(1)dns高速缓存
systemctl restart named
127 systemctl restart named
(4)反向解析:
144 systemctl restart named
146 dig -x 172.25.254.111
(5)内外网的设置
165 dig hello.westos.com
外网测试:
vim /etc/resolv.conf
181 dig www.westos.com
辅dns的配置
hostnamectl set-hostname dns-slave.example.com
2 cd /etc/sysconfig/network-scripts/ (配置ip)
3 ls
4 vim ifcfg-eth0
5 systemctl restart network
6 cd /etc/yum.repos.d/ (配置yum源)
7 ls
8 vim rhel_dvd.repo
9 yum clean all
10 yum repolist
11 systemctl stop firewalld
12 systemctl disable firewalld
13 ifconfig
18 systemctl restart named
19 cd /var/named/
20 ls
(7)dns的自动同步更新
主dns
188 systemctl restart named
189 chmod 770 /var/named/
193 ll(产生westos.com.zone.jnl文件)
194 cat westos.com.zone 此时里面内容还没有改变
195 systemctl restart named
197 vim westos.com.zone 此时已经更改了
199 rm -fr westos.com.zone*
200 ll
202 cp -p /mnt/westos.com.zone .
203 ll
204 systemctl restart named
205 ll
11 vim /etc/named.rfc1912.zones
zone "westos.com" IN {
type master;
file "westos.com.zone";
allow-update { key westos; };
also-notify { 172.25.254.213; };
13 ll
total 32
drwxrwx--- 2 named named 22 May 19 03:08 data
drwxrwx--- 2 named named 4096 May 20 02:05 dynamic
-rw-r----- 1 root named 2076 Jan 28 2013 named.ca
-rw-r----- 1 root named 152 Dec 15 2009 named.empty
-rw-r----- 1 root named 152 Jun 21 2007 named.localhost
-rw-r----- 1 root named 168 Dec 15 2009 named.loopback
drwxrwx--- 2 named named 6 Jan 29 2014 slaves
-rw-r----- 1 root named 328 May 19 22:24 westos.com.inter
-rw-r----- 1 root named 240 May 19 22:00 westos.com.ptr
-rw-r----- 1 root named 333 May 20 00:08 westos.com.zone
14 systemctl restart named
15 cd /mnt
16 ls
17 scp Kwestos.+157+40719.* [email protected]:/mnt
客户端
(9)动态域名解析(花生壳 )
把上个实验的更新删除,还原回来
rm -fr westos.com.zone*
200 ll
202 cp -p /mnt/westos.com.zone .
203 ll
204 systemctl restart named
205 ll
cd /var/named
先创建一个纯净的环境(配置ip和yum源,网关配置)
yum install bind -y 下载dns服务软件
systemctl start named 开启服务
cat /etc/rndc.key
netstat -antlpe | grep named 查看服务端口
systemctl stop firewalld
systemctl disable firewalld 开机自动关闭火墙
vim /etc/named.conf 编辑配置文件
listen-on port 53 { any; }; 开启所有端口
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { any; }; 允许所有人访问,并且回应
forwarders { 172.25.254.55; }; 服务器不知道时,去询问其他的dns服务器
dnssec-enable yes;
dnssec-validation no;
dnssec-lookaside auto;
systemctl restart named
vim /etc/resolv.conf
客户端
vim /etc/resolv.conf
nameserver 172.25.254.113
(2)dns的正向解析
vim /etc/named.conf
删掉刚才写的forwarders { 172.25.254.55 ; };
vim /etc/named.rfc1912.zones
zone "westos.com" IN {
type master;
file "westos.com.zone";
allow-update { none; };
};
cd /var/named
cp -p named.localhost westos.com.zone
vim westos.com.zone
$TTL 1D
@ IN SOA dns.westos.com. oldlee.westos.com. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS dns.westos.com.
dns A 172.25.254.113
hello A 172.25.254.232
xd A 172.25.254.222
www CNAME node1.westos.com.
node1 A 172.25.254.179
node1 A 172.25.254.188
systemctl restart named
vim /etc/resolv.conf
nameserver 172.25.254.155
systemctl stop firewalld
119 systemctl disable firewalld
120 systemctl start named
121 systemctl enable named
122 cd /var/named
123 ls
124 vim westos.com.zone
$TTL 1D
@ IN SOA dns.westos.com. oldlee.westos.com. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS dns.westos.com.
