linux 中的DNS服务
来源:互联网 发布:淘宝卖家的卡片祝福语 编辑:程序博客网 时间:2024/06/18 09:46
DNS(DomainNameSystem,域名系统),因特网上作为域名和IP地址相互映射的一个分布式数据库,能够使用户更方便的访问互联网,而不用去记住能够被机器直接读取的IP数串。通过主机名,最终得到该主机名对应的IP地址的过程叫做域名解析(或主机名解析)。DNS协议运行在UDP协议之上,使用端口号53。
1、安装部署
yuminstall bind -y
systemctlstart named
ssytemctlenable named
systemctlstop firewalld ---为了方便下面的实验,提前关闭防火墙
主配置文件/etc/named.conf
子配置文件/etc/name.rfc1912.zones
数据目录/var/named
2、高速缓存文件配置
vim/etc/named.conf
11listen-on port 53 {any;}; ---开放网卡端口
17allow-query {any;}; ---允许所有查询
18forwarders {172.25.254.250;}; ---自己不知道问别人
systemctlrestart named
测试:
客户机
vim/etc/resolve.conf
nameserver172.25.254.100 ---修改为测试主机的IP
3、权威DNS的正向解析
(1)vim/etc/named.rfc1912.zones
zone"xinhao.com" IN {
typemaster;
file"xinhao.com.zone";
allow-update{none;};
};
(2)cd/var/named
(3)cp-p named.localhost xinhao.com.zone
(4)vimxinhao.com.zone
$TTL1D
@ IN SOA dns.xinhao.com. root.xinhao.com. ( ---@代表域中的内容
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H) ; minimum
NS dns.xinhao.com.
dns A 172.25.254.239
www A 172.25.254.39
(5)systemctlrestart named
(6)vim/etc/resolve.conf
nameserver172.25.254.239
测试:
digwww.xinhao.com
4、反向解析
(1)vim/etc/named.rfc1912.zones
zone"254.25.172.in-addr.arpa" IN {
typemaster;
file"xinhao.com.ptr";
allow-update{none;};
};
(2)cd/var/named
(3)cp-p named.loopback xinhao.com.ptr
(4)vimxinhao.com.ptr
$TTL1D
@ IN SOA dns.xinhao.com. root.xinhao.com. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H) ; minimum
NS dns.xinhao.com.
dns A 172.25.254.239
239 PTR www.xinhao.com.
(5)systemctlrestart named
测试:
dig-x 172.25.254.239
5、双向解析
(1)vim/etc/named.conf
修改为:
viewlocalnet {
match-clients{172.25.254.239;}; ---对内网解析
zone"." IN {
typehint;
file"named.ca";
};
include"/etc/named.rfc1912.zones";
include"/etc/named.root.key";
};
viewany { ---对外网解析
match-clients{any;};
zone"." IN {
typehint;
file"named.ca";
};
include"/etc/named.rfc1912.zones.inter";
include"/etc/named.root.key";
};
(2)cp-p /var/named/xinhao.com.zone /var/named/xinhao.com.inter
vim/var/named/xinhao.com.inter
$TTL1D
@ IN SOA dns.xinhao.com. root.xinhao.com. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H) ; minimum
NS dns.xinhao.com.
