Today, Liu received a tail Dir Chapter 13, talked about Chapter 14 and Chapter 15.
13.6 separation analysis technology
Now, we like to see this "Linux in respect of such a study" more and more overseas readers, if it continues the book's companion Web site server (https://www.linuxprobe.com) in the engine room set up in Beijing, the overseas readers access speed is bound to be slow. If the server can be set up in the US side of the room, also will increase the difficulty of access to domestic readers.
In order to meet the needs of readers at home and abroad, plus Liu Trent teacher is not bad money, so you can buy multiple servers and were deployed around the world, and then use separate DNS services resolve feature to let readers located in different geographical scope , acquired through the same Web site from a different server access to the same data. For example, we can follow the Table 13-5, respectively, in Beijing's DNS servers in the United States and the different DNS server to assign IP addresses, and then let the readers in the server automatically matched to Beijing during his visit, and let overseas readers automatically U.S. matched to the server, as shown in Figure 13-9.
Table operating system and IP address of a host of different circumstances 13-5
| Host Name | operating system | IP addresses |
| DNS server | RHEL 7 | Beijing Network: 122.71.115.10 |
| USA Network: 106.185.25.10 | ||
| Beijing User | Windows 7 | 122.71.115.1 |
| Overseas users | Windows 7 | 106.185.25.1 |
FIG. 13-9 DNS parsing separation technique
In order to solve the speed problem of overseas readers access https://www.linuxprobe.com, teacher Trent Liu has been purchased in the United States and set up a good room corresponding web server, you need to manually deploy the DNS server and separation resolution to translate let readers in different geographic regions when accessing the same domain name, to resolve the different IP addresses.
He made a US IP access and experimental Chinese IP access.
14.1 Dynamic Host Address Management Protocol
Dynamic Host Configuration Protocol (DHCP) is a protocol based on the UDP and the network protocol used only within the LAN, the LAN environment mainly for large or there are more mobile office LAN environment devices, its main purpose is for the internal LAN equipment or network provider automatically assigns IP address and other parameters.
In simple terms, DHCP protocol is to allow hosts on the LAN to automatically obtain network parameters. There are multiple hosts in the topology diagram shown in Figure 14-1, if the network parameters manually configure each host will be very troublesome, it also makes future maintenance headaches. And when further increase the number of hosts in a room (for example, there are 100, or even 1000), the manual configuration and maintenance workload is enough to make operation and maintenance personnel collapse. By means of the DHCP protocol, not only can automatically assign network parameters for the host, it can also ensure that the IP address of the host using a unique, more importantly, can assign a fixed IP address for a particular host.
Topology diagram of 14-1 DHCP protocol
DHCP protocol is very extensive application, whether it is a server room or home, airports, cafes, will see its shadow. For example, someone readers of this book opened a cafe, while providing coffee for customers, but also to provide customers with free wireless Internet service. As a result, customers can comfortably while drinking coffee, while attached to a wireless network brush circle of friends. However, as the owner of the cafe you do not want (no time) for every customer to visit the information manually set the IP address, subnet mask and gateway address. In addition, taking into account the network segment using the cafe is generally 192.168.10.0/24(C class private address), the number of hosts can accommodate up to 200 units. The cafe day traffic certainly more than 200 people. If manually assign an IP address to them, then they will not be automatically released when the IP address when leaving the cafe, which is the IP address may appear not enough. Administrative costs in this regard will result in waste of IP addresses, on the other hand also increased the IP address. The use DHCP protocol, it's all solved - the boss just good customer service peace of mind, to provide gourmet coffee; customers get the required Internet IP address automatically by the server running the DHCP protocol, such as IP address when leaving the cafe will be DHCP server to recover, to prepare for other customers to use.
Since determine the future production environment certainly can not do without DHCP, then it is necessary to properly familiar with common terms related to the DHCP.
Scope : A complete IP addresses, DHCP protocol in accordance with the scope to manage the distribution network, assign IP addresses and other configuration parameters.
