1、简述DNS服务器原理,并搭建主-辅服务器。、
DNS工作原理
第一步:客户机提出域名解析请求,并将该请求发送给本地的域名服务器。
第二步:当本地的域名服务器收到请求后,就先查询本地的缓存,如果有该纪录项,则本地的域名服务器就直接把查询的结果返回。
第三步:如果本地的缓存中没有该纪录,则本地域名服务器就直接把请求发给根域名服务器,然后根域名服务器再返回给本地域名服务器一个所查询域(根的子域) 的主域名服务器的地址。
第四步:本地服务器再向上一步返回的域名服务器发送请求,然后接受请求的服务器查询自己的缓存,如果没有该纪录,则返回相关的下级的域名服务器的地址。
第五步:重复第四步,直到找到正确的纪录。
第六步:本地域名服务器把返回的结果保存到缓存,以备下一次使用,同时还将结果返回给客户机。
主服务器配置
[root@dns1 ~]# yum install -y bind
[root@dns1 ~]# vi /etc/named.conf
#注释掉下面两行
// listen-on port 53 { 127.0.0.1; };
// allow-query { localhost; };
#只允许从服务器进行区域传输
allow-transfer { 10.0.0.18; };
[root@dns1 ~]#vi /etc/named.rfc1912.zones
添加
zone "world.org" {
type master;
file "world.org.zone";};
[root@dns1 ~]# cp -p /var/named/named.localhost /var/named/world.org.zone
[root@dns1 ~]# cat /var/named/world.org.zone
$TTL 1D
@ IN SOA master admin.world.org (
1 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS master
NS slave
master A 10.0.0.8
slave A 10.0.0.18
www A 10.0.0.7
[root@dns1 ~]# systemctl start named
从服务器配置
[root@dns2 ~]# yum install -y bind
[root@dns2 ~]# vi /etc/named.conf
// listen-on port 53 { 127.0.0.1; };
// allow-query { localhost; };
#不允许其它主机进行区域传输
allow-transfer { none;};
[root@dns2 ~]# vi /etc/named.rfc1912.zones
zone "world.org" {
type slave;
masters { 10.0.0.8;};
file "slaves/world.org.slave";
};
客户端测试
[root@dns-client ~]# curl www.world.org
www.world.org
[root@dns-client ~]# dig www.world.org
; <<>> DiG 9.9.4-RedHat-9.9.4-50.el7 <<>> www.world.org
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 44560
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 3
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;www.world.org. IN A
;; ANSWER SECTION:
www.world.org. 86400 IN A 10.0.0.7
;; AUTHORITY SECTION:
world.org. 86400 IN NS slave.world.org.
world.org. 86400 IN NS master.world.org.
;; ADDITIONAL SECTION:
master.world.org. 86400 IN A 10.0.0.8
slave.world.org. 86400 IN A 10.0.0.18
;; Query time: 0 msec
;; SERVER: 10.0.0.8#53(10.0.0.8)
;; WHEN: Tue Jul 13 00:57:21 CST 2021
;; MSG SIZE rcvd: 131
10.0.0.8停止后,仍然可以访问
[root@dns-client ~]# curl www.world.org
www.world.org
[root@dns-client ~]# dig www.world.org
; <<>> DiG 9.9.4-RedHat-9.9.4-50.el7 <<>> www.world.org
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 3907
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 3
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;www.world.org. IN A
;; ANSWER SECTION:
www.world.org. 86400 IN A 10.0.0.7
;; AUTHORITY SECTION:
world.org. 86400 IN NS slave.world.org.
world.org. 86400 IN NS master.world.org.
