域名服務器搭建之主從DNS服務器

原創 Vnimos 2018-09-11 03:17

安裝bind、caching-nameserver(RHEL6默認未自帶caching-nameserver,可忽略依賴關係直接安裝RHEL5中的軟件包)

[root@rhel6 ~]# yum -y install bind
[root@rhel6 ~]# rpm -ivh --nodeps --force caching-nameserver-9.3.6-4.P1.el5_4.2.x86_64.rpm
warning: caching-nameserver-9.3.6-4.P1.el5_4.2.x86_64.rpm: Header V3 DSA/SHA1 Signature, key ID 37017186: NOKEY
Preparing...                ########################################### [100%]
   1:caching-nameserver     ########################################### [100%]
[root@rhel6 ~]# mv /etc/named* /var/named/chroot/etc/
[root@rhel6 ~]# mv /var/named/* /var/named/chroot/var/named/


配置master DNS主配置文件

[root@rhel6 ~]# vim /var/named/chroot/etc/named.conf
options {                                          //定義一些影響整個DNS服務器的環境設置
    listen-on port 53{ 192.168.0.90; };
    listen-on-v6 port 53 { ::1; };
    directory       "/var/named";                  //定義服務器的工作目錄
    dump-file       "/var/named/data/cache_dump.db";
    statistics-file "/var/named/data/named_stats.txt;
    memstatistics-file "/var/named/data/named_mem_stats.txt";
    allow-query     { 192.168.0.0/24; };
    allow-transfer  { 192.168.0.0/24; };           //定義允許傳輸的輔助DNS服務器地址
};
logging {
        channel default_debug {
                file "data/named.run";
                severity dynamic;
        };
};
#include "/etc/named.rfc1912.zones";
zone "." IN {
    type hint;                                  //定義互聯網中的根域名服務器
    file "named.ca";
};
zone "xfcy.org" IN {                            //創建正向解析區域
    type master;                                //定義主域名服務器
    file "xfcy.org.zone";
};
zone "0.168.192.in-addr.arpa" IN {              //創建反向解析區域
    type master;
    file "192.168.0.zone";
};

創建正反向解析域:

[root@rhel6 ~]# vim /var/named/chroot/var/named/xfcy.org.zone
$TTL    86400                                       //設置客戶端對DNS緩存1天的時間
@       IN  SOA dns.xfcy.org.   root.dns.xfcy.org.(     //@指當前的區域(即xfcy.org.zone),DNS服務器的域名、管理員郵箱
                    2013051700      ;Serial         //序列號(主要用於主從DNS的同步)
                    28800           ;Refresh
                    14400           ;Retry
                    3600000     ;Expire
                    86400   )       ;Minimum
@                IN  NS      dns.xfcy.org.          //設置DNS服務器的域名
dns.xfcy.org.    IN  A       192.168.0.90           //設置A(Address)記錄,用於設置主機名對應的IP地址
@                IN  MX  5   mail.xfcy.org.         //設置郵件交換器資源記錄,用於設置當前域中提供的Mail Server
mail            IN  CNAME       dns.xfcy.org.       //設置CNAME記錄,用於在區域文件中主機的別名
www             IN  A       192.168.0.90
[root@rhel6 ~]# vim /var/named/chroot/var/named/192.168.0.zone
$TTL    86400
@       IN  SOA 0.168.192.in-addr.arpa. root.dns.xfcy.org.(
                    2013051700      ;Serial
                    28800           ;Refresh
                    14400           ;Retry
                    3600000         ;Expire
                    86400   )       ;Minimum
@         IN  NS      dns.xfcy.org.
90        IN  PTR     dns.xfcy.org.
@         IN  MX  5   mail.xfcy.org.
90        IN  PTR     mail.xfcy.org.
90        IN  PTR     www.xfcy.org.
[root@rhel6 ~]# ln -s /var/named/chroot/etc/named.conf /etc/
[root@rhel6 ~]# ln -s /var/named/chroot/var/named/xfcy.org.zone /var/named/
[root@rhel6 ~]# ln -s /var/named/chroot/etc/192.168.1.org.zone /var/named/
[root@rhel6 ~]# ln -s /var/named/chroot/var/named/named.ca /var/named/
[root@rhel6 ~]# chown -R root:named /var/named/chroot/
檢查區域文件
[root@rhel6 ~]# named-checkconf /etc/named.conf
[root@rhel6 ~]# named-checkzone xfcy.org /var/named/xfcy.org.zone
zone xfcy.org/IN: xfcy.org/MX 'mail.xfcy.org' is a CNAME (illegal)
zone xfcy.org/IN: loaded serial 2013051700
OK
[root@rhel6 ~]# named-checkzone 192.168.0 /var/named/192.168.0.zone
zone 192.168.0/IN: 192.168.0/MX 'mail.xfcy.org' (out of zone) has no addresses records (A or AAAA)
zone 192.168.0/IN: loaded serial 2013051700
OK
[root@rhel6 ~]# /etc/init.d/named start
[root@rhel6 ~]# netstat -lntp | grep named
tcp        0      0 127.0.0.1:53                0.0.0.0:*                   LISTEN      10490/named 
tcp        0      0 ::1:53                      :::*                        LISTEN      10490/named
[root@rhel6 ~]# dig mail.xfcy.org @localhost
; <<>> DiG 9.7.3-P3-RedHat-9.7.3-8.P3.el6 <<>> mail.xfcy.org @localhost
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 3225
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; WARNING: recursion requested but not available
;; QUESTION SECTION:
;mail.xfcy.org.                 IN      A
;; Query time: 1 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Fri May 17 23:07:58 2013
;; MSG SIZE  rcvd: 31


