DNS的做用是:linux
DNS是Domain Name System,它可以把形如www.lampmaster.cn本站域名轉換爲219.136.249.93這樣的IP地址;沒有DNS,瀏覽www.lampmaster.cn時,就必須用219.136.249.93這麼難記的數字來訪問。提供DNS服務的就是DNS服務器。 vim
DNS服務器能夠分爲三種,高速緩存服務器(Cache-only server)、主服務器(Primary Name server)、輔助服務器(Second Name Server)。 緩存
DNS做用:服務器
正向解析:將域名轉換成對應的ip地址網絡
反向解析:將ip地址轉換成對應的域名負載均衡
實驗的目的dom
搭建主從DNS服務器是爲了實現負載均衡。就是在一臺DNS服務器的時候另外一臺能夠爲客戶端提供域名解析功能。ide
首先咱們先準備環境:測試
虛擬機兩個
網站
RedHat5.9系統兩個操做系統
咱們把他們的網路鏈接在同一個「VMnet」裏
配置IP地址,都配置在一個網段的IP。
主DNS服務器IP地址爲:dns1: 192.168.0.1/24
從DNS服務器IP地址爲:dns2: 192.168.0.2/24
主要解析記錄:
主DNS:dns1.long.com ----> 192.168.0.1
從DNS:dns2.long.com ----> 192.168.0.2
網站 :www.long.com ----> 192.168.0.100
郵件 :mail.long.com ----> 192.168.0.25
注意:首先要關閉防火牆和selinux
[root@localhost ~]# /etc/init.d/iptables stop
[root@localhost ~]# setenforce 0
搭建主DNS服務器
搭建主DNS服務器的基本步驟:
1.安裝相關的服務
2.創建主配置文件
3.創建區域數據文件
4.啓動named服務
5.測試主DNS的域名解析
6.配置本機IP地址爲:192.168.0.1
註釋:咱們是在虛擬機裏作測試因此要把虛擬機設置到一個網絡裏:
主DNS服務器配置:
1)安裝DNS的相關軟件咱們可使使用「YUM」來安裝:
bind # BIND服務器軟件包
bind-chrooot # 爲BIND提供 chroot 機制的軟件包
bind-utils # DNS測試程序軟件包
caching-nameserver # 這個包是提供模板的,在Linux6.版本系統就沒有這個包了。
[root@localhost ~]# yum -y install bind
[root@localhost ~]# yum -y install bind-chroot
[root@localhost ~]# yum -y install bind-utils
[root@localhost ~]# yum -y install caching-nameserver
2)咱們使用「rpm -q 」查詢一下是否安裝上相關的軟件:
[root@localhost ~]# rpm -q bind
bind-9.3.6-20.P1.el5_8.5
[root@localhost ~]# rpm -q bind-chroot
bind-chroot-9.3.6-20.P1.el5_8.5
[root@localhost ~]# rpm -q bind-utils
bind-utils-9.3.6-20.P1.el5_8.5
[root@localhost ~]# rpm -q caching-nameserver
caching-nameserver-9.3.6-20.P1.el5_8.5
這樣證實咱們所須要的軟件已經安裝上了。若是沒有安裝上會提示這樣的信息「package asdas is not installed」。
3)如今咱們來配置DNS的的配置文件
註釋:咱們使用「cp」命令
-p : 的意思是保持原來的屬性
這裏要要注意的就是主配置文件的全部者是「root」所屬組「named」
[root@localhost ~]# cd /var/named/chroot/etc/
[root@localhost etc]# cp -p named.caching-nameserver.conf named.conf
[root@localhost etc]# vim named.conf
//
// named.caching-nameserver.conf
//
// Provided by Red Hat caching-nameserver package to configure the
// ISC BIND named(8) DNS server as a caching only nameserver
// (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
// DO NOT EDIT THIS FILE - use system-config-bind or an editor
// to create named.conf - edits to this file will be lost on
// caching-nameserver package upgrade.
