DNS服務器搭建

DNS服務器配置

1.要求：

要保證即能夠解析內網域名bigcloud.local的解析，又能解析互聯網的域名。

主DNS服務器：ZZSRV1.BIGCLOUD.LOCAL

輔助DNS服務器：ZZSRV2.BIGCLOUD.LOCAL

包含以下域的信息：

1、bigcloud.local域的信息：

FQDN	IP地址	備註
zzsrv1.bigcloud.local	192.168.188.11	DNS服務器
zzsrv2.bigcloud.local	192.168.188.12	DNS服務器
ftp.bigcloud.local	192.168.188.11
mailsrv1.bigcloud.local	192.168.188.22
smtp.bigcloud.local	192.168.188.22
pop3.bigcloud.local	192.168.188.22
www.bigcloud.local	192.168.188.11
crm.bigcloud.local	192.168.188.11

smtp及pop3需要使用CNAME來進行解析。同時，需要實現反向地址解析。

2、192.168.188.0/24、192.168.189.0/24反向解析域

實現到202.102.224.68、202.102.227.68的DNS轉發。

防止非授權用戶的DNS記錄的枚舉(防止出現類似上海菸草公司的安全隱患)。僅允許管理員在192.168.188.10上進行操作。

2.實驗步驟：

2.1 安裝bind包

# yum -y install bind

# rpm -qc bind

/etc/logrotate.d/named

/etc/named.conf

/etc/named.iscdlv.key

/etc/named.rfc1912.zones

/etc/named.root.key

/etc/rndc.conf

/etc/rndc.key

/etc/sysconfig/named

/var/named/named.ca

/var/named/named.empty

/var/named/named.localhost

/var/named/named.loopback

2.2 配置bind

# cd /etc

# cp named.conf named.conf.origin（修改之前先備份）

修改配置文件

# vi /etc/named.conf

options {

// listen-on port 53 { 127.0.0.1; };

// listen-on-v6 port 53 { ::1; };

listen-on port 53 { any; };

directory "/var/named";

dump-file "/var/named/data/cache_dump.db";

statistics-file "/var/named/data/named_stats.txt";

memstatistics-file "/var/named/data/named_mem_stats.txt";

// allow-query { localhost; };

allow-query { any; };

// dnssec-enable yes;

dnssec-enable no;

// dnssec-validation yes;

dnssec-validation no;

dnssec-lookaside auto;

添加轉發器和允許傳送的地址

forwarders { 202.102.224.68; 202.102.227.68; };

allow-transfer { 192.168.188.11;192.168.188.12; 192.168.188.10; };

}

修改完後重啓服務（可能會很慢）

# systemctl start named.service

查看狀態，增加一個zone

# rndc status

version: 9.9.4-RedHat-9.9.4-14.el7<id:8f9657aa>

CPUs found: 1

worker threads: 1

UDP listeners per interface: 1

number of zones: 101

debug level: 0

xfers running: 0

xfers deferred: 0

soa queries in progress: 0

query logging is OFF

recursive clients: 0/0/1000

tcp clients: 0/100

server is up and running

使用nslookup解析域名

# nslookup

-bash: nslookup: command not found

命令找不到，原因是沒有安裝bind-utils包

# yum -y install bind-utils

# netstat -an |grep :53

tcp 0 0 192.168.188.11:53 0.0.0.0:* LISTEN

tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN

udp 0 0 192.168.188.11:53 0.0.0.0:*

udp 0 0 127.0.0.1:53 0.0.0.0:*

udp 0 0 0.0.0.0:5353 0.0.0.0:*

設置DNS爲自動啓動

# systemctl enable named.service

檢查是否設置成功

# systemctl is-enabled named.service

enabled

2.3 主DNS配置

2.3.1創建正向zone

# vi /etc/named.conf

在配置文件後面添加如下信息：

zone "bigcloud.local" IN {

type master;

file "bigcloud.local.zone";

};

