DNS
Posted 一夜入秋
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了DNS相关的知识,希望对你有一定的参考价值。
1、简述DNS服务器原理,并搭建主-辅服务器。
DNS服务的基本原理:
DNS(Domain Name Server,域名服务器)是进行域名(domain name)和与之相对应的IP地址 (IP address)转换的服务器。DNS中保存了一张域名(domain name)和与之相对应的IP地址 (IP address)的表,以解析消息的域名。 域名是Internet上某一台计算机或计算机组的名称,用于在数据传输时标识计算机的电子方位(有时也指地理位置)。域名是由一串用点分隔的名字组成的,通常包含组织名,而且始终包括两到三个字母的后缀,以指明组织的类型或该域所在的国家或地区。
搭建主-辅服务器:
- 1.环境准备:
192.168.112.129 主DNS服务器
192.168.112.134 从DNS服务器
192.168.112.135 web服务器
192.168.112.128 DNS客户端
关闭SElinux
关闭防火墙
时间同步
- 2.操作步骤:
- 2.1、主DNS服务配置
[root@Centos8 ~]#rpm -ql bind
package bind is not installed
[root@Centos8 ~]#yum -y install bind
[root@Centos8 ~]#vim /etc/named.conf
#需要注释掉下面两行
// listen-on port 53 127.0.0.1; ;
// allow-query localhost; ;
#只允许从服务器进行区域传输
allow-transfer 192.168.112.134;; #这个填从DNS服务器IP地址
[root@Centos8 ~]#vim /etc/named.rfc1912.zones
#在最后行加上这段
zone "zhanggui.org"
type master;
file "zhanggui.org.zone";
;
[root@Centos8 ~]#cp -p /var/named/named.localhost /var/named/zhanggui.org.zone
[root@Centos8 ~]#vim /var/named/zhanggui.org.zone
$TTL 1D
@ IN SOA master admin.zhanggui.org. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS master
NS slave
master A 192.168.112.129
slave A 192.168.112.134
www A 192.168.112.135
[root@Centos8 ~]#systemctl enable --now named #我这里是第一次启动我就设置了开机自启动,并立即启动。如果不是第一次启动的话就使用endc reload命令来启动服务。
- 2.2、从DNS的服务配置:
[root@Centos8 ~]#rpm -ql bind
package bind is not installed
[root@Centos8 ~]#yum -y install bind
[root@Centos8 ~]#vim /etc/named.conf
#需要注释掉下面两行
// listen-on port 53 127.0.0.1; ;
// allow-query localhost; ;
#只允许从服务器进行区域传输
allow-transfer none;;
[root@localhost ~]#vim /etc/named.rfc1912.zones
zone "zhanggui.org"
type slave;
masters 192.168.112.129;;
file "slaves/zhanggui.org.slave";
;
[root@localhost ~]#systemctl start named
[root@localhost ~]#ls /var/named/slaves/zhanggui.org.slave #查看区域数据库文件是否生成
/var/named/slaves/zhanggui.org.slave
- 2.3、web端安装httpd
[root@localhost ~]#yum install httpd -y
[root@localhost ~]#systemctl enable --now httpd
[root@localhost ~]#echo "The is test page" > /var/www/html/index.html
[root@localhost ~]#curl 192.168.112.135
The is test page
- 2.4、客户端测试主从DNS服务架构
[root@Centos7 ~]# vim /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=eth0
NAME=eth0
BOOTPROTO=none
ONBOOT=yes
IPADDR=192.168.112.128
PREFIX=24
GATEWAY=192.168.112.2
DNS1=192.168.112.129
DNS2=192.168.112.134
[root@Centos7 ~]# dig www.zhanggui.org
; <<>> DiG 9.11.4-P2-RedHat-9.11.4-26.P2.el7 <<>> www.zhanggui.org
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 40134
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 3
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;www.zhanggui.org. IN A
;; ANSWER SECTION:
www.zhanggui.org. 86400 IN A 192.168.112.135
;; AUTHORITY SECTION:
zhanggui.org. 86400 IN NS master.zhanggui.org.
zhanggui.org. 86400 IN NS slave.zhanggui.org.
;; ADDITIONAL SECTION:
master.zhanggui.org. 86400 IN A 192.168.112.129
slave.zhanggui.org. 86400 IN A 192.168.112.134
;; Query time: 1 msec
;; SERVER: 192.168.112.129#53(192.168.112.129)
;; WHEN: Sat Jan 29 19:33:44 CST 2022
;; MSG SIZE rcvd: 134
- 2.5、在主服务器上停止DNS服务
[root@Centos8 ~]#systemctl stop named
[root@Centos7 ~]# dig www.zhanggui.org
; <<>> DiG 9.11.4-P2-RedHat-9.11.4-26.P2.el7 <<>> www.zhanggui.org
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 32628
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 3
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;www.zhanggui.org. IN A
;; ANSWER SECTION:
www.zhanggui.org. 86400 IN A 192.168.112.135
;; AUTHORITY SECTION:
zhanggui.org. 86400 IN NS master.zhanggui.org.
zhanggui.org. 86400 IN NS slave.zhanggui.org.
;; ADDITIONAL SECTION:
master.zhanggui.org. 86400 IN A 192.168.112.129
slave.zhanggui.org. 86400 IN A 192.168.112.134
;; Query time: 0 msec
;; SERVER: 192.168.112.134#53(192.168.112.134)
;; WHEN: Sat Jan 29 19:50:23 CST 2022
;; MSG SIZE rcvd: 134
#测试web
[root@Centos7 ~]# curl www.zhanggui.org
The is test page
2、搭建并实现智能DNS。
- 2.1、环境准备:
DNS主服务器和web服务器1:192.168.112.129/24,172.16.0.5/24
web服务器2:192.168.112.128/24
web服务器3:172.16.0.6/24
DNS客户端1:192.168.112.135/24
DNS客户端2:172.16.0.7/24
关闭SElinux
关闭防火墙
时间同步
- 2.2、DNS服务器的网卡配置
[root@Centos8 ~]#ip a a 172.16.0.5/24 dev eth0
[root@Centos8 ~]#ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether 00:0c:29:4b:41:25 brd ff:ff:ff:ff:ff:ff
inet 192.168.112.129/24 brd 192.168.112.255 scope global noprefixroute eth0
valid_lft forever preferred_lft forever
inet 172.16.0.5/24 scope global eth0
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fe4b:4125/64 scope link
valid_lft forever preferred_lft forever
- 2.3、主DNS服务端配置文件实现 view
[root@Centos8 ~]#yum install bind -y
[root@Centos8dns