静态ip--dns
来源:互联网 发布:局域网聊天软件 编辑:程序博客网 时间:2024/06/05 07:30
####################静态ip--dns###################
一,配置客户端,服务器的环境
1,server:
ip配置,重启网络服务;
yum源的配置;
更改主机名:dns-server.westos.com
2,client:
ip配置,重启网络服务;
配置dns解析:servername 172.25.254.135
更改主机名:dns-client.westos.com
二,安装软件,启动服务,关闭防火墙
***server:
安装服务
yum install bind -y
systemctl restart named
关闭火墙
systemctl stop firewalld
三,开始使用:
1,更改主配置文件:
vim /etc/named.conf
10 options {
11 listen-on port 53 { any; }; ---->change
12 listen-on-v6 port 53 { ::1; };
13 directory "/var/named";
14 dump-file "/var/named/data/cache_dump.db";
15 statistics-file "/var/named/data/named_stats.txt";
16 memstatistics-file "/var/named/data/named_mem_stats.txt";
17 allow-query { any; }; ----->change
2,添加指向A 记录文件
vim /etc/named.rfc1912.zones
25 zone "westos.com" IN {
26 type master;
27 file "westos.com.zone"; ---->A记录文件
28 allow-update { none; };
3,编写A记录文件
cd /var/named/
cp -p named.localhost westos.com.zone
定义正向解析数据库文件:
$TTL 1D ---->1天
@ IN SOA dns.westos.com. root.westos.com. (
(dns服务器主机名) 0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS dns.westos.com. ##指定dns主机
dns A 172.25.254.135 ##指定dns主机的ip
www A 172.25.254.235 ##要添加的A记录
music CNAME music.a.westos.com.
music.a A 172.25.254.111
music.a A 172.25.254.222
westos.com. MX 1 172.25.254.135. ##指定dns服务器的A 记录
四,测试
client:
[root@dns-client ~]# dig www.westos.com
; <<>> DiG 9.9.4-RedHat-9.9.4-14.el7 <<>> www.westos.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 45475
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;www.westos.com. IN A
;; ANSWER SECTION:
www.westos.com. 86400 IN A 172.25.254.235--->www相应的ip
;; AUTHORITY SECTION:
westos.com. 86400 IN NS dns.westos.com. --->dns的指定
;; ADDITIONAL SECTION:
dns.westos.com. 86400 IN A 172.25.254.135--->dns的ip
;; Query time: 0 msec
;; SERVER: 172.25.254.135#53(172.25.254.135)
;; WHEN: Tue May 09 05:45:15 EDT 2017
;; MSG SIZE rcvd: 93
####################多个dns服务器##################################
一,server配置基础环境
1,网卡
添加网卡:eth1
cd /etc/sysconfig/network-scripts/;
ls
cp ifcfg-eth0 ifcfg-eth1;
vim /etc/sysconfig/network-scripts/ifcfg-eth1
DEVICE=eth1
BOOTPROTO=none
IPADDR=172.25.90.135 ----->私有网段的ip
PREFIX=24
ONBOOT=yes
TYPE=Ethernet
USERCTL=yes
PEERDNS=yes
IPV6INIT=no
PERSISTENT_DHCLIENT=1
systemctl restart network
2,修改配置文件
主配置文件:
vim /etc/named.conf ##视图匹配
view localnet {
match-clients { 172.25.254.90/24; }; --> 匹配254网段的客户端
zone "." IN {
type hint;
file "named.ca";
};
include "/etc/named.rfc1912.zones"; --> A记录指向文件
};
view internet {
match-clients { 172.25.90.235/24; }; --> 匹配90私有网段的客户端
zone "." IN {
type hint;
file "named.ca";
};
include "/etc/named.rfc1912.inter"; --> A 记录指向文件
};
3,修改A记录指向文件
cp /etc/named.rfc1912.zones /etc/named.rfc1912.inter -p
vim /etc/named.rfc1912.inter
25 zone "westos.com" IN {
26 type master;
27 file "westos.com.inter"; ---> A记录文件
28 allow-update { none; };
29 };
4编写A记录文件
cd /var/named
cp -p westos.com.zone westos.com.inter
vim westos.com.inter
$TTL 1D
@ IN SOA dns.westos.com. root.westos.com. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS dns.westos.com.
