Difference between revisions of "Ops535 online a1"
(→DNS servers) |
(→DNS servers) |
||
| Line 19: | Line 19: | ||
== DNS servers == | == DNS servers == | ||
:You need three DNS servers for this assignment: | :You need three DNS servers for this assignment: | ||
| − | :* Primary DNS server: running on VM2, pri-dns.<yourdomain>.ops | + | :* Primary DNS server: running on VM2, pri-dns.<yourdomain>.ops, which is authoritative for your domain. It will be non-recursive, and must allow anyone to request DNS queries of your domain. |
| − | :* Caching-only DNS server: running on VM3, co-nfs.<yourdomain>.ops | + | :* Caching-only DNS server: running on VM3, co-nfs.<yourdomain>.ops, which allows DNS queries only from |
| − | :* Root Name server: running on VM4, rns-ldap.<yourdomain>.ops | + | network devices in your private network. It will perform recursive DNS queries to the appropriate DNS servers. |
| + | :* Root Name server: running on VM4, rns-ldap.<yourdomain>.ops, which is authoritative for the root | ||
| + | zone only. It will answer queries from anyone to request DNS queries for the entire DNS namespace. | ||
| + | |||
| + | == NFS Server - on VM co-nfs == | ||
| + | :* This machine will centrally host all of your network users’ home directories, allowing remote | ||
| + | access through NFS version 4. | ||
| + | :* Use the appropriate export option(s) (pay particular attention to root_squash and | ||
| + | no_root_squash) when exporting network users' home directories. | ||
| + | :* Superuser on the other VMs should not have root privilege on the exported directory, with the | ||
| + | exception of the machine that is running the LDAP server. | ||
| + | :* Machines outside your assignment network must not be able to contact this service. Every | ||
| + | machine in your network (including ones not created yet) must have access to this service. | ||
| + | :* Network users should not have read or write access to other network users' home directories. | ||
Revision as of 01:59, 10 February 2021
Due Date - Friday, Feb 26, 2021
Contents
Required VMs
The four VMs assigned to you in the OPS535 Virtual Lab. Please ask your professor for information on how to access those VMs. The following are the general description for those four VMs:
- VM1 - has three virtual network interfaces connected to three different virtual networks, they are
- ens192, with IP address assigned by the lab DHCP server for connecting to the lab's public network and the Internet.
- ens224, for connecting to the other three VMs in a private network.
- ens256, do not use for this assignment.
- VM2, VM3, and VM4 - each has two virtual network interfaces connected to two different virtual networks, they are
- ens192, with IP address assigned by the lab DHCP server for connecting to the lab's public network and the Internet.
- ens224, connect to the other three VMs.
Hostname and Private IP addresses for the ens224 NIC
- VM1 - 192.168.v.1, router.<yourdomain>.ops
- VM2 - 192.168.v.2, pri-dns.<yourdomain>.ops
- VM3 - 192.168.v.3, co-nfs.<yourdomain>.ops
- VM4 - 192.168.v.4, rns-ldap.<yourdomain>.ops
VM's server role and software requirements
DNS servers
- You need three DNS servers for this assignment:
- Primary DNS server: running on VM2, pri-dns.<yourdomain>.ops, which is authoritative for your domain. It will be non-recursive, and must allow anyone to request DNS queries of your domain.
- Caching-only DNS server: running on VM3, co-nfs.<yourdomain>.ops, which allows DNS queries only from
network devices in your private network. It will perform recursive DNS queries to the appropriate DNS servers.
- Root Name server: running on VM4, rns-ldap.<yourdomain>.ops, which is authoritative for the root
zone only. It will answer queries from anyone to request DNS queries for the entire DNS namespace.
NFS Server - on VM co-nfs
- This machine will centrally host all of your network users’ home directories, allowing remote
access through NFS version 4.
- Use the appropriate export option(s) (pay particular attention to root_squash and
no_root_squash) when exporting network users' home directories.
- Superuser on the other VMs should not have root privilege on the exported directory, with the
exception of the machine that is running the LDAP server.
- Machines outside your assignment network must not be able to contact this service. Every
machine in your network (including ones not created yet) must have access to this service.
- Network users should not have read or write access to other network users' home directories.
