服务器管理—DNS

一、BIND实现正向区解析

1.先安装包yum install bind

[root@mysqlb ]# yum install bind -y

2.修改配置文件

[root@mysqlb named]# vim /etc/named.conf

options {
        listen-on port 53 { 127.0.0.1;any; };  #any是任意地址 也可以用 192.168.88.0
        listen-on-v6 port 53 { ::1; };
        directory       "/var/named";
        dump-file       "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
        memstatistics-file "/var/named/data/named_mem_stats.txt";
        recursing-file  "/var/named/data/named.recursing";
        secroots-file   "/var/named/data/named.secroots";
        allow-query     { localhost;any; };    #any是任意地址 也可以用 192.168.88.0

include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";

zone "panda.com" IN {
        type master;
        file "named.panda";
};

2.拷贝一个文件

[root@mysqlb named]# cp -a named.localhost named.panda  # -a 把源文件的权限都跟着拷贝过来

[root@mysqlb named]# ls
data     named.ca     named.localhost  named.panda
dynamic  named.empty  named.loopback   slaves

3.更改/var/named/named.panda

$TTL 1D
@       IN SOA  @ root.panda.com. (
                                20190715        ; serial
                                        1D      ; refresh
                                        1H      ; retry
                                        1W      ; expire
                                        3H )    ; minimum
        NS      @ 本地地址
        NS      dns2.panda.com.
        NS      dns3
        A       192.168.88.101
dns2    A       192.168.88.102
dns3    A       192.168.88.103
www     A       192.168.88.103
ftp     A       192.168.88.102
~           

4.启动服务

[root@mysqlb named]# systemctl restart named

5.切换用户

[root@slave1 ~]# vim /etc/resolv.conf

# Generated by NetworkManager
search com
nameserver 192.168.88.101
~                           

6.先安装dig   (rpm -qf  `which dig`)查看dig所在那个包

[root@slave1 ~]# rpm -qf `which dig`
bind-utils-9.9.4-74.el7_6.1.x86_64　　

[root@slave1 ~]# dig panda.com

[root@slave1 ~]# dig panda.com

; <<>> DiG 9.9.4-RedHat-9.9.4-74.el7_6.1 <<>> panda.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 49970
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 3, ADDITIONAL: 3

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;panda.com.			IN	A

;; ANSWER SECTION:
panda.com.		86400	IN	A	192.168.88.101

;; AUTHORITY SECTION:
panda.com.		86400	IN	NS	dns3.panda.com.
panda.com.		86400	IN	NS	panda.com.
panda.com.		86400	IN	NS	dns2.panda.com.

;; ADDITIONAL SECTION:
dns2.panda.com.		86400	IN	A	192.168.88.102
dns3.panda.com.		86400	IN	A	192.168.88.103

;; Query time: 0 msec
;; SERVER: 192.168.88.101#53(192.168.88.101)
;; WHEN: 一 7月 15 17:06:17 CST 2019
;; MSG SIZE  rcvd: 138

　二.BIND实现反向区解析

1.先修改配置文件

[root@mysqlb ]# vim /etc/named.conf

include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";

zone "panda.com" IN {
        type master;
        file "named.panda";
};

zone "88.168.192.in-addr.arpa"  {   　　#必须有in-addr。arpa
        type master;
        file "named.88.168.192";
};

2.拷贝一个文件

[root@mysqlb named]# cp -a named.panda named.88.168.192   　　# -a 拷贝之前文件的所有权限
[root@mysqlb named]# ls
data     named.88.168.192  named.empty      named.loopback  slaves
dynamic  named.ca          named.localhost  named.panda

3.更改[root@mysqlb named]# vim named.88.168.192

$TTL 1D
@       IN SOA  @ root. (
                                201907  ; serial
                                        1D      ; refresh
                                        1H      ; retry
                                        1W      ; expire
                                        3H )    ; minimum
        NS      @
        A       192.168.88.101
101     PTR     mysqld.panda.com.　　反向用PTR
102     PTR     slave1.panda.com.

4.重启服务

systemctl restart named

5.切换虚拟机查看

[root@slave1 ~]# dig -x 192.168.88.101

; <<>> DiG 9.9.4-RedHat-9.9.4-74.el7_6.1 <<>> -x 192.168.88.101
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 35873
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;101.88.168.192.in-addr.arpa.	IN	PTR

;; ANSWER SECTION:
101.88.168.192.in-addr.arpa. 86400 IN	PTR	mysqld.panda.com.

;; AUTHORITY SECTION:
88.168.192.in-addr.arpa. 86400	IN	NS	88.168.192.in-addr.arpa.

;; ADDITIONAL SECTION:
88.168.192.in-addr.arpa. 86400	IN	A	192.168.88.101

;; Query time: 0 msec
;; SERVER: 192.168.88.101#53(192.168.88.101)
;; WHEN: 一 7月 15 20:06:29 CST 2019
;; MSG SIZE  rcvd: 116

　三.主从DNS服务

 

[root@mysqlb named]# scp /etc/named.conf  192.168.88.103:/etc/

named.conf                                        100% 1953   119.5KB/s   00:00

切换虚拟机

[root@slave2 etc]# vim /etc/named.conf

zone "panda.com" IN {
        type slave;
        masters { 192.168.88.101; };
        file "slaves/named.panda";
};

zone "88.168.192.in-addr.arpa" {
        type slave;
        masters { 192.168.88.101; };
        file "slaves/named.88.168.192";
};

切换虚拟机

[root@slave1 ~]# cat /etc/resolv.conf
# Generated by NetworkManager
search com
nameserver 192.168.88.103
[root@slave1 ~]# nslookup
> www.panda.com
Server:		192.168.88.103
Address:	192.168.88.103#53

Name:	www.panda.com
Address: 192.168.88.103
> 192.168.88.102
Server:		192.168.88.103
Address:	192.168.88.103#53

102.88.168.192.in-addr.arpa	name = slave1.panda.com.