dns A 172.25.90.135
www A 172.25.90.235
music CNAME music.a.westos.com.
music.a A 172.25.90.111
music.a A 172.25.90.222
westos.com. MX 1 172.25.90.135.
systemctl restart named
二,client测试(私有网段90)
1,基础环境的配置
临时更改ip:
ifconfig eth0 172.25.90.235 netmask 255.255.255.0
vim /etc/resolv.conf
# Generated by NetworkManager
search westos.com
nameserver 172.25.90.135
[root@dns-client ~]# dig www.westos.com
; <<>> DiG 9.9.4-RedHat-9.9.4-14.el7 <<>> www.westos.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 1015
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;www.westos.com. IN A
;; ANSWER SECTION:
www.westos.com. 86400 IN A 172.25.90.235 --->私有网段的answer
;; AUTHORITY SECTION:
westos.com. 86400 IN NS dns.westos.com.
;; ADDITIONAL SECTION:
dns.westos.com. 86400 IN A 172.25.90.135
;; Query time: 1 msec
;; SERVER: 172.25.90.135#53(172.25.90.135)
;; WHEN: Tue May 09 06:58:14 EDT 2017
;; MSG SIZE rcvd: 93
三,client测试(254网段)
vim /etc/resolv.conf
# Generated by NetworkManager
search ilt.example.com example.com
nameserver 172.25.254.135
[root@foundation90 ~]# dig www.westos.com
; <<>> DiG 9.9.4-RedHat-9.9.4-29.el7 <<>> www.westos.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 6128
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;www.westos.com. IN A
;; ANSWER SECTION:
www.westos.com. 86400 IN A 172.25.254.235 ---> 254网段的answer
;; AUTHORITY SECTION:
westos.com. 86400 IN NS dns.westos.com.
;; ADDITIONAL SECTION:
dns.westos.com. 86400 IN A 172.25.254.135
;; Query time: 1 msec
;; SERVER: 172.25.254.135#53(172.25.254.135)
;; WHEN: Tue May 09 18:50:52 CST 2017
;; MSG SIZE rcvd: 93
###################反向解析########################################
一,server
1,主配置文件(在前面的基础上不修改)
2,A记录指向文件的修改
vim /etc/named.rfc1912.zones
49 zone "254.25.172.in-addr.arpa" IN {
50 type master;
51 file "westos.com.ptr";
52 allow-update { none; };
53 };
54
3,A记录文件的编写
cd /var/named/
cp -p named.loopback westos.com.ptr
vim westos.com.ptr
$TTL 1D
@ IN SOA dns.westos.com. root.westos.com. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS dns.westos.com.
dns A 172.25.254.135 ---> dns服务器ip
111 PTR www.westos.com. ---> www的ip为172.25.254.111
222 PTR bbs.westos.com. ---> bbs的ip为172.25.254.222
188 PTR hello.westos.com. --->hello的ip为172.25.254.188
systemctl restart named
二,client测试
配置ip为172.25.254.235
dns解析为:
nameserver 172.25.254.135
[root@dns-client ~]# dig -x 172.25.254.188 --> 反向解析的测试
; <<>> DiG 9.9.4-RedHat-9.9.4-14.el7 <<>> -x 172.25.254.188
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 64255
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;188.254.25.172.in-addr.arpa. IN PTR
;; ANSWER SECTION:
188.254.25.172.in-addr.arpa. 86400 IN PTR hello.westos.com.-->与A记录一致
;; AUTHORITY SECTION:
254.25.172.in-addr.arpa. 86400 IN NS dns.westos.com.
