linux操作———dns
来源:互联网 发布:js循环语句 编辑:程序博客网 时间:2024/06/01 08:06
yum install bind -y
systemctl enable named
systemctl stop firewalld
systemctl disable firewalld
主配置文件:/etc/named.conf
子配置文件:/etc/named.rfc1912.zones数据目录:/etc/named
2.高速缓存dns
vim /etc/named.conf
11 listen-on port 53 { any; }; ##接口完全开放
17 allow-query { any; }; ##所有人都可访问
18 forwarders { 172.25.254.xx;}; ##有不知道的问题都访问xx主机
systemctl restart named
#测试:
在客户主机
vim /etc/resolv.conf
8 nameserver 172.25.254.xx ##配置文件的主机ip
dig www.baidu.com ##第一次访问缓存,第二次直接获取缓存
3.权威dns正向解析
vim /etc/named.conf
18 forwarders { 172.25.254.xx;}; ##去掉这一行
zone "westos.com" IN {
type master;
file "westos.com.zone";
allow-update { none; };
[root@localhost named]# ls
data dynamic named.ca named.empty named.localhost named.loopback slaves
[root@localhost named]# cp -p named.localhost westos.com.zone ##由于存在权限问题,所以需要-p
[root@localhost named]# vim westos.com.zone ##解析文件编写
$TTL 1D
@ IN SOA dns.westos.com. root.westos.com. ( ##加.是防止后面继续自动添加westos.com
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS dns.westos.com. ##在文件名后自动加westos.com
dns A 172.25.254.xx ## 配置文件的主机ip
www A 172.25.254.111 ##问题寻找答案的ip
systemctl restart named
/etc/named.conf中的内容
/etc/named.rfc1912.zones中的内容
westos.com.zone中的内容
测试:
www.westos.com
4.反向解析
vim /etc/named.rfc1912.zones
zone "254.25.172.in-addr.arpa" IN {
type master;
file "westos.com.ptr";
allow-update { none; };
};
cp -p named.lookback westos.com.ptr
vim westos.com.ptr
$TTL 1D
@ IN SOA dns.westos.com. root.westos.com. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS dns.westos.com.
dns A 172.25.254.xx
xx PTR www.westos.com. ##访问的问题ip为xx,测试就测试xx
systemctl restart named
/etc/named.rfc1912.zones中的内容
westos.com.ptr中的内容
测试:
dig -x 172.25.254.xx
5.dns双向解析
cp -p westos.com.zone westos.com.inter
vim westos.com.inter ##添加外网文件配置
$TTL 1D
@ IN SOA dns.westos.com. root.westos.com. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS dns.westos.com.
dns A 1.1.1.xx ##外网访问问题答案ip
www A 1.1.1.111
cp /etc/named.rfc1912.zones /etc/named.rfc1912.zones.inter -p
vim /etc/named.rfc1912.zones.inter ##添加外网的子配置文件
31 zone "westos.com" IN {
32 type master;
33 file "westos.com.inter"; ##更改zone为inter
34 allow-update { none; };
35 };
vim /etc/named.conf ##添加到主配置文件中
52 view localnet {
51 match-clients { 172.25.254.xx; }; ##只让xx访问,即内网
52 zone "." IN {
53 type hint;
54 file "named.ca";
55 };
56 include "/etc/named.rfc1912.zones"; ##内网的子配置文件
57 include "/etc/named.root.key";
58 };
59 view any {
60 match-clients { any; };
61 zone "." IN {
62 type hint;
63 file "named.ca";
64 };
65 include "/etc/named.rfc1912.zones.inter"; ##外网的子配置文件
66 include "/etc/named.root.key";
67 };
systemctl restart named
westos.com.inter
/etc/named.rfc1912.zones.inter
/etc/named.conf
测试:
dig www.westos.com ##分内外网
内网:
外网:
6.辅助dns
主dns的设定
vim /etc/named.rfc1912.zones.inter
zone "westos.com" IN {
type master;
file "westos.com.inter";
allow-update { none; };
also-notify { 172.25.254.xxx; }; ##更改后告诉xxx机
};
systemctl restart named
注意:每次更改A文件后必须更改serial的数值,最大为10位
辅助dns(xx机)设定(先设置yum源,selnux中为disable,reboot)
yum install bind -y
systemctl start named
systemctl stop firewalld
vim /etc/named.conf
// listen-on port 53 { 127.0.0.1; }; ##注释即开启
// allow-query { localhost; };
vim /etc/named.rfc1912.zones
zone "westos.com" IN {
type slave;
masters { 172.25.254.xxx; }; ##设定辅助为xxx机
file "slaves/westos.com.inter";
allow-update { none; };
};
