Linux_配置辅助DNS服务(基础)

摘要:
-DNS服务器1;-DNS服务器2;-DNSclient

【RHEL8】—DNSserver1;【RHEL7】—DNSserver2;【Centos7】—DNSclient

!!!测试环境我们首关闭防火墙和selinux(DNSserver1、DNSserver2、DNSclient都需要)

[root@localhost ~]# systemctl stop firewalld
[root@localhost ~]# systemctl disable firewalld
[root@localhost ~]# sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config
[root@localhost ~]# setenforce 0

前言— https://www.cnblogs.com/520qiangge/p/13395138.html 点这个链接查看

一、在DNSserver1和DNSserver2上安装DNS服务

1、安装DNS服务

//DNSserver1
[root@DNSserver1 ~]# yum install -y bind
[root@DNSserver1 ~]# systemctl start named
[root@DNSserver1 ~]# systemctl enable named
Created symlink /etc/systemd/system/multi-user.target.wants/named.service → /usr/lib/systemd/system/named.service.
//DNSserver2
[root@dnsserver2 ~]# yum install -y bind
[root@dnsserver2 ~]# systemctl start named
[root@dnsserver2 ~]# systemctl enable named
Created symlink from /etc/systemd/system/multi-user.target.wants/named.service to /usr/lib/systemd/system/named.service.

2、查看IP

//DNSserver1
[root@DNSserver1 ~]# ifconfig 
ens160: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 10.0.0.140  netmask 255.0.0.0  broadcast 10.255.255.255
        inet6 fe80::fa13:32e0:3b9f:2196  prefixlen 64  scopeid 0x20<link>
        ether 00:0c:29:cd:6a:1b  txqueuelen 1000  (Ethernet)
        RX packets 1848  bytes 164945 (161.0 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 1399  bytes 195583 (190.9 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10<host>
        loop  txqueuelen 1000  (Local Loopback)
        RX packets 596  bytes 50400 (49.2 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 596  bytes 50400 (49.2 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
//DNSserver2
[root@dnsserver2 ~]# ifconfig 
ens32: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 10.0.0.150  netmask 255.255.255.0  broadcast 10.0.0.255
        inet6 fe80::e220:bff8:e997:50c4  prefixlen 64  scopeid 0x20<link>
        ether 00:0c:29:b3:4d:83  txqueuelen 1000  (Ethernet)
        RX packets 1786  bytes 137533 (134.3 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 1638  bytes 355972 (347.6 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10<host>
        loop  txqueuelen 1  (Local Loopback)
        RX packets 68  bytes 5772 (5.6 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 68  bytes 5772 (5.6 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

二、编辑配置文件

1、在/etc/named.conf文件里面修改全局配置信息(DNSserver1和DNSserver2都需要修改)

//DNSserver1
[root@DNSserver1 ~]# vim /etc/named.conf
.........
options {
        listen-on port 53 { any; };
        listen-on-v6 port 53 { any; };
        directory       "/var/named";
        dump-file       "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
        memstatistics-file "/var/named/data/named_mem_stats.txt";
        secroots-file   "/var/named/data/named.secroots";
        recursing-file  "/var/named/data/named.recursing";
        allow-query     { any; };
.........
//DNSserver2
[root@dnsserver2 ~]# vim /etc/named.conf
.........
options {
        listen-on port 53 { any; };
        listen-on-v6 port 53 { any; };
        directory       "/var/named";
        dump-file       "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
        memstatistics-file "/var/named/data/named_mem_stats.txt";
        allow-query     { any; };
.........

2、在DNSserver1上配置:在/etc/named.rfc1912.zones子配置文件里面添加正向和反向的解析区域

[root@DNSserver1 ~]# arpaname 10.0.0.140
[root@DNSserver1 ~]# vim /etc/named.rfc1912.zones
.........
zone "test.com" IN {
        type master;
        file "test.zone";
        allow-transfer { 10.0.0.150; };
};

zone "0.0.10.in-addr.arpa" IN {
        type master;
        file "10.0.0.arpa";
        allow-transfer { 10.0.0.150; };
};
 //在文件的最后添加

