Linux_配置辅助DNS服务(基础)
【RHEL8】—DNSserver1;【RHEL7】—DNSserver2;【Centos7】—DNSclient
!!!测试环境我们首关闭防火墙和selinux(DNSserver1、DNSserver2、DNSclient都需要)
[root@localhost ~]# systemctl stop firewalld
[root@localhost ~]# systemctl disable firewalld
[root@localhost ~]# sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config
[root@localhost ~]# setenforce 0
前言— https://www.cnblogs.com/520qiangge/p/13395138.html 点这个链接查看
一、在DNSserver1和DNSserver2上安装DNS服务
1、安装DNS服务
//DNSserver1
[root@DNSserver1 ~]# yum install -y bind
[root@DNSserver1 ~]# systemctl start named
[root@DNSserver1 ~]# systemctl enable named
Created symlink /etc/systemd/system/multi-user.target.wants/named.service → /usr/lib/systemd/system/named.service.
//DNSserver2
[root@dnsserver2 ~]# yum install -y bind
[root@dnsserver2 ~]# systemctl start named
[root@dnsserver2 ~]# systemctl enable named
Created symlink from /etc/systemd/system/multi-user.target.wants/named.service to /usr/lib/systemd/system/named.service.
2、查看IP
//DNSserver1
[root@DNSserver1 ~]# ifconfig
ens160: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 10.0.0.140 netmask 255.0.0.0 broadcast 10.255.255.255
inet6 fe80::fa13:32e0:3b9f:2196 prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:cd:6a:1b txqueuelen 1000 (Ethernet)
RX packets 1848 bytes 164945 (161.0 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 1399 bytes 195583 (190.9 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Local Loopback)
RX packets 596 bytes 50400 (49.2 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 596 bytes 50400 (49.2 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
//DNSserver2
[root@dnsserver2 ~]# ifconfig
ens32: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 10.0.0.150 netmask 255.255.255.0 broadcast 10.0.0.255
inet6 fe80::e220:bff8:e997:50c4 prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:b3:4d:83 txqueuelen 1000 (Ethernet)
RX packets 1786 bytes 137533 (134.3 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 1638 bytes 355972 (347.6 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1 (Local Loopback)
RX packets 68 bytes 5772 (5.6 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 68 bytes 5772 (5.6 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
二、编辑配置文件
1、在/etc/named.conf文件里面修改全局配置信息(DNSserver1和DNSserver2都需要修改)
//DNSserver1
[root@DNSserver1 ~]# vim /etc/named.conf
.........
options {
listen-on port 53 { any; };
listen-on-v6 port 53 { any; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
secroots-file "/var/named/data/named.secroots";
recursing-file "/var/named/data/named.recursing";
allow-query { any; };
.........
//DNSserver2
[root@dnsserver2 ~]# vim /etc/named.conf
.........
options {
listen-on port 53 { any; };
listen-on-v6 port 53 { any; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { any; };
.........
2、在DNSserver1上配置:在/etc/named.rfc1912.zones子配置文件里面添加正向和反向的解析区域
[root@DNSserver1 ~]# arpaname 10.0.0.140
[root@DNSserver1 ~]# vim /etc/named.rfc1912.zones
.........
zone "test.com" IN {
type master;
file "test.zone";
allow-transfer { 10.0.0.150; };
}; zone "0.0.10.in-addr.arpa" IN {
type master;
file "10.0.0.arpa";
allow-transfer { 10.0.0.150; };
};
//在文件的最后添加
3、在DNSserver2上配置:在/etc/named.rfc1912.zones子配置文件里面添加正向和反向的解析区域
[root@dnsserver2 ~]# arpaname 10.0.0.150
150.0.0.10.IN-ADDR.ARPA
[root@dnsserver2 ~]# vim /etc/named.rfc1912.zones
..........
zone "test.com" IN {
type slave;
masters { 10.0.0.140; };
file "slaves/test.zone";
}; zone "0.0.10.in-addr.arpa" IN {
type slave;
masters { 10.0.0.140; };
file "slaves/10.0.0.arpa";
};
//在文件的最后添加
4、在DNSserver1上配置:复制生成正向和反向区域解析数据库文件
[root@DNSserver1 ~]# cd /var/named/
[root@DNSserver1 named]# ls
data dynamic named.ca named.empty named.localhost named.loopback slaves
[root@DNSserver1 named]# cp -a named.localhost test.zone
[root@DNSserver1 named]# cp -a named.loopback 10.0.0.arpa
5、在DNSserver1上配置:编辑正向区域解析数据库文件
[root@DNSserver1 named]# vim test.zone
$TTL 1D
@ IN SOA test.com. root.test.com. (
2020031601 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS ns1.test.com.