systemctl restart named
/etc/named.conf
/etc/named.rfc1912.zones
测试:
vim /etc/resolv.conf
nameserver 172.25.254.xx ##主
dig www.westos.com
vim /etc/resolv.conf
nameserver 172.25.254.xxx ##辅
dig www.westos.com
7.dns的远程更新
基于ip的:
vim /etc/named.rfc1912.zones.inter
zone "westos.com" IN {
type master;
file "westos.com.inter";
allow-update { 172.25.254.xxx; };
also-notify { 172.25.254.xxx; };
};
systemctl restart named
chmod g+w /var/named/
systemctl restart named
测试:
在113主机上
[root@desktop113 ~]# nsupdate
> server 172.25.254.xx ##添加
> update add bbs.westos.com 86400 A 1.1.1.x
> send
> server 172.25.254.xx ##删除
> update delete bbs.westos.com
> send
基于key的:(先删掉基于ip生成更新的)
cp -p /etc/rndc.key /etc/westos.key
dnssec-keygen -a HMAC-MD5 -b 218 -n HOST westos ##生成公钥私钥
cat Kwestos.+157+40661.key
vim /etc/westos.key
key "westos" {
algorithm hmac-md5;
secret "Qrk1DSSofXb3rll40i4MkIDgE1nfROQnAxD0tg==";
};
vim /etc/named.conf
include "/etc/westos.key"; ##添加这一行即可
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
vim /etc/named.rfc1912.zones.inter
zone "westos.com" IN {
type master;
file "westos.com.inter";
allow-update { key westos; }; ##更改更新方式
also-notify { 172.25.254.xxx; };
};
systemctl restart named
/etc/westos.key
/etc/named.conf
/etc/named.rfc1912.zones.inter
测试:
[root@localhost mnt]# ls
Kwestos.+157+40661.key Kwestos.+157+40661.private westos.com.inter
[root@localhost mnt]# scp Kwestos.+157+40661* root@172.2vim5.254.xxx:/mnt/
在有key的主机中执行
[root@desktop113 mnt]# nsupdate -k Kwestos.+157+40661.private
> server 172.25.254.xx
> update add bbs.westos.com 86400 A 1.1.1.x
> send
>
[root@localhost mnt]# dig bbs.westos.com
8.动态dns
主dns上:
yum install dhcp -y
cp /usr/share/
cp /usr/share/doc/dhcp-4.2.5/dhcpd.conf.example /etc/dhcp/dhcpd.conf
vim /etc/dhcp/dhcpd.conf
7 option domain-name "xxxxxx.com"; ##辅助dns的机名
8 option domain-name-servers 172.25.254.xx; ##主dns的ip
14 ddns-update-style interim;
24 # No service will be given on this subnet, but declaring it helps the
25 # DHCP server to understand the network topology.
26
27
28 # This is a very basic subnet declaration.
29
30 subnet 172.25.254.0 netmask 255.255.255.0 {
31 range 172.25.254.10 172.25.254.20;
32 option routers 172.25.254.xx; ##主dns的ip
33 }
34
35 key "westos" {
36 algorithm hmac-md5;
37 secret "tcc2czhAKAjVnZwP/USO4gAxXHiX6M7SDJPuLw=="; ##取钥匙,来自文件/etc/westos.key
38 };
39 zone westos.com. {
40 primary 172.0.0.1;
41 key westos;
42 }
systemctl restart dhcpd
systemctl restart named
辅dns上:
修改network为dns vim /etc/sysconfig/network-scripts/ifcfg-eth0
BOOTPROTO=none----->dhcp
修改名字为xxxxxx.com hostnamectl set-hostname www.xxxxxx.com
systemctl restart network
检测:
dig www.westos.com ##主辅
- linux操作———dns
- linux——dns
- Linux——高速缓存dns
- Linux——dns高速缓存
- Linux DNS 进阶配置——主从DNS
- Linux DNS 进阶配置——父子域DNS
- Linux网络服务——DNS全攻略
- linux 服务——DNS服务
- Linux学习三——DNS设置
- Linux DNS Server 备忘操作
- Linux DNS Server 备忘操作
- DNS编程开发—DNS协议格式
- Linux系统下搭建DNS服务器——DNS原理总结
- DHCP——DNS
- LINUX学习笔记——DNS服务器设置篇(转载)
- LINUX学习笔记——DNS服务器设置篇
- 企业级Linux服务攻略——DNS服务全攻略
- 鸟哥Linux服务器篇——什么是 DNS
- 使用条款和隐私策略
- sessionFactory.getCurrentSession() 为何必须要显式开启事务
- 从vSphere 5.5升级到6之3-使用VUM升级ESXi
- Informix中的serial在oracle中如何转换?
- JAVA面向对象的特征及什么是面向对象
- linux操作———dns
- WPF 异步编程需要注意的点
- 小程序初始
- Pstore dmesg 注册篇
- MySQL 向上递归查询树节点
- 下载的app不生成桌面图标,只有主app图标
- Mybatis中javaType和jdbcType类型对应
- 【数据结构】存储二叉树节点的栈 C language
- Android学习笔记---使用TimePickerDialog打造时间选择器