# cd /var/named

使用空白模板創建新的zone

# cp named.empty bigcloud.local.zone

# vi bigcloud.local.zone

$TTL 3H

@ IN SOA @ rname.invalid. (

0 ; serial

1D ; refresh

1H ; retry

1W ; expire

3H ) ; minimum

NS zzsrv1.bigcloud.local.

zzsrv1 A 192.168.188.11

ftp A 192.168.188.11

mailsrv1 A 192.168.188.22

smtp CNAME mailsrv1.bigcloud.local.

pop3 CNAME mailsrv1.bigcloud.local.

www A 192.168.188.11

crm A 192.168.188.11

# ll

-rw-r----- 1 root root 394 Aug 20 04:05 bigcloud.local.zone

更改配置文件的屬主和屬組

# chown named:named /var/named/bigcloud.local.zone

# ll

-rw-r----- 1 named named 394 Aug 20 04:05 bigcloud.local.zone

修改之後重啓服務

# systemctl restart named

查看狀態，又增加了一個zone

# rndc status

version: 9.9.4-RedHat-9.9.4-14.el7<id:8f9657aa>

CPUs found: 1

worker threads: 1

UDP listeners per interface: 1

number of zones: 102

debug level: 0

xfers running: 0

xfers deferred: 0

soa queries in progress: 0

query logging is OFF

recursive clients: 0/0/1000

tcp clients: 0/100

server is up and running

驗證正向解析：

# nslookup

> www.bigcloud.local.

Server: 192.168.188.11

Address: 192.168.188.11#53

Name: www.bigcloud.local

Address: 192.168.188.11

> ftp.bigcloud.local.

Server: 192.168.188.11

Address: 192.168.188.11#53

Name: ftp.bigcloud.local

Address: 192.168.188.11

2.3.2創建反向zone

# vi /etc/named.conf（在配置文件後添加如下信息）

zone "188.168.192.in-addr.arpa"IN {

type master;

file "192.168.188.zone";

};

zone "189.168.192.in-addr.arpa"IN {

type master;

file "192.168.189.zone";

};

# cp bigcloud.local.zone 192.168.188.zone

#cp bigcloud.local.zone 192.168.189.zone

# vi 192.168.188.zone

# vi 192.168.189.zone

$TTL 3H

@ IN SOA @ rname.invalid. (

0 ; serial

1D ; refresh

1H ; retry

1W ; expire

3H ) ; minimum

NS zzsrv1.bigcloud.local.

1 PTR 360.bigcloud.local.

2 PTR guge.bigcloud.local.

3 PTR baidu.bigcloud.local.

4 PTR wanyi.bigcloud.local.

# ll

-rw-r----- 1 root root 298 Aug 20 04:20 192.168.188.zone

-rw-r----- 1 root root 394 Aug 20 04:20 192.168.189.zone

-rw-r----- 1 named named 394 Aug 20 04:05 bigcloud.local.zone

更改2個區域文件的屬組和屬主

# chown named:named 192.168.188.zone

# chown named:named 192.168.189.zone

# ll

-rw-r----- 1 named named 298 Aug 20 04:20192.168.188.zone

-rw-r----- 1 named named 303 Aug 20 04:21192.168.189.zone

重啓服務

# systemctl restart named

查看區域狀態，又增加了2個zone

#rndc status

version: 9.9.4-RedHat-9.9.4-14.el7<id:8f9657aa>

CPUs found: 1

worker threads: 1

UDP listeners per interface: 1

number of zones: 104

驗證反向查找

# nslookup 192.168.188.1

Server: 192.168.188.11

Address: 192.168.188.11#53

1.188.168.192.in-addr.arpa name = 360.bigcloud.local.

# nslookup 192.168.189.2

Server: 192.168.188.11

Address: 192.168.188.11#53

2.189.168.192.in-addr.arpa name = guge2.bigcloud.local.

