centos7.x 部署主、从DNS服务器
centos7.x 部署主、从DNS服务器
1、准备
例:两台192.168.219.146(主), 192.168.219.147(从), 域名www.panyangduola.com
主、从DNS服务器均需要安装bind、bind-chroot、bind-utils
yum -y install bind bind-utils bind-chroot如果防火墙开启,配置防火墙,添加服务(防火墙已禁用则忽略)
firewall-cmd --permanent --add-service=dns
firewall-cmd --reload2、主DNS服务器(192.168.219.146)配置
编辑配置文件
vim /etc/named.conf找到其中两行
- listen-on port 53 { 127.0.0.1; };
-
allow-query { localhost; };
修改为
- listen-on port 53 { any; };
-
allow-query { any; };
2-1、配置正向解析
编辑文件/etc/named.rfc1912.zones,在末尾添加需要解析的域
vim /etc/named.rfc1912.zoneszone "panyangduola.com" IN {
type master;
file "data/panyangduola.com.zone";
};创建panyangduola.com.zone解析域
vim /var/named/data/panyangduola.com.zone$TTL 3600
$ORIGIN panyangduola.com.
@ IN SOA panyangduola.com. admin.panyangduola.com. (
2018042101
1D
1H
1W
3H
)
@ IN NS ns1.panyangduola.com.
@ IN NS ns2.panyangduola.com.
ns1 IN A 192.168.219.146
ns2 IN A 192.168.219.147
www IN A 192.168.219.146
web IN CNAME www2-2、配置反向解析
编辑文件/etc/named.rfc1912.zones,在末尾添加需要解析的域
vim /etc/named.rfc1912.zoneszone "219.168.192.in-addr.arpa" IN {
type master;
file "data/219.168.192.zone";
};创建219.168.192.zone解析域
vim /var/named/data/219.168.192.zone$TTL 3600
$ORIGIN 219.168.192.in-addr.arpa.
@ IN SOA panyangduola.com. admin.panyangduola.com. (
2018042101
1D
1H
1W
3H
)
@ IN NS ns1.panyangduola.com.
@ IN NS ns2.panyangduola.com.
146 IN PTR ns1.panyangduola.com.
147 IN PTR ns2.panyangduola.com.
146 IN PTR www.panyangduola.com.2-3、对DNS配置文件进行一下语法检查:
cd /etc
named-checkconf named.conf
named-checkconf named.rfc1912.zones
cd /var/named/data
named-checkzone panyangduola.com panyangduola.com.zone
named-checkzone 219.168.192.in-addr.arpa 219.168.192.zone2-4、编辑/etc/resolv.conf,添加
vim /etc/resolv.confsearch localdomain
nameserver 192.168.219.1462-5、如果2-3步骤没有错误发生的话,启动named服务
重启named
systemctl restart named查看状态
systemctl status named2-6、检查主DNS服务器解析是否成功
ping命令验证
ping -c 4 www.panyangduola.comnslookup命令验证
nslookup
>www.panyangduola.comnslookup
>192.168.219.1463、从DNS服务器(192.168.219.147)配置
编辑named.conf文件
vim /etc/named.conf找到其中两行
- listen-on port 53 { 127.0.0.1; };
- allow-query { localhost; };
修改为
- listen-on port 53 { any; };
- allow-query { any; };
3-1、修改主DNS服务器(192.168.219.146)的配置/etc/named.rfc1912.zones
vim /etc/named.rfc1912.zoneszone "panyangduola.com" IN {
type master;
file "data/panyangduola.com.zone";
allow-transfer {192.168.219.147;};
notify yes;
also-notify {192.168.219.147;};
};
zone "219.168.192.in-addr.arpa" IN {
type master;
file "data/219.168.192.zone";
allow-transfer {192.168.219.147;};
notify yes;
also-notify {192.168.219.147;};
};3-2、配置从DNS服务器(192.168.219.147)正向解析
编辑文件/etc/named.rfc1912.zones,在末尾添加需要解析的域
vim /etc/named.rfc1912.zoneszone "panyangduola.com" IN {
type slave;
file "data/panyangduola.com.zone";
masters { 192.168.219.146; };
};创建panyangduola.com.zone空文件
touch /var/named/data/panyangduola.com.zone 设置所有者
cd /var/named/data
chown named:named panyangduola.com.zone3-3、配置从DNS服务器(192.168.219.147)反向解析
在文件/etc/named.rfc1912.zones中添加
vim etc/named.rfc1912.zoneszone "219.168.192.in-addr.arpa" IN {
type slave;
file "data/219.168.192.zone";
masters { 192.168.219.146; };
};创建空文件219.168.192.zone
touch /var/named/data/219.168.192.zone设置所有者
cd /var/named/data
chown named:named 219.168.192.zone3-4、对DNS配置文件进行一下语法检查:
cd /etc
named-checkconf named.conf
named-checkconf named.rfc1912.zones3-5、编辑/etc/resolv.conf,添加
vim /etc/resolv.confsearch localdomain
nameserver 192.168.219.1473-6、如果3-4步骤没有错误发生的话,启动named服务
重启named
systemctl restart named查看状态
systemctl status named3-7、查看文件/var/named/data/panyangduola.com.zone和/var/named/data/219.168.192.zone是否有二进制数据
cat /var/named/data/panyangduola.com.zone
cat /var/named/data/219.168.192.zone3-8、检查从DNS服务器解析是否成功
ping命令验证
ping -c 4 www.panyangduola.comnslookup命令验证
nslookup
>192.168.219.147
版权声明:本文为panyangduola原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。