NS ns2.test.com.
A 127.0.0.1
AAAA ::1
ns1 A 10.0.0.140
ns2 A 10.0.0.150
www A 10.0.0.1
aaa A 10.0.0.2
bbb A 10.0.0.3
ccc A 10.0.0.4
ddd A 10.0.0.5
6、在DNSserver1上配置:编辑反向区域解析数据库文件
[root@DNSserver1 named]# vim 10.0.0.arpa
$TTL 1D
@ IN SOA test.com root.test.com. (
2020031601 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS ns1.test.com.
NS ns2.tst.com.
A 127.0.0.1
AAAA ::1
PTR localhost.
ns1 A 10.0.0.140
ns2 A 10.0.0.150
1 PTR www
2 PTR aaa
3 PTR bbb
4 PTR ccc.test.com
5 PTR ddd.test.com
7、在DNSserver1、DNSserver2上配置:配置文件语法检测
//DNSserver1
[root@DNSserver1 ~]# named-checkconf /etc/named.conf
[root@DNSserver1 ~]# named-checkconf /etc/named.rfc1912.zones
//DNSserver2
[root@dnsserver2 ~]# named-checkconf /etc/named.conf
[root@dnsserver2 ~]# named-checkconf /etc/named.rfc1912.zones
8、在DNSserver1上配置:正向和反向区域解析测试
[root@DNSserver1 ~]# named-checkzone test.com /var/named/test.zone
zone test.com/IN: loaded serial 2020031601
OK
[root@DNSserver1 ~]# named-checkzone test.com /var/named/10.0.0.arpa
zone test.com/IN: loaded serial 2020031601
OK
9、重启DNS服务,查看端口(DNSserver1和DNSserver2都需要)
//DNSserver1
[root@DNSserver1 ~]# systemctl restart named
[root@DNSserver1 ~]# netstat -tunlp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 10.0.0.142:53 0.0.0.0:* LISTEN 27491/named
tcp 0 0 10.0.0.140:53 0.0.0.0:* LISTEN 27491/named
tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN 27491/named
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1101/sshd
tcp 0 0 127.0.0.1:953 0.0.0.0:* LISTEN 27491/named
tcp6 0 0 :::53 :::* LISTEN 27491/named
tcp6 0 0 :::22 :::* LISTEN 1101/sshd
tcp6 0 0 ::1:953 :::* LISTEN 27491/named
udp 0 0 10.0.0.142:53 0.0.0.0:* 27491/named
udp 0 0 10.0.0.140:53 0.0.0.0:* 27491/named
udp 0 0 127.0.0.1:53 0.0.0.0:* 27491/named
udp 0 0 0.0.0.0:68 0.0.0.0:* 1611/dhclient
udp 0 0 0.0.0.0:50590 0.0.0.0:* 27491/named
udp6 0 0 :::53 :::* 27491/named
//DNSserver2
[root@dnsserver2 ~]# systemctl restart named
[root@dnsserver2 ~]# netstat -tunlp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 10.0.0.150:53 0.0.0.0:* LISTEN 2118/named
tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN 2118/named
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1049/sshd
tcp 0 0 127.0.0.1:953 0.0.0.0:* LISTEN 2118/named
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 1296/master
tcp6 0 0 :::53 :::* LISTEN 2118/named
tcp6 0 0 :::22 :::* LISTEN 1049/sshd
tcp6 0 0 ::1:953 :::* LISTEN 2118/named
tcp6 0 0 ::1:25 :::* LISTEN 1296/master
udp 0 0 10.0.0.150:53 0.0.0.0:* 2118/named
udp 0 0 127.0.0.1:53 0.0.0.0:* 2118/named
udp 0 0 0.0.0.0:68 0.0.0.0:* 1455/dhclient
udp 0 0 0.0.0.0:21652 0.0.0.0:* 1455/dhclient
udp 0 0 127.0.0.1:323 0.0.0.0:* 767/chronyd
udp 0 0 0.0.0.0:2421 0.0.0.0:* 2118/named
udp6 0 0 :::61980 :::* 1455/dhclient
udp6 0 0 :::53 :::* 2118/named
udp6 0 0 ::1:323 :::* 767/chronyd
10、在DNSserver2上检查是否获取正向和反向区域解析数据库文件
[root@dnsserver2 ~]# ll /var/named/slaves/
总用量 8
-rw-r--r--. 1 named named 834 7月 30 09:52 10.0.0.arpa
-rw-r--r--. 1 named named 527 7月 30 09:52 test.zone
到这里DNS服务端搭建完成
三、DNS客户端测试
1、查看客户端主机的IP
[root@dnsclient ~]# ifconfig
ens32: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 10.0.0.129 netmask 255.255.255.0 broadcast 10.0.0.255
inet6 fe80::fe04:212a:5e53:cec4 prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:b3:89:a5 txqueuelen 1000 (Ethernet)
RX packets 22880 bytes 29553230 (28.1 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 4707 bytes 583379 (569.7 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1 (Local Loopback)
RX packets 148 bytes 12796 (12.4 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 148 bytes 12796 (12.4 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
2、测试是否能与服务器端互通
[root@dnsclient ~]# ping -c 3 10.0.0.140
PING 10.0.0.140 (10.0.0.140) 56(84) bytes of data.
