首页 > 系统相关 >Linux下的主辅DNS服务器同步

Linux下的主辅DNS服务器同步

时间:2023-03-02 13:01:34浏览次数:52  
标签:named DNS root huaxia 192.168 主辅 Linux com 200.150

(Linux下的主辅DNS服务器同步)

一、系统环境介绍

系统:rhel8.0 control:192.168.200.150 -》主DNS(已配置) node1:192.168.200.135 -》辅助DNS node2:192.168.200.136

二、辅助DNS搭建

1.安装yum包

[root@node1 ~]# yum -y install bind bind-chroot
Updating Subscription Management repositories.
Unable to read consumer identity
This system is not registered to Red Hat Subscription Management. You can use subscription-manager to register.
Repository AppStream is listed more than once in the configuration
Repository BaseOS is listed more than once in the configuration
Repository AppStream is listed more than once in the configuration
Repository BaseOS is listed more than once in the configuration
AppStream                                                                                                      165 kB/s | 3.2 kB     00:00    
BaseOS                                                                                                         155 kB/s | 2.7 kB     00:00    
ansiable                                                                                                       0.0  B/s |   0  B     00:00    
Zabbix                                                                                                         1.3 kB/s | 2.9 kB     00:02    
Failed to synchronize cache for repo 'ansiable', ignoring this repo.
Dependencies resolved.
===============================================================================================================================================
 Package                          Arch                        Version                                     Repository                      Size
===============================================================================================================================================
Installing:
 bind                             x86_64                      32:9.11.4-16.P2.el8                         AppStream                      2.1 M
 bind-chroot                      x86_64                      32:9.11.4-16.P2.el8                         AppStream                       99 k

Transaction Summary
===============================================================================================================================================
Install  2 Packages

Total size: 2.2 M
Installed size: 4.7 M
Downloading Packages:
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
  Preparing        :                                                                                                                       1/1 
  Running scriptlet: bind-32:9.11.4-16.P2.el8.x86_64                                                                                       1/2 
  Installing       : bind-32:9.11.4-16.P2.el8.x86_64                                                                                       1/2 
  Running scriptlet: bind-32:9.11.4-16.P2.el8.x86_64                                                                                       1/2 
  Installing       : bind-chroot-32:9.11.4-16.P2.el8.x86_64                                                                                2/2 
  Running scriptlet: bind-chroot-32:9.11.4-16.P2.el8.x86_64                                                                                2/2 
  Verifying        : bind-32:9.11.4-16.P2.el8.x86_64                                                                                       1/2 
  Verifying        : bind-chroot-32:9.11.4-16.P2.el8.x86_64                                                                                2/2 
Installed products updated.

Installed:
  bind-32:9.11.4-16.P2.el8.x86_64                                    bind-chroot-32:9.11.4-16.P2.el8.x86_64                                   

Complete!

2.设置服务自启

[root@node1 ~]# systemctl enable --now named
Created symlink /etc/systemd/system/multi-user.target.wants/named.service → /usr/lib/systemd/system/named.service.

3.编辑dns主配置文件

[root@node1 ~]# vim /etc/named.conf 

options {
        listen-on port 53 { any; };
        listen-on-v6 port 53 { ::1; };
        directory       "/var/named";
        dump-file       "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
        memstatistics-file "/var/named/data/named_mem_stats.txt";
        secroots-file   "/var/named/data/named.secroots";
        recursing-file  "/var/named/data/named.recursing";
        allow-query     { any; };


4.编辑区域文件

[root@node1 ~]# vim /etc/named.rfc1912.zones
zone "huaxia.com" IN {
        type slave;
        masters { 192.168.200.150; };
        file "slaves/named.zx";
};



zone "1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN {
        type master;
        file "named.loopback";
        allow-update { none; };
};

zone "200.168.192.in-addr.arpa" IN {
        type slave;
        masters { 192.168.200.150; };
        file "slaves/named.fx";
};

5.配置正向文件

[root@node1 named]# cp -p named.localhost slaves/named.zx
[root@node1 named]# cp -p named.loopback slaves/named.fx

$TTL 1D
@       IN SOA  ns.huaxia.com. root. (
                                        20212401        ; serial
                                        10      ; refresh
                                        1H      ; retry
                                        10      ; expire
                                        10 )    ; minimum
@       NS      ns.huaxia.com.
ns IN   A       192.168.200.150
server0  IN A 192.168.200.150
~                              

备注:,正向、反向数据库文件主辅同步时间频率改为 10 秒,增加序列号,为方便快速看到同步效果,并且重启 named 服务。(生产环境中保持默认即可。)

6.配置反向文件

$TTL 1D
@       IN SOA  ns.huaxia.com. root. (
                                        20212413       ; serial
                                        10      ; refresh
                                        10      ; retry
                                        1W      ; expire
                                        10 )    ; minimum
@       NS      ns.huaxia.com
ns IN   A       192.168.200.150
150     PTR     server0.example.com

7.重启服务和放行防火墙

[root@node1 named]# systemctl restart named
[root@node1 named]# firewall-cmd --permanent --add-service=dns
success
[root@node1 named]# firewall-cmd --reload 
success

三、客户端指向DNS服务器

[root@node2 ~]# vim /etc/resolv.conf 

# Generated by NetworkManager
search example.com ilt.example
nameserver 192.168.200.135

四、测试正向解析和反向解析

[root@node2 ~]# nslookup 
> server0.huaxia.com
Server:		192.168.200.135
Address:	192.168.200.135#53

Name:	server0.huaxia.com
Address: 192.168.200.150
> 192.168.200.150
150.200.168.192.in-addr.arpa	name = www.huaxia.com.