3、在DNSserver2上配置:在/etc/named.rfc1912.zones子配置文件里面添加正向和反向的解析区域

[root@dnsserver2 ~]# arpaname 10.0.0.150
150.0.0.10.IN-ADDR.ARPA
[root@dnsserver2 ~]# vim /etc/named.rfc1912.zones 
..........
zone "test.com" IN {
        type slave;
        masters { 10.0.0.140; };
        file "slaves/test.zone";
};

zone "0.0.10.in-addr.arpa" IN {
        type slave;
        masters { 10.0.0.140; };
        file "slaves/10.0.0.arpa";
};
 //在文件的最后添加

4、在DNSserver1上配置:复制生成正向和反向区域解析数据库文件

[root@DNSserver1 ~]# cd /var/named/
[root@DNSserver1 named]# ls
data  dynamic  named.ca  named.empty  named.localhost  named.loopback  slaves
[root@DNSserver1 named]# cp -a named.localhost test.zone
[root@DNSserver1 named]# cp -a named.loopback 10.0.0.arpa

5、在DNSserver1上配置:编辑正向区域解析数据库文件

[root@DNSserver1 named]# vim test.zone
$TTL 1D
@       IN SOA  test.com. root.test.com. (
                                        2020031601      ; serial
                                        1D      ; refresh
                                        1H      ; retry
                                        1W      ; expire
                                        3H )    ; minimum
        NS      ns1.test.com.
        NS      ns2.test.com.
        A       127.0.0.1
        AAAA    ::1
ns1     A       10.0.0.140
ns2     A       10.0.0.150
www     A       10.0.0.1
aaa     A       10.0.0.2
bbb     A       10.0.0.3
ccc     A       10.0.0.4
ddd     A       10.0.0.5

6、在DNSserver1上配置:编辑反向区域解析数据库文件

[root@DNSserver1 named]# vim 10.0.0.arpa
$TTL 1D
@       IN SOA  test.com root.test.com. (
                                        2020031601      ; serial
                                        1D      ; refresh
                                        1H      ; retry
                                        1W      ; expire
                                        3H )    ; minimum
        NS      ns1.test.com.
        NS      ns2.tst.com.
        A       127.0.0.1
        AAAA    ::1
        PTR     localhost.
ns1     A       10.0.0.140
ns2     A       10.0.0.150
1       PTR     www
2       PTR     aaa
3       PTR     bbb
4       PTR     ccc.test.com
5       PTR     ddd.test.com

7、在DNSserver1、DNSserver2上配置:配置文件语法检测

//DNSserver1
[root@DNSserver1 ~]# named-checkconf /etc/named.conf 
[root@DNSserver1 ~]# named-checkconf /etc/named.rfc1912.zones
//DNSserver2
[root@dnsserver2 ~]# named-checkconf /etc/named.conf 
[root@dnsserver2 ~]# named-checkconf /etc/named.rfc1912.zones

8、在DNSserver1上配置:正向和反向区域解析测试

[root@DNSserver1 ~]# named-checkzone test.com /var/named/test.zone 
zone test.com/IN: loaded serial 2020031601
OK
[root@DNSserver1 ~]# named-checkzone test.com /var/named/10.0.0.arpa 
zone test.com/IN: loaded serial 2020031601
OK

9、重启DNS服务,查看端口(DNSserver1和DNSserver2都需要)

