DNS解析相關實驗:7臺主機的恩怨情仇
關於DNS解析
7臺主機的故事
7臺主機糾纏不休的往事
這是一個男默女淚的催人淚下的真實故事
情節離奇曲折,事件連續不斷,究竟是怎樣的執着讓衆多運維工程師掩面而泣
2019.4.23 html
Tuvia_24
| 序號 | 實現功能 | 實現功能 | IP |
|---|---|---|---|
| 1 | Clint | 客戶端 | 192.168.36.6 |
| 2 | LDNS | 本地DNS | 192.168.36.7 |
| 3 | RootDNS | 根域 | 192.168.36.17 |
| 4 | com | com | 192.168.36.27 |
| 5 | Master | 主服務器 | 192.168.36.37 |
| 6 | Slaves | 從服務器 | 192.168.36.47 |
| 7 | www | www | 192.168.36.67 |
注意:在實驗前必定要確保7臺機器均可以相互ping通!!
CentOS7 :: www :: 192.168.36.67 數據庫
[root@www ~]# yum install httpd -y [root@www ~]# echo 'welcome to Tuvia`s home !' > /var/www/html/index.html # 自行編輯一個網頁內容;便於識別 # 最好到Windows瀏覽器打開192.168.36.67查看一下該網頁進行驗證
CentOS6 :: Clint :: 192.168.36.6 vim
驗證瀏覽器
[root@localhost ~]# vim /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=eth0
BOOTPROTO=static
IPADDR=192.168.36.6
NETMASK=255.255.255.0
DNS1=192.168.36.7 ## 指定DNS ##
ONBOOT=yes
:wq
[root@localhost ~]# service network restart
Shutting down interface eth0: Device state: 3 (disconnected)
[ OK ]
Shutting down interface eth1: [ OK ]
Shutting down loopback interface: [ OK ]
Bringing up loopback interface: [ OK ]
[root@localhost ~]# cat /etc/resolv.conf
# Generated by NetworkManager
nameserver 192.168.36.7
[root@localhost ~]# curl 192.168.36.67
welcome to Tuvia`s home !
CentOS7 :: Master :: 192.168.36.37 緩存
[root@severus ~]# yum install bind -y
[root@severus ~]# vim /etc/named.conf
listen-on port 53 { 127.0.0.1; }; #找到這行將這行註釋掉
allow-query { localhost; }; #找到這行將這行註釋掉
// listen-on port 53 { 127.0.0.1; }; #註釋;即無效
// allow-query { localhost; }; #註釋;即無效
allow-transfer {192.168.36.47;}; #並在options中添加這行;意味只容許47同步數據
:wq
[root@severus ~]#rndc reload
[root@severus ~]# vim /etc/named.rfc1912.zones
//
zone "magedu.com" { #在//下添加此內容
type master;
file "magedu.com.zone";
};
:wq
[root@severus ~]# cd /var/named
[root@severus named]# ls
data dynamic magedu.com.zone named.ca named.empty named.localhost named.loopback slaves
[root@severus named]# vim magedu.com.zone
$TTL 1D
@ IN SOA ns1 adm.magedu.com. ( 1 1H 10M 1D 3H )
NS ns1
NS ns2
ns1 A 192.168.36.37
ns2 A 192.168.36.47
www A 192.168.36.67
[root@severus named]# ll
total 20
drwxrwx--- 2 named named 23 Apr 23 00:09 data
drwxrwx--- 2 named named 31 Apr 23 09:34 dynamic
-rw-r--r-- 1 root root 137 Apr 23 11:16 magedu.com.zone
-rw-r----- 1 root named 2281 May 22 2017 named.ca
-rw-r----- 1 root named 152 Dec 15 2009 named.empty
-rw-r----- 1 root named 152 Jun 21 2007 named.localhost
-rw-r----- 1 root named 168 Dec 15 2009 named.loopback
drwxrwx--- 2 named named 6 Oct 31 08:29 slaves
[root@severus named]# chgrp named magedu.com.zone
[root@severus named]# chmod 640 magedu.com.zone
[root@severus named]# systemctl start named
CentOS6 :: Clint :: 192.168.36.6bash
驗證服務器