六、测试主从同步

1.修改主DNS的正、反向配置文件

$TTL 1D
@       IN SOA   ns.huaxia.com. root.  (
                                   2021062211           ; serial
                                        10      ; refresh
                                        10      ; retry
                                        1W      ; expire
                                        30 )    ; minimum
@        IN      NS      ns.huaxia.com.
ns      IN      A       192.168.200.150
server0       IN      A       192.168.200.150
www IN A 192.168.200.150
web IN CNAME web.huaxia.com.
* IN A 192.168.200.150
mail IN A 192.168.200.150
@ MX 10 mail.huaxia.com.


$TTL 1D
@       IN SOA    ns  root.huaxia.com  (
                                   2021062211           ; serial
                                        1D      ; refresh
                                        1H      ; retry
                                        1W      ; expire
                                        3H )    ; minimum

@       IN     NS      ns.huaxia.com.
ns      IN      A       192.168.200.150
150           PTR      www.huaxia.com.
150     PTR   mail.huaxia.com.
150 PTR server0.example.com.

2.客户端检查是否dns同步

150.200.168.192.in-addr.arpa	name = server0.example.com.
150.200.168.192.in-addr.arpa	name = www.huaxia.com.
150.200.168.192.in-addr.arpa	name = mail.huaxia.com.

[root@node2 ~]# nslookup server0.huaxia.com
Server:		192.168.200.135
Address:	192.168.200.135#53

Name:	server0.huaxia.com
Address: 192.168.200.150

[root@node2 ~]# nslookup www.huaxia.com
Server:		192.168.200.135
Address:	192.168.200.135#53

Name:	www.huaxia.com
Address: 192.168.200.150


七、主DNS服务器搭建链接

Linux下的DNS服务器搭建

标签:named,DNS,root,huaxia,192.168,主辅,Linux,com,200.150
From: https://blog.51cto.com/u_14664141/6095993

相关文章

  • 如何在linux下手动构建PHP项目运行环境(lnmrp)
    引用https://www.cnblogs.com/studyandstudy/p/16190139.html前言我之前在构建PHP项目运行环境,直接采用宝塔或者PHPstduy等一键集成安装工具,虽然操作简单,运营维护起来......
  • []Linux 离线升级Openssh与Openssl版本
    https://blog.csdn.net/qq_45728838/article/details/120825845离线的意思是为Linux无法链接网络,只能通过windows将文件上传一、首先准备软件Xshell与Xftp我们个人使用......
  • Linux SPI 开发指南
    LinuxSPI开发指南1前言1.1文档简介介绍SPI模块的使用方法,方便开发人员使用。1.2目标读者SPI模块的驱动开发/维护人员。1.3适用范围​ 表......
  • Linux RTC 开发指南
    LinuxRTC开发指南1概述1.1编写目的介绍Linux内核中RTC驱动的适配和DEBUG方法,为RTC设备的使用者和维护者提供参考。1.2适用范围内核版本驱动文件LINU......
  • linux修改组播订阅数量限制
    组播数量限制内核参数存放位置,/proc/sys/net/ipv4/igmp_max_memberships修改组播限制数量,切换至root用户临时修改sysctlnet.ipv4.igmp_max_memberships=200永久......
  • Linux极简入门系列(六):其它补充
    Linux极简入门系统目录:1、系统安装和配置(VMware/CentOS、WSL/ubuntu)2、Linux的目录结构和常用操作3、vim文本编辑器4、用户和文件权限5、软件和服务管理6、其它补......
  • RockyLinux8.7 制作OpenSSH9.2 rpm包
    由于系统原装的openssh存在高危的漏洞,安全扫描不过,故制作出最新版本的rpm包修复openssh高危漏洞。1.安装基础环境工具dnfinstallwgetmakegccperlrpm-buildgtk2-de......
  • linux之 rpm yum dnf
    #############################        [root@igoodfulroot]dnffinstalldstatLastmetadataexpirationcheck:0:53:35agoonWed01Mar202309......
  • Linux 开源的高性能稳定服务器操作系统入门
     我们研发项目,写代码时,使用的一般都是windows或者是MAC的操作系统,作为本地的用户使用系统,而Linux一般都是放在服务器上运行的一种高效稳定的服务器系统.我们还是无......
  • jdk下载、Linux环境安装jdk
    访问网站:oracle.com点击:Resources-->JavaDownloads相当于访问:https://www.oracle.com/java/technologies/downloads/找到jdk1.8,下载对应版本,比如linuxt位32位,则下载:jd......