DNS基础
- 资源记录类型
View Code;;资源记录类型,soa开头 SOA Domain -> FQDN NS Domain -> FQDN MX FQDN -> FQDN CNAME FQDN -FQDN A FQDN -> IPv4 AAAA FQDN -> IPv6 PTR IP -> FQDN
-
dns 服务器类型
View Code主DNS 辅助DNS 缓存DNS 转发DNS - 配置
View Code
1.配置监听 vi /etc/named.conf listen-on port 53 { any; }; listen-on-v6 port 53 { none; }; allow-query { any; }; 2.定义区域 vi /etc/named.rfc1912.zones zone "域" type master|hint file "" allow-update {slave_ip;}; zone "1.0.0.127.in-addr.arpa" # 网段.in-addr.arpa 16.172.in-addr.arpa 3.定义记录 cd /var/named/ $TTL 1D @ IN SOA @ rname.invalid. ( ; 域名 IN SOA 域 以 . 结尾 ; 下边设为 主从环境 使用的 0 ; serial 版本号 1D ; refresh 从服务器的更新频率 1H ; retry 从服务器更新失败的重试间隔 1W ; expire 从服务器不能更新时的失效时间 1H ) ; minimun 查询不到时的失效时间 NS @ ; 设置 dns 服务器的域名 A 127.0.0.1 ; 设置 dns 服务器的 ip 地址 4.监听状态 # netstat -nltup | grep named tcp 0 0 192.168.251.52:53 0.0.0.0:* LISTEN 2818/named tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN 2818/named tcp 0 0 127.0.0.1:953 0.0.0.0:* LISTEN 2818/named tcp6 0 0 ::1:953 :::* LISTEN 2818/named udp 0 0 192.168.251.52:53 0.0.0.0:* 2818/named udp 0 0 127.0.0.1:53 0.0.0.0:* 2818/named
创建缓存 DNS 服务
- yum
View Code
# 实现一个缓存 DNS 服务 # # 安装服务 yum install bind systemctl status named # 编辑 vi /etc/named.conf chown root:named /etc/named.conf chmod 640 /etc/named.conf # 检查配置文件语法 named-checkzone "." /var/named/named.ca named-checkzone "localhost" /var/named/named.localhost named-checkzone "0.0.127.in-addr-arpa" /var/named/named.loopback # 启动服务 systemctl start named # 检查端口 netstat -nltup # 检查服务工作 vi /etc/resolv.conf ping qq.com
-
named.conf
View Codeoptions { directory "/var/named"; }; zone "." IN { type hint; file "named.ca"; }; zone "localhost" IN { type master; file "named.localhost"; }; zone "0.0.127.in-addr.arpa" IN { type master; file "named.loopback"; };
区域文件指定的是一个相对路径,相对于 options.directory。
主 DNS 服务
- 主配置文件 > 配置监听:【配置 > 1.配置监听】
- 区域配置
View Code
# cat /etc/named.rfc1912.zones zone "argor.cn" IN { type master; file "argor.localhost"; allow-update { none; }; }; zone "251.168.192.in-addr.arpa" IN { type master; file "argor.loopback"; allow-update { none; }; };
定义记录
View Code$TTL 1D @ IN SOA argor.cn. rname.invalid. ( 0 ; serial 1D ; refresh 1H ; retry 1W ; expire 3H ) ; minimum NS dns1.argor.cn. dns1 A 192.168.251.52 www A 192.168.251.53
定义反向记录
View Code$TTL 1D @ IN SOA argor.cn. rname.invalid. ( 0 ; serial 1D ; refresh 1H ; retry 1W ; expire 3H ) ; minimum NS dns1.argor.cn. 52 PTR dns1.argor.cn. 53 PTR www.argor.cn.
- 测试
设置测试客户端的 dns 信息;
lynx www.argor.cn
测试2
View Code# nslookup > www.argor.cn Server: 192.168.251.52 Address: 192.168.251.52#53 Name: www.argor.cn Address: 192.168.251.53 > 192.168.251.53 53.251.168.192.in-addr.arpa name = www.argor.cn. > set type=ns > argor.cn Server: 192.168.251.52 Address: 192.168.251.52#53 argor.cn nameserver = dns1.argor.cn. > 192.168.251.53 Server: 192.168.251.52 Address: 192.168.251.52#53 53.251.168.192.in-addr.arpa name = www.argor.cn. >
主从 DNS 服务
主服务器
- 设计:dns-55,dns2-61,client-56,web-57
- 主配置文件,保持不变
- 区域配置文件,修改 allow-update,指定从服务器地址
View Code
zone "argor.cn" IN { type master; file "argor.localhost"; allow-update { 192.168.251.61; }; };
区域记录配置
View Code$TTL 1D @ IN SOA argor.cn. rname.invalid. ( 0 ; serial 1D ; refresh 1H ; retry 1W ; expire 3H ) ; minimum NS dns1.argor.cn. dns1 A 192.168.251.55 www A 192.168.251.57
从服务器
- 主配置文件,保持不变
- 区域配置文件,修改类型,指定主dns ip
View Code
zone "argor.cn" IN { type slave; masters { 192.168.251.55 }; file "slaves/argor.localhost"; };
bind-9.11.4