第9周作业 DNS服务器配置
1、配置 bind 服务,实现 www.magedu.org 域名解析
DNS服务器端安装配置
[root@centos8 ~]# yum install -y bind [root@centos8 ~]# vim /etc/named.conf ##更改以下内容 options { listen-on port 53 { localhost; }; ##监听本地的IP地址,或者前加“//”注释掉此行,默认为监听本地IP地址。 allow-query { any; }; ##允许所有地址进行查询;或者前加“//”注释掉此行,默认所有地址可查询。 dnssec-enable no; ##关闭加密验证 dnssec-validation no; } [root@centos8 ~]# vim /etc/named.rfc1912.zones ##添加以下内容 zone "magedu.org" IN { type master; file "magedu.org.zone"; }; [root@centos8 ~]# cd /var/named/ [root@centos8 named]# cp -p named.localhost magedu.org.zone ##注意复制时保留原来的权限与属主属组 [root@centos8 named]# vim magedu.org.zone $TTL 1D @ IN SOA master admin.magedu.org. ( 1 ; serial ##版本号 1D ; refresh ##刷新时间 1H ; retry ##再次尝试刷新时间 1W ; expire ## 过期时间 3H ) ; minimum ##否定答案的TTL值 NS master master A 10.0.0.128 www A 10.0.0.135 blog CNAME www [root@centos8 named]# systemctl start named ##第一次启动,启动过的用“rndc reload” 服务器端进行测试,dig,host,或者nslookup都可以。 客户端测试 [root@centos7 ~]# yum install -y bind-utils #客户端安装bind [root@centos7 ~]# dig www.magedu.org
2、配置 bind 服务,实现域名反向解析
DNS服务器端安装配置
[root@centos8 ~]# yum install -y bind [root@centos8 ~]# vim /etc/named.conf options { listen-on port 53 { localhost; }; allow-query { any; }; dnssec-enable no; dnssec-validation no; } [root@centos8 named]# vim /etc/named.rfc1912.zones zone "0.0.0.in-addr.arpa" IN { type master; file "10.0.0.zone"; }; [root@centos8 ~]# cd /var/named/ [root@centos8 named]# cp -p named.loopback 10.0.0.zone [root@centos8 named]# vim 10.0.0.zone $TTL 1D @ IN SOA ns1 admin.magedu.org. ( 0 ; serial 1D ; refresh 1H ; retry 1W ; expire 3H ) ; minimum NS ns1.magedu.org. 136 PTR www.magedu.org. [root@centos8 named]# named-checkzone 0.0.10.in-addr.arpa 10.0.0.zone zone 0.0.10.in-addr.arpa/IN: loaded serial 0 OK 客户端测试 [root@centos7 ~]# yum install -y bind-utils #客户端安装bind [root@centos7 ~]# dig -x 10.0.0.136 @10.0.0.128
3、配置 bind 服务,实现主从 DNS 服务配置:
主DNS服务器端安装配置
[root@centos8 ~]# yum install -y bind [root@centos8 ~]# vim /etc/named.conf options { listen-on port 53 { localhost; }; allow-query { any; }; allow-transfer { 10.0.0.129; }; dnssec-enable no; dnssec-validation no; } [root@centos8 ~# vim /etc/named.rfc1912.zones zone "magedu.org" IN { type master; file "magedu.org.zone"; }; [root@centos8 named]# cp -p named.localhost magedu.org.zone [root@centos8 named]# vim magedu.org.zone $TTL 1D @ IN SOA master admin.magedu.org. ( 1 ; serial ##版本号 1D ; refresh ##刷新时间 1H ; retry ##再次尝试刷新时间 1W ; expire ## 过期时间 3H ) ; minimum ##否定答案的TTL值 NS master NS slave master A 10.0.0.128 slave A 10.0.0.129 www A 10.0.0.139 [root@centos8 ~]# rndc reload
#从DNS服务器配置 [root@centos8 ~]# yum install -y bind [root@centos8 ~]# vim /etc/named.conf options { listen-on port 53 { localhost; }; allow-query { any; }; allow-transfer { none; }; ... dnssec-enable no; dnssec-validation no; } [root@centos8 ~]# vim /etc/named.rfc1912.zones zone "magedu.org" IN { type slave; masters { 10.0.0.128; } file "/var/named/slaves/magedu.org.zone.slave"; }; [root@centos8 ~]# systemctl start named [root@centos8 ~]# rndc reload [root@centos8 ~]# ls /var/named/slaves -rw-r--r-- 1 named named 361 7月 25 23:27 magedu.org.szone.slave 客户端测试 [root@centos7 ~]# yum install -y bind-utils [root@centos7 ~]# vim /etc/resolv.conf # Generated by NetworkManager search localdomain nameserver 10.0.0.128 nameserver 10.0.0.129 [root@centos7 ~]# dig www.magedu.org
[root@centos7 ~]# dig www.magedu.org @10.0.0.129
4、 配置 bind 服务,实现子域服务器
父DNS服务器配置
[root@centos8 ~]# yum install -y bind [root@centos8 ~]# vim /etc/named.conf options { listen-on port 53 { localhost; }; allow-query { any; }; dnssec-enable no; dnssec-validation no; } [root@centos8 ~]# vim /etc/named.rfc1912.zones zone "magedu.org" IN { type master; file "magedu.org.zone"; }; [root@centos8 named]# cp -p named.localhost magedu.org.zone [root@centos8 named]# vim magedu.org.zone $TTL 1D @ IN SOA master admin.magedu.org. ( 2 ; serial 1D ; refresh 1H ; retry 1W ; expire 3H ) ; minimum NS master shenzhen NS shenzhenns shenzhenns A 10.0.0.129 master A 10.0.0.128 [root@centos8 ~]# rndc reload 子DNS服务器配置 [root@centos8 ~]# yum install -y bind [root@centos8 ~]# vim /etc/named.conf options { listen-on port 53 { localhost; }; allow-query { any; }; allow-transfer { none; }; dnssec-enable no; dnssec-validation no; } [root@centos8 ~]# vim /etc/named.rfc1912.zones zone "shenzhen.magedu.org" IN { type master; file "shenzhen.magedu.org.zone"; }; [root@centos8 named]# cp -p named.localhost shenzhen.magedu.org.zone [root@centos8 named]# vim magedu.org.zone $TTL 1D @ IN SOA master admin.magedu.org. ( 0 ; serial 1D ; refresh 1H ; retry 1W ; expire 3H ) ; minimum NS master master A 10.0.0.129 www A 10.0.0.138 [root@centos8 ~]# rndc reload 客户端测试 [root@centos7 ~]# dig www.shenzhen.magedu.org
浙公网安备 33010602011771号