2.4輔助DNS配置

基礎配置與主DNS一致。

2.4.1先在主DNS上修改配置文件

添加如下信息：

NS zzsrv2.bigcloud.local.

zzsrv1 A 192.168.188.11

zzsrv2 A 192.168.188.12

2.4.2 在輔助DNS上最後添加如下內容：

zone "bigcloud.local" IN {

type slave;

file "bigcloud.local.zone";

masters {192.168.188.11;};

};

zone "188.168.192.in-addr.arpa"IN {

type slave;

file "192.168.188.zone";

masters { 192.168.188.11; };

};

zone "189.168.192.in-addr.arpa"IN {

type slave;

file "192.168.189.zone";

masters { 192.168.188.11; };

};

2.4.3修改目錄權限，允許named組有寫權限

# ll -d /var/named

drwxr-x--- 5 root named 120 Aug 20 06:05/var/named

# chmod g+w /var/named

# ll -d /var/named

drwxrwx--- 5 root named 120 Aug 20 06:05/var/named

# systemctl stop firewalld

# rndc reload

server reload successful

查看區域狀態：增加了一個zone

# rndc status

version: 9.9.4-RedHat-9.9.4-14.el7<id:8f9657aa>

CPUs found: 1

worker threads: 1

UDP listeners per interface: 1

number of zones: 102

debug level: 0

xfers running: 0

xfers deferred: 0

soa queries in progress: 0

query logging is OFF

recursive clients: 0/0/1000

tcp clients: 0/100

server is up and running

# cd /var/named

在該目錄下自動生成了3個區域文件

# ll

-rw-r--r-- 1 named named 489 Aug 20 17:34 192.168.188.zone

-rw-r--r-- 1 named named 493 Aug 20 17:34 192.168.189.zone

-rw-r--r-- 1 named named 622 Aug 20 17:33 bigcloud.local.zone

drwxrwx--- 2 named named 22 Aug 20 06:07 data

drwxrwx--- 2 named named 58 Aug 20 17:06 dynamic

-rw-r----- 1 root named 2076 Jan 28 2013 named.ca

2.4.4 驗證輔助DNS正向解析

> www.bigcloud.local

Server: 192.168.188.11

Address: 192.168.188.11#53

Name: www.bigcloud.local

Address: 192.168.188.11

2.4.5 驗證輔助DNS反向解析

# nslookup 192.168.188.1

Server: 192.168.188.11

Address: 192.168.188.11#53

1.188.168.192.in-addr.arpa name = 360.bigcloud.local.

排錯：

1. 轉發器一直無法使用，結果是ifcfg-文件中網關GATEWAY寫錯了

2. 掛載光驅時報錯 # mount/dev/cdrom /mnt/cdrom

mount: no medium found on /dev/sr0

原因是光盤沒開啓

3. yum無法使用，需要修改yum配置文件

# cd /etc/yum.repos.d/

# vi CentOS-Base.repo

[base]

name=CentOS-$releasever - Base

baseurl=file:///mnt/cdrom/

gpgcheck=1

gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7

4. 文件傳遞過來了，但是輔助DNS不能解析:

# vi /etc/resolv.conf

nameserver “=”192.168.188.11

是因爲在該文件中多寫了一個=號。

DNS服務器搭建

DNS服務器配置

[轉帖]使用NMT和pmap解決JVM資源泄漏問題原創

Python實現大麥網搶票的四大關鍵技術點解析

Python 安裝庫指令大全

salesforce零基礎學習（一百三十八）零碎知識點小總結（十）

一款開源的.NET程序集反編譯、編輯和調試神器

關於接口協議，你必須要知道這些！

基於 Milvus + LlamaIndex 實現高級 RAG

【2024-05-21】以茶會友

centos下搭建服務器

DNS服務器搭建

磁盤讀寫測試

文件服務器--samba和ftp的搭建

centos連接磁盤櫃

https://yachay.unat.edu.pe/blog/index.php?comment_area=format_blog&comment_component=blog&comment_co

linux以太網驅動總結