- 1Android studio关于含有转义字符的字符串无法Log,以及如何去掉转义字符问题_android string删除转义字符
- 2SpringBoot+Dubbo实现分布式微服务开发实战系列(三)_dubbo+springboot 分布式架构方案?
- 3利用MDK的FLM文件生成通用flash驱动
- 4%matplotlib作用
- 5写一个登录的java程序
- 6Python if else条件语句形式浅谈_ifelse在python里的格式要求
- 7大文件上传:秒传、断点续传、分片上传_sliceuploadstrategy
- 8pip安装包后在pycharm里import 找不到包_from pyspark import找不到文件
- 9机器学习和深度学习中如何处理数据不平衡问题_imbalanced learning: foundations, algorithms, and
- 10C++ Primer Plus第六版(中文版)课后编程练习答案(重置版)汇总_cprimerplus第六版编程答案
麒麟服务器操作系统V10版本DNS服务配置_银河麒麟 dnsserver
赞
踩
DNS服务原理
FQDN: Fully Qualifiled Domain Name 完整主机名
NS:NameServer 名称服务器 确定域名是由哪部DNS服务器提供的
A:Address 地址
RR:Resource record 正解文件资源记录
从主机名查询到 IP 的流程称为:正解
从 IP 反解析到主机名的流程称为:反解
不管是正解还是反解,每个领域的记录就是一个区域 (zone)
/etc/hosts :这个是最早的 hostname 对应 IP 的配置;·
/etc/resolv.conf : DNS 服务器 IP 记录处;
/etc/nsswitch.conf:决定先要使用 /etc/hosts 还是 /etc/resolv.conf 的设定
@代表zone(named.conf中)的意思 在正向解析文件中,@代表test.com.
在反向解析文件中,@代表114.168.192.in-addr.arp
DNS主从服务器搭建
系统拓扑图
| 主机名和RR | 说明 | |
| 192.168.114.223 | master.test.com(NS) www.test.com(A) | 操作系统版本 Kylin Linux Advanced Server |
| 192.168.114.16 | slave.test.com(NS) www.test.com(A) | |
| 192.168.114.88 | www.test.com | |
| 192.168.114.99 | www.test.com | |
| 192.168.114.38 | dns客户端 |
主服务齐配置
主服务器软件包安装
192.168.114.223服务器上安装bind各类安装包
yum install bind-libs bind-utils bind-chroot bind -y
主服务器配置文件修改
vi /etc/named.conf //主配置文件
options {
listen-on port 53 { any; }; //监听主机系统上所有端口
listen-on-v6 port 53 { any; }; //ipv6
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
secroots-file "/var/named/data/named.secroots";
recursing-file "/var/named/data/named.recursing";
allow-query { any; };//所有客户端都可以请求
dnssec-validation no; //
xxxxxxx
zone "test.com" {
type master;
file "/var/named/test.com.zone";
allow-transfer {192.168.114.16;};
};
zone "114.168.192.in-addr.arpa" IN{ #反解时将IP反过来写,+.in-addr.arpa
type master;
file "/var/named/db.114.168.192";
allow-transfer {192.168.114.16;};
};
vi /var/named/test.com.zone (正解)
$TTL 1D
@ IN SOA master.test.com. admin.test.com. (
//@代表域名,SOA开始标志,master.test.com DNS服务器主机名,
admin.test.com管理员email
0 ; serial //序号越大,表示数据越新
1D ; refresh //slave向master数据同步
1H ; retry //失败重新尝试同步
1W ; expire //失效时间
3H ) ; minimum //快取时间
@ IN NS master.test.com.
@ IN NS slave.test.com.
master.test.com. IN A 192.168.114.223
slave.test.com. IN A 192.168.114.16
www.test.com. IN A 192.168.114.88
www.test.com. IN A 192.168.114.99
vi /var/named/db.114.168.192 (反解)
$TTL 1D
@ IN SOA master.test.com. admin.test.com. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
@ IN NS master.test.com.
@ IN NS slave.test.com.
88 IN PTR master.test.com. //最后的.要有
88 IN PTR www.test.com.
16 IN PTR slave.test.com
99 IN PTR www.test.com.
99 IN PTR master.test.com.
systemctl restart named.service
从服务器配置
软件包安装
192.168.114.16 服务器上安装bind各类安装包
yum install bind-libs bind-utils bind-chroot bind -y
配置文件修改
vi /etc/named.conf
options {
listen-on port 53 { any; };
listen-on-v6 port 53 { any; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
secroots-file "/var/named/data/named.secroots";
recursing-file "/var/named/data/named.recursing";
allow-query { any; };
dnssec-validation no;
xxxxxx
zone "test.com" IN {
type slave;
file "slaves/test.com.zone";
masters {192.168.114.223;};
};
zone "114.168.192.in-addr.arpa" IN {
type slave;
file "slaves/db.114.168.192";
masters {192.168.114.223;};
};
systemctl restart named.service
客户端配置
[root@localhost ~]# cat /etc/resolv.conf
# Generated by NetworkManager
search bbrouter
nameserver 192.168.114.223
nameserver 192.168.114.16
dig测试
dig www.test.com
dig +trace www.test.com trace参数是从.开始查询
dig -x 192.168.114.88 反解IP
常见问题
DHCP下不想刷新/etc/resolv.conf文件
/etc/sysconfig/network-scripts/ifcfg-eth0 添加PEERDNS=no
附
dns服务器日志在/var/log/messages中,tail -n 30 /var/log/messages | grep named
