配置DNS的正反向解析與主從同步
配置DNS的正反向解析與主從同步
準(zhǔn)備:
創(chuàng)新互聯(lián)公司專注于昌圖網(wǎng)站建設(shè)服務(wù)及定制,我們擁有豐富的企業(yè)做網(wǎng)站經(jīng)驗。 熱誠為您提供昌圖營銷型網(wǎng)站建設(shè),昌圖網(wǎng)站制作、昌圖網(wǎng)頁設(shè)計、昌圖網(wǎng)站官網(wǎng)定制、小程序開發(fā)服務(wù),打造昌圖網(wǎng)絡(luò)公司原創(chuàng)品牌,更為您提供昌圖網(wǎng)站排名全網(wǎng)營銷落地服務(wù)。
本實驗基于兩臺centos6.5其內(nèi)核版本號為
2.6.32-431.el6.x86_64配置時間同步
# echo "#update system date by jiajie at 20170506" >>/var/spool/cron/root # echo "*/5 * * * * /usr/sbin/ntpdate time.nist.gov > /dev/null 2>&1" >>/var/spool/cron/root
關(guān)閉防火墻和SELINUX
# service iptables stop # setenforce 0 # sed -i "s/SELINUX=enforcing/SELINUX=disabled/" /etc/selinux/config
本實驗的主DNS服務(wù)器IP是:
192.168.1.16,從DNS服務(wù)器的IP是192.168.1.20。主服務(wù)器:支持正反向解析,從服務(wù)器:從正反向解析
開始 配置主服務(wù)器(IP:192.168.1.16)
安裝軟件
# yum -y install bind bind-libs bind-utils版本:bind.x86_64 32:9.8.2-0.62.rc1.el6_9.1 bind-libs.x86_64 32:9.8.2-0.62.rc1.el6_9.1 bind-utils.x86_64 32:9.8.2-0.62.rc1.el6_9.1配置正向解析的數(shù)據(jù)庫文件 ; 配置主DNS服務(wù)器的配置文件(只列出修改的):
# cat /etc/named.conf options { listen-on port 53 { 192.168.1.16; 127.0.0.1; };//or delete this line // listen-on-v6 port 53 { ::1; }; directory "/var/named"; dump-file "/var/named/data/cache_dump.db"; statistics-file "/var/named/data/named_stats.txt"; memstatistics-file "/var/named/data/named_mem_stats.txt"; allow-query { any; }; recursion yes; // dnssec-enable yes; // dnssec-validation yes; /* Path to ISC DLV key */ // bindkeys-file "/etc/named.iscdlv.key"; // managed-keys-directory "/var/named/dynamic"; }; *定義正向區(qū)域 *在該文件內(nèi)添加下面的ZONE(注意格式和符號) # tail /etc/named.rfc1912.zones zone "jiajie.com" IN { type master; file "jiajie.zone"; };創(chuàng)建區(qū)域解析庫文件:
# vim /var/named/jiajie.com.zone $TTL 1D $ORIGIN jiajie.com. @ IN SOA ns1.jiajie.com. jjzgood.126.com. ( 20170507 1H 10M 5D 1D ) IN NS ns1 IN NS ns2 IN MX 10 mx1 IN MX 20 mx2 ns1 IN A 192.168.1.16 ns2 IN A 192.168.1.20 mx1 IN A 192.168.1.17 mx2 IN A 192.168.1.18 www IN A 192.168.1.16 www IN A 192.169.1.20 ftp IN CNAME www
修改權(quán)限和屬組:
# chown :named /var/named/jiajie.zone # chmod 640 /var/named/jiajie.zone
查錯和重啟服務(wù):
# named-checkconf # named-checkzone "jiajie.com" /var/named/jiajie.zone zone jiajie.com/IN: loaded serial 20170507 OK # service named restart # rndc status
現(xiàn)象:
# host -t A www.jiajie.com 192.168.1.16 Using domain server: Name: 192.168.1.16 Address: 192.168.1.16#53 Aliases: www.jiajie.com has address 192.169.1.20 www.jiajie.com has address 192.168.1.16 # host -t A mx1.jiajie.com 192.168.1.16 Using domain server: Name: 192.168.1.16 Address: 192.168.1.16#53 Aliases: mx1.jiajie.com has address 192.168.1.17 # host -t A ftp.jiajie.com 192.168.1.16 Using domain server: Name: 192.168.1.16 Address: 192.168.1.16#53 Aliases: ftp.jiajie.com is an alias for www.jiajie.com. www.jiajie.com has address 192.168.1.16 www.jiajie.com has address 192.169.1.20
由現(xiàn)象可以看出我們配置的主DNS服務(wù)器是成功的。
配置反向解析: 添加反向zone:
# tail /etc/named.rfc1912.zones zone "1.168.192.in-addr.arpa" IN { type master; file "192.168.1.zone"; };添加反向區(qū)域解析庫文件:
# vim /var/named/192.168.1.zone $TTL 1D @ IN SOA ns1.jiajie.com. jjzgood.126.com. ( 20170507 1H 10M 5D 1D ) IN NS ns1.jiajie.com. IN NS ns2.jiajie.com. 16 IN PTR ns1.jiajie.com. 16 IN PTR www.jiajie.com. 20 IN PTR ns2.jiajie.com. 20 IN PTR www.jiajie.com. 17 IN PTR mx1.jiajie.com. 18 IN PTR mx2.jiajie.com.
檢查和重新加載:
# named-checkconf # named-checkzone "192.168.1.in-addr.arpa" /var/named/192.168.1.zone zone 192.168.1.in-addr.arpa/IN: loaded serial 20170507 OK # rndc reload server reload successful
查看現(xiàn)象:
# host -t ptr 192.168.1.16 192.168.1.16 Using domain server: Name: 192.168.1.16 Address: 192.168.1.16#53 Aliases: 16.1.168.192.in-addr.arpa domain name pointer www.jiajie.com. 16.1.168.192.in-addr.arpa domain name pointer ns1.jiajie.com. # host -t ptr 192.168.1.20 192.168.1.16 Using domain server: Name: 192.168.1.16 Address: 192.168.1.16#53 Aliases: 20.1.168.192.in-addr.arpa domain name pointer www.jiajie.com. 20.1.168.192.in-addr.arpa domain name pointer ns2.jiajie.com. # host -t ptr 192.168.1.17 192.168.1.16 Using domain server: Name: 192.168.1.16 Address: 192.168.1.16#53 Aliases: 17.1.168.192.in-addr.arpa domain name pointer mx1.jiajie.com.
WINDOWS平臺查看:
配置從服務(wù)器(IP:192.168.1.20):
注意
從服務(wù)器應(yīng)該是一臺獨立的服務(wù)器
主服務(wù)器的區(qū)域解析庫里必須有一條NS記錄志向從服務(wù)器
從服務(wù)器只需要定義區(qū)域,并不需要配置解析庫文件
下載安裝包:
yum -y install bind yum -y install bind-utils
配置從服務(wù)器的配置文件
# vim /etc/named.conf
options {
listen-on port 53 { 192.168.1.20; 127.0.0.1; };
// listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { any; };
recursion yes;
// dnssec-enable yes;
// dnssec-validation yes;
/* Path to ISC DLV key */
// bindkeys-file "/etc/named.iscdlv.key";
// managed-keys-directory "/var/named/dynamic";
};
添加區(qū)域文件:
# vim /etc/named.rfc1912.zones
zone "jiajie.com" IN {
type slave;
masters { 192.168.1.16; };