dns A 172.25.254.239
www A 82.243.253.61
(3)cp-p /etc/named/named.rfc1912.zones/etc/named/named.rfc1912.zones.inter
zone"xinhao.com" IN {
typemaster;
file"xinhao.com.inter";
allow-update{ none; };
};
(4)systemctlrestart named
测试:在两台电脑分别测试
6、辅助DNS
主DNS的设定:
(1)vim/etc/named.rfc1912.zones.inter
zone"xinhao.com" IN {
typemaster;
file"xinhao.com.inter";
allow-update{none;};
also-notify{172.25.254.139;}; ---允许139主机同步
};
(2)systemctlrestart named
每次更改A记录文件后必须更改serial的数值
辅助DNS设定:
(1)vim/etc/named.conf
11listen-on port 53 {any;}; ---开放网卡端口
17allow-query {any;}; ---允许所有查询
(2)vim/etc/named.rfc1912.zones
zone"xinhao.com" IN {
typeslave;
masters{172.25.254.239};---同步239主机
file"slaves/xinhao.com.inter";
allow-update{none;};
};
(3)systemctlrestart named
测试:
主机:
vim/etc/reslove.conf
nameserver172.25.254.139
digwww.xinhao.com
辅助:
vim/etc/reslove.conf
nameserver172.25.254.239
digwww.xinhao.com
没有更改时
更改后
7、DNS的远程更新(基于IP)
在239主机上:
(1)chmodg+w /var/named
(2)vim/etc/named.rfc1912.zones.inter
zone"xinhao.com" IN {
typemaster;
file"xinhao.com.zone";
allow-update{172.25.254.139;};
also-notify{172.25.254.139;}; ---允许139主机同步
};
(3)systemctlrestart named
测试:
在139辅助机上:
(1)nsupdate
server172.25.254.239
updateadd bbs.xinhao.com 86400 A 1.1.1.1 ---添加
send
nsupdate
server172.25.254.239
updatedelete bbs.xinhao.com ---删除
send
8、DNS(基于KEY)
(1)cp/etc/rndc.key /etc/xxx.key -p
(2)dnssec-keygen-a HMAC-MD5 -b 128 -n HOST xxx
(3)vimKxxx.xxx.key
复制钥匙
(4)vim/etc/xxx.key
替换钥匙,名称
(5)vim/etc/named.conf
include"/etc/xxx.key";
logging{
(6)vim/etc/named.rfc1912.zones.inter
zone"xinhao.com" IN {
typemaster;
file"xinhao.com.inter";
allow-update{key xxx;};
also-notify{172.25.254.139;};
};
测试
scpKxxx.157+58934.* root@172.25.254.239:/mnt/
nsupdate-k Kxinhao.157+58934.private
9、动态域名解析(ddns)
主机上
(1)yuminstall dhcp -y
(2)cpcp /usr/share/doc/dhcp-4.2.5/dhcpd.conf.example /etc/dhcp/dhcpd.con
(3)vim/etc/dhcp/dhcpd.conf
optiondomain-name "xinhao.com";
optiondomain-name-servers 172.25.50.10;
ddns-update-stylenone;
subnet172.25.50.0 netmask 255.255.255.0 {
range172.25.50.12 172.25.50.20;
optionrouters 172.25.50.10;
}
key"xinhao" {
algorithmhmac-md5;
secret"g9wXV1pMUWYPliyC8f4zXA==";
};
zonexinhao.com. {
primary172;
keyxinhao;
}
(4)vim/etc/named.rfc1912.zones
zone"xinhao.com" IN {
typemaster;
file"xinhao.com.zone";
allow-update{ key xinhao; };
};
(5)hostnamectlset-hostname www.xinhao.com
辅助机上:
设置网络为DHCP模式
systemctlrestart network
digwww.xinhao.com
- linux 中的DNS服务
- Linux中的DNS服务
- linux中的DNS解析服务
- Linux配置DNS服务
- Linux学习 DNS服务
- Linux服务(DNS)
- linux中架设DNS服务
- linux下DNS服务配置
- linux DNS服务配置 [笔记]
- Linux下配置DNS服务
- 【Linux】安装DNS域名解析服务
- Linux之DNS服务配置
- 【Linux】安装DNS域名解析服务
- linux服务配置之DNS
- linux- dns和ddns服务
- linux下的DNS服务
- linux下的dns服务
- linux中的dns
- 笔试题3
- Java8中对HashMap的改造
- POJ
- Tomcat类加载机制触发的Too many open files问题分析
- 字节输入输出流
- linux 中的DNS服务
- R语言-连接MySQL数据库方法
- PTA基础编程 7-2 然后是几点
- unity 和webgl 互调传值
- 数学公式
- java非对称加密笔记
- 如何装系统
- 卷积神经网络CNN(重点:反向传播)
- VC++中基本数据类型的大小
