Board logo

标题: CentOS8_DNS主从域名服务器 [打印本页]
作者: admin    时间: 2020-6-3 16:45     标题: CentOS8_DNS主从域名服务器

主域名服务器,通常架设在Internet环境中,提供某一个域或某几个域内的主机名与IP地址的查询服务。为了分担域名查询的压力,提供区域数据的备份,有时还会另外架设一台从域名服务器,与主域名服务器同时提供服务。 主域名服务器(dns1.zhuohua):192.168.168.154/24 从域名服务器(dns2.zhuohua):192.168.168.155/24 实验中使用的DNS域名: happy.store、funny.store DNS软件的安装可参考:CentOS8_DNS缓存域名服务器 实验中,两台域名服务器的防火墙配置:(TCP 53和UDP 53) firewall-cmd --zone=public --add-port=53/tcp --permanent firewall-cmd --zone=public --add-port=53/udp --permanent 使规则生效: firewall-cmd --reload 注释:不打开TCP 53端口,数据同步失败。 ### 主域名服务器(dns1.zhuohua)的主配置文件: cat >/etc/named.conf<< EOF options { listen-on port 53 { any; }; listen-on-v6 port 53 { ::1; }; directory "/var/named"; dump-file "/var/named/data/cache_dump.db"; statistics-file "/var/named/data/named_stats.txt"; memstatistics-file "/var/named/data/named_mem_stats.txt"; allow-query { any; }; recursion yes; dnssec-enable yes; dnssec-validation yes; /* Path to ISC DLV key */ bindkeys-file "/etc/named.iscdlv.key"; managed-keys-directory "/var/named/dynamic"; }; logging { channel default_debug { file "data/named.run"; severity dynamic; }; }; zone "happy.store" IN { type master; file "happy.store.zone"; notify yes; also-notify { 192.168.168.155; }; allow-transfer { 192.168.168.155; }; }; zone "funny.store" IN { type master; file "funny.store.zone"; notify yes; also-notify { 192.168.168.155; }; allow-transfer { 192.168.168.155; }; }; include "/etc/named.rfc1912.zones"; include "/etc/named.root.key"; EOF ### 新建正向解析数据库文件:( happy.store.zone ) [root@dns1 ~]# vi /var/named/happy.store.zone $TTL 86400 @ IN SOA happy.store. admin.happy.store. ( 1 ; serial (d. adams) 3H ; refresh 15M ; retry 1W ; expiry 1D ) ; minimum @ IN NS dns1.zhuohua. @ IN NS dns2.zhuohua. ftp IN A 192.168.168.21 bbs IN A 192.168.168.60 mail IN A 192.168.168.25 IN MX 10 mail.happy.store. www IN A 192.168.168.80 ww IN CNAME www ###### 新建正向解析数据库文件:( funny.store.zone ) [root@dns1 ~]# vi /var/named/funny.store.zone $TTL 86400 @ IN SOA funny.store. admin.funny.store. ( 1 ; serial (d. adams) 3H ; refresh 15M ; retry 1W ; expiry 1D ) ; minimum @ IN NS dns1.zhuohua. @ IN NS dns2.zhuohua. ftp IN A 192.168.168.33 bbs IN A 192.168.168.66 mail IN A 192.168.168.55 IN MX 10 mail.funny.store. www IN A 192.168.168.88 ww IN CNAME www ### 设置文件属性: chown named:named /etc/named.conf chown named:named /var/named/happy.store.zone chown named:named /var/named/funny.store.zone 重启DNS服务: [root@dns001 ~]# systemctl restart named 客户机的DNS地址指向DNS主域名服务器 图片1.png 备注:这是有DHCP服务器分配了IP地址和网关。 客户端测试: 图片2.png 客户端测试:( nslookup ) 图片3.png happy.store 图片4.png 图片5.png funny.store 图片6.png 图片7.png ### 从域名服务器(dns2.zhuohua)的主配置文件: cat >/etc/named.conf<< EOF options { listen-on port 53 { any; }; listen-on-v6 port 53 { ::1; }; directory "/var/named"; dump-file "/var/named/data/cache_dump.db"; statistics-file "/var/named/data/named_stats.txt"; memstatistics-file "/var/named/data/named_mem_stats.txt"; allow-query { any; }; recursion yes; dnssec-enable yes; dnssec-validation yes; /* Path to ISC DLV key */ bindkeys-file "/etc/named.iscdlv.key"; managed-keys-directory "/var/named/dynamic"; }; logging { channel default_debug { file "data/named.run"; severity dynamic; }; }; zone "happy.store" IN { type slave; masters { 192.168.168.154; }; file "slaves/happy.store.zone"; }; zone "funny.store" IN { type slave; masters { 192.168.168.154; }; file "slaves/funny.store.zone"; }; include "/etc/named.rfc1912.zones"; include "/etc/named.root.key"; EOF ### 设置文件属性: chown named:named /etc/named.conf 重启DNS服务: [root@dns2 ~]# systemctl restart named 主域名服务器(dns1.zhuohua)也要重启DNS服务: [root@dns001 ~]# systemctl restart named 数据同步成功的话,从域名服务器(dns2.zhuohua)会自动生成正向解析数据库文件:( happy.store.zone 、funny.store.zone ) [root@dns2 slaves]# pwd /var/named/slaves [root@dns2 slaves]# ll 总用量 8 -rw-r--r--. 1 named named 464 6月 3 13:05 funny.store.zone -rw-r--r--. 1 named named 464 6月 3 13:03 happy.store.zone 注释:这里的正向解析数据库文件是查看不了的。 客户机的DNS地址指向DNS从域名服务器 图片8.png 备注:这是有DHCP服务器分配了IP地址和网关。 客户端测试: 图片9.png 客户端测试:( nslookup ) 图片10.png happy.store 图片11.png funny.store 图片12.png 如果想修域名信息,应在主域名服务器(dns1.zhuohua)的正向解析数据库文件里修改: [root@dns1 ~]# vi /var/named/happy.store.zone [root@dns1 ~]# vi /var/named/funny.store.zone 要想slave对应的域名信息自动同步master的,就需要修改master对应的解析数据库文件的serial值(要比原来的值大);例如修改了/var/named/funny.store.zone的数据信息,就必须调大这个文件的serial值,如下图: 图片13.png 图片14.png 然后还需要在master重启DNS服务: [root@dns001 ~]# systemctl restart named slave对应的解析数据库文件就会自动同步的了 图片15.png 笺注: 正常的话,客户端无论使用哪个DNS服务器,其解析效果都应一样。