//DNSserver1
[root@DNSserver1 ~]# systemctl restart named
[root@DNSserver1 ~]# netstat -tunlp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name    
tcp        0      0 10.0.0.142:53           0.0.0.0:*               LISTEN      27491/named         
tcp        0      0 10.0.0.140:53           0.0.0.0:*               LISTEN      27491/named         
tcp        0      0 127.0.0.1:53            0.0.0.0:*               LISTEN      27491/named         
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      1101/sshd           
tcp        0      0 127.0.0.1:953           0.0.0.0:*               LISTEN      27491/named         
tcp6       0      0 :::53                   :::*                    LISTEN      27491/named         
tcp6       0      0 :::22                   :::*                    LISTEN      1101/sshd           
tcp6       0      0 ::1:953                 :::*                    LISTEN      27491/named         
udp        0      0 10.0.0.142:53           0.0.0.0:*                           27491/named         
udp        0      0 10.0.0.140:53           0.0.0.0:*                           27491/named         
udp        0      0 127.0.0.1:53            0.0.0.0:*                           27491/named         
udp        0      0 0.0.0.0:68              0.0.0.0:*                           1611/dhclient       
udp        0      0 0.0.0.0:50590           0.0.0.0:*                           27491/named         
udp6       0      0 :::53                   :::*                                27491/named  
//DNSserver2
[root@dnsserver2 ~]# systemctl restart named
[root@dnsserver2 ~]# netstat -tunlp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name    
tcp        0      0 10.0.0.150:53           0.0.0.0:*               LISTEN      2118/named          
tcp        0      0 127.0.0.1:53            0.0.0.0:*               LISTEN      2118/named          
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      1049/sshd           
tcp        0      0 127.0.0.1:953           0.0.0.0:*               LISTEN      2118/named          
tcp        0      0 127.0.0.1:25            0.0.0.0:*               LISTEN      1296/master         
tcp6       0      0 :::53                   :::*                    LISTEN      2118/named          
tcp6       0      0 :::22                   :::*                    LISTEN      1049/sshd           
tcp6       0      0 ::1:953                 :::*                    LISTEN      2118/named          
tcp6       0      0 ::1:25                  :::*                    LISTEN      1296/master         
udp        0      0 10.0.0.150:53           0.0.0.0:*                           2118/named          
udp        0      0 127.0.0.1:53            0.0.0.0:*                           2118/named          
udp        0      0 0.0.0.0:68              0.0.0.0:*                           1455/dhclient       
udp        0      0 0.0.0.0:21652           0.0.0.0:*                           1455/dhclient       
udp        0      0 127.0.0.1:323           0.0.0.0:*                           767/chronyd         
udp        0      0 0.0.0.0:2421            0.0.0.0:*                           2118/named          
udp6       0      0 :::61980                :::*                                1455/dhclient       
udp6       0      0 :::53                   :::*                                2118/named          
udp6       0      0 ::1:323                 :::*                                767/chronyd         

10、在DNSserver2上检查是否获取正向和反向区域解析数据库文件

[root@dnsserver2 ~]# ll /var/named/slaves/
总用量 8
-rw-r--r--. 1 named named 834 7月  30 09:52 10.0.0.arpa
-rw-r--r--. 1 named named 527 7月  30 09:52 test.zone

到这里DNS服务端搭建完成

三、DNS客户端测试

1、查看客户端主机的IP

[root@dnsclient ~]# ifconfig 
ens32: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 10.0.0.129  netmask 255.255.255.0  broadcast 10.0.0.255
        inet6 fe80::fe04:212a:5e53:cec4  prefixlen 64  scopeid 0x20<link>
        ether 00:0c:29:b3:89:a5  txqueuelen 1000  (Ethernet)
        RX packets 22880  bytes 29553230 (28.1 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 4707  bytes 583379 (569.7 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10<host>
        loop  txqueuelen 1  (Local Loopback)
        RX packets 148  bytes 12796 (12.4 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 148  bytes 12796 (12.4 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

2、测试是否能与服务器端互通

[root@dnsclient ~]# ping -c 3 10.0.0.140
PING 10.0.0.140 (10.0.0.140) 56(84) bytes of data.
64 bytes from 10.0.0.140: icmp_seq=1 ttl=64 time=2.15 ms
64 bytes from 10.0.0.140: icmp_seq=2 ttl=64 time=0.403 ms
64 bytes from 10.0.0.140: icmp_seq=3 ttl=64 time=0.424 ms

--- 10.0.0.140 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2003ms
rtt min/avg/max/mdev = 0.403/0.993/2.153/0.820 ms

3、安装bind-utils包

[root@dnsclient ~]# yum install -y bind-utils
[root@dnsclient ~]# rpm -qa bind-utils
bind-utils-9.11.4-16.P2.el7_8.6.x86_64

4、在客户端 /etc/resolv.conf 加入服务端的DNS

[root@dnsclient ~]# vim /etc/resolv.conf
[root@dnsclient ~]# cat /etc/resolv.conf 
# Generated by NetworkManager
nameserver 10.0.0.140
nameserver 10.0.0.150
nameserver 8.8.8.8

5、测试

[root@dnsclient ~]# nslookup www.test.com
Server:		10.0.0.140
Address:	10.0.0.140#53

Name:	www.test.com
Address: 10.0.0.1
[root@dnsclient ~]# nslookup 10.0.0.1
1.0.0.10.in-addr.arpa	name = www.0.0.10.in-addr.arpa.