;; ADDITIONAL SECTION:
master.world.org. 86400 IN A 10.0.0.8
slave.world.org. 86400 IN A 10.0.0.18
;; Query time: 1 msec
;; SERVER: 10.0.0.18#53(10.0.0.18)
;; WHEN: Tue Jul 13 00:58:00 CST 2021
;; MSG SIZE rcvd: 131
2、搭建并实现智能DNS。
安装软件
[root@dns1 network-scripts]# yum install -y bind
主服务器配置
[root@dns1 network-scripts]# vi /etc/named.conf
// listen-on port 53 { 127.0.0.1; };
// allow-query { localhost; };
acl nanjingnet {
10.0.0.0/24;
};
acl shanghainet {
192.168.120.0/24;
};
acl othernet {
any;
};
view nanjingview {
match-clients { nanjingnet;};
include "/etc/named.rfc1912.zones.nj";
};
view shanghaiview {
match-clients { shanghainet;};
include "/etc/named.rfc1912.zones.sh";
};
view otherview {
match-clients { othernet;};
include "/etc/named.rfc1912.zones.other";
};
include "/etc/named.root.key";
配置区域配置文件
[root@dns1 ~]# cat /etc/named.rfc1912.zones.nj
zone "." IN {
type hint;
file "named.ca";
};
zone "world.org" {
type master;
file "world.org.zone.nj";
};
[root@dns1 ~]# cat /etc/named.rfc1912.zones.sh
zone "." IN {
type hint;
file "named.ca";
};
zone "world.org" {
type master;
file "world.org.zone.sh";
};
[root@dns1 ~]# cat /etc/named.rfc1912.zones.other
zone "." IN {
type hint;
file "named.ca";
};
zone "world.org" {
type master;
file "world.org.zone.other";
};
[root@dns1 ~]# chgrp named /etc/named.rfc1912.zones.sh
[root@dns1 ~]# chgrp named /etc/named.rfc1912.zones.other
[root@dns1 ~]# chgrp named /etc/named.rfc1912.zones.nj
创建区域数据库文件
[root@dns1 ~]# cat /var/named/world.org.zone.nj
$TTL 1D
@ IN SOA master admin.world.org. (
2019042214 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS master
master A 10.0.0.8
websrv A 10.0.0.7
www CNAME websrv
[root@dns1 ~]# cat /var/named/world.org.zone.sh
$TTL 1D
@ IN SOA master admin.world.org. (
2019042214 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS master
master A 10.0.0..8
websrv A 192.168.120.7
www CNAME websrv
[root@dns1 ~]# cat /var/named/world.org.zone.other
$TTL 1D
@ IN SOA master admin.world.org. (
2019042214 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS master
master A 10.0.0.8
websrv A 127.0.0.1
www CNAME websrv
[root@dns1 ~]# chgrp named /var/named/world.org.zone.other
[root@dns1 ~]# chgrp named /var/named/world.org.zone.sh
[root@dns1 ~]# chgrp named /var/named/world.org.zone.nj
创建http页面
[root@dns1 ~]# echo "www.world.org in other" > /var/www/html/index.html
[root@dns2 ~]# echo " www.world.org in NJ" > /var/www/html/index.html
[root@dns-web ~]# echo " www.world.org in sh" > /var/www/html/index.html
[root@dns1 ~]# systemctl start httpd
[root@dns2 ~]# systemctl start httpd
[root@dns-web ~]#s ystemctl start httpd
[root@dns1 ~]# cat /etc/resolv.conf
# Generated by NetworkManager
name server 127.0.0.1
[root@dns1 ~]# curl www.world.org
www.world.org in other
[root@oracle ~]# curl www.world.org
www.world.org in NJ
[root@oracle ~]# cat /etc/resolv.conf
# Generated by NetworkManager
nameserver 10.0.0.8
[root@dns-client ~]# curl www.world.org
www.world.org in sh
[root@dns-client ~]# cat /etc/resolv.conf
# Generated by NetworkManager
nameserver 192.168.120.8
3.二进制安装mysql5.7
1.准备工作
安装包
[root@localhost ~]# yum -y install libaio numactl-libs
添加用户和组
[root@localhost ~]# groupadd mysql
[root@localhost ~]# useradd -r -g mysql -s /bin/false mysql
解压程序包
[root@localhost ~]# tar xf mysql-5.7.29-el7-x86_64.tar.gz -C /usr/local/
[root@localhost ~]# cd /usr/local/
[root@localhost local]# ln -s mysql-5.7.29-el7-x86_64/ mysql
[root@localhost local]# chown -R root.root mysql
准备环境变量
[root@localhost local]# echo 'PATH=/usr/local/mysql/bin:$PATH' > /etc/profile.d/mysql.sh
[root@localhost local]# . /etc/profile.d/mysql.sh
准备配置文件
[root@localhost local]# cp /etc/my.cnf{,.bak}
[root@localhost local]# cat /etc/my.cnf
[mysqld]