图片附件: 图片1.png (2020-6-3 16:40, 27.5 KB) / 下载次数 141
http://blog.zhuohua.store/attachment.php?aid=7916&k=bada8699fc43cf2474bbfd0a4a613e23&t=1714351565&sid=IU2Ulu



图片附件: 图片2.png (2020-6-3 16:40, 27.23 KB) / 下载次数 145
http://blog.zhuohua.store/attachment.php?aid=7917&k=fe71ba17252cd794d45a89348039884f&t=1714351565&sid=IU2Ulu



图片附件: 图片3.png (2020-6-3 16:41, 11.42 KB) / 下载次数 155
http://blog.zhuohua.store/attachment.php?aid=7918&k=d31bf8821612b13f363db50af1f43d5e&t=1714351565&sid=IU2Ulu



图片附件: 图片4.png (2020-6-3 16:41, 4.17 KB) / 下载次数 161
http://blog.zhuohua.store/attachment.php?aid=7919&k=842eb6174565654fbaf4f85d53211720&t=1714351565&sid=IU2Ulu



图片附件: 图片5.png (2020-6-3 16:41, 6.32 KB) / 下载次数 151
http://blog.zhuohua.store/attachment.php?aid=7920&k=0d9b733b1b6b4159acd2edcc90e1b23a&t=1714351565&sid=IU2Ulu



图片附件: 图片6.png (2020-6-3 16:41, 4.06 KB) / 下载次数 154
http://blog.zhuohua.store/attachment.php?aid=7921&k=42b25ca32a911354dc74c23032b53a2c&t=1714351565&sid=IU2Ulu



图片附件: 图片7.png (2020-6-3 16:42, 6.36 KB) / 下载次数 155
http://blog.zhuohua.store/attachment.php?aid=7922&k=e3d254e69a664744467949a69e27e604&t=1714351565&sid=IU2Ulu



图片附件: 图片8.png (2020-6-3 16:43, 25.29 KB) / 下载次数 152
http://blog.zhuohua.store/attachment.php?aid=7923&k=8705599c2e45020b58d001f318258497&t=1714351565&sid=IU2Ulu



图片附件: 图片9.png (2020-6-3 16:43, 20.07 KB) / 下载次数 142
http://blog.zhuohua.store/attachment.php?aid=7924&k=f0b76cf07ac2579ac4a49cd9f2b31ed0&t=1714351565&sid=IU2Ulu



图片附件: 图片10.png (2020-6-3 16:43, 10.84 KB) / 下载次数 146
http://blog.zhuohua.store/attachment.php?aid=7925&k=b3c87688c6387f95ba333291fc88b0b6&t=1714351565&sid=IU2Ulu



图片附件: 图片11.png (2020-6-3 16:44, 4.82 KB) / 下载次数 159
http://blog.zhuohua.store/attachment.php?aid=7926&k=fb2b3b4d7d374f921e0ff0406328ccbe&t=1714351565&sid=IU2Ulu



图片附件: 图片12.png (2020-6-3 16:44, 4.78 KB) / 下载次数 148
http://blog.zhuohua.store/attachment.php?aid=7927&k=94b63e1d9ed5f0812c5666815b53d35a&t=1714351565&sid=IU2Ulu



图片附件: 图片13.png (2020-6-3 16:44, 14.34 KB) / 下载次数 150
http://blog.zhuohua.store/attachment.php?aid=7928&k=62e3e0d31105a381ec11525646fb83a9&t=1714351565&sid=IU2Ulu



图片附件: 图片14.png (2020-6-3 16:44, 11.9 KB) / 下载次数 144
http://blog.zhuohua.store/attachment.php?aid=7929&k=01c3eec205441d62858d8ddc7c7cea3c&t=1714351565&sid=IU2Ulu



图片附件: 图片15.png (2020-6-3 16:45, 4.73 KB) / 下载次数 148
http://blog.zhuohua.store/attachment.php?aid=7930&k=92c0da89fba3287dc3f458be7fc0f577&t=1714351565&sid=IU2Ulu





欢迎光临 blog.zhuohua.store (http://blog.zhuohua.store/) Powered by Discuz! 7.2