DNS&BIND——動態更新的DNS主從複製

本文配置的正向解析的主從服務,反向同理,不贅述了....

1. 從服務器應該是一臺獨立的名稱服務器(首先要成爲緩存服務器)

2. 主動通知的必要條件(i或ii,知足其一便可)

   1. vim  /etc/named.rfc1912.zones

      also-notify {slave_ip;};

   1. 主服務器的區域解析庫文件中,必須有一條NS記錄是指向從服務器(主動通知)

   2. master:

從服務器只須要定義區域.而無需提供解析庫文件;

• 解析庫文件自動同步至/var/named/slaves目錄中

主服務器得容許從服務器做區域傳送主從服務器時間應該同步,ntpbind程序版本應該保持一致(不然,slave高於master)

master&slave

緩存服務器的配置

vim  /etc/named.conf

 11         listen-on port 53 { any; };
 17         allow-query     { any; };
 33         dnssec-validation no;

master(172.25.254.11)

vim /etc/named.rfc1912.zones

zone "lalala.com" IN {
        type master;
        file "lalala.com.zone";
        allow-update { none; };
        also-notify {172.25.254.10;};  #若是文件改變通知salve
};

slave(172.25.254.10)

vim /etc/named.rfc1912.zones

zone "lalala.com" IN {
        type slave;
        masters {172.25.254.11;};
        file "slaves/lalala.com.zone";
};

 dig -t axfr lalala.com @172.25.254.11
 dig -t axfr 254.25.172.in-addr.arpa @172.25.254.11

檢測是否能夠全量同步

[root@desktop ~]# dig -t axfr lalala.com 

; <<>> DiG 9.9.4-RedHat-9.9.4-14.el7 <<>> -t axfr lalala.com
;; global options: +cmd
lalala.com.        86400    IN    SOA    ns1.lalala.com. admin.lalala.com.lalala.com. 20160609 86400 3600 604800 10800
lalala.com.        86400    IN    A    172.25.254.100
lalala.com.        86400    IN    NS    ns1.lalala.com.
lalala.com.        86400    IN    NS    ns2.lalala.com.
lalala.com.        86400    IN    MX    10 mx1.lalala.com.
lalala.com.        86400    IN    MX    20 mx2.lalala.com.
*.lalala.com.        86400    IN    A    172.25.254.100
ftp.lalala.com.        86400    IN    CNAME    www.lalala.com.
mx1.lalala.com.        86400    IN    A    172.25.254.13
mx2.lalala.com.        86400    IN    A    172.25.254.14
ns1.lalala.com.        86400    IN    A   172.25.254.11
ns2.lalala.com.        86400    IN    A    172.25.254.10
www.lalala.com.        86400    IN    A    172.25.254.11
www.lalala.com.        86400    IN    A    172.25.254.12
lalala.com.        86400    IN    SOA    ns1.lalala.com. admin.lalala.com.lalala.com. 20160609 86400 3600 604800 10800
;; Query time: 1 msec
;; SERVER: 172.25.254.11#53(172.25.254.11)
;; WHEN: Sat Jun 10 05:26:06 EDT 2017
;; XFR size: 15 records (messages 1, bytes 345)

分析日誌 

1.全量傳送

master

Jun 10 05:53:45 server named[1859]: client 172.25.254.10#53447 (lalala.com): transfer of 'lalala.com/IN': AXFR started
Jun 10 05:53:45 server named[1859]: client 172.25.254.10#53447 (lalala.com): transfer of 'lalala.com/IN': AXFR ended

slave

Jun 10 05:53:45 desktop systemd: Started Berkeley Internet Name Domain (DNS).
Jun 10 05:53:45 desktop named[3138]: zone lalala.com/IN: Transfer started.
Jun 10 05:53:45 desktop named[3138]: transfer of 'lalala.com/IN' from 172.25.254.11#53: connected using 172.25.254.10#53447
Jun 10 05:53:45 desktop named[3138]: zone lalala.com/IN: transferred serial 2016060903
Jun 10 05:53:45 desktop named[3138]: transfer of 'lalala.com/IN' from 172.25.254.11#53: Transfer completed: 1 messages, 16 records, 363 bytes, 0.001 secs (363000 bytes/sec)
Jun 10 05:53:45 desktop named[3138]: zone lalala.com/IN: sending notifies (serial 2016060903)

2.增量傳送

master

Jun 10 06:08:56 server named[1859]: client 172.25.254.10#49088 (lalala.com): transfer of 'lalala.com/IN': AXFR-style IXFR started
Jun 10 06:08:56 server named[1859]: client 172.25.254.10#49088 (lalala.com): transfer of 'lalala.com/IN': AXFR-style IXFR ended

slave

Jun 10 06:08:56 desktop named[3138]: client 172.25.254.11#37149: received notify for zone 'lalala.com'Jun 10 06:08:56 desktop named[3138]: zone lalala.com/IN: Transfer started.Jun 10 06:08:56 desktop named[3138]: transfer of 'lalala.com/IN' from 172.25.254.11#53: connected using 172.25.254.10#49088Jun 10 06:08:56 desktop named[3138]: zone lalala.com/IN: transferred serial 2016060904Jun 10 06:08:56 desktop named[3138]: transfer of 'lalala.com/IN' from 172.25.254.11#53: Transfer completed: 1 messages, 16 records, 363 bytes, 0.003 secs (121000 bytes/sec)Jun 10 06:08:56 desktop named[3138]: zone lalala.com/IN: sending notifies (serial 2016060904)