linux下的dns服务
2017-11-29 21:18
323 查看
DNS
一
1)dns:(Domain Name System,域名系统),因特网上作为域名和IP地址相互映射的一个分布式数据库,能够使用户更方便的访问互联网,而不用去记住能够被机器直接读取的IP数串。通过主机名,最终得到该主机名对应的IP地址的过程叫做域名解析(或主机名解析)。DNS协议运行在UDP协议之上,使用端口号53。
2)安装部署dns
主配置文件: /etc/named.conf
子配置文件: /etc/named.rfc1912.zones
数据目录; /var/name
yum install bind -y
systemctl start named(第一次要敲键盘)
systemctl enable named
systemctl stop firewalld
查看端口 ss -antlupe | grep named
二 高速缓存dns
vim /etc/named.conf
11 listen-on port 53 { any; }; 开放网卡端口
17 allow-query { any; }; 允许所有人访问
18 forwarders { 172.25.254.250; }; 当自己不知道的时候问谁
systemctl restart named
测试:
在客户主机:
vim /etc/resolv.conf
nameserver 172.25.254.100 (服务端的ip地址)
dig www.baidu.com 解析这个网址
三 权威dns的正向解析
biu.com.
vim /etc/name.rfc1912.zone
zone "biu.com" IN {
type master;
file "biu.com.zone";
allow-update { none; };
};
cd /var/name
cp -p named.localhost westos.com.zone
vim /var/named/biu.com.zone
$TTL 1D
@ IN SOA dns.biu.com. root.biu.com. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS dns.biu.com.
dns A 172.25.254.141
www A 172.25.254.220
测试
dig www.westos.com
四 权威dns的反向解析
vim /etc/named.rfc1912.zone
zone "254.25.172.in-addr.arpa" IN {
type master;
file "westos.com.ptr";
allow-update { none; };
};
cd /var/named/
cp -p named.localhost westos.com.ptr
vim westos.com.ptr
$TTL 1D
@ IN SOA dns.westos.com. root.westos.com. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS dns.westos.com.
dns A 172.25.254.141
141 PTR www.westos.com.
systemctl restart named
测试:
dig -x 172.25.254.141
五 dns的双向解析
1) vim /etc/named.conf
view localnet {
match-clients { 172.25.254.141; };
zone "." IN {
type hint;
file "named.ca";
};
include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";
};
view any {
match-clients { any; };
zone "." IN {
type hint;
file "named.ca";
};
include "/etc/named.rfc1912.zones.inter";
include "/etc/named.root.key";
}
2 )
cd /var/named/
cp -p westos.com.zone westos.com.inter
vim westos.com.inter
$TTL 1D
@ IN SOA dns.biu.com. root.biu.com. (
0 ; serial(对比一致性,如果不一致则发现配置改过,最大十位)
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS dns.biu.com.
dns A 1.1.1.141
www A 1.1.1.220
3)
cp /etc/named.rfc1912.zones /etc/named.rfc1912.zones.inter -p
vim /etc/named.rfc1912.zones.inter
zone "biu.com" IN {
type master;
file "biu.com.inter";
allow-update { none; };
};
测试:dig www.biu.com
六 辅助dns
主dns的设定
vim /etc/named.rfc1912.zones.inter
zone "biu.com" IN {
type master;
file "biu.com.inter";
allow-update { none; };
also-notify { 172.25.254.241; };允许241主机同步
systemctl restart named
辅助dns上
yum install bind -y
systemctl restart named
systemctl stop firewalld
vim /etc/named.conf
listen-on port 53 { any; }; 开放网卡端口
allow-query { any; }; 允许所有人访问
vim /etc/named.rfc1912.zones
zone "biu.com" IN {
type slave;
masters {172.25.254.141;};同步141主机
file "slaves/biu.com.inter";
allow-update { none; };
};
systemctl restart named
测试
vim /etc/resolv.conf
nameserver 172.25.254.141
dig www.biu.com
vim /etc/resolv.conf
nameserver 172.25.254.241
dig www.biu.com
没有更改时:
更改:更改时必须更改serial的数值。最大十位
七 dns的远程更新
基于ip的
在141主机上
chmod +w /var/named
vim /etc/name.rfc1912.zones.inter
zone "biu.com" IN {
type master;
file "biu.com.inter";