[root@localhost ~]# dig www.magedu.com @192.168.36.37 ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.62.rc1.el6 <<>> www.magedu.com @192.168.36.37 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 1068 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2 ;; QUESTION SECTION: ;www.magedu.com. IN A ;; ANSWER SECTION: www.magedu.com. 86400 IN A 192.168.36.67 # ;; AUTHORITY SECTION: magedu.com. 86400 IN NS ns1.magedu.com. # magedu.com. 86400 IN NS ns2.magedu.com. # ;; ADDITIONAL SECTION: ns1.magedu.com. 86400 IN A 192.168.36.37 # ns2.magedu.com. 86400 IN A 192.168.36.47 # ;; Query time: 1 msec ;; SERVER: 192.168.36.37#53(192.168.36.37) ;; WHEN: Tue Apr 23 04:23:11 2019 ;; MSG SIZE rcvd: 116
CentOS7 :: Slaves :: 192.168.36.47運維
[18:24:54 root@severus ~]#yum install bind -y
[19:25:07 root@severus ~]#vim /etc/named.conf
listen-on port 53 { 127.0.0.1; }; #找到這行將這行註釋掉
allow-query { localhost; }; #找到這行將這行註釋掉
// listen-on port 53 { 127.0.0.1; }; #註釋;即無效
// allow-query { localhost; }; #註釋;即無效
allow-transfer {none;}; #並在options中添加這行;意爲不容許任何人同步數據
:wq
[19:27:01 root@severus ~]#vim /etc/named.rfc1912.zones
//
zone "magedu.com" { #在//下添加此內容
type slave;
masters {192.168.36.37;};
file "slaves/magedu.com.zone";
};
:wq
[19:32:13 root@severus ~]#systemctl start named
[19:34:06 root@severus ~]#ll /var/named/slaves/
total 4
-rw-r--r--. 1 named named 304 Apr 23 17:39 magedu.com.zone #同步來的數據庫
CentOS7 :: comDNS :: 192.168.36.27 curl
[17:11:37 root@severus ~]#yum install bind -y
[17:12:18 root@severus ~]#vim /etc/named.conf
listen-on port 53 { 127.0.0.1; }; #找到這行將這行註釋掉
allow-query { localhost; }; #找到這行將這行註釋掉
// listen-on port 53 { 127.0.0.1; }; #註釋;即無效
// allow-query { localhost; }; #註釋;即無效
:wq
[17:12:50 root@severus ~]#vim /etc/named.rfc1912.zones
//
zone "com" {
type master;
file "com.zone";
};
:wq
[17:14:21 root@severus named]#vim com.zone
$TTL 1D
@ IN SOA ns1 admin.magedu.com. (1 1D 1H 1W 3D )
NS ns1
magedu NS mageduns1
magedu NS mageduns2
ns1 A 192.168.36.27
mageduns1 A 192.168.36.37
mageduns2 A 192.168.36.47
:wq
[17:16:58 root@severus named]#systemctl start named
CentOS6 :: Clint ::192.168.36.6ide
驗證
[root@localhost ~]# dig www.magedu.com @192.168.36.27 ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.62.rc1.el6 <<>> www.magedu.com @192.168.36.27 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 60127 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2 ;; QUESTION SECTION: ;www.magedu.com. IN A ;; ANSWER SECTION: www.magedu.com. 86400 IN A 192.168.36.67 # ;; AUTHORITY SECTION: magedu.com. 86400 IN NS mageduns1.com. # magedu.com. 86400 IN NS mageduns2.com. # ;; ADDITIONAL SECTION: mageduns1.com. 86400 IN A 192.168.36.37 # mageduns2.com. 86400 IN A 192.168.36.47 # ;; Query time: 3 msec ;; SERVER: 192.168.36.27#53(192.168.36.27) ;; WHEN: Tue Apr 23 04:41:49 2019 ;; MSG SIZE rcvd: 128
CentOS :: RootDNS :: 192.168.36.17
[root@severus ~]# yum install bind -y
[root@severus ~]# vim /etc/named.conf
listen-on port 53 { 127.0.0.1; }; #找到這行將這行註釋掉
allow-query { localhost; }; #找到這行將這行註釋掉
// listen-on port 53 { 127.0.0.1; }; #註釋;即無效
// allow-query { localhost; }; #註釋;即無效
zone "." IN { #找到此內容
type hint;
file "named.ca";
};
zone "." IN { #改成此內容
type master;
file "root.zone";
:wq