dns A 172.25.254.155
hello A 172.25.254.232
xd A 172.25.254.222
www CNAME node1.westos.com.
node1 A 172.25.254.179
node1 A 172.25.254.188
127 systemctl restart named
128 dig www.westos.com
(4)反向解析:
vim /etc/resolv.conf
nameserver 172.25.254.155
相当于知道ip解析地址名称
137 vim /etc/named.rfc1912.zones
zone "254.25.172.in-addr.arpa" IN {
type master;
file "westos.com.ptr";
allow-update { none; };
};
138 cd /var/named/
139 ls
140 cp -p named.loopback westos.com.ptr
141 vim /etc/named.rfc1912.zones
142 ls
143 vim westos.com.ptr
$TTL 1D
@ IN SOA dns.westos.com. oldlee.westos.com. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS dns.westos.com.
dns A 172.25.254.155
111 PTR www.westos.com.
222 PTR hello.westos.com.
144 systemctl restart named
146 dig -x 172.25.254.111
147 dig -x 172.25.254.222
(5)内外网的设置
vim /etc/resolv.conf
nameserver 172.25.254.155
155 cd /var/named/
156 ll
157 cp -p westos.com.zone westos.com.inter
158 ls
159 vim westos.com.inter
$TTL 1D
@ IN SOA dns.westos.com. oldlee.westos.com. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS dns.westos.com.
dns A 192.168.0.155
hello A 192.168.0.232
xd A 192.168.0.222
www CNAME node1.westos.com.
node1 A 192.168.0.179
node1 A 192.168.0.188
160 cp -p /etc/named.rfc1912.zones /etc/named.rfc1912.inter
161 vim /etc/named.rfc1912.inter
zone "westos.com" IN {
type master;
file "westos.com.inter";
allow-update { none; };
};
162 vim /etc/named.conf
/*
zone "." IN {
type hint;
file "named.ca";
};
include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";
*/
view localnet {
match-clients { 172.25.254.155; };
zone "." IN {
type hint;
file "named.ca";
};
include "/etc/named.rfc1912.zones";
};
view inter {
match-clients { any; };
zone "." IN {
type hint;
file "named.ca";
};
include "/etc/named.rfc1912.inter";
};
165 dig hello.westos.com
166 dig www.westos.com
外网测试:
vim /etc/resolv.conf
nameserver 172.25.254.155
(6)dns集群的设置
主dns的配置
vim /etc/named.conf
zone "." IN {
type hint;
file "named.ca";
};
include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";
/*
view localnet {
match-clients { 172.25.254.155; };
zone "." IN {
type hint;
file "named.ca";
};
include "/etc/named.rfc1912.zones";
};
view inter {
match-clients { any; };
zone "." IN {
type hint;
file "named.ca";
};
include "/etc/named.rfc1912.inter";
};
*/
176 systemctl restart named
177 vim /etc/named.rfc1912.zones
zone "westos.com" IN {
type master;
file "westos.com.zone";
allow-update { none; };
also-notify { 172.25.254.213; }; 允许172.25.254.213记录
};
181 dig www.westos.com
辅dns的配置
hostnamectl set-hostname dns-slave.example.com
2 cd /etc/sysconfig/network-scripts/ (配置ip)
3 ls
4 vim ifcfg-eth0
5 systemctl restart network
6 cd /etc/yum.repos.d/ (配置yum源)
7 ls
8 vim rhel_dvd.repo
9 yum clean all
10 yum repolist
11 systemctl stop firewalld
12 systemctl disable firewalld
13 ifconfig
14 init 3
15 yum install bind -y
16 vim /etc/named.conf
options {
listen-on port 53 { any; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { any; };
dnssec-enable yes;
dnssec-validation no;
dnssec-lookaside auto;
17 vim /etc/named.rfc1912.zones
zone "westos.com" IN {
type slave; 设定本机为辅dns
masters { 172.25.254.155; }; 同步主机ip
file "slaves/westos.com.zone";
allow-update { none; };
};
18 systemctl restart named
19 cd /var/named/
20 ls
21 vim /etc/resolv.conf dns指向172.25.254.113
22 dig www.westos.com
(7)dns的自动同步更新
主dns
184 cd /var/named/
185 cp -p westos.com.zone /mnt/
186 ls
187 vim /etc/named.rfc1912.zones
zone "westos.com" IN {
type master;
file "westos.com.zone";
allow-update { 172.25.254.55; }; 允许172.25.254.13更新dns
also-notify { 172.25.254.213; };
};
188 systemctl restart named
189 chmod 770 /var/named/
190 vim westos.com.zone
191 dig test.westos.com (已更新)
193 ll(产生westos.com.zone.jnl文件)
194 cat westos.com.zone 此时里面内容还没有改变
195 systemctl restart named
197 vim westos.com.zone 此时已经更改了
198 ls
199 rm -fr westos.com.zone*
200 ll
202 cp -p /mnt/westos.com.zone .
