linux下DNS配置和dns服务器的搭建实验
实验拓扑:
DNS Slave
-------------DNS Master(vmnet1)-----------------(vmnet1)
Win7 Client
实验一:搭建主DNS服务器
xiaoxiongboke.com
www.xiaoxiongboke.com 192.168.10.253
bbs.xiaoxiongboke.com 192.168.10.100
blog是bbs别名
1、安装软件包
- [root@localhost ~]# rpm -q bind bind-chrootcaching-nameserver //查询是否安装bind
- package bind is not installed //提示没有安装
- package bind-chroot is not installed
- package caching-nameserver is not installed
- [root@localhost ~]# yum -y install bind bind-chrootcaching- nameserver
2、修改主配置文件
- [root@localhost ~]# cd /var/named/chroot/etc/
- [root@localhostetc]# cp -pnamed.caching-nameserver.confnamed.conf //拷贝模板
- [root@localhostetc]# vimnamed.conf
- ...
- listen-on port 53 { 192.168.10.253; }; //服务监听端口为53 16
- listen-on-v6 port 53 { ::1; }; //服务监听端口为53(ipv6)
- ...
- allow-query { any; }; //允许所有客户机查询
- allow-query-cache { any; };
- ...
- match-clients { any; };
- match-destinations { any; };
- [root@localhostetc]# vim named.rfc1912.zones
- ...
- zone"xiaoxiongboke.com" IN { //定义正向区域
- type master; //区域类型
- file "xiaoxiongboke.com.zone"; //区域数据文件
- };
- zone"10.168.192.in-addr.arpa" IN { //定义反向域
- type master; //主区域
- file "xiaoxiongboke.com.arpa";
- };
- [root@localhostetc]# named-checkconfnamed.conf //检查named.conf语法
- [root@localhostetc]# //无错误,无输出
3、修改数据库文件
- [root@localhostetc]# cd /var/named/chroot/var/named/
- [root@localhost named]# cp -p named.localxiaoxiongboke.com.zone //拷贝模板
- [root@localhost named]# cp -p named.localxiaoxiongboke.com.arpa
- [root@localhost named]# cat xiaoxiongboke.com.zone //修改正向解析文件
- $TTL 86400 //有效记录的生存周期
- @ IN SOA localhost. root.localhost. (
- 2014061701 ; Serial //更新序号
- 28800 ; Refresh //刷新时间
- 14400 ; Retry //重试间隔
- 3600000 ; Expire //失效时间
- 86400) ; Minimum //无效记录生存周期
- IN NS dns01.xiaoxiongboke.com.
- dns01 IN A 192.168.10.253
- www IN A 192.168.10.253
- bbs IN A 192.168.10.100
- blog IN CNAME bbs //别名
NS,域名服务器记录(Name Server)
MX,邮件交换记录(Mail Exchange)
A,地址记录,用在正向解析区域(Addresss)
CNAME,别名记录(Canonical Name)
[root@localhost named]# cat xiaoxiongboke.com.arpa //修改反向解析文件
$TTL 86400
@ IN SOA localhost. root.localhost. (
2014061701; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ;Minimum
IN NS dns01.xiaoxiongboke.com.
253 IN PTR dns01.xiaoxiongboke.com.
253 IN PTR www.xiaoxiongboke.com.
100 IN PTR bbs.xiaoxiongboke.com.
100 IN PTR blog.xiaoxiongboke.com.
PTR,指针记录,用在反向解析区域,第一列指定IP地址中的主机地址部分即可
- [root@localhost named]# named-checkzone xiaoxiongboke.comxiaoxiongboke.com.zone //检查正向解析语法是否有错。
- zone xiaoxiongboke.com/IN: loaded serial 1997022700
- OK
- [root@localhost named]# named-checkzone xiaoxiongboke.com xiaoxiongboke.com.arpa //检查反向解析语法是否有错。
- zone xiaoxiongboke.com/IN: loaded serial 1997022700
- OK
4、启动服务
[root@localhost named]# service named restart
[root@localhost named]# chkconfig named on
5、测试
取消之前hosts文件定义
把DNS指向服务器
nslookup
实验二:DNS高级应用
实现DNS负载均衡,当用户访问www.xiaoxiongboke.com的时候,2/3用户访问10.253,1/3用户访问10.100
确保用户访问xiaoxiongboke.com的时候仍然可以访问www.xiaoxiongboke.com的网站(确保有网站)
实现用户在访问的时候只要域名正确就可以访问www.xiaoxiongboke.com的网站
- [root@localhost ~]# cd /var/named/chroot/var/named/
- [root@localhost named]# catxiaoxiongboke.com.zone
- ...
