파일의 그룹권 변경 # ln -s /var/named/chroot/var/named/example2XX.zone /var/named/example2XX.zone
# ln -s /var/named/chroot/var/named/example2XX.rev /var/named/example2XX.rev
# cd /var/named
# ls -l
[root@linux220 /var/named/chroot/var/named]# ls
data localdomain.zone named.ca named.local
example220.rev localhost.zone named.ca.old named.zero
example220.zone named.broadcast named.ip6.local slaves
[root@linux220 /var/named/chroot/var/named]# lm -s /var/named/chroot/var/named/example220.zone /var/named/example220.zone
bash: lm: command not found
[root@linux220 /var/named/chroot/var/named]# ln -s /var/named/chroot/var/named/example220.zone /var/named/example220.zone
[root@linux220 /var/named/chroot/var/named]# ln -s /var/named/chroot/var/named/example220.rev /var/named/example220.rev
[root@linux220 /var/named/chroot/var/named]# cd /var/named
[root@linux220 /var/named]# ls -l
total 24K
drwxr-x--- 6 root named 4.0K May 2 21:08 chroot
drwxrwx--- 2 named named 4.0K Mar 16 22:17 data
lrwxrwxrwx 1 root root 42 May 2 22:19 example220.rev -> /var/named/chroot/var/named/example220.rev
lrwxrwxrwx 1 root root 43 May 2 22:18 example220.zone -> /var/named/chroot/var/named/example220.zone
lrwxrwxrwx 1 root named 44 May 2 21:04 localdomain.zone -> /var/named/chroot/var/named/localdomain.zone
lrwxrwxrwx 1 root named 42 May 2 21:04 localhost.zone -> /var/named/chroot/var/named/localhost.zone
lrwxrwxrwx 1 root named 43 May 2 21:04 named.broadcast -> /var/named/chroot/var/named/named.broadcast
lrwxrwxrwx 1 root named 36 May 2 21:04 named.ca -> /var/named/chroot/var/named/named.ca
lrwxrwxrwx 1 root named 43 May 2 21:04 named.ip6.local -> /var/named/chroot/var/named/named.ip6.local
lrwxrwxrwx 1 root named 39 May 2 21:04 named.local -> /var/named/chroot/var/named/named.local
lrwxrwxrwx 1 root named 38 May 2 21:04 named.zero -> /var/named/chroot/var/named/named.zero
drwxrwx--- 2 named named 4.0K Mar 16 22:17 slaves
[root@linux220 /var/named]# cd /var/named/chroot/var/named ; ls -l
total 56K
drwxrwx--- 2 named named 4.0K May 2 21:08 data
-rw-r----- 1 root root 461 May 2 22:17 example220.rev
-rw-r----- 1 root root 284 May 2 22:10 example220.zone
-rw-r----- 1 root named 198 Mar 16 22:18 localdomain.zone
-rw-r----- 1 root named 195 Mar 16 22:18 localhost.zone
-rw-r----- 1 root named 427 Mar 16 22:18 named.broadcast
-rw-r--r-- 1 root root 82 May 2 21:54 named.ca
-rw-r----- 1 root named 1.9K Mar 16 22:18 named.ca.old
-rw-r----- 1 root named 424 Mar 16 22:18 named.ip6.local
-rw-r----- 1 root named 426 Mar 16 22:18 named.local
-rw-r----- 1 root named 427 Mar 16 22:18 named.zero
drwxrwx--- 2 named named 4.0K Jul 27 2004 slaves
[root@linux220 /var/named/chroot/var/named]# chown root:named example220.*
[root@linux220 /var/named/chroot/var/named]# chown root:named named.ca
[root@linux220 /var/named/chroot/var/named]# ls -l
total 56K
drwxrwx--- 2 named named 4.0K May 2 21:08 data
-rw-r----- 1 root named 461 May 2 22:17 example220.rev
-rw-r----- 1 root named 284 May 2 22:10 example220.zone
-rw-r----- 1 root named 198 Mar 16 22:18 localdomain.zone
-rw-r----- 1 root named 195 Mar 16 22:18 localhost.zone
-rw-r----- 1 root named 427 Mar 16 22:18 named.broadcast
-rw-r--r-- 1 root named 82 May 2 21:54 named.ca
-rw-r----- 1 root named 1.9K Mar 16 22:18 named.ca.old
-rw-r----- 1 root named 424 Mar 16 22:18 named.ip6.local
-rw-r----- 1 root named 426 Mar 16 22:18 named.local
-rw-r----- 1 root named 427 Mar 16 22:18 named.zero
drwxrwx--- 2 named named 4.0K Jul 27 2004 slaves
[root@linux220 /var/named/chroot/var/named]# service named restart
Stopping named: . [ OK ]
Starting named: [ OK ]
[root@linux220 /var/named/chroot/var/named]#
⑦ 네임서버 테스트
DNS 클라이언트 설정 변경 (네임서버 시작)
# vi /etc/resolv.conf /* 네임 서버를 여러개 적어도 총 3개까지만 인식 */
[root@linux220 /var/named/chroot/var/named]# vi /etc/resolv.conf
[root@linux220 /var/named/chroot/var/named]# cat /etc/resolv.conf
search linux220.example.com
nameserver 172.16.6.220
[root@linux220 /var/named/chroot/var/named]# netstat -an | grep :53
tcp 0 0 192.168.10.220:53 0.0.0.0:* LISTEN
tcp 0 0 172.16.6.220:53 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN
udp 0 0 192.168.10.220:53 0.0.0.0:*
udp 0 0 172.16.6.220:53 0.0.0.0:*
udp 0 0 127.0.0.1:53 0.0.0.0:*
udp 0 0 0.0.0.0:5353 0.0.0.0:*
udp 0 0 :::5353 :::*
<< 오늘은 여기까지
# pgrep -lf named (# ps -ef | grep named, # ps aux | grep named)
⑧ nslookup 명령어로 DNS 서버 등록 내용 확인
'모의해킹 침해대응 전문가 과정' 카테고리의 다른 글
| 20160504 리눅스 네트워크 (0) | 2016.05.05 |
|---|---|
| 20160503 리눅스 네트워크 (0) | 2016.05.04 |
| 20160429 리눅스 네트워크 (0) | 2016.05.01 |
| 20160429 리눅스 관리자 (0) | 2016.05.01 |
| 20160428 리눅스 관리자 (0) | 2016.05.01 |