• 調整時區
  • 啟用網卡, 停用 NetworkManager
  • 將網卡名稱改回 eth0
  • 設置 Bridge & 固定 IP
  • 修改 Hostname
  • 停用 firewalld, 改用 iptabless
  • 網路校時
  • 安裝 bind, 移植 bind 設定檔
  • 啟用 rc.local

 

調整時區

rm /etc/localtime
ln -s /usr/share/zoneinfo/Asia/Taipei /etc/localtime

啟用網卡, 停用 NetworkManager

cd /etc/sysconfig/network-scripts
vi ifcfg-enp2s0 (名稱因設備不同而異)

ONBOOT=yes

systemctl stop NetworkManager
systemctl disable NetworkManager
systemctl restart network

將網卡名稱改回 eth0

vi /etc/default/grub

GRUB_CMDLINE_LINUX="... net.ifnames=0 biosdevname=0"

grub2-set-default 0
grub2-mkconfig -o /boot/grub2/grub.cfg
cd /etc/sysconfig/network-scripts
mv ifcfg-enp2s0 ifcfg-eth0
vi ifcfg-eth0

NAME=eth0

reboot

設置 Bridge & 固定 IP

yum install bridge-utils
cd /etc/sysconfig/network-scripts
vi ifcfg-br0

DEVICE=br0
TYPE=Bridge
BOOTPROTO=static
ONBOOT=yes
IPADDR=192.168.1.100
NETMASK=255.255.255.0
GATEWAY=192.168.1.1

vi ifcfg-eth0

DEVICE=eth0
TYPE=Ethernet
BOOTPROTO=none
HWADDR=xx:xx:xx:xx:xx:xx
ONBOOT=yes
BRIDGE=br0

systemctl restart network

補充: 讓 dhcpd 使用 br0

cp /usr/lib/systemd/system/dhcpd.service /etc/systemd/system/
vi /etc/systemd/system/dhcpd.service

ExecStart=/usr/sbin/dhcpd -f ... --no-pid br0

systemctl --system daemon-reload
systemctl restart dhcpd

修改 Hostname

vi /etc/hostname

host.mydomain.com

vi /etc/hosts

192.168.1.100 host host.mydomain.com

hostname host.mydomain.com
exit

停用 firewalld, 改用 iptabless

systemctl stop firewalld
systemctl disable firewalld
yum install iptables-services

從舊 Server 匯入 iptables 設定到 /etc/sysconfig/iptables, 或重新設置:

iptables -A INPUT -s 127.0.0.1 -j ACCEPT
iptables -A INPUT -s 192.168.1.0/24 -j ACCEPT
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -P INPUT DROP
service iptables save

systemctl start iptables
systemctl enable iptables

網路校時

yum install chrony
vi /etc/chrony.conf

# server 0.centos.pool.ntp.org iburst
# server 1.centos.pool.ntp.org iburst
# server 2.centos.pool.ntp.org iburst
# server 3.centos.pool.ntp.org iburst
server tick.stdtime.gov.tw iburst
server watch.stdtime.gov.tw iburst

systemctl start chronyd
systemctl enable chronyd

chronyc -a
chronyc> tracking (檢視時間差)
chronyc> sources (查看 NTP server 狀態)
chronyc> makestep (手動立即校時)
chronyc> exit

安裝 bind, 移植 bind 設定檔

yum install bind bind-chroot bind-utils
cd /etc
mv named.conf named.conf.backup
cp -a /etc/named.*{key,zones} /var/named/chroot/etc/
cp -a -r /var/named/{data,dynamic,slaves} /var/named/named.* \
  /var/named/chroot/var/named/

將舊機器上的 named.conf 複製到 /var/named/chroot/etc/
將舊機器上的 zone files 複製到 /var/named/chroot/var/named/

systemctl start named-chroot
systemctl enable named-chroot
echo "nameserver 127.0.0.1" > /etc/resolv.conf

註: 需留意檔案複製後的 owner:group, 若 selinux=enforced 須另行 chcon 修正 u / r / t

啟用 rc.local

chmod +x /etc/rc.d/rc.local

arrow
arrow
    全站熱搜

    deliciousmenu 發表在 痞客邦 留言(0) 人氣()

    E-mail轉寄