allow-update { 172.25.254.241; };
also-notify { 172.25.254.241; };
};
systemctl restart named
测试:
在241这台主机上
nsupdate
> server 172.25.254.141 添加
> update add bbs.biu.com 86400 A 1.1.1.1
> send
> server 172.25.254.141 删除
> update dalete bbs.biu.com
> send
基于key的
cp -p /etc/rndc.key /etc/biu.key
dnssec-keygen -a HMAC-MD5 -b 128 -n HOST biu
cat Kbiu.+157+03321.key
vim /etc/biu.key
key "biu" {
algorithm hmac-md5;
secret "OIuDrqAPIIx1Po7jsWDVAw==";
};
vim /etc/named.conf
include "/etc/biu.key";
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
vim /etc/name.rfc1912.zone.inter
zone "biu.com" IN {
type master;
file "biu.com.inter";
allow-update { key biu; };
also-notify { 172.25.254.241; };
};
测试:
scp ://Kbiu.+157+03321.* root@172.25.254.241:/mnt/ (公钥密钥都要发)
在有key的主机中执行
nsupdate -k Kbiu.+157+03321.private
九 动态地址解析(花生壳)
1) yun install dhcp -y
2) cp -p /usr/share/doc/dhcp-4.2.5/dhcpd.conf.example /etc/dhcp/dhcpd.conf
3) vim /etc/dhcp/dhcpd.conf
4) vim /etc/named.rfc1912.zones
5) hostnamectl set-hostname www.biu.com
辅助机
设置网络为DHCP模式
systemctl restart network
dig www.biu.com
一
1)dns:(Domain Name System,域名系统),因特网上作为域名和IP地址相互映射的一个分布式数据库,能够使用户更方便的访问互联网,而不用去记住能够被机器直接读取的IP数串。通过主机名,最终得到该主机名对应的IP地址的过程叫做域名解析(或主机名解析)。DNS协议运行在UDP协议之上,使用端口号53。
2)安装部署dns
主配置文件: /etc/named.conf
子配置文件: /etc/named.rfc1912.zones
数据目录; /var/name
yum install bind -y
systemctl start named(第一次要敲键盘)
systemctl enable named
systemctl stop firewalld
查看端口 ss -antlupe | grep named
二 高速缓存dns
vim /etc/named.conf
11 listen-on port 53 { any; }; 开放网卡端口
17 allow-query { any; }; 允许所有人访问
18 forwarders { 172.25.254.250; }; 当自己不知道的时候问谁
systemctl restart named
测试:
在客户主机:
vim /etc/resolv.conf
nameserver 172.25.254.100 (服务端的ip地址)
dig www.baidu.com 解析这个网址
三 权威dns的正向解析
biu.com.
vim /etc/name.rfc1912.zone
zone "biu.com" IN {
type master;
file "biu.com.zone";
allow-update { none; };
};
cd /var/name
cp -p named.localhost westos.com.zone
vim /var/named/biu.com.zone
$TTL 1D
@ IN SOA dns.biu.com. root.biu.com. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS dns.biu.com.
dns A 172.25.254.141
www A 172.25.254.220
测试
dig www.westos.com
四 权威dns的反向解析
vim /etc/named.rfc1912.zone
zone "254.25.172.in-addr.arpa" IN {
type master;
file "westos.com.ptr";
allow-update { none; };
};
cd /var/named/
cp -p named.localhost westos.com.ptr
vim westos.com.ptr
$TTL 1D
@ IN SOA dns.westos.com. root.westos.com. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS dns.westos.com.
dns A 172.25.254.141
141 PTR www.westos.com.
systemctl restart named
测试:
dig -x 172.25.254.141
五 dns的双向解析
1) vim /etc/named.conf
view localnet {
match-clients { 172.25.254.141; };
zone "." IN {
type hint;
file "named.ca";
};
include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";
};
view any {
match-clients { any; };
zone "." IN {
type hint;
file "named.ca";
};
include "/etc/named.rfc1912.zones.inter";
include "/etc/named.root.key";
}
2 )
cd /var/named/
cp -p westos.com.zone westos.com.inter
vim westos.com.inter
$TTL 1D
@ IN SOA dns.biu.com. root.biu.com. (
0 ; serial(对比一致性,如果不一致则发现配置改过,最大十位)
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS dns.biu.com.
