DNS------主从服务器搭建及批量解析

本文介绍如何配置DNS主从服务器,包括主服务器和从服务器的配置步骤,以及如何实现正向和反向批量解析。

摘要生成于 C知道 ,由 DeepSeek-R1 满血版支持, 前往体验 >

配置主从服务器

主DNS服务器: 维护所负责解析的域内解析库的服务器;解析库由管理维护
从DNS服务器:从主DNS服务器或其它的从DNS服务器那里“复制”(区域传递)一份解析库

主服务器配置
[root@localhost ~]# vim /etc/named.conf

//
// named.conf
//
// Provided by Red Hat bind package to configure the ISC BIND named(8) DNS
// server as a caching only nameserver (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
// See the BIND Administrator’s Reference Manual (ARM) for details about the
// configuration located in /usr/share/doc/bind-{version}/Bv9ARM.html

options {
listen-on port 53 { 172.16.50.37; };
directory “/var/named”;
allow-transfer { 172.16.50.60; };
};

zone “baidu.com” IN {
type master;
file “baidu.com.zone”;
};
zone “50.16.172.in-addr.arpa” IN {
type master;
file “hehe.com.zone”;
};
“/etc/named.conf” 26L, 650C
[root@localhost ~]# systemctl restart named

从服务器配置
在实际工作环境中,对于解析任务繁重,工作负荷较大的服务器而言,难免存在服务器出现问题,而在网络环境中,如果因为服务器不能提供服务,损失将会是巨大的,因此需要做一个备份可提供服务的DNS服务器,称为从DNS服务器。
从服务器只需定义区域,而无需提供解析库文件;
主从启动后,解析库文件会自动传送并放置于/var/named/slaves/目录中

[root@localhost slaves]# vim /etc/named.conf
options {
listen-on port 53 { 172.16.50.60; };
directory “/var/named”;
};
zone “baidu.com” IN {
type slave;
file “slaves/baidu.com.zone”;
masters { 172.16.50.37; };
};
zone “50.16.172.in-addr.arpa” IN {
type slave;
file “slaves/hehe.com.zone”;
masters { 172.16.50.37; };
};

[root@localhost ~]# systemctl restart named
**从服务器重启后,是否产生slaves 目录和里面是否有主服务器上配置的zone区域
如果产生slaves目录,但没有zone区域文件,则检查防火墙是否关闭**

正反向批量解析:
正向解析
[root@localhost ~]# vim /var/named/baidu.com.zone
TTL1D@INSOA@admin.baidu.com.(01D1H1W3H)INNSns.baidu.com.INMX10mail.baidu.com.nsINA172.16.50.37mailINA172.16.50.2wwwINA172.16.50.1wwwINA172.16.50.3ftpINCNAMEwwwTTL1D@INSOA@admin.baidu.com.(01D1H1W3H)INNSns.baidu.com.INMX10mail.baidu.com.nsINA172.16.50.37mailINA172.16.50.2wwwINA172.16.50.1wwwINA172.16.50.3ftpINCNAMEwwwGENERATE 1-10 .baidu.com.INA172.16.50...baidu.com.INA172.16.50..
[root@localhost ~]# systemctl restart named
[root@localhost ~]# dig -t A 1.baidu.com @172.16.50.37
; <<>> DiG 9.9.4-RedHat-9.9.4-50.el7 <<>> -t A 1.baidu.com @172.16.50.37
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 59954
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;1.baidu.com. IN A

;; ANSWER SECTION:
1.baidu.com. 86400 IN A 172.16.50.1

;; AUTHORITY SECTION:
baidu.com. 86400 IN NS ns.baidu.com.

;; ADDITIONAL SECTION:
ns.baidu.com. 86400 IN A 172.16.50.37

;; Query time: 0 msec
;; SERVER: 172.16.50.37#53(172.16.50.37)
;; WHEN: Sat Aug 04 08:17:07 EDT 2018
;; MSG SIZE rcvd: 89
反向解析:
[root@localhost ~]# vim /var/named/hehe.com.zone

TTL1D@INSOAns.baidu.com.admin.baidu.com.(0;serial1D;refresh1H;retry1W;expire3H);minimumINNSns.baidu.com.37INPTRns.baidu.com.128INPTRwww.baidu.com.TTL1D@INSOAns.baidu.com.admin.baidu.com.(0;serial1D;refresh1H;retry1W;expire3H);minimumINNSns.baidu.com.37INPTRns.baidu.com.128INPTRwww.baidu.com.GENERATE 1-10 INPTRINPTR.baidu.com.
“/var/named/hehe.com.zone” 11L, 245C
[root@localhost ~]# systemctl restart named
[root@localhost ~]# dig -x 172.16.50.1 @172.16.50.37
; <<>> DiG 9.9.4-RedHat-9.9.4-50.el7 <<>> -x 172.16.50.1 @172.16.50.37
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 55547
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;1.50.16.172.in-addr.arpa. IN PTR
;; ANSWER SECTION:
1.50.16.172.in-addr.arpa. 86400 IN PTR 1.baidu.com.
;; AUTHORITY SECTION:
50.16.172.in-addr.arpa. 86400 IN NS ns.baidu.com.
; ADDITIONAL SECTION:
ns.baidu.com. 86400 IN A 172.16.50.37
;; Query time: 0 msec
;; SERVER: 172.16.50.37#53(172.16.50.37)
;; WHEN: Sat Aug 04 08:24:00 EDT 2018
;; MSG SIZE rcvd: 111

评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值