64 bytes from 10.0.0.140: icmp_seq=1 ttl=64 time=2.15 ms
64 bytes from 10.0.0.140: icmp_seq=2 ttl=64 time=0.403 ms
64 bytes from 10.0.0.140: icmp_seq=3 ttl=64 time=0.424 ms --- 10.0.0.140 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2003ms
rtt min/avg/max/mdev = 0.403/0.993/2.153/0.820 ms
3、安装bind-utils包
[root@dnsclient ~]# yum install -y bind-utils
[root@dnsclient ~]# rpm -qa bind-utils
bind-utils-9.11.4-16.P2.el7_8.6.x86_64
4、在客户端 /etc/resolv.conf 加入服务端的DNS
[root@dnsclient ~]# vim /etc/resolv.conf
[root@dnsclient ~]# cat /etc/resolv.conf
# Generated by NetworkManager
nameserver 10.0.0.140
nameserver 10.0.0.150
nameserver 8.8.8.8
5、测试
[root@dnsclient ~]# nslookup www.test.com
Server: 10.0.0.140
Address: 10.0.0.140#53 Name: www.test.com
Address: 10.0.0.1
[root@dnsclient ~]# nslookup 10.0.0.1
1.0.0.10.in-addr.arpa name = www.0.0.10.in-addr.arpa. [root@dnsclient ~]# nslookup aaa.test.com
Server: 10.0.0.140
Address: 10.0.0.140#53 Name: aaa.test.com
Address: 10.0.0.2
[root@dnsclient ~]# nslookup 10.0.0.2
2.0.0.10.in-addr.arpa name = aaa.0.0.10.in-addr.arpa. [root@dnsclient ~]# nslookup bbb.test.com
Server: 10.0.0.140
Address: 10.0.0.140#53 Name: bbb.test.com
Address: 10.0.0.3
[root@dnsclient ~]# nslookup 10.0.0.3
3.0.0.10.in-addr.arpa name = bbb.0.0.10.in-addr.arpa. [root@dnsclient ~]# nslookup ccc.test.com
Server: 10.0.0.140
Address: 10.0.0.140#53 Name: ccc.test.com
Address: 10.0.0.4
[root@dnsclient ~]# nslookup 10.0.0.4
4.0.0.10.in-addr.arpa name = ccc.test.com.0.0.10.in-addr.arpa. [root@dnsclient ~]# nslookup ddd.test.com
Server: 10.0.0.140
Address: 10.0.0.140#53 Name: ddd.test.com
Address: 10.0.0.5
[root@dnsclient ~]# nslookup 10.0.0.5
5.0.0.10.in-addr.arpa name = ddd.test.com.0.0.10.in-addr.arpa. [root@dnsclient ~]# nslookup
> server 10.0.0.13
Default server: 10.0.0.13
Address: 10.0.0.13#53
> set q=mx
> test.com
Linux_配置辅助DNS服务(基础)的更多相关文章
- Linux_配置主DNS服务(基础)
[RHEL8]-DNSserver:[Centos7.4]-DNSclient !!!测试环境我们首关闭防火墙和selinux(DNSserver和DNSclient都需要) [root@localh ...
- DNS服务基础原理介绍
FQDN 全称域名 localhost(主机名或者是别名).localdomain(域名) FQDN=主机名.域名 根域 . 顶级域名 .com .n ...
