dns配置

原創 qq5c242b0d26665 2019-01-03 13:59

緩存域名服務器:
vi /etc/named.conf
在options下面添加: 在options
forwarders { 192.168.80.100; }; 允許80.100
注,可寫多個上級dns服務器地址

將以下兩行:
dnssec-enable yes; 安全策略
dnssