DNS域名服务基础搭建
练习一:快速搭建一台DNS服务器
目标:svr5.tarena.com --> 192.168.4.5
svr6.tarena.com --> 192.168.4.6
1. 配置步骤:
*通过已配置好的yum库,启动服务bind,提供域名服务的主要程序及相关文件。bind-chroot,为域名服务提供一个伪装的根目录(将/var/named/chroot/文件夹作为BIND的根目录),以提高安全性
[root@svr1 ~]# yum -y install bind bind-chroot
*配置named.conf文件
[root@svr1 ~]# cd /var/named/chroot/etc //切换到这个目录
[root@svr1 etc]# vim named.conf //创建配置文件,并编辑
options { //定义全局选项
directory "/var/named"; //区域数据文件存放位置
};
zone "tarena.com" IN{ //定义正向解析区域
type master; //类型为主区域
file "tarena.com.zone"; //本区域数据文件地址
};
*配置解析数据库区域文件
[root@svr1 etc]# cd /var/named/chroot/var/named
[root@svr1 named]# vim tarena.com.zone
$TTL 86400 //有效记录的生存周期
@ IN SOA tarena.com. root.tarena.com. (
2014070721 //更新序号
4H //刷新时间
15M //重试间隔
4H //失效时间
1D //无效记录的生存周期
)
@ IN NS svr1.tarena.com. //本地的DNS服务器地址
svr5 IN A 192.168.4.5
svr6 IN A 192.168.4.6
[root@svr1 named]# service named restart //重启服务
[root@svr1 named]# vim /etc/resolv.conf //修改本机的dns设置文件
search localdomain
nameserver 192.168.4.5
[root@svr1 named]# host svr5.tarena.com //测试正向解析,与试验结果一至
svr5.tarena.com has address 192.168.4.5
[root@svr1 named]# host svr6.tarena.com
svr6.tarena.com has address 192.168.4.6
[root@svr3 ~]# vim /etc/resolv.conf //客服机上测试
[root@svr3 ~]# host svr5.tarena.com
svr5.tarena.com has address 192.168.4.5
[root@svr3 ~]# host svr6.tarena.com
svr6.tarena.com has address 192.168.4.6
练习二:新增DNS区域 baidu.com
目标:www.baidu.com --> 1.2.3.4
music.baidu.com --> 5.6.7.8
1配置步骤
[root@svr1 etc]# vim named.conf
options {
directory "/var/named";
};
zone "tarena.com" IN{
type master;
file "tarena.com.zone";
};
zone "baidu.com" IN{ //增加一个正向解析区域
type master;
file "baidu.com.zone"; //本区域数据文件地址
};
[root@svr1 named]# cp tarena.com.zone baidu.com.zone //通过复制数据文件,只需修改修该
[root@svr1 named]# vim baidu.com.zone
[root@svr1 named]# pwd
/var/named/chroot/var/named
$TTL 86400
@ IN SOA baidu.com. root.baidu.com. (
2014070721
4H
15M
4H
1D
)
@ IN NS svr1.tarena.com.
www IN A 1.2.3.4
music IN A 5.6.7.8
[root@svr1 named]# service named restart
[root@svr3 ~]# host www.baidu.com
www.baidu.com has address 1.2.3.4
[root@svr3 ~]# host music.baidu.com
music.baidu.com has address 5.6.7.8
练习三:添加反向解析区域
目标:192.168.4.5 --> svr5.tarena.com
192.168.4.6 --> svr6.tarena.com
[root@svr1 etc]# pwd
/var/named/chroot/etc
[root@svr1 etc]# vim named.conf
zone "4.168.192.in-addr.arpa" IN{ //添加一个反向解析区域
type master;
file "192.168.4.arpa";
};
[root@svr1 named]# pwd
/var/named/chroot/var/named
[root@svr1 named]# vim 192.168.4.arpa
5 IN PTR svr5.tarena.com.
6 IN PTR svr6.tarena.com.
[root@svr1 named]# service named restart //重启服务
[root@svr1 named]# host 192.168.4.5
5.4.168.192.in-addr.arpa domain name pointer svr5.tarena.com.
[root@svr1 named]# host 192.168.4.6
6.4.168.192.in-addr.arpa domain name pointer svr6.tarena.com.
练习四:DNS负载均衡
目标:www.tarena.com
-->192.168.4.100、192.168.4.110、192.168.4.120、……
[root@svr1 named]# cd /var/named/chroot/var/named
[root@svr1 named]# vim tarena.com.zone //在文件里边添加
www IN A 192.168.4.20
www IN A 192.168.4.21
www IN A 192.168.4.23
www IN A 192.168.4.24
[root@svr1 named]# host www.tarena.com //测试
www.tarena.com has address 192.168.4.23
www.tarena.com has address 192.168.4.24
www.tarena.com has address 192.168.4.20
www.tarena.com has address 192.168.4.21
[root@svr1 named]# host www.tarena.com
www.tarena.com has address 192.168.4.21
www.tarena.com has address 192.168.4.23
www.tarena.com has address 192.168.4.24
www.tarena.com has address 192.168.4.20
[root@svr1 named]# host www.tarena.com
www.tarena.com has address 192.168.4.20
www.tarena.com has address 192.168.4.21
www.tarena.com has address 192.168.4.23
www.tarena.com has address 192.168.4.24
练习五:泛域名解析
简化以下记录:
station1.tarena.com --> 192.168.7.1
.. ..
station200.tarena.com --> 192.168.7.200
识别未知域名: bj.tarena.com --> 118.45.29.31
sh.tarena.com --> 118.45.29.31
.. .. tarena.com --> 118.45.29.31
[root@svr1 named]# vim tarena.com.zone //在文件里添加下列项
$GENERATE 1-200 station$ IN A 192.168.7.$
* IN A 118.45.25.31
[root@svr1 named]# service named restart
[root@svr1 named]# host station4.tarena.com
station4.tarena.com has address 192.168.7.4
[root@svr1 named]# host station6.tarena.com
station6.tarena.com has address 192.168.7.6
[root@svr1 named]# host station33.tarena.com
station33.tarena.com has address 192.168.7.33
[root@svr1 named]# host jj.tarena.com //测试识别未知域名
jj.tarena.com has address 118.45.25.31
[root@svr1 named]# host sf.tarena.com
sf.tarena.com has address 118.45.25.31
构建主/从DNS服务器、
练习六:主-从DNS构建
目标:
host www.tarena.com 192.168.4.5
host www.tarena.com 192.168.4.6
[root@svr1 etc]# vim named.conf
options {
directory "/var/named";
allow-transfer { 192.168.4.234;}; //指向从dns服务器地址
};
[root@svr1 etc]# cd /var/named/chroot/var/named
[root@svr1 named]# vim tarena.com.zone
@ IN NS svr5.tarena.com.
IN NS svr6.tarena.com
svr5 IN A 192.168.4.5
svr6 IN A 192.168.4.6
[root@svr3 ~]# yum -y install bind bind-chroot //启动从服务器服务
[root@svr3 ~]# scp 192.168.4.5:/var/named/chroot/etc/named.conf /var/named/chroot/etc/ //拷贝主服务器named.conf文件
[root@svr3 ~]# vim /var/named/chroot/etc/named.conf
options {
directory "/var/named";
};
zone "tarena.com" IN{
type slave; //区域类型改为slave
file "slave/tarena.com.zone"; //改为保存到这个子目录下
masters { 192.168.4.5; }; //指向注DNS服务器地址
};