datadir=/data/mysql
socket=/data/mysql/mysql.sock
# Disabling symbolic-links is recommended to prevent assorted security risks
symbolic-links=0
skip_name_resolve=1
# Settings user and group are ignored when systemd is used.
# If you need to run mysqld under a different user or group,
# customize your systemd unit file for mariadb according to the
# instructions in http://fedoraproject.org/wiki/Systemd
[mysqld_safe]
log-error=/data/mysql/mysql.log
pid-file=/data/mysql/mysql.pid
#
# include all files from the config directory
#
!includedir /etc/my.cnf.d
[client]
socket=/data/mysql/mysql.sock
生成数据库文件
[root@localhost local]# mysqld --initialize --user=mysql --datadir=/data/mysql
准备脚本和服务启动文件
[root@localhost local]# cp /usr/local/mysql/support-files/mysql.server /etc/init.d/mysqld
[root@localhost local]# chkconfig --add mysqld
[root@localhost local]# systemctl start mysqld
修改密码
[root@localhost local]# mysqladmin -uroot -p'c,oxMeamT1gw' password 123456
测试登录
[root@localhost local]# mysql -uroot -p123456
编译安装mysql5.7
安装依赖包
[root@localhost ~]# yum -y install bison bison-devel zlib-devel libcurl-devel libarchive-devel boost-devel gcc gcc-c++ cmake ncurses-devel gnutls-devel libxml2-devel openssl-devel libevent-devel libaio-devel
创建用户和数据库目录
[root@localhost ~]# useradd -r -s /sbin/nologin -d /data/mysql mysql
[root@localhost ~]# mkdir /data/mysql
[root@localhost ~]# chown mysql.mysql /data/mysql/
编译安装
[root@localhost mysql-5.7.25]# tar xvf mysql-boost-5.7.25.tar.gz
[root@localhost ~]# cd mysql-5.7.25
[root@localhost mysql-5.7.25]# cmake . \
-DCMAKE_INSTALL_PREFIX=/app/mysql \
-DMYSQL_DATADIR=/data/mysql/ \
-DSYSCONFDIR=/etc/ \
-DMYSQL_USER=mysql \
-DWITH_INNOBASE_STORAGE_ENGINE=1 \
-DWITH_ARCHIVE_STORAGE_ENGINE=1 \
-DWITH_BLACKHOLE_STORAGE_ENGINE=1 \
-DWITH_PARTITION_STORAGE_ENGINE=1 \
-DWITHOUT_MROONGA_STORAGE_ENGINE=1 \
-DWITH_DEBUG=0 \
-DWITH_READLINE=1 \
-DWITH_SSL=system \
-DWITH_ZLIB=system \
-DWITH_LIBWRAP=0 \
-DENABLED_LOCAL_INFILE=1 \
-DMYSQL_UNIX_ADDR=/data/mysql/mysql.sock \
-DDEFAULT_CHARSET=utf8 \
-DDEFAULT_COLLATION=utf8_general_ci \
-DWITH_BOOST=/root/mysql-5.7.25/boost
[root@localhost mysql-5.7.25]#make && make install
准备环境变量
[root@localhost local]# echo 'PATH=/usr/local/mysql/bin:$PATH' > /etc/profile.d/mysql.sh
[root@localhost local]# bash /etc/profile.d/mysql.sh
初始化mysql
[root@localhost bin]# cd /app/mysql/bin/
[root@localhost bin]# mysql_install_db --datadir=/data/mysql/ --user=mysql
复制配置文件和服务文件
[root@localhost mysql-test]# cp /app/mysql/support-files/mysqld_multi.server /etc/my.cnf
[root@localhost mysql-test]# cp /app/mysql/support-files/mysql.server /etc/init.d/mysqld
初始化
[root@localhost ~]# mysql_secure_installation
