本文详细介绍了如何在服务器上安装并配置主从DNS服务器,包括环境准备、DNS服务安装、配置文件修改、服务启动及测试过程,确保客户机能够通过主从DNS服务器正常解析域名。
构建域名为fy.com,主机名www的域名,构建主从DNS服务器,客户机通过主从DNS服务器可以正常解析域名
一:实验环境的准备:关闭防火墙、关闭核心防护、设置DNS地址
server1:
server2:
server3:
二、安装DNS服务
[root@server1 Packages]# rpm -ivh bind-9.9.4-50.el7.x86_64.rpm
警告:bind-9.9.4-50.el7.x86_64.rpm: 头V3 RSA/SHA256 Signature, 密钥 ID f4a80eb5: NOKEY
准备中... ################################# [100%]
软件包 bind-32:9.9.4-50.el7.x86_64 已经安装
[root@server1 Packages]#
[root@server2 ~]# cd /mnt/Packages
[root@server2 Packages]# rpm -ivh bind-9.9.4-50.el7.x86_64.rpm
警告:bind-9.9.4-50.el7.x86_64.rpm: 头V3 RSA/SHA256 Signature, 密钥 ID f4a80eb5: NOKEY
警告:Failed to open SELinux handle.
准备中... ################################# [100%]
软件包 bind-32:9.9.4-50.el7.x86_64 已经安装
[root@server2 Packages]#
三、修改配置文件
[root@server1 Packages]# vi /etc/named.conf
options {
listen-on port 53 { 192.168.111.10; }; #改成服务器地址
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { any; }; #设置为任何人都能访问,也可以设置为IP地址网段
[root@server1 Packages]# vi /etc/named.rfc1912.zones
zone "fy.com" IN {
type master;
file "fy.com.zone";
allow-transfer { 192.168.111.20; };
also-notify { 192.168.111.20; };
};
zone "0.0.20.in-addr.arpa" IN {
type master;
file "fy.com.local";
allow-transfer { 192.168.111.20; };
};
[root@server1 named]# cp -p named.localhost fy.com.local
[root@server1 named]# cp -p named.loopback fy.com.zone
编辑反向区域文件
[root@server1 named]# vi fy.com.local
$TTL 1D
@ IN SOA fy.com. rname.invalid. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS fy.com.
A 192.168.111.10
19 IN PTR www.fy.com.
20 IN PTR ftp.fy.com.
编辑正向区域文件
[root@server1 named]# vi fy.com.zone
$TTL 1D
@ IN SOA @ rname.invalid. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS @
A 192.168.111.10
www IN A 192.168.111.10
ftp IN A 192.168.111.20
mail IN CNAME www
启动DNS服务
[root@server1 named]# systemctl start named.service
[root@server1 named]# netstat -anptu | grep named
tcp 0 0 192.168.111.10:53 0.0.0.0:* LISTEN 3522/named
tcp 0 0 127.0.0.1:953 0.0.0.0:* LISTEN 3522/named
tcp6 0 0 ::1:53 :::* LISTEN 3522/named
tcp6 0 0 ::1:953 :::* LISTEN 3522/named
udp 0 0 192.168.111.10:53 0.0.0.0:* 3522/named
udp6 0 0 ::1:53 :::* 3522/named
四、本机测试DNS
[root@server1 ~]# nslookup www.fy.com
Server: 192.168.111.10
Address: 192.168.111.10#53
Name: www.fy.com
Address: 192.168.111.10
[root@server1 ~]# nslookup ftp.fy.com
Server: 192.168.111.10
Address: 192.168.111.10#53
Name: ftp.fy.com
Address: 192.168.111.20
[root@server1 ~]# nslookup mail.fy.com
Server: 192.168.111.10
Address: 192.168.111.10#53
mail.fy.com canonical name = www.fy.com.
Name: www.fy.com
Address: 192.168.111.10
修改从DNS配置文件
[root@server2 Packages]# vi /etc/named.conf
options {
listen-on port 53 { 192.168.111.20; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { any; };
[root@server2 Packages]# vi /etc/named.rfc1912.zones
zone "fy.com" IN {
type slave;
masters { 192.168.111.10; };
allow-notify { 192.168.111.10; };
file "slaves/fy.com.zone";
};
zone "111.168.192.in-addr.arpa" IN {
type slave;
masters { 192.168.111.10; };
allow-notify { 192.168.111.10; };
file "slaves/fy.com.local";
};
[root@server2 Packages]# systemctl restart named.service
[root@server2 Packages]# netstat -anptu | grep named
tcp 0 0 192.168.111.20:53 0.0.0.0:* LISTEN 55309/named
tcp 0 0 127.0.0.1:953 0.0.0.0:* LISTEN 55309/named
tcp6 0 0 ::1:53 :::* LISTEN 55309/named
tcp6 0 0 ::1:953 :::* LISTEN 55309/named
udp 0 0 192.168.111.20:53 0.0.0.0:* 55309/named
udp6 0 0 ::1:53 :::* 55309/named
五、本机测试DNS
[root@server2 ~]# nslookup www.fy.com
Server: 192.168.111.10
Address: 192.168.111.10#53
Name: www.fy.com
Address: 192.168.111.10
[root@server2 ~]# nslookup ftp.fy.com
Server: 192.168.111.10
Address: 192.168.111.10#53
Name: ftp.fy.com
Address: 192.168.111.20
[root@server2 ~]# nslookup mail.fy.com
Server: 192.168.111.10
Address: 192.168.111.10#53
mail.fy.com canonical name = www.fy.com.
Name: www.fy.com
Address: 192.168.111.10
六、客户机测试DNS服务器
[root@server3 ~]# nslookup www.fy.com
Server: 192.168.111.10
Address: 192.168.111.10#53
Name: www.fy.com
Address: 192.168.111.10
[root@server3 ~]# nslookup ftp.fy.com
Server: 192.168.111.10
Address: 192.168.111.10#53
Name: ftp.fy.com
Address: 192.168.111.20
[root@server3 ~]# nslookup mail.fy.com
Server: 192.168.111.10
Address: 192.168.111.10#53
mail.fy.com canonical name = www.fy.com.
Name: www.fy.com
Address: 192.168.111.10
七、关闭主DNS服务器再用客户机测试DNS
[root@server3 ~]# nslookup www.fy.com
Server: 192.168.111.20
Address: 192.168.111.20#53
Name: www.fy.com
Address: 192.168.111.10
[root@server3 ~]# nslookup ftp.fy.com
Server: 192.168.111.20
Address: 192.168.111.20#53
Name: ftp.fy.com
Address: 192.168.111.20
[root@server3 ~]# nslookup mail.fy.com
Server: 192.168.111.20
Address: 192.168.111.20#53
mail.fy.com canonical name = www.fy.com.
Name: www.fy.com
Address: 192.168.111.10
扫一扫
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
