Linux----DNS分离解析!
Posted handsomeboy-东
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了Linux----DNS分离解析!相关的知识,希望对你有一定的参考价值。
分离解析
配置实验
实验设备:一台linux系统作为Web服务器,一台linux系统作为内网客户端,一台linux系统作为DNS服务器,一台win10系统作为外网客户端
1、DNS服务器配置
服务器准备:下载好bind,添加两块网卡,一块为内网网卡VMnet1仅主机模式,一块为VMnet2仅主机模式
[root@localhost slaves]# yum install -y bind //先在有网的情况下下载bind并设置DNS各配置文件
[root@localhost slaves]# vim /etc/named.conf //设置bind主配置文件
[root@localhost slaves]# vim /etc/named.rfc1912.zones //设置区域配置文件
[root@localhost slaves]# cd /var/named
[root@localhost named]# ls
data dynamic named.ca named.empty named.localhost named.loopback slaves
[root@localhost named]# cp -p named.localhost whd.com.zone.wan
[root@localhost named]# cp -p named.localhost whd.com.zone.lan
[root@localhost named]# ls
data dynamic named.ca named.empty named.localhost named.loopback slaves whd.com.zone.lan whd.com.zone.wan
[root@localhost named]# vim whd.com.zone.lan
[root@localhost named]# vim whd.com.zone.wan
[root@localhost named]# systemctl start named
[root@localhost named]# netstat -anup | grep 53 //查看named是否开启成功
udp 0 0 60.0.0.1:53 0.0.0.0:* 83381/named
udp 0 0 192.168.122.1:53 0.0.0.0:* 83381/named
udp 0 0 192.168.40.66:53 0.0.0.0:* 83381/named
udp 0 0 127.0.0.1:53 0.0.0.0:* 83381/named
udp 0 0 192.168.122.1:53 0.0.0.0:* 7795/dnsmasq
udp 0 0 0.0.0.0:5353 0.0.0.0:* 6095/avahi-daemon:
udp6 0 0 ::1:53 :::* 83381/named
添加网卡,并更改VMnet
[root@localhost slaves]# vim /etc/sysconfig/network-scripts/ifcfg-ens33 //配置VMnet1的网卡
[root@localhost slaves]# vim /etc/sysconfig/network-scripts/ifcfg-ens36 //配置VMnet2的网卡
[root@localhost slaves]# ifconfig
ens33: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.40.66 netmask 255.255.255.0 broadcast 192.168.40.255
inet6 fe80::5fa0:eef1:92e9:a987 prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:62:71:0f txqueuelen 1000 (Ethernet)
RX packets 631681 bytes 930033670 (886.9 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 284477 bytes 17361367 (16.5 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
ens36: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 60.0.0.1 netmask 255.0.0.0 broadcast 60.255.255.255
inet6 fe80::7c2c:db53:1f27:113c prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:62:71:19 txqueuelen 1000 (Ethernet)
RX packets 70 bytes 11517 (11.2 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 151 bytes 23664 (23.1 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
[root@localhost named]# iptables -L -t nat //查看iptables防火墙规则
Chain PREROUTING (policy ACCEPT)
target prot opt source destination
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
[root@localhost named]# iptables -F -t nat //关闭防火墙限制
[root@localhost named]# vim /etc/sysctl.conf //添加路由转发功能
[root@localhost named]# sysctl -p //刷新修改的配置
net.ipv4.ip_forward = 1
2、Web服务器配置:(在有网的情况下载httpd后,采用VMnet1仅主机模式,)
[root@localhost named]# yum install -y httpd
[root@localhost named]# vim /etc/sysconfig/network-scripts/ifcfg-ens33
[root@localhost named]# cd /var/www/html
[root@localhost html]# vim index.html //编辑网页内容
<h1>hello wold</h1>
[root@localhost html]# systemctl start httpd
[root@localhost html]# netstat -antp | grep httpd
tcp6 0 0 :::80 :::* LISTEN 24898/httpd
[root@localhost html]# curl 127.0.0.1 //检测网页是否创建成功
<h1>hello wold</h1>
[root@localhost named]# iptables -t nat -A PREROUTING -d 60.0.0.1 -i ens36 -j DNAT --to-destination 192.168.40.100
3、win10外网客户端用VMnet2仅主机模式
设置win10外网客户端的VMnet
关闭防火墙
4、linux内网客户端用VMnet1仅主机模式
[root@AIDEBOY ~]# systemctl stop firewalld.service 关闭防火墙
[root@AIDEBOY ~]# vim /etc/sysconfig/network-scripts/ifcfg-ens33
ot@localhost html]# vim /etc/resolv.conf //设置DNS服务器IP地址
实验结果:
在win10上测试DNS解析
在linux客户端上测试DNS解析,并用浏览器搜寻域名
在这里插入代码片[root@localhost html]# nslookup www.whd.com
Server: 192.168.40.66
Address: 192.168.40.66#53
Name: www.whd.com
Address: 192.168.40.100
在外网客户端win10上访问域名
以上是关于Linux----DNS分离解析!的主要内容,如果未能解决你的问题,请参考以下文章
linux dns子域授权 split分离解析 缓存dns服务器
linux dns 客户解析不成功:在LINUX配置DNS服务,服务启动成功,并在LINUX能解析到域名但WINDOWS不能解析