- www IN A 192.168.10.253 //写两条同样,访问三次两次走这条
- www IN A 192.168.10.253
- www IN A 192.168.10.100
- xiaoxiongboke.com. IN A 192.168.10.253
- $GENERATE 20-50 station$ IN A 192.168.10.$
- * IN A 192.168.10.253
注解:
$GENERATE:函数
20-50:要循环的变量
station$:主机名
192.168.10.$:对应的IP地址
[root@localhost ~]# service named restart
测试
测试成功
实验三:搭建从DNS服务器
给上面的主DNS搭建一个辅助DNS
1、安装软件包
- [root@localhost ~]# rpm -q bind bind-chrootcaching-nameserver
- package bind is not installed //提示没有安装
- package bind-chroot is not installed
- package caching-nameserver is not installed
- [root@localhost ~]# yum -y install bind bind-chrootcaching- nameserver
2、修改从DNS的主配置文件
- [root@localhost ~]# cd /var/named/chroot/etc/
- [root@localhostetc]# cp -pnamed.caching-nameserver.confnamed.conf
- [root@localhostetc]# vimnamed.conf
- ...
- listen-on port 53 { 192.168.10.100; };
- ...
- allow-query { any; };
- allow-query-cache { any; };
- ...
- match-clients { any; };
- match-destinations { any; };
- [root@ser2 etc]# vim named.rfc1912.zones
- ...
- zone"xiaoxiongboke.com" IN {
- type slave; //从区域
- file"slaves/xiaoxiongboke.com.zone";
- masters { 192.168.10.253; }; //主DNS地址
- };
- zone"10.168.192.in-addr.arpa" IN {
- type slave;
- file"slaves/xiaoxiongboke.com.arpa";
- masters { 192.168.10.253; };
- };
- [root@ser2 etc]# named-checkconfnamed.conf
3、修改主DNS的主配置文件,添加授权信息
- [root@localhost ~]# cd /var/named/chroot/etc/
- [root@localhostetc]# vim named.conf //添加21行内容
- ...
- 21 allow-transfer { 192.168.10.100; }; //允许从服务器下载地址库
- ...
- [root@localhostetc]# cd /var/named/chroot/var/named/
- [root@localhost named]# catxiaoxiongboke.com.zone
- $TTL 86400
- @ IN SOA xiaoxiongboke.com. root.xiaoxiongboke.com. (
- 2014041802 ; Serial //序列号加1
- 28800 ; Refresh
- 14400 ; Retry
- 3600000 ; Expire
- 86400 ) ;Minimum
- IN NS dns01.xiaoxiongboke.com.
- IN NS dns02.xiaoxiongboke.com. //添加从DNS服务器
- IN A 192.168.10.253
- dns01 IN A 192.168.10.253
- dns02 IN A 192.168.10.100 //为从DNS正向解析
- www IN A 192.168.10.253
- www IN A 192.168.10.253
- www IN A 192.168.10.100
- bbs IN A 192.168.10.100
- blog IN CNAME bbs
- $GENERATE 20-50 station$ IN A 192.168.10.$
- * IN A 192.168.10.253
- [root@localhost named]# catxiaoxiongboke.com.arpa
- $TTL 86400
- @ IN SOA 19216811.com. root.xiaoxiongboke.com. (
- 2014041802 ; Serial //序列号加1
- 28800 ; Refresh
- 14400 ; Retry
- 3600000 ; Expire
- 86400 ) ;Minimum
- IN NS dns01.19216811.com.
- IN NS dns02.19216811.com. //添加从DNS服务器
- 253 IN PTR dns01.xiaoxiongboke.com.
- 100 IN PTR dns02.xiaoxiongboke.com. //为从DNS反向解析
- 253 IN PTR www.xiaoxiongboke.com.
- 100 IN PTR bbs.xiaoxiongboke.com.
- [root@localhostetc]# service named restart
4、启动从DNS服务器并验证
- [root@localhostetc]# service named restart
- [root@localhostetc]# chkconfig named on
- [root@localhostetc]# ll/var/named/chroot/var/named/slaves/
- xiaoxiongboke.com.zonexiaoxiongboke.com.arpa //查看时间是否最新或者单个查看
测试成功。