- Bind DNS服务——基础知识
Linux基础--Bind DNS服务 Part0 DNS简介 域名系统(英语:Domain Name System,缩写:DNS)是互联网的一项服务.它作为将域名和IP地址相互映射的一个分布式数据库 ...
- Linux:Day18(上) dns服务基础进阶
DNS:Domain Name Service,协议(C/S,53/udp,53/tcp):应用层协议. BIND:Bekerley Internat Name Domain,ISC(www.isc. ...
- 【Azure 微服务】基于已经存在的虚拟网络(VNET)及子网创建新的Service Fabric并且为所有节点配置自定义DNS服务
问题描述 创建新的Service Fabric集群,可以通过门户,Powershell命令,或者是ARM模板.但是通过门户和PowerShell命令时,创建的SF集群都会自动新建一个虚拟网络而无法使用 ...
- 1、DNS服务基础
w'indows上名称解析目录: C:\Windows\System32\drivers\etc https://jocent.me/2017/06/18/dns-protocol-principle ...
- DNS服务基础
DNS服务器的功能 – 正向解析:根据注册的域名查找其对应的IP地址 – 反向解析:根据IP地址查找对应的注册域名(不常用) NS(声明DNS记录) A(正向解析记录) CNAME(解析记录别名) 安 ...
- linux之DNS服务
1.DNS (Domain Name Service 域名解析) DNS是因特网上作为域名和IP地址相互映射的一个分布式数据库,能够使用户更方便的访问互联网而不需要记忆能够直接被机器识别的IP. BI ...
- DNS服务/etc/rndc.key was found解决办法
问题: [root@localhost ~]# rndc reload rndc: neither /etc/rndc.conf nor /etc/rndc.key was found 解决办法: R ...
随机推荐
- 以Aliyun体验机为例,从零搭建LNMPR环境(下)
使用云服务器搭建 Web 运行环境,尤其是搭建常见的 LNMPR(Linux+Nginx+MySQL+PHP+Redis) 环境,对于开发人员是必备的职场基本技能之一.在这里,借着搭建我的" ...
- 腾讯高级工程师带你玩转打包利器webpack
随着前端领域飞速发展,webpack将前端不断出现的新模块.新资源.新需求,进行自动化整合.梳理.输出,极大提高了我们的工作效率,成为前端构建领域里最炙手可热的构建工具. 不少人webpack 的使用 ...
- 从一个Demo开始,揭开Netty的神秘面纱
本文是Netty系列第5篇 上一篇文章我们对于I/O多路复用.Java NIO包 和 Netty 的关系有了全面的认识. 到目前为止,我们已经从I/O模型出发,逐步接触到了Netty框架.这个过程中, ...
- RedHat 7.6 安装 Mysql 8.0.17
# 查看是否安装mysql rpm -qa | grep -i mysql # 如果有,需要卸载旧版本Mysql及相关依赖包 rpm -e MySQL-client-*** # 查看开机启动服务列表状 ...
- 交换机之间的通信 VLAN和trunk
只有 PC0和PC2可通信,PC1和PC3可通信 将PC0和PC2加入同一个VLAN 将PC1和PC3加入同一个VLAN 将左边的交换机的Fa0/3口开启trunk模式即可(如下图)
- 从中国加入WTO来看Java设计模式:中介者模式
目录 应用场景 中介者模式 定义 意图 主要解决问题 何时使用 优缺点 世界贸易组织WTO 应用场景 系统中对象之间存在比较复杂的引用关系,导致它们之间的依赖关系结构混乱而且难以复用该对象 想通过一个 ...
- Day17_101_IO_FileReaderAndFileWriterCopy
IO_FileReaderAndFileWriterCopy * 代码: import java.io.FileNotFoundException; import java.io.FileReader ...
- Day05_22_实例化对象的JVM内存分析
创建对象的 JVM 内存分析 *new 运算符的作用是创建对象,在JVM堆内存中开辟新的内存空间 *方法区内存:在类加载的时候,class字节码文件被加载到该内存空间当中 *栈内存(局部变量):方法代 ...
- Java JFR 民间指南 - 事件详解 - jdk.ObjectAllocationOutsideTLAB
重新申请 TLAB 分配对象事件:jdk.ObjectAllocationOutsideTLAB 引入版本:Java 11 相关 ISSUES: JFR: RecordingStream leaks ...
- ListBox控件简单的数据绑定
<ListBox Margin="17,8,15,26" Name="ListBoxName" ItemsSource="{Binding Ta ...