;; ADDITIONAL SECTION:
dns.westos.com. 86400 IN A 172.25.254.135
;; Query time: 0 msec
;; SERVER: 172.25.254.135#53(172.25.254.135)
;; WHEN: Tue May 09 07:45:12 EDT 2017
;; MSG SIZE rcvd: 120
########################dns更新####################################
一,server
1,cp -p westos.com.zone /mnt/ ###备份westos.com.zone
cd /mnt/
2,vim /etc/named.rfc1912.zones
25 zone "westos.com" IN {
26 type master;
27 file "westos.com.zone";
28 allow-update { 172.25.254.235; }; ---> 允许该ip更新dns
29 };
systemctl restart named
chmod 770 /var/named/
setsebool -P named_write_master_zones 1
二,client测试
[root@dns-client ~]# nsupdate ##更新 dns
> server 172.25.254.135 ##dns服务器ip
> update add hi.westos.com 86400 A 172.25.254.123 ##更新的内容(A记录)
> send
> update delete hi.westos.com ##删除刚才添加的更新
> send
> quit
######################dns更新及加密#########################
一,server
1,mk keyfile
cd /mnt/
dnssec-keygen -a HMAC-MD5 -b 256 -n HOST westoskey
2,mk key configfile
cp -p /etc/rndc.key /etc/westos.key
vim /etc/westos.key
key "westoskey" {
algorithm hmac-md5;
secret "J2Jm7MEOtIreeug2fi8VgshguvQL+uJzWHWNYsFp1bs=";
};
[root@dns-server mnt]# cat Kwestoskey.+157+21161.private
Private-key-format: v1.3
Algorithm: 157 (HMAC_MD5)
Key: J2Jm7MEOtIreeug2fi8VgshguvQL+uJzWHWNYsFp1bs=
Bits: AAA=
Created: 20170509125240
Publish: 20170509125240
3,config dns
vim /etc/named.conf
41 };
42 include "/etc/westos.key";
vim /etc/named.rfc1912.zones
25 zone "westos.com" IN {
26 type master;
27 file "westos.com.zone";
28 allow-update { key westoskey; };
29 };
systemctl restart named
4,send key to client:
scp Kwestoskey.+157+21161.* root@172.25.254.235:/mnt/
二,client测试
1, cd /mnt;
ls;
2,[root@dns-client mnt]# nsupdate -k Kwestoskey.+157+21161.private
> server add hi.westos.com 86400 A 172.25.254.111
port 'hi.westos.com' is not numeric
> server 172.25.254.135
> update add hi.westos.com 86400 A 172.25.254.111
> send
> update delete hi.westos.com
>quit
3,server
A记录;
$ORIGIN .
$TTL 86400 ; 1 day
westos.com IN SOA dns.westos.com. root.westos.com. (
4 ; serial
86400 ; refresh (1 day)
3600 ; retry (1 hour)
604800 ; expire (1 week)
10800 ; minimum (3 hours)
)
NS dns.westos.com.
MX 1 172.25.254.135.
$ORIGIN westos.com.
music.a A 172.25.254.111
A 172.25.254.222
dns A 172.25.254.135
music CNAME music.a
www A 172.25.254.235
------>1D 变为86400
- 静态ip--dns
- ubuntu静态ip和dns
- ubuntu配置静态IP和静态DNS
- centos设置静态IP,DNS,主机名
- Ubuntu设置静态IP和DNS
- Ubuntu设置静态IP和DNS
- ubunut配置静态ip和dns
- ubuntu 怎么设置静态ip及dns
- Android 静态ip的dns设置
- 静态IP配置方法与DNS
- Ubuntu 15.04配置静态IP和DNS
- ubuntu 静态IP配置 以及 DNS 配置
- CentOS7 修改设置静态IP和DNS
- CentOS7修改设置静态IP和DNS
- Linux静态IP及DNS配置
- ubuntu 16.04.1设置静态ip、dns
- Ubuntu中设置静态IP和DNS
- ubuntu修改静态IP、设置dns地址
- android支付宝支付工具类
- java中的类成员
- xcode 蓝色与黄色文件夹
- redis获取不到连接
- 新的开始
- 静态ip--dns
- 【IT软技能】Sublime 下载+激活+快捷键
- jquery 键盘操作解析与模拟
- SpringBoot AOP 记录WEB请求日志
- android插件化(类加载机制)
- Java实现 双链表
- Java classloader 常见问题及解决方法
- js 动态获取对象的 value值
- c的文本操作