配置DNS的主从以及实现域名反向解析
1、配置 bind 服务,实现 www.tianze.org 域名解析
2、配置 bind 服务,实现域名反向解析
3、配置 bind 服务,实现主从 DNS 服务配置
4、配置 bind 服务,实现子域服务器
主DNS服务器
[root@dnsserver ~]#yum -y install bind bind-utils
[root@dnsserver ~]#systemctl enable named.service
[root@dnsserver ~]#systemctl start named.service
[root@dnsserver ~]#vim /etc/named.conf
修改以下内容
13:listen-on port 53 { localhost; };
21:allow-query { any; };
22:allow-transfer { 192.168.1.12; }; #允许DNS数据库传送给哪台主机
36:dnssec-enable no;
37:dnssec-validation no;
[root@dnsserver ~]#rndc reload
[root@dnsserver ~]#vim /var/named/tianze.org.zone
内容如下:
$TTL 1D
@ IN SOA master admin ( 0 1D 1H 3D 1H )
NS master
NS slave
master A 192.168.1.10
slave A 192.168.1.12
www A 192.168.1.10
* A 192.168.1.10
@ A 192.168.1.10
注:括号内0表示序号,如果zone文件发生变化时,应修改序号将新的内容推送给从节点
[root@dnsserver ~]#vim /var/named/reverse.zone
内容如下:
$TTL 1D
@ IN SOA master admin.tianze.org. ( 0 1D 1H 3D 1H )
NS master.tianze.org.
NS slave.tianze.org.
10 PTR master.tianze.org.
12 PTR slave.tianze.org.
10 PTR www.tianze.org.
[root@dnsserver ~]#chown :named /var/named/tianze.org.zone
[root@dnsserver ~]#chmod 640 /var/named/tianze.org.zone
[root@dnsserver ~]#chown :named /var/named/reverse.zone
[root@dnsserver ~]#chmod 640 /var/named/reverse.zone
[root@dnsserver ~]#vim /etc/named.rfc1912.zones
增加以下内容:
12:zone "tianze.org" {
13: type master;
14: file "tianze.org.zone";
15:};
35:zone "1.168.192.in-addr.arpa" {
36: type master;
37: file "reverse.zone";
38:};
[root@dnsserver ~]#named-checkconf
[root@dnsserver ~]#named-checkzone tianze.org /var/named/tianze.org.zone
[root@dnsserver ~]#named-checkzone 1.168.192.in-addr.arpa /var/named/reverse.zone
[root@dnsserver ~]#rndc reload
[root@dnsserver ~]#firewall-cmd --permanent --add-service=dns
[root@dnsserver ~]#firewall-cmd --reload
从DNS服务器
[root@dnsserver ~]#yum install bind bind-utils
[root@dnsserver ~]#systemctl enable named.service
[root@dnsserver ~]#systemctl start named.service
[root@dnsserver ~]#vim /etc/named.conf
修改以下配置
13:listen-on port 53 { localhost; };
21:allow-query { any; };
22:allow-transfer { none; };
[root@dnsserver ~]#vim /etc/named.rfc1912.zones
增加以下内容
12:zone "tianze.org" {
13: type slave;
14: masters { 192.168.1.10; };
15: file "slaves/tianze.org.slave.zone";
16:};
36:zone "1.168.192.in-addr.arpa" {
37: type slave;
38: masters { 192.168.1.10; };
39: file "slaves/reverse.slave.zone";
40:};
[root@dnsserver ~]#named-checkconf
[root@dnsserver ~]#rndc reload
[root@dnsserver ~]#firewall-cmd --permanent --add-service=dns
[root@dnsserver ~]#firewall-cmd --reload
DNS子域服务器
主DNS服务器修改tianze.org.zone
[root@dnsserver ~]#vim /var/named/tianze.org.zone
内容如下:
$TTL 1D
@ IN SOA master admin ( 1 1D 1H 3D 1H ) #序列由原来的0改为1
NS master
NS slave
k8s NS ns #增加k8s子域NS服务器
master A 192.168.1.10
slave A 192.168.1.12
ns A 192.168.1.13 #增加NS服务器A记录
www A 192.168.1.10
* A 192.168.1.10
@ A 192.168.1.10
DNS子域服务器bind安装及配置
[root@dnsserver ~]#yum -y install bind bind-utils
[root@dnsserver ~]#systemctl start named.service
[root@dnsserver ~]#systemctl enable named.service
[root@dnsserver ~]#vim /etc/named.conf
修改以下内容
13:listen-on port 53 { localhost; };
21:allow-query { any; };
[root@dnsserver ~]#vim /var/named/k8s.tianze.org.zone
内容如下:
$TTL 1D
@ IN SOA ns admin ( 0 1H 10M 1D 1H )
NS ns
ns A 192.168.1.13
master A 192.168.1.15
node A 192.168.1.16
etcd A 192.168.1.17
[root@dnsserver ~]#vim /etc/named.rfc1912.zones
第12行增加以下内容
zone "k8s.tianze.org" {
type master;
file "k8s.tianze.org.zone";
};
[root@dnsserver ~]#chown :named /var/named/k8s.tianze.org.zone
[root@dnsserver ~]#chmod 640 /var/named/k8s.tianze.org.zone
[root@dnsserver ~]#named-checkconf
[root@dnsserver ~]#named-checkzone k8s.tianze.org /var/named/k8s.tianze.org.zone
[root@dnsserver ~]#rndc reload
[root@dnsserver ~]#firewall-cmd --permanent --add-service=dns
[root@dnsserver ~]#firewall-cmd --reload
测试
[root@dnsserver ~]#dig master.k8s.tianze.org @192.168.1.13
[root@dnsserver ~]#dig node.k8s.tianze.org @192.168.1.10
浙公网安备 33010602011771号