域名服務器搭建之主從DNS服務器
安裝bind、caching-nameserver(RHEL6默認未自帶caching-nameserver,可忽略依賴關係直接安裝RHEL5中的軟件包)node
[root@rhel6 ~]# yum -y install bind [root@rhel6 ~]# rpm -ivh --nodeps --force caching-nameserver-9.3.6-4.P1.el5_4.2.x86_64.rpm warning: caching-nameserver-9.3.6-4.P1.el5_4.2.x86_64.rpm: Header V3 DSA/SHA1 Signature, key ID 37017186: NOKEY Preparing... ########################################### [100%] 1:caching-nameserver ########################################### [100%] [root@rhel6 ~]# mv /etc/named* /var/named/chroot/etc/ [root@rhel6 ~]# mv /var/named/* /var/named/chroot/var/named/
配置master DNS主配置文件vim
[root@rhel6 ~]# vim /var/named/chroot/etc/named.conf
options { //定義一些影響整個DNS服務器的環境設置
listen-on port 53{ 192.168.0.90; };
listen-on-v6 port 53 { ::1; };
directory "/var/named"; //定義服務器的工做目錄
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt;
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { 192.168.0.0/24; };
allow-transfer { 192.168.0.0/24; }; //定義容許傳輸的輔助DNS服務器地址
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
#include "/etc/named.rfc1912.zones";
zone "." IN {
type hint; //定義互聯網中的根域名服務器
file "named.ca";
};
zone "xfcy.org" IN { //建立正向解析區域
type master; //定義主域名服務器
file "xfcy.org.zone";
};
zone "0.168.192.in-addr.arpa" IN { //建立反向解析區域
type master;
file "192.168.0.zone";
};
建立正反向解析域:
緩存
[root@rhel6 ~]# vim /var/named/chroot/var/named/xfcy.org.zone
$TTL 86400 //設置客戶端對DNS緩存1天的時間
@ IN SOA dns.xfcy.org. root.dns.xfcy.org.( //@指當前的區域(即xfcy.org.zone),DNS服務器的域名、管理員郵箱
2013051700 ;Serial //序列號(主要用於主從DNS的同步)
28800 ;Refresh
14400 ;Retry
3600000 ;Expire
86400 ) ;Minimum
@ IN NS dns.xfcy.org. //設置DNS服務器的域名
dns.xfcy.org. IN A 192.168.0.90 //設置A(Address)記錄,用於設置主機名對應的IP地址
@ IN MX 5 mail.xfcy.org. //設置郵件交換器資源記錄,用於設置當前域中提供的Mail Server
mail IN CNAME dns.xfcy.org. //設置CNAME記錄,用於在區域文件中主機的別名
www IN A 192.168.0.90
[root@rhel6 ~]# vim /var/named/chroot/var/named/192.168.0.zone
$TTL 86400
@ IN SOA 0.168.192.in-addr.arpa. root.dns.xfcy.org.(
2013051700 ;Serial
28800 ;Refresh
14400 ;Retry
3600000 ;Expire
86400 ) ;Minimum
@ IN NS dns.xfcy.org.
90 IN PTR dns.xfcy.org.
@ IN MX 5 mail.xfcy.org.
90 IN PTR mail.xfcy.org.
90 IN PTR www.xfcy.org.
[root@rhel6 ~]# ln -s /var/named/chroot/etc/named.conf /etc/ [root@rhel6 ~]# ln -s /var/named/chroot/var/named/xfcy.org.zone /var/named/ [root@rhel6 ~]# ln -s /var/named/chroot/etc/192.168.1.org.zone /var/named/ [root@rhel6 ~]# ln -s /var/named/chroot/var/named/named.ca /var/named/ [root@rhel6 ~]# chown -R root:named /var/named/chroot/ 檢查區域文件 [root@rhel6 ~]# named-checkconf /etc/named.conf [root@rhel6 ~]# named-checkzone xfcy.org /var/named/xfcy.org.zone zone xfcy.org/IN: xfcy.org/MX 'mail.xfcy.org' is a CNAME (illegal) zone xfcy.org/IN: loaded serial 2013051700 OK [root@rhel6 ~]# named-checkzone 192.168.0 /var/named/192.168.0.zone zone 192.168.0/IN: 192.168.0/MX 'mail.xfcy.org' (out of zone) has no addresses records (A or AAAA) zone 192.168.0/IN: loaded serial 2013051700 OK [root@rhel6 ~]# /etc/init.d/named start [root@rhel6 ~]# netstat -lntp | grep named tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN 10490/named tcp 0 0 ::1:53 :::* LISTEN 10490/named
[root@rhel6 ~]# dig mail.xfcy.org @localhost ; <<>> DiG 9.7.3-P3-RedHat-9.7.3-8.P3.el6 <<>> mail.xfcy.org @localhost ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 3225 ;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0 ;; WARNING: recursion requested but not available ;; QUESTION SECTION: ;mail.xfcy.org. IN A ;; Query time: 1 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) ;; WHEN: Fri May 17 23:07:58 2013 ;; MSG SIZE rcvd: 31
配置輔助域名服務器:bash
首先一樣安裝好bind和caching-nameserver服務器
配置Slave DNS主配置文件負載均衡
[root@rhel6-2 ~]# vi /var/named/chroot/etc/named.conf