配置輔助域名服務器:

首先同樣安裝好bind和caching-nameserver

配置Slave DNS主配置文件

[root@rhel6-2 ~]# vi /var/named/chroot/etc/named.conf
options {
        listen-on port 53 { 192.168.0.91; };
        directory       "/var/named";
        dump-file       "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
        memstatistics-file "/var/named/data/named_mem_stats.txt";
        allow-query     { 192.168.0.0/24; };
        allow-query-cache { 192.168.0.0/24; };
};
logging {
        channel default_debug {
                file "data/named.run";
                severity dynamic;
        };
};
zone "." IN {
        type hint;
        file "named.ca";
};
zone "xfcy.org" IN {
        type slave;
        file "slaves/xfcy.org.zone";
        masters { 192.168.0.90; };
};
zone "0.168.192.in-addr.arpa" IN {
        type slave;
        file "slaves/192.168.0.zone";
        masters { 192.168.0.90; };
};

啓動Slave DNS,將自動從主DNS服務器中傳輸區域配置文件,並在每隔Refresh Time之後自動與主DNS進行更新,同時主DNS每修改一次區域配置文件必須增加Series的值

[root@rhel6-2 ~]# ls /var/named/chroot/var/named/slaves
[root@rhel6-2 ~]# /etc/init.d/named start
[root@rhel6-2 ~]# tailf /var/log/messages
May 17 23:53:12 rhel6-2 named[2991]: zone 0.168.192.in-addr.arpa/IN: Transfer started.
May 17 23:53:12 rhel6-2 named[2991]: transfer of '0.168.192.in-addr.arpa/IN' from 192.168.0.90#53: connected using 192.168.0.91#58501
May 17 23:53:12 rhel6-2 named[2991]: zone 0.168.192.in-addr.arpa/IN: transferred serial 2013051701
May 17 23:53:12 rhel6-2 named[2991]: transfer of '0.168.192.in-addr.arpa/IN' from 192.168.0.90#53: Transfer completed: 1 messages, 7 records, 213 bytes, 0.001 secs (213000 bytes/sec)
May 17 23:53:12 rhel6-2 named[2991]: zone 0.168.192.in-addr.arpa/IN: sending notifies (serial 2013051701)
May 17 23:53:13 rhel6-2 named[2991]: zone xfcy.org/IN: Transfer started.
May 17 23:53:13 rhel6-2 named[2991]: transfer of 'xfcy.org/IN' from 192.168.0.90#53: connected using 192.168.0.91#42265
May 17 23:53:13 rhel6-2 named[2991]: zone xfcy.org/IN: transferred serial 2013051701
May 17 23:53:13 rhel6-2 named[2991]: transfer of 'xfcy.org/IN' from 192.168.0.90#53: Transfer completed: 1 messages, 7 records, 192 bytes, 0.001 secs (192000 bytes/sec)
[root@rhel6-2 ~]# ls /var/named/chroot/var/named/slaves
