zoukankan      html  css  js  c++  java

  • Dns局域网域名解析

    一、安装dns服务

    1)yum安装

    yum install dnsmasq -y

    2)配置本地的 dns 解析

    # 设置上游DNS,毕竟你的Dns只是个代理
cat >/etc/resolv.dnsmasq <<EOF
nameserver 114.114.114.114
nameserver 8.8.8.8
EOF

    3)设置需要解析的域名

    cat >/etc/dnsmasqhosts <<EOF
192.168.44.11 demo-init.opendevops.cn
192.168.44.11 mg.opendevops.cn
192.168.44.11 task.opendevops.cn
192.168.44.11 gw.opendevops.cn
192.168.44.11 cmdb2.opendevops.cn
192.168.44.11 kerrigan.opendevops.cn
192.168.44.11 tools.opendevops.cn
192.168.44.11 cron.opendevops.cn
192.168.44.11 dns.opendevops.cn
EOF

    4)配置 dns 的配置文件

    # 注意下一步是覆盖你本机的DNS,建议把你的DNS地址加在/etc/resolv.dnsmasq 里面 
echo "nameserver $LOCALHOST_IP" > /etc/resolv.conf   
echo "resolv-file=/etc/resolv.dnsmasq" >> /etc/dnsmasq.conf
echo "addn-hosts=/etc/dnsmasqhosts" >> /etc/dnsmasq.conf

    5)启动服务

    /bin/systemctl enable dnsmasq.service
/bin/systemctl start dnsmasq.service
systemctl status dnsmasq
if [ $? == 0 ];then
    echo -e "33[32m [INFO]: dnsmasq install success. 33[0m"
else
    echo -e "33[31m [ERROR]: dnsmasq install faild 33[0m"
    exit -6
fi

    二、本地测试

     1)测试域名

    [root@gitlab ~]# ping gw.opendevops.cn
PING gw.opendevops.cn (192.168.44.11) 56(84) bytes of data.
64 bytes from demo-init.opendevops.cn (192.168.44.11): icmp_seq=1 ttl=64 time=0.006 ms
64 bytes from demo-init.opendevops.cn (192.168.44.11): icmp_seq=2 ttl=64 time=0.017 ms

    注意,此时的本地dns解析文件

    [root@gitlab ~]# cat /etc/resolv.conf 
nameserver 192.168.44.11    # dns的服务器地址

    2)其他机器解析。更改 resolv.conf文件

    [root@gitlab-ci ~]# cat /etc/resolv.conf
# Generated by NetworkManager
nameserver 192.168.44.11
[root@gitlab-ci ~]# 
[root@gitlab-ci ~]# ping gw.opendevops.cn
PING gw.opendevops.cn (192.168.44.11) 56(84) bytes of data.
64 bytes from gitlab.example.com (192.168.44.11): icmp_seq=1 ttl=64 time=0.190 ms

    三、企业级自建dns服务  bind 

    hostnamectl set-hostname iotansible0001.eniot.io
yum install epel-release -y
yum install wget net-tools telnet tree nmap sysstat lrzsz dos2unix bind-utils -y

安装bind9软件。开源dns软件
yum install bind -y
[root@iotansible0001 ~]# rpm -qa bind
bind-9.11.4-16.P2.el7_8.2.x86_64

[root@iotansible0001 ~]# ls /etc/named.conf    配置文件
/etc/named.conf

listen-on port 53 { 127.0.0.1; };
    删掉 ipv6的地址    ----->>后面调整的内容
改为
listen    -on port 53 { 192.168.44.30; };
-------------
allow-query     { localhost; };
改为
allow-query     { any; };
forwarders      { 192.168.44.2; };    # 上级dns
--------------------
dnssec-enable no;   改为no
dnssec-validation no;

配置改完了,检查配置语法
[root@iotansible0001 ~]# named-checkconf
------------------------------
[root@iotansible0001 ~]# vim /etc/named.rfc1912.zones
在最后添加域名域
zone "eniot.io" IN {
        type  master;
    file "eniot.io.zone";
    allow-update { 194.168.44.30; };
};

zone "envisioniot.com" IN {
        type  master;
    file "envisioniot.com.zone";
    allow-update { 194.168.44.30; };
};
==============================================
配置区域数据文件。该配置生效域名只有eniot.io
[root@iotansible0001 ~]# cat /var/named/eniot.io.zone 
$ORIGIN eniot.io.
$TTL 600        ; 10 minutes;
@    IN SOA    dns.eniot.io.  dnsadmin.eniot.io. (
                    2020050401  ; serial
                    10800        ; refresh (3 hours)
                    900        ; retry  (15 minutes)
                    604800        ; expire (1 week)
                    86400       ; minimum (1 day)
                    )
            NS    dns.eniot.io.
$TTL 60 ; 1 minutes
dns                A   192.168.44.30        
iotansible0001     A   192.168.44.30        
ceph0001           A   192.168.44.31        
ceph0002           A   192.168.44.32        
ceph0003           A   192.168.44.33

启动服务
[root@iotansible0001 ~]# systemctl start named
[root@iotansible0001 ~]# netstat -lntup|grep 53
tcp        0      0 192.168.44.30:53        0.0.0.0:*               LISTEN      1262/named          
tcp        0      0 127.0.0.1:953           0.0.0.0:*               LISTEN      1262/named          
tcp6       0      0 ::1:53                  :::*                    LISTEN      1262/named          
tcp6       0      0 ::1:953                 :::*                    LISTEN      1262/named          
udp        0      0 192.168.44.30:53        0.0.0.0:*                           1262/named          
udp6       0      0 ::1:53                  :::*                                1262/named 
[root@iotansible0001 ~]# dig -t A iotansible0001.eniot.io @192.168.44.30 +short
192.168.44.30
[root@iotansible0001 ~]# dig -t A ceph0001.eniot.io @192.168.44.30 +short
192.168.44.31
[root@iotansible0001 ~]# dig -t A ceph0002.eniot.io @192.168.44.30 +short
192.168.44.32
================================
[root@iotansible0001 ~]# cat /etc/resolv.conf 
# Generated by NetworkManager
search eniot.io
nameserver 192.168.44.30
添加了 search 后
[root@iotansible0001 ~]# ping ceph0003  可通

===========================
其他机器的网络配置使用该dns即可
  • 相关阅读:
    大学随笔
    TMS320C54X系列DSP上FFT运算的实现(转)
    python第一天学习笔记以及心得
    Struts2学习笔记
    C#实现eval 进行四则运算(有码)
    sql 将字符串转换为表
    XML
    图形用户界面
    java io
    java集合
  • 原文地址:https://www.cnblogs.com/linu/p/11787328.html
Copyright © 2011-2022 走看看