options {
listen-on port 53 { 192.168.0.91; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { 192.168.0.0/24; };
allow-query-cache { 192.168.0.0/24; };
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
zone "." IN {
type hint;
file "named.ca";
};
zone "xfcy.org" IN {
type slave;
file "slaves/xfcy.org.zone";
masters { 192.168.0.90; };
};
zone "0.168.192.in-addr.arpa" IN {
type slave;
file "slaves/192.168.0.zone";
masters { 192.168.0.90; };
};
啓動Slave DNS,將自動從主DNS服務器中傳輸區域配置文件,並在每隔Refresh Time以後自動與主DNS進行更新,同時主DNS每修改一次區域配置文件必須增長Series的值:tcp
[root@rhel6-2 ~]# ls /var/named/chroot/var/named/slaves [root@rhel6-2 ~]# /etc/init.d/named start [root@rhel6-2 ~]# tailf /var/log/messages May 17 23:53:12 rhel6-2 named[2991]: zone 0.168.192.in-addr.arpa/IN: Transfer started. May 17 23:53:12 rhel6-2 named[2991]: transfer of '0.168.192.in-addr.arpa/IN' from 192.168.0.90#53: connected using 192.168.0.91#58501 May 17 23:53:12 rhel6-2 named[2991]: zone 0.168.192.in-addr.arpa/IN: transferred serial 2013051701 May 17 23:53:12 rhel6-2 named[2991]: transfer of '0.168.192.in-addr.arpa/IN' from 192.168.0.90#53: Transfer completed: 1 messages, 7 records, 213 bytes, 0.001 secs (213000 bytes/sec) May 17 23:53:12 rhel6-2 named[2991]: zone 0.168.192.in-addr.arpa/IN: sending notifies (serial 2013051701) May 17 23:53:13 rhel6-2 named[2991]: zone xfcy.org/IN: Transfer started. May 17 23:53:13 rhel6-2 named[2991]: transfer of 'xfcy.org/IN' from 192.168.0.90#53: connected using 192.168.0.91#42265 May 17 23:53:13 rhel6-2 named[2991]: zone xfcy.org/IN: transferred serial 2013051701 May 17 23:53:13 rhel6-2 named[2991]: transfer of 'xfcy.org/IN' from 192.168.0.90#53: Transfer completed: 1 messages, 7 records, 192 bytes, 0.001 secs (192000 bytes/sec) [root@rhel6-2 ~]# ls /var/named/chroot/var/named/slaves xfcy.org.zone 192.168.0.zone [root@rhel6-2 ~]# dig mail.xfcy.org @192.168.0.91 ; <<>> DiG 9.7.3-P3-RedHat-9.7.3-8.P3.el6 <<>> mail.xfcy.org @192.168.0.91 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 9476 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 1, ADDITIONAL: 0 ;; QUESTION SECTION: ;mail.xfcy.org. IN A ;; ANSWER SECTION: mail.xfcy.org. 86400 IN CNAME dns.xfcy.org. dns.xfcy.org. 86400 IN A 192.168.0.90 ;; AUTHORITY SECTION: xfcy.org. 86400 IN NS dns.xfcy.org. ;; Query time: 0 msec ;; SERVER: 192.168.0.91#53(192.168.0.91) ;; WHEN: Fri May 17 23:51:32 2013 ;; MSG SIZE rcvd: 79
最後經過對同一個域名添加多條A記錄可做負載均衡:ide
[root@rhel6 ~]# for i in $( seq 1 50) ; do echo "www 0 IN A 192.168.0.$i" ;done >> /var/named/xfcy.org.zone [root@rhel6 ~]# for i in $(seq 1 10) ; do ping -c 1 -i 0.001 www | head -n 1 ;done PING www.xfcy.org (192.168.0.46) 56(84) bytes of data. PING www.xfcy.org (192.168.0.42) 56(84) bytes of data. PING www.xfcy.org (192.168.0.38) 56(84) bytes of data. PING www.xfcy.org (192.168.0.34) 56(84) bytes of data. PING www.xfcy.org (192.168.0.30) 56(84) bytes of data. PING www.xfcy.org (192.168.0.26) 56(84) bytes of data. PING www.xfcy.org (192.168.0.22) 56(84) bytes of data. PING www.xfcy.org (192.168.0.18) 56(84) bytes of data. PING www.xfcy.org (192.168.0.14) 56(84) bytes of data. PING www.xfcy.org (192.168.0.10) 56(84) bytes of data. 從以上結果可知每次解析www.xfcy.org的結果都是不同的
相關文章
- 1. dns 主域名服務器
- 2. DNS主域名服務器、從域名服務器和緩存域名服務器的構建和原理
- 3. Linux中DNS域名解析服務(緩存,主從DNS服務器搭建)
- 4. DNS服務器和主從DNS服務器的搭建
- 5. 搭建DNS域名服務器
- 6. Linux—CentOS7.4-DNS二(搭建主、從域名同步服務器)
- 7. linux下搭建DNS主、從域名服務器
- 8. DNS主從服務器的搭建
- 9. centos7搭建主從DNS服務器
- 10. centos6.7搭建主從DNS服務器
- 更多相關文章...
- • Git 服務器搭建 - Git 教程
- • 服務器上的 XML - XML 教程
- • Spring Cloud 微服務實戰(三) - 服務註冊與發現
- • Docker容器實戰(七) - 容器眼光下的文件系統
相關標籤/搜索
每日一句
-
每一个你不满意的现在,都有一个你没有努力的曾经。
最新文章
歡迎關注本站公眾號,獲取更多信息