[root@dnsclient ~]# nslookup aaa.test.com
Server:		10.0.0.140
Address:	10.0.0.140#53

Name:	aaa.test.com
Address: 10.0.0.2
[root@dnsclient ~]# nslookup 10.0.0.2
2.0.0.10.in-addr.arpa	name = aaa.0.0.10.in-addr.arpa.

[root@dnsclient ~]# nslookup bbb.test.com
Server:		10.0.0.140
Address:	10.0.0.140#53

Name:	bbb.test.com
Address: 10.0.0.3
[root@dnsclient ~]# nslookup 10.0.0.3
3.0.0.10.in-addr.arpa	name = bbb.0.0.10.in-addr.arpa.

[root@dnsclient ~]# nslookup ccc.test.com
Server:		10.0.0.140
Address:	10.0.0.140#53

Name:	ccc.test.com
Address: 10.0.0.4
[root@dnsclient ~]# nslookup 10.0.0.4
4.0.0.10.in-addr.arpa	name = ccc.test.com.0.0.10.in-addr.arpa.

[root@dnsclient ~]# nslookup ddd.test.com
Server:		10.0.0.140
Address:	10.0.0.140#53

Name:	ddd.test.com
Address: 10.0.0.5
[root@dnsclient ~]# nslookup 10.0.0.5
5.0.0.10.in-addr.arpa	name = ddd.test.com.0.0.10.in-addr.arpa.

[root@dnsclient ~]# nslookup 
> server 10.0.0.13
Default server: 10.0.0.13
Address: 10.0.0.13#53
> set q=mx   
> test.com

免责声明:文章转载自《Linux_配置辅助DNS服务(基础)》仅用于学习参考。如对内容有疑问,请及时联系本站处理。

上篇qt资源加载出错Mybatis的@Options注解下篇

宿迁高防,2C2G15M,22元/月;香港BGP,2C5G5M,25元/月 雨云优惠码:MjYwNzM=

相关文章

Linux及文件系统基本介绍

Linux及文件系统基本介绍 1互联网行业现状 在服务器端市场: 超级计算机 2014年11月的数据显示前500系统中的485个系统都在运行着 Linux 的发布系统,而仅仅只有一台运行着 Windows 系统 截止到目前,运行 Linux 系统的处理器有 22,851,693 个之多,而 windows 系统仅仅只有 30,720 云计算...

Linux kernel API的查看

一般来说Linux上查看一些函数API的说明咱们可以man一下。man 2是syscall,man 3是一些库的函数API。 以下是man sections的一些说明 The table below shows the section numbers of the manual followed by the types of pages they co...

如何检查linux是否安装了php

方法一、在终端通过php -v命令来查看一下当前php的版本。如果没有安装php,一般会提示没有php这个命令的。 2 方法二、在终端查询安装的包中是否有php,以redhat为例,则可以执行如下命令: rpm -qa | grep php 如下图所示,就说明安装了php。 3 方法三、可以使用pear命令的list参数查看安...

鸟哥的linux私房菜——第20章 启动流程、模块管理与loader

20.1 Linux启动流程分析 Linux启动过程: 按下开机电源后计算机硬件主动读取BIOS来加载硬件信息以及硬件系统的自我测试,之后系统会主动读取第一个可启动的设备(由BIOS设置),此时就可以读入引导加载程序(boot loader)了,引导加载程序指定使用那个内核文件来启动,并实际加载内核到内存中解压缩与执行,此时内核就能够在内存中活动,并检测所...

linux Nginx 日志脚本

这篇文章主要介绍了nginx日志切割脚本、nginx日志分析脚本等,需要的朋友可以参考下。 参考自:http://www.jbxue.com/article/13927.html任务计划 crontab -l 1 15 * * * /home/dongnan/sh/split.sh >> /home/dongnan/sh/cron.log 2&...

Linux、UNIX设置开机自动运行命令、脚本配置

一般我们不建议人工部署开机自动启动的脚本。而是建议通过crontab 部署脚本监控,理由如下: 1.自动开机部署脚本不好定位问题,有可能导致主机重启过慢。 2.自动开机部署脚本不好定位问题,有可能导致主机无法打开对应的服务。无法telnet 主机  详细描述如下:issue 2 http://www.cnblogs.com/feiyun8616/p/788...