dns配置-白红宇

dns配置

阅读量：6471 次

发布时间：2019-06-23

本文共 7011 字，大约阅读时间需要 23 分钟。

dns

安装

# yum install bind bind-chroot caching-nameserver -y

# cd /var/named/chroot/etc

# mkdir backup

[root@teacher etc]# cp -p named.caching-nameserver.conf ./backup

[root@teacher etc]# cp -p named.rfc1912.zones ./backup

# pwd

/var/named/chroot/etc

# mv named.caching-nameserver.conf named.conf

# vim named.conf

options {

directory "/var/named";

};

include "/etc/named.rfc1912.zones";

# vim named.rfc1912.zones

zone "google.com" IN {

type master;

file "google.com.zone";

};

//zone "0.0.127.in-addr.arpa" IN {

// type master;

// file "named.local";

// allow-update { none; };

//};

# cd /var/named/chroot/var/named

# cp -p localhost.zone google.com.zone

# vim google.com.zone

$TTL 86400

@ IN SOA dns.google.com. root.dns.google.com. (

42 ; serial (d. adams)

3H ; refresh

15M ; retry

1W ; expiry

1D ) ; minimum

IN NS dns.google.com.

dns IN A 192.168.3.2

www IN A 192.168.3.3

ftp IN A 192.168.3.4

启动服务

# service named restart

客户端修改

# vim /etc/resolv.conf

nameserver 192.168.3.2

# nslookup

Server: 192.168.3.2

Address: 192.168.3.2#53

Name:

Address: 192.168.3.3

[root@teacher etc]# nslookup

Server: 192.168.3.2

Address: 192.168.3.2#53

Name:

Address: 192.168.3.4

－－－－－－－－－－－－

反向解析

# vim /var/named/chroot/etc/named.rfc1912.zones

zone "google.com" IN {

type master;

file "google.com.zone";

};

zone "3.168.192.in-addr.arpa" IN {

type master;

file "192.168.3.file";

};

# cd /var/named/chroot/var/named

[root@teacher named]# cp -p named.local 192.168.3.file

[root@teacher named]# vim 192.168.3.file

$TTL 86400

@ IN SOA dns.google.com. root.dns.google.com. (

1997022700 ; Serial

28800 ; Refresh

14400 ; Retry

3600000 ; Expire

86400 ) ; Minimum

IN NS dns.google.com.

2 IN PTR dns.google.com.

3 IN PTR .

4 IN PTR .

服务重启

# service named restart

# nslookup 192.168.3.3

Server: 192.168.3.2

Address: 192.168.3.2#53

3.3.168.192.in-addr.arpa name = .

[root@teacher named]# nslookup 192.168.3.4

Server: 192.168.3.2

Address: 192.168.3.2#53

4.3.168.192.in-addr.arpa name = .

－－－－－－－－－－－－－－－－

# cd /var/named/chroot/var/named

# vim google.com.zone

$TTL 86400

@ IN SOA dns.google.com. root.dns.google.com. (

42 ; serial (d. adams)

3H ; refresh

15M ; retry

1W ; expiry

1D ) ; minimum

IN NS dns.google.com.

dns IN A 192.168.3.2

www IN A 192.168.3.5

www IN A 192.168.3.6

www IN A 192.168.3.7

www IN A 192.168.3.8

www IN A 192.168.3.9

www IN A 192.168.3.11

ftp IN A 192.168.3.4

服务重启

# service named restart

# ping

－－－－－－－－－－－－－－－－－－－－－－－－－－－

主从同步

[root@teacher named]# cd /var/named/chroot/etc

[root@teacher etc]# ls

backup localtime named.conf named.rfc1912.zones rndc.key

[root@teacher etc]# dnssec-keygen -a hmac-md5 -b 128 -n host 3key

K3key.+157+65317

[root@teacher etc]# ls

# cat K3key.+157+65317.key

3key. IN KEY 512 3 157 tb69ZLlWPvQ+LHOjIYG6yQ== ／／复制密钥

# vim named.conf

options {

directory "/var/named";

};

key 3key {

algorithm hmac-md5;

secret "tb69ZLlWPvQ+LHOjIYG6yQ==";

};

include "/etc/named.rfc1912.zones";

# vim named.rfc1912.zones

zone "google.com" IN {

type master;

file "google.com.zone";

allow-transfer { key 3key; };

};

zone "3.168.192.in-addr.arpa" IN {

type master;

file "192.168.3.file";

allow-transfer { key 3key; };

};

启动域名服务

# service named restart

------------------------------

从域名服务器

安装bind

# yum install bind bind-chroot caching-nameserver -y

从主域名服务器把配置文件拷过来

# scp 192.168.3.2:/var/named/chroot/etc/named* /var/named/chroot/etc/

# cd /var/named/chroot/etc

# ls -l

# chown root:named named.conf

# vim named.conf

options {

directory "/var/named/slaves";

};

key 3key {

algorithm hmac-md5;

secret "tb69ZLlWPvQ+LHOjIYG6yQ==";

};

include "/etc/named.rfc1912.zones";

# vim named.rfc1912.zones

zone "google.com" IN {

type slave;

file "google.com.zone.slave";

masters { 192.168.3.2 key 3key; };

