DNS 03-DNS配置实例
正向解析配置
cat /var/named/chroot/etc/liang.com.zone $ORIGIN . $TTL 3600 ; 1 hour liang.com IN SOA op.liang.com. dns.liang.com. ( 2001 ; serial 900 ; refresh (15 minutes) 600 ; retry (10 minutes) 86400 ; expire (1 day) 3600 ; minimum (1 hour) ) NS op.liang.com. $ORIGIN liang.com. op A 10.124.124.90 ;A dns-m A 10.124.124.90 dns-s A 10.124.124.91 glusterfs1 A 10.124.124.81 dns CNAME dns-m.liang.com. mx MX 5 10.124.124.90 ;优先级,MX值越小越高
反向解析配置
主DNS服务器配置
cat /var/named/chroot/etc/view.conf zone "124.10.in-addr.arpa" { type master; file "124.10.zone"; allow-transfer { 10.124.124.91; }; notify yes; also-notify { 10.124.124.91; };cat /var/named/chroot/etc/124.10.zone $TTL 3600 @ IN SOA op.liang.com. dns.liang.com. ( 2001 ; serial 900 ; refresh (15 minutes) 600 ; retry (10 minutes) 86400 ; expire (1 day) 3600 ; minimum (1 hour) ) NS op.liang.com. 90.124 IN PTR dns-m.liang.com 90.124 IN PTR dns.liang.com 91.124 IN PTR dns-s.liang.com修改区域文件权限,并重新加载配置文件
chown named.named /var/named/chroot/etc/124.10.zone rndc reload注意:每次同步时都需要更改serial版本号,不然slave无法同步
从DNS服务器配置
cat /var/named/chroot/etc/view.conf view "SlaveView" { zone "liang.com" { type slave; masters {10.124.124.90;}; file "slave.liang.com.zone"; }; zone "124.10.in-addr.arpa" { type slave; masters {10.124.124.90;}; file "slave.124.10.zone"; }测试
[root@glusterfs2 ~]# host 10.124.124.82 10.124.124.90 Using domain server: Name: 10.124.124.90 Address: 10.124.124.90#53 Aliases: 82.124.124.10.in-addr.arpa domain name pointer glusterfs2.liang.com.124.10.in-addr.arpa. [root@glusterfs2 ~]#
DNS负载均衡配置
cat /var/named/chroot/etc/liang.com.zone $ORIGIN . $TTL 3600 ; 1 hour liang.com IN SOA op.liang.com. dns.liang.com. ( 2001 ; serial 900 ; refresh (15 minutes) 600 ; retry (10 minutes) 86400 ; expire (1 day) 3600 ; minimum (1 hour) ) NS op.liang.com. $ORIGIN liang.com. op A 10.124.124.90 saltStack A 10.124.124.78 saltStack A 10.124.124.79 saltStack A 10.124.124.80测试:
[root@glusterfs2 ~]# nslookup saltStack.liang.com 10.124.124.90 Server: 10.124.124.90 Address: 10.124.124.90#53 Name: saltStack.liang.com Address: 10.124.124.79 Name: saltStack.liang.com Address: 10.124.124.80 Name: saltStack.liang.com Address: 10.124.124.78 [root@glusterfs2 ~]#
智能DNS配置
添加配置
cat /var/named/chroot/etc/named.conf #访问IP组 acl group1 { 10.124.124.90; 10.124.124.78; 10.124.124.80; 10.124.124.79; }; acl group2 { 10.124.124.91; 10.124.124.81; 10.124.124.82; 10.124.124.83; 10.124.124.84; };cat /var/named/chroot/etc/view.conf view "GROUP1" { match-clients {group1;}; zone "liang.com" { type master; file "group1.liang.com.zone"; allow-transfer { 10.124.124.91; }; notify yes; also-notify { 10.124.124.91; }; }; }; view "GROUP2" { match-clients {group2;}; zone "liang.com" { type master; file "group2.liang.com.zone"; allow-transfer { 10.124.124.91; }; notify yes; also-notify { 10.124.124.91; }; }; };配置从DNS服务器
cat /var/named/chroot/etc/view.conf view "SlaveView" { zone "liang.com" { type slave; masters {10.124.124.90;}; file "slave.liang.com.zone"; }; } view "SlaveGROUP1" { match-clients {group1;}; zone "liang.com" { type slave; masters {10.124.124.90;}; file "slave.group1.liang.com.zone"; }; }; view "SlaveGROUP2" { match-clients {group2;}; zone "liang.com" { type slave; masters {10.124.124.90;}; file "slave.group2.liang.com.zone"; }; };配置区域文件
cat /var/named/chroot/etc/group1.liang.com.zone $ORIGIN . $TTL 3600 ; 1 hour liang.com IN SOA op.liang.com. dns.liang.com. ( 2001 ; serial 900 ; refresh (15 minutes) 600 ; retry (10 minutes) 86400 ; expire (1 day) 3600 ; minimum (1 hour) ) NS op.liang.com. $ORIGIN liang.com. op A 10.124.124.90 saltStack A 10.124.124.78 saltStack A 10.124.124.79 saltStack A 10.124.124.80cat /var/named/chroot/etc/group2.liang.com.zone $ORIGIN . $TTL 3600 ; 1 hour liang.com IN SOA op.liang.com. dns.liang.com. ( 2001 ; serial 900 ; refresh (15 minutes) 600 ; retry (10 minutes) 86400 ; expire (1 day) 3600 ; minimum (1 hour) ) NS op.liang.com. $ORIGIN liang.com. op A 10.124.124.91 saltStack A 10.124.124.78 saltStack A 10.124.124.79 saltStack A 10.124.124.80修改区域文件权限,并重新加载配置文件
chown named.named /var/named/chroot/etc/group*.liang.com.zone rndc reload
浙公网安备 33010602011771号