xfcy.org.zone 192.168.0.zone
[root@rhel6-2 ~]# dig mail.xfcy.org @192.168.0.91
; <<>> DiG 9.7.3-P3-RedHat-9.7.3-8.P3.el6 <<>> mail.xfcy.org @192.168.0.91
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 9476
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;mail.xfcy.org.                 IN      A
;; ANSWER SECTION:
mail.xfcy.org.          86400   IN      CNAME   dns.xfcy.org.
dns.xfcy.org.           86400   IN      A       192.168.0.90
;; AUTHORITY SECTION:
xfcy.org.               86400   IN      NS      dns.xfcy.org.
;; Query time: 0 msec
;; SERVER: 192.168.0.91#53(192.168.0.91)
;; WHEN: Fri May 17 23:51:32 2013
;; MSG SIZE  rcvd: 79


最後通過對同一個域名添加多條A記錄可作負載均衡:

[root@rhel6 ~]# for i in $( seq 1 50) ; do echo "www    0     IN     A               192.168.0.$i" ;done >> /var/named/xfcy.org.zone
[root@rhel6 ~]# for i in $(seq 1 10) ; do ping -c 1 -i 0.001 www | head -n 1 ;done
PING www.xfcy.org (192.168.0.46) 56(84) bytes of data.
PING www.xfcy.org (192.168.0.42) 56(84) bytes of data.
PING www.xfcy.org (192.168.0.38) 56(84) bytes of data.
PING www.xfcy.org (192.168.0.34) 56(84) bytes of data.
PING www.xfcy.org (192.168.0.30) 56(84) bytes of data.
PING www.xfcy.org (192.168.0.26) 56(84) bytes of data.
PING www.xfcy.org (192.168.0.22) 56(84) bytes of data.
PING www.xfcy.org (192.168.0.18) 56(84) bytes of data.
PING www.xfcy.org (192.168.0.14) 56(84) bytes of data.
PING www.xfcy.org (192.168.0.10) 56(84) bytes of data.
從以上結果可知每次解析www.xfcy.org的結果都是不一樣的


發表評論
所有評論
還沒有人評論,想成為第一個評論的人麼? 請在上方評論欄輸入並且點擊發布.
相關文章

DNS原理概述及使用(一)

shang61511 2019-02-23 14:04:46

DNS原理概述及使用(二)

shang61511 2019-02-23 14:02:01

linux 的DNS搭建

夢與時光眠 2019-02-23 13:51:55

Linux 服務器常見報錯

zinejo 2019-02-23 13:50:26

linux下搭建DNS服務器

coinking 2019-02-23 13:34:58

配置基於域名、IP、端口號的Apache服務器

hardstruggle95 2019-02-23 13:32:44

網絡中的最基本的服務器DNS的相關知識的介紹

譕淚寳唄 2019-02-23 13:29:17

主從DNS的搭建步驟

596433405 2019-02-23 13:23:39

DNS及DHCP服務器的配置

sevenLZ 2019-02-23 13:23:28

DNS and BIND

maweijun3 2019-02-23 00:41:10

DNS服務

V屋物無W 2019-02-23 00:36:41

linux學習筆記——DNS服務器的學習和搭建

河邊的石子 2019-02-23 00:31:06

CentOS5.5 下配置DNS

huanjie6 2019-02-23 00:29:24

簡單的域名服務器搭建

wlzxzxw 2019-02-23 13:27:59

RHEL5&Centos5.5上構建主從DNS

唐光輝 2019-02-23 00:37:08