};

zone "3.168.192.in-addr.arpa" IN {

type slave;

file "192.168.3.file.slave";

masters { 192.168.3.2 key 3key; };

};

启动域名服务

# service named restart

# cd /var/named/chroot/var/named/slaves

# ls

192.168.3.file.slave google.com.zone.slave

-------------------------------------------

子域授权

在父域名服务器

[root@teacher etc]# pwd

/var/named/chroot/

# vim named.conf

options {

directory "/var/named";

};

include "/etc/named.rfc1912.zones";

# vim named.rfc1912.zones

zone "google.com" IN {

type master;

file "google.com.zone";

};

# cd /var/named/chroot/var/named

# vim google.com.zone

$TTL 86400

@ IN SOA dns.google.com. root.dns.google.com. (

42 ; serial (d. adams)

3H ; refresh

15M ; retry

1W ; expiry

1D ) ; minimum

IN NS dns.google.com.

dns IN A 192.168.3.2

develop.google.com. IN NS dns.develop.google.com.

dns.develop.google.com. IN A 192.168.3.5

www IN A 192.168.3.6

启动服务

# service named restart

----------------------------------

子域名服务器

# cd /var/named/chroot/etc

# scp 192.168.3.2:/var/named/chroot/etc/named* ./

# chown root:named named.conf

[root@teacher etc]# chown root:named named.rfc1912.zones

# vim named.rfc1912.zones

zone "develop.google.com" IN {

type master;

file "develop.google.com.zone";

};

# cd /var/named/chroot/var/named

# scp 192.168.3.2:/var/named/chroot/var/named/google.com.zone ./

# mv google.com.zone develop.google.com.zone

# chown root:named develop.google.com.zone

# vim develop.google.com.zone

$TTL 86400

@ IN SOA dns.develop.google.com. root.dns.develop.google.com. (

42 ; serial (d. adams)

3H ; refresh

15M ; retry

1W ; expiry

1D ) ; minimum

IN NS dns.develop.google.com.

dns IN A 192.168.3.5

www IN A 192.168.3.100

启动服务

# service named restart

用客户端测试

----------------------------

视图

域名服务器

eth0 192.168.3.2

eth1 172.16.3.1

eth2 8.8.8.8

# vim /etc/sysctl.conf

net.ipv4.ip_forward = 1

# sysctl -p

修改配置文件

# cd /var/named/chroot/etc

# vim named.conf

options {

directory "/var/named";

};

acl "unicom" { 172.16.3.0/24; };

acl "telcom" { 192.168.3.0/24; };

view "unicom" {

match-clients { unicom; };

recursion yes;

zone "163.com" IN {

type master;

file "unicom.163.com";

};

view "telcom" {

match-clients { telcom; };

recursion yes;

zone "163.com" IN {

type master;

file "telcom.163.com";

};

# cd /var/named/chroot/var/named

[root@teacher named]# cp -p google.com.zone unicom.163.com

[root@teacher named]# vim unicom.163.com

$TTL 86400

@ IN SOA dns.163.com. root.dns.163.com. (

42 ; serial (d. adams)

3H ; refresh

15M ; retry

1W ; expiry

1D ) ; minimum

IN NS dns.163.com.

dns IN A 8.8.8.8

www IN A 172.16.3.100

www IN A 172.16.3.200

[root@teacher named]# cp -p unicom.163.com telcom.163.com

[root@teacher named]# vim telcom.163.com

$TTL 86400

@ IN SOA dns.163.com. root.dns.163.com. (

42 ; serial (d. adams)

3H ; refresh

15M ; retry

1W ; expiry

1D ) ; minimum

IN NS dns.163.com.

dns IN A 8.8.8.8

www IN A 192.168.3.100

www IN A 192.168.3.200

[root@teacher named]# service named restart

--------------------------

在电信客户端上

用真机设置网关 192.168.3.2 //这个ip地址是域名服务器桥接的网卡地址。设置dns 服务器 8.8.8.8

点击开始－－运行－－－cmd 回车

在命令行 nslookup

可以看到电信的IP地址

－－－－－－－－－－－－－－－－－－－

网通客户端

# cd /var/sysconfig/network-scripts

# vim ifcfg-eth0

DEVICE=eth0

BOOTPROTO=none

IPADDR=172.16.3.5

ONBOOT=yes

GATEWAY=172.16.3.1

# service network restart

# vim /etc/resolv.conf

nameserver 8.8.8.8

# nslookup

转载于:https://blog.51cto.com/plking/1330454

你可能感兴趣的文章

彻底学会使用epoll(一)——ET模式实现分析

查看>>

路由器的密码恢复

查看>>

【Android 基础】Android中全屏或者取消标题栏

查看>>

Xilinx 常用模块汇总(verilog)【03】

紫书习题11-11 UVa 1644 （并查集）

查看>>

App工程结构搭建：几种常见Android代码架构分析

查看>>

使用openssl进行证书格式转换

查看>>

ZOJ 3777 Problem Arrangement

installshield12如何改变默认安装目录

查看>>

少用数字来作为参数标识含义

查看>>

ScrollView中嵌套ListView

查看>>

JAVA虚拟机05--面试必问之JVM原理

查看>>

Algs4-2.3.1如何切分数组

查看>>

uva 10815 - Andy's First Dictionary（快排、字符串）

查看>>