dns A 1.1.1.141
www A 1.1.1.220
3)
cp /etc/named.rfc1912.zones /etc/named.rfc1912.zones.inter -p
vim /etc/named.rfc1912.zones.inter
zone "biu.com" IN {
type master;
file "biu.com.inter";
allow-update { none; };
};
测试:dig www.biu.com
六 辅助dns
主dns的设定
vim /etc/named.rfc1912.zones.inter
zone "biu.com" IN {
type master;
file "biu.com.inter";
allow-update { none; };
also-notify { 172.25.254.241; };允许241主机同步
systemctl restart named
辅助dns上
yum install bind -y
systemctl restart named
systemctl stop firewalld
vim /etc/named.conf
listen-on port 53 { any; }; 开放网卡端口
allow-query { any; }; 允许所有人访问
vim /etc/named.rfc1912.zones
zone "biu.com" IN {
type slave;
masters {172.25.254.141;};同步141主机
file "slaves/biu.com.inter";
allow-update { none; };
};
systemctl restart named
测试
vim /etc/resolv.conf
nameserver 172.25.254.141
dig www.biu.com
vim /etc/resolv.conf
nameserver 172.25.254.241
dig www.biu.com
没有更改时:
更改:更改时必须更改serial的数值。最大十位
七 dns的远程更新
基于ip的
在141主机上
chmod +w /var/named
vim /etc/name.rfc1912.zones.inter
zone "biu.com" IN {
type master;
file "biu.com.inter";
allow-update { 172.25.254.241; };
also-notify { 172.25.254.241; };
};
systemctl restart named
测试:
在241这台主机上
nsupdate
> server 172.25.254.141 添加
> update add bbs.biu.com 86400 A 1.1.1.1
> send
> server 172.25.254.141 删除
> update dalete bbs.biu.com
> send
基于key的
cp -p /etc/rndc.key /etc/biu.key
dnssec-keygen -a HMAC-MD5 -b 128 -n HOST biu
cat Kbiu.+157+03321.key
vim /etc/biu.key
key "biu" {
algorithm hmac-md5;
secret "OIuDrqAPIIx1Po7jsWDVAw==";
};
vim /etc/named.conf
include "/etc/biu.key";
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
vim /etc/name.rfc1912.zone.inter
zone "biu.com" IN {
type master;
file "biu.com.inter";
allow-update { key biu; };
also-notify { 172.25.254.241; };
};
测试:
scp ://Kbiu.+157+03321.* root@172.25.254.241:/mnt/ (公钥密钥都要发)
在有key的主机中执行
nsupdate -k Kbiu.+157+03321.private
九 动态地址解析(花生壳)
1) yun install dhcp -y
2) cp -p /usr/share/doc/dhcp-4.2.5/dhcpd.conf.example /etc/dhcp/dhcpd.conf
3) vim /etc/dhcp/dhcpd.conf
4) vim /etc/named.rfc1912.zones
5) hostnamectl set-hostname www.biu.com
辅助机
设置网络为DHCP模式
systemctl restart network
dig www.biu.com
内容来自用户分享和网络整理,不保证内容的准确性,如有侵权内容,可联系管理员处理 
相关文章推荐
- Linux服务(DNS)
- Linux网络服务之(4)&部署DNS服务
- Linux配置DNS服务
- Linux网络服务之DNS(3)
- linux 中的DNS服务
- Linux下搭建DNS服务
- Linux服务之DNS详解
- linux服务之DNS
- linux下DNS服务配置
- Linux系列-Red Hat5平台下的DNS服务搭建
- Linux--IP基础知识 网关设定 dns服务
- linux平台搭建DNS域名服务与常用配置
- Linux下的DNS服务
- Linux中的DNS服务
- [RHEL5企业级Linux服务攻略]--第4季 DNS服务全攻略 推荐
- linux系统服务架设之DNS架设
- linux基础学习(十五)系统故障恢复及DNS服务配置
- 【Linux】DNS服务-BIND从服务器、缓存服务器及转发服务器配置(三)
- Linux DNS服务系列之主从复制、子域授权和转发、view配置详解
- LINUX网络服务之DNS