file "slaves/jiajie.com.zone";
};
zone "1.168.192.in-addr.arpa" IN {
type slave;
masters { 192.168.1.16; };
file "slaves/192.168.1.zone";
};
查錯與加載:
# named-checkconf # rndc reload
現(xiàn)象:這時候你會看見在/var/named/slaves/目錄下有兩個文件(我們并沒有創(chuàng)建)。可知從服務(wù)已經(jīng)自動把主服務(wù)器的解析庫文件復(fù)制過來了。
# ll /var/named/slaves/ 192.168.1.zone jiajie.com.zone
這時你在主服務(wù)器上的解析庫里添加或者修改數(shù)據(jù),然后將系列號加1,這時候主服務(wù)器會通知從服務(wù)來“復(fù)制”數(shù)據(jù)。
排錯:
一般出錯就在于格式或者符號問題,細心點就可以排除大部分問題。
本人在配置反向解析庫文件查錯時出現(xiàn)了下面問題:
# named-checkzone "192.168.1.in-addr.arpa" /var/named/192.168.1.zone /var/named/192.168.1.zone:3: ignoring out-of-zone data (1.168.192.in-addr.arpa) /var/named/192.168.1.zone:11: ignoring out-of-zone data (16.1.168.192.in-addr.arpa) /var/named/192.168.1.zone:12: ignoring out-of-zone data (16.1.168.192.in-addr.arpa) /var/named/192.168.1.zone:13: ignoring out-of-zone data (20.1.168.192.in-addr.arpa) /var/named/192.168.1.zone:14: ignoring out-of-zone data (20.1.168.192.in-addr.arpa) /var/named/192.168.1.zone:15: ignoring out-of-zone data (17.1.168.192.in-addr.arpa) /var/named/192.168.1.zone:16: ignoring out-of-zone data (18.1.168.192.in-addr.arpa) zone 192.168.1.in-addr.arpa/IN: has 0 SOA records zone 192.168.1.in-addr.arpa/IN: has no NS records zone 192.168.1.in-addr.arpa/IN: not loaded due to errors.
雖然報錯,但是反向解析依然可以使用。我在多方尋求幫助未果,最后發(fā)現(xiàn)只要把/var/named/192.158.1.zone中的$ORIGIN 1.168.192.in-addr.arpa刪除就可以了。這行本來就是可有可無的,寫上只是為了好理解一點。
2017/5/7 11:55:42
網(wǎng)頁標(biāo)題:配置DNS的正反向解析與主從同步
文章轉(zhuǎn)載:http://vcdvsql.cn/article2/iigpoc.html
成都網(wǎng)站建設(shè)公司_創(chuàng)新互聯(lián),為您提供、商城網(wǎng)站、搜索引擎優(yōu)化、品牌網(wǎng)站設(shè)計、ChatGPT、虛擬主機
聲明:本網(wǎng)站發(fā)布的內(nèi)容(圖片、視頻和文字)以用戶投稿、用戶轉(zhuǎn)載內(nèi)容為主,如果涉及侵權(quán)請盡快告知,我們將會在第一時間刪除。文章觀點不代表本網(wǎng)站立場,如需處理請聯(lián)系客服。電話:028-86922220;郵箱:631063699@qq.com。內(nèi)容未經(jīng)允許不得轉(zhuǎn)載,或轉(zhuǎn)載時需注明來源: 創(chuàng)新互聯(lián)
- 成都網(wǎng)站建設(shè)與移動網(wǎng)站建設(shè)的關(guān)系 2016-10-29
- 手機、移動網(wǎng)站建設(shè)如何把握設(shè)計要點 2022-05-23
- 移動網(wǎng)站建設(shè)如何處理好細節(jié) 2022-03-17
- 深圳移動網(wǎng)站建設(shè)需要注意的問題 2022-05-03
- 淺析移動網(wǎng)站建設(shè)的發(fā)展趨勢 2023-03-27
- 關(guān)于移動網(wǎng)站建設(shè)和優(yōu)化 需要避免的幾個誤區(qū) 2016-05-31
- 移動網(wǎng)站建設(shè):從瀏覽者的角度提出幾點優(yōu)化建議 2021-07-26
- 移動網(wǎng)站建設(shè)幾點需要注意的事項 2021-09-23
- 網(wǎng)絡(luò)時代的新發(fā)展——移動網(wǎng)站建設(shè) 2016-11-07
- 移動網(wǎng)站建設(shè)預(yù)算已成為有效方式 2016-08-21
- 移動網(wǎng)站建設(shè)必須考慮到什么難題? 2016-11-16
- 移動網(wǎng)站建設(shè)如何更好的引流量 2022-11-19