超级作用域:用于管理处于同一个物理网络中的多个逻辑子网段。超级作用域中包含了可以统一管理的作用域列表。
排除范围:把作用域中的某些IP地址排除,确保这些IP地址不会分配给DHCP客户端。
地址池:在定义了DHCP的作用域并应用了排除范围后,剩余的用来动态分配给DHCP客户端的IP地址范围。
租约:DHCP客户端能够使用动态分配的IP地址的时间。
预约:保证网络中的特定设备总是获取到相同的IP地址。
14.2 部署dhcpd服务程序
dhcpd是Linux系统中用于提供DHCP协议的服务程序。尽管DHCP协议的功能十分强大,但是dhcpd服务程序的配置步骤却十分简单,这也在很大程度上降低了在Linux中实现动态主机管理服务的门槛。
是的,您没有看错!dhcp的服务程序的配置文件中只有3行注释语句,这意味着我们需要自行编写这个文件。如果读者不知道怎么编写,可以看一下配置文件中第2行的参考示例文件,其组成架构如图14-2所示。
图14-2 dhcpd服务程序配置文件的架构
14.3 自动管理IP地址
DHCP协议的设计初衷是为了更高效地集中管理局域网内的IP地址资源。DHCP服务器会自动把IP地址、子网掩码、网关、DNS地址等网络信息分配给有需要的客户端,而且当客户端的租约时间到期后还可以自动回收所分配的IP地址,以便交给新加入的客户端。
为了让实验更有挑战性,刘遄老师来模拟一个真实生产环境的需求:
“机房运营部门:明天会有100名学员自带笔记本电脑来我司培训学习,请保证他们能够使用机房的本地DHCP服务器自动获取IP地址并正常上网”。
机房所用的网络地址及参数信息如表14-2所示。
表14-2 机房所用的网络地址以及参数信息
| 参数名称 | 值 |
| 默认租约时间 | 21600秒 |
| 最大租约时间 | 43200秒 |
| IP地址范围 | 192.168.10.50~192.168.10.150 |
| 子网掩码 | 255.255.255.0 |
| 网关地址 | 192.168.10.1 |
| DNS服务器地址 | 192.168.10.1 |
| 搜索域 | linuxprobe.com |
14.4 分配固定IP地址
在DHCP协议中有个术语是“预约”,它用来确保局域网中特定的设备总是获取到固定的IP地址。换句话说,就是dhcpd服务程序会把某个IP地址私藏下来,只将其用于相匹配的特定设备。
要想把某个IP地址与某台主机进行绑定,就需要用到这台主机的MAC地址。MAC地址是网卡上面的一串独立的标识符,具备唯一性,因此不会存在冲突的情况,如图14-6所示。
图14-6 查看运行Linux系统的主机MAC地址
在Linux系统或Windows系统中,都可以通过查看网卡的状态来获知主机的MAC地址。在dhcpd服务程序的配置文件中,按照如下格式将IP地址与MAC地址进行绑定。
第14章也是有点难的。
15.1 电子邮件系统
20世纪60年代,美苏两国正处于冷战时期。美国军方认为应该在科学技术上保持其领先的地位,这样有助于在未来的战争中取得优势。美国国防部由此发起了一项名为ARPANET的科研项目,即大家现在所熟知的阿帕网计划。阿帕网是当今互联网的雏形,它也是世界上第一个运营的封包交换网络。但是很快在1971年阿帕网遇到了严峻的问题,如图15-1所示,参与阿帕网科研项目的科学家分布在美国不同的地区,甚至还会因为时差的影响而不能及时分享各自的研究成果,因此科学家们迫切需要一种能够借助于网络在计算机之间传输数据的方法。
尽管本书第10章和第11章介绍的Web服务和FTP文件传输服务也能实现数据交换,但是这些服务的数据传输方式就像“打电话”那样,需要双方同时在线才能完成传输工作。如果对方的主机宕机或者科研人员因故离开,就有可能错过某些科研成果了。好在当时麻省理工学院的Ray Tomlinson博士也参与到了阿帕网计划的科研项目中,他觉得有必要设计一种类似于“信件”的传输服务,并为信件准备一个“信箱”,这样即便对方临时离线也能完成数据的接收,等上线后再进行处理即可。于是,Ray Tomlinson博士用了近一年的时间完成了电子邮件(Email)的设计,并在1971年秋天使用SNDMSG软件向自己的另一台计算机发送出了人类历史上第一封电子邮件—电子邮件系统在互联网中由此诞生!