//
options {
listen-on port 53 { 192.168.0.1; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";
allow-transfer {192.168.0.2;}; # 這個是指定誰能夠下載
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
// Those options should be used carefully because they disable port
// randomization
// query-source port 53;
// query-source-v6 port 53;
allow-query { any; };
allow-query-cache { any; };
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
view localhost_resolver {
match-clients { any; };
match-destinations { any; };
recursion yes;
include "/etc/named.rfc1912.zones";
};
[root@localhost etc]# vim named.rfc1912.zones
// named.rfc1912.zones:
//
// Provided by Red Hat caching-nameserver package
//
// ISC BIND named zone configuration for zones recommended by
// RFC 1912 section 4.1 : localhost TLDs and address zones
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
zone "." IN {
type hint;
file "named.ca";
};
zone "localdomain" IN {
type master;
file "localdomain.zone";
allow-update { none; };
};
zone "localhost" IN {
type master;
file "localhost.zone";
allow-update { none; };
};
zone "0.0.127.in-addr.arpa" IN {
type master;
file "named.local";
allow-update { none; };
};
zone "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN {
type master;
file "named.ip6.local";
allow-update { none; };
};
zone "255.in-addr.arpa" IN {
type master;
file "named.broadcast";
allow-update { none; };
};
zone "0.in-addr.arpa" IN {
type master;
file "named.zero";
allow-update { none; };
};
zone "long.com" IN {
type master;
file "long.com.zone";
allow-update { none; };
};
zone "0.168.192.in-addr.arpa" IN {
type master;
file "192.168.0.arpa";
allow-update { none; };
};
注意:最下面的這10行是從上面複製下來的模板。把複製的模修改一下就能夠了。
5)配置完成之後咱們在檢測一下配置文件的語法是否正確,若是沒有提示任何信息,代表語法正確。
[root@localhost etc]# named-checkconf named.conf
[root@localhost etc]# named-checkconf named.rfc1912.zones
6)接下來配置區域配置文件,咱們切換到區域的路徑下:
註釋:咱們使用「cp」命令
-p 的意思是保持原來的屬性
咱們複製一個正向文件和一個反向解析文件。
這裏要要注意的就是主配置文件的全部者是「root」所屬組「named」
[root@localhost etc]# cd /var/named/chroot/var/named/
[root@localhost named]# cp -p named.local long.com.zone
[root@localhost named]# cp -p named.local 192.168.0.arpa
這個是正向解析的配置文件:
[root@localhost named]# vim long.com.zone
$TTL 86400
@ IN SOA localhost. root.localhost. (
1997022700 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
@ IN NS dns1.long.com. # 這個是主DNS
IN NS dns2.long.com. # 這個是從DNS
IN MX 10 mail.long.com. # 這個是郵件
dns1 IN A 192.168.0.1
dns2 IN A 192.168.0.2
www IN A 192.168.0.100
mail IN A 192.168.0.25
這個是反向解析的配置文件:
[root@localhost named]# vim 192.168.0.arpa
$TTL 86400
@ IN SOA localhost. root.localhost. (
1997022700 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS dns1.long.com.
IN NS dns2.long.com.
1 IN PTR dns1.long.com.
2 IN PTR dns2.long.com.
100 IN PTR www.long.com.
25 IN PTR mail.long.com.
7)如今檢測語法看看是否配置正確,「long.com」 是咱們的域名。
[root@localhost named]# named-checkzone long.com long.com.zone
zone long.com/IN: loaded serial 1997022700
OK
[root@localhost named]# named-checkzone long.com 192.168.0.arpa
zone long.com/IN: loaded serial 1997022700
OK
8)如今就能夠啓動DNS服務了,在加入開機啓動項。
[root@localhost named]# service named restart
[root@localhost named]# chkconfig named on
[root@localhost ~]# vim /etc/resolv.conf
nameserver 192.168.0.1
search localdomain
(1)本機正向測試方法以下:
[root@localhost ~]# nslookup dns1.long.com
Server: ::1
Address: ::1#53
Name: dns1.long.com
Address: 192.168.0.1
[root@localhost ~]# nslookup dns2.long.com
Server: ::1
Address: ::1#53
Name: dns2.long.com
Address: 192.168.0.2
[root@localhost ~]# nslookup www.long.com
Server: ::1
Address: ::1#53
Name: www.long.com
Address: 192.168.0.100
[root@localhost ~]# nslookup mail.long.com
Server: ::1
Address: ::1#53
Name: mail.long.com
Address: 192.168.0.25
[root@localhost ~]# host dns1.long.com
dns1.long.com has address 192.168.0.1
[root@localhost ~]# host dns2.long.com
dns2.long.com has address 192.168.0.2
[root@localhost ~]# host www.long.com
www.long.com has address 192.168.0.100
[root@localhost ~]# host mail.long.com
mail.long.com has address 192.168.0.25
(1)本機反向測試方法以下:
[root@localhost ~]# nslookup 192.168.0.1
Server: ::1
Address: ::1#53
1.0.168.192.in-addr.arpa name = dns1.long.com.
[root@localhost ~]# nslookup 192.168.0.2
Server: ::1
Address: ::1#53
2.0.168.192.in-addr.arpa name = dns2.long.com.