203 ll
204 systemctl restart named
205 ll
206 cat westos.com.zone
测试机子172.25.254.55
[kiosk@foundation13 Desktop]$ nsupdate
> server 172.25.254.113
> update add test.westos.com 86400 A 172.25.254.178
> send
>
(8)dns加密更新
2 cd /mnt
3 ls
4 dnssec-keygen -a HMAC-MD5 -b 128 -n HOST westos
5 ls
cat Kwestos.+157+40719.private cat Kwestos.+157+40719.key
6 cat Kwestos.+157+40719.private
7 cat Kwestos.+157+40719.key
8 cp /etc/rndc.key /etc/westos.key -p
9 vim /etc/westos.key
key "westos" {
algorithm hmac-md5;
secret "6gtuPLnm6+i/palaGRsZPw==";
};
10 vim /etc/named.conf
include "/etc/westos.key";
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
11 vim /etc/named.rfc1912.zones
zone "westos.com" IN {
type master;
file "westos.com.zone";
allow-update { key westos; };
also-notify { 172.25.254.213; };
};
13 ll
total 32
drwxrwx--- 2 named named 22 May 19 03:08 data
drwxrwx--- 2 named named 4096 May 20 02:05 dynamic
-rw-r----- 1 root named 2076 Jan 28 2013 named.ca
-rw-r----- 1 root named 152 Dec 15 2009 named.empty
-rw-r----- 1 root named 152 Jun 21 2007 named.localhost
-rw-r----- 1 root named 168 Dec 15 2009 named.loopback
drwxrwx--- 2 named named 6 Jan 29 2014 slaves
-rw-r----- 1 root named 328 May 19 22:24 westos.com.inter
-rw-r----- 1 root named 240 May 19 22:00 westos.com.ptr
-rw-r----- 1 root named 333 May 20 00:08 westos.com.zone
[root@dns-server named]# systemctl restart named
14 systemctl restart named
15 cd /mnt
16 ls
17 scp Kwestos.+157+40719.* [email protected]:/mnt
23 dig test.westos.com
客户端
测试机子172.25.254.213
[kiosk@foundation213 Desktop]$ nsupdate -k Kwestos.+157+40719.private
> server 172.25.254.155
> update add test.westos.com 86400 A 172.25.254.199
> send
>
(9)动态域名解析(花生壳 )
把上个实验的更新删除,还原回来
rm -fr westos.com.zone*
200 ll
202 cp -p /mnt/westos.com.zone .
203 ll
204 systemctl restart named
205 ll
cd /var/named
206 cat westos.com.zone
服务端
39 yum install dhcp -y
40 clear
41 cp /usr/share/doc/dhcp-4.2.5/dhcpd.conf.example /etc/dhcp/dhcpd.conf
42 vim /etc/dhcp/dhcpd.conf
option domain-name "westos.com";
option domain-name-servers 172.25.254.113;
ddns-update-style interim;
subnet 172.25.254.0 netmask 255.255.255.0 {
range 172.25.254.110 172.25.254.115;
option routers 172.25.254.113;
}
key westos {
algorithm hmac-md5;
secret 6gtuPLnm6+i/palaGRsZPw==;
};
zone westos.com. {
primary 172.25.254.113;
key westos;
}
(删除34及其以后的行及27、28行)
43 systemctl restart dhcpd
客户端
hostnamectl set-hostname linux.westos.com
vim /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=eth0
BOOTPROTO=dhcp
ONBOOT=yes
TYPE=Ethernet
systemctl restart network
dig linux.westos.com