[root@severus ~]# cd /var/named
[root@severus named]# vim root.zone
$TTL 1D
@ IN SOA ns1 admin.magedu.com. (1 1D 1H 1W 3D )
NS ns1
com NS comns
ns1 A 192.168.36.17
comns A 192.168.36.27
:wq
[root@severus named]# systemctl start named
CentOS6 :: Clint ::192.168.36.6
驗證
[root@localhost ~]# dig www.magedu.com @192.168.36.17 ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.62.rc1.el6 <<>> www.magedu.com @192.168.36.17 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 38615 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2 ;; QUESTION SECTION: ;www.magedu.com. IN A ;; ANSWER SECTION: www.magedu.com. 86400 IN A 192.168.36.67 # ;; AUTHORITY SECTION: magedu.com. 86400 IN NS mageduns1.com. # magedu.com. 86400 IN NS mageduns2.com. # ;; ADDITIONAL SECTION: mageduns1.com. 86400 IN A 192.168.36.37 # mageduns2.com. 86400 IN A 192.168.36.47 # ;; Query time: 3 msec ;; SERVER: 192.168.36.17#53(192.168.36.17) ;; WHEN: Tue Apr 23 04:49:51 2019 ;; MSG SIZE rcvd: 128
CentOS7 :: LDNS :: 192.168.36.7
[root@severus ~]# yum install bind -y
[root@severus ~]# vim /etc/named.conf
listen-on port 53 { 127.0.0.1; }; #找到這行將這行註釋掉
allow-query { localhost; }; #找到這行將這行註釋掉
// listen-on port 53 { 127.0.0.1; }; #註釋;即無效
// allow-query { localhost; }; #註釋;即無效
dnssec-enable yes; #找到這兩行
dnssec-validation yes;
dnssec-enable no; #將yes改成no
dnssec-validation no;
:wq
[root@severus ~]# vim /var/named/named.ca
. 518400 IN NS a.root-servers.net.
a.root-servers.net. 3600000 IN A 192.168.36.17
[root@severus ~]# systemctl start named
[root@severus ~]# rndc flush #清除緩存
CentOS7 :: LDNS :: 192.168.36.17
[root@severus ~]# rndc flush #清除緩存
CentOS7 :: LDNS :: 192.168.36.27
[root@severus ~]# rndc flush #清除緩存
CentOS7 :: LDNS :: 192.168.36.37
[root@severus ~]# rndc flush #清除緩存
CentOS7 :: LDNS :: 192.168.36.47
[root@severus ~]# rndc flush #清除緩存
CentOS6 :: Clint :: 192.168.36.6
驗證
[root@localhost ~]# dig www.magedu.com ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.62.rc1.el6 <<>> www.magedu.com ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 17145 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2 ;; QUESTION SECTION: ;www.magedu.com. IN A ;; ANSWER SECTION: www.magedu.com. 86400 IN A 192.168.36.67 # ;; AUTHORITY SECTION: magedu.com. 86400 IN NS ns2.magedu.com. # magedu.com. 86400 IN NS ns1.magedu.com. # ;; ADDITIONAL SECTION: ns1.magedu.com. 86400 IN A 192.168.36.37 # ns2.magedu.com. 86400 IN A 192.168.36.47 # ;; Query time: 7 msec ;; SERVER: 192.168.36.7#53(192.168.36.7) ;; WHEN: Tue Apr 23 05:00:36 2019 ;; MSG SIZE rcvd: 116
總結:
此實驗重點在於理解;步驟繁瑣重複細節較多;切勿急於求成
相關文章
- 1. block與堆棧的恩怨情仇
- 2. 細數研究生和導師的那些恩怨情仇
- 3. 正斜槓與反斜槓的恩怨情仇
- 4. 程序員和產品經理的那些「恩怨情仇」
- 5. [享學Jackson] 二12、Jackson與Fastjson的恩怨情仇(完結篇)
- 6. 刀光劍影下,恩怨情仇中的安卓
- 7. 程序員和產品經理之間的恩怨情仇
- 8. 那些年,文科生和理科生的恩怨情仇!
- 9. 【asp.net core 系列】2 控制器與路由的恩怨情仇
- 10. 分佈式、多線程、高併發的恩怨情仇
- 更多相關文章...
- • XML 相關技術 - XML 教程
- • SQL 主機 - SQL 教程
- • NewSQL-TiDB相關
- • 漫談MySQL的鎖機制
相關標籤/搜索
每日一句
-
每一个你不满意的现在,都有一个你没有努力的曾经。
歡迎關注本站公眾號,獲取更多信息