[root@localhost ~]# nslookup 192.168.0.100
Server: ::1
Address: ::1#53
100.0.168.192.in-addr.arpa name = www.long.com.
[root@localhost ~]# nslookup 192.168.0.25
Server: ::1
Address: ::1#53
25.0.168.192.in-addr.arpa name = mail.long.com.
[root@localhost ~]# host 192.168.0.1
1.0.168.192.in-addr.arpa domain name pointer dns1.long.com.
[root@localhost ~]# host 192.168.0.2
2.0.168.192.in-addr.arpa domain name pointer dns2.long.com.
[root@localhost ~]# host 192.168.0.100
100.0.168.192.in-addr.arpa domain name pointer www.long.com.
[root@localhost ~]# host 192.168.0.25
25.0.168.192.in-addr.arpa domain name pointer mail.long.com.
搭建從DNS服務器
基本配置步驟:
1,安裝相關的服務
2,創建主配置文件
3,啓動named服務
4,測試從DNS的域名解析
5,配置本機IP地址爲:192.168.0.2
註釋:咱們是在虛擬機裏作測試因此要把虛擬機設置到一個網絡裏:
1)安裝DNS的相關軟件咱們可使使用「YUM」來安裝:
bind # BIND服務器軟件包
bind-chrooot # 爲BIND提供 chroot 機制的軟件包
bind-utils # DNS測試程序軟件包
caching-nameserver # 這個包是提供模板的,在Linux6.版本系統就沒有這個包了。
[root@localhost ~]# yum -y install bind
[root@localhost ~]# yum -y install bind-chroot
[root@localhost ~]# yum -y install bind-utils
[root@localhost ~]# yum -y install caching-nameserver
二、修改從DNS的主配置文件
[root@localhost ~]# cd /var/named/chroot/etc/
[root@localhost etc]# cp -p named.caching-nameserver.conf named.conf
[root@localhost etc]# vim named.conf
//
// named.caching-nameserver.conf
//
// Provided by Red Hat caching-nameserver package to configure the
// ISC BIND named(8) DNS server as a caching only nameserver
// (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
// DO NOT EDIT THIS FILE - use system-config-bind or an editor
// to create named.conf - edits to this file will be lost on
// caching-nameserver package upgrade.
//
options {
listen-on port 53 { 192.168.0.2; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
// Those options should be used carefully because they disable port
// randomization
// query-source port 53;
// query-source-v6 port 53;
allow-query { any; };
allow-query-cache { any; };
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
view localhost_resolver {
match-clients { any; };
match-destinations { any; };
recursion yes;
include "/etc/named.rfc1912.zones";
};
[root@localhost etc]# vim named.rfc1912.zones
// named.rfc1912.zones:
//
// Provided by Red Hat caching-nameserver package
//
// ISC BIND named zone configuration for zones recommended by
// RFC 1912 section 4.1 : localhost TLDs and address zones
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
zone "." IN {
type hint;
file "named.ca";
};
zone "localdomain" IN {
type master;
file "localdomain.zone";
allow-update { none; };
};
zone "localhost" IN {
type master;
file "localhost.zone";
allow-update { none; };
};
zone "0.0.127.in-addr.arpa" IN {
type master;
file "named.local";
allow-update { none; };
};
zone "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN {
type master;
file "named.ip6.local";
allow-update { none; };
};
zone "255.in-addr.arpa" IN {
type master;
file "named.broadcast";
allow-update { none; };
};
zone "0.in-addr.arpa" IN {
type master;
file "named.zero";
allow-update { none; };
};
zone "long.com" IN {
type slave;
file "slave/long.com.zone";
masters { 192.168.0.1; };
};
zone "0.168.192.in-addr.arpa" IN {
type slave;
file "slave/192.168.0.arpa";
masters { 192.168.0.1; };
};
注意:最下面的這10行是從上面複製下來的模板。把複製的模修改一下就能夠了。
5)配置完成之後咱們在檢測一下配置文件的語法是否正確,若是沒有提示任何信息,代表語法正確。
[root@localhost etc]# named-checkconf named.conf
[root@localhost etc]# named-checkconf named.rfc1912.zones
如今啓動DNS服務:
[root@localhost etc]# /etc/init.d/named restart
[root@localhost etc]# ls -l /var/named/chroot/var/named/slaves/
總計 16
-rw-r--r-- 1 named named 437 07-05 15:49 192.168.0.arpa
-rw-r--r-- 1 named named 426 07-05 15:48 long.com.zone