图15-1 1971年阿帕网科研项目运营情况历史资料图片
既然要在互联网中给他人发送电子邮件,那么对方用户用于接收电子邮件的名称必须是唯一的,否则电子邮件可能会同时发给多个重名的用户,也或者干脆大家都收不到邮件了。因此,Ray Tomlinson博士决定选择使用“姓名@计算机主机名称”的格式来规范电子信箱的名称。选择使用@符号作为间隔符的原因其实也很简单,因为Ray Tomlinson博士觉得人类的名字和计算机主机名称中应该不会有这么一个@符号,所以就选择了这个符号。
电子邮件系统基于邮件协议来完成电子邮件的传输,常见的邮件协议有下面这些。
简单邮件传输协议(Simple Mail Transfer Protocol,SMTP):用于发送和中转发出的电子邮件,占用服务器的25/TCP端口。
邮局协议版本3(Post Office Protocol 3):用于将电子邮件存储到本地主机,占用服务器的110/TCP端口。
Internet消息访问协议版本4(Internet Message Access Protocol 4):用于在本地主机上访问邮件,占用服务器的143/TCP端口。
15.2 部署基础的电子邮件系统
一个最基础的电子邮件系统肯定要能提供发件服务和收件服务,为此需要使用基于SMTP协议的Postfix服务程序提供发件服务功能,并使用基于POP3协议的Dovecot服务程序提供收件服务功能。这样一来,用户就可以使用Outlook Express或Foxmail等客户端服务程序正常收发邮件了。电子邮件系统的工作流程如图15-3所示。
图15-3 电子邮件系统的工作流程
在RHEL 5、RHEL 6以及诸多早期的Linux系统中,默认使用的发件服务是由Sendmail服务程序提供的,而在RHEL 7系统中已经替换为Postfix服务程序。相较于Sendmail服务程序,Postfix服务程序减少了很多不必要的配置步骤,而且在稳定性、并发性方面也有很大改进。
一般而言,我们的信箱地址类似于“[email protected]”这样,也就是按照“用户名@主机地址(域名)”格式来规范的。如果您给我一串“[email protected]”的信息,我可能猜不到这是一个信箱地址,没准会将它当作SSH协议的连接信息。因此,要想更好地检验电子邮件系统的配置效果,需要先部署bind服务程序,为电子邮件服务器和客户端提供DNS域名解析服务。
15.2.1 配置Postfix服务程序
Postfix is funded by an IBM-developed free open-source e-mail service program, to be highly compatible service program Sendmail, Sendmail users can easily migrate to the Postfix service. Ability Postfix mail service program is stronger than Sendmail service, and can automatically increase and reduce the number of processes to ensure high performance and stability of e-mail system. In addition, Postfix service program consists of many small modules, each small module can perform specific functions and therefore can be flexible with their work in a production environment on demand.
15.2.2 Configuring Dovecot service program
Dovecot is an IMAP and POP3 e-mail to provide services for the open-source Linux system service program, high security, simple configuration, fast implementation, but also take up less server hardware resources, and therefore is a recommended collection parts service program.
15.2.3 customers to use e-mail system
How do you know the normal mail system has been able to send and receive mail it? You can use the Windows operating system that comes with Outlook software to test (you can also be used to test other e-mail clients, such as Foxmail). Please e-mail system to set the IP address and DNS server and the client host in accordance with Table 15-2, in order to properly resolve the mail domain.
After successfully send messages using Outlook software, you can use e-mail on the mail server in order to view the new e-mail alert. If you want to see the complete contents of the mail, simply enter the recipient's name in front of numbers can be.
Chapter 15, although before rehearsal when he was a little difficult, in fact, follow the old Liu do the next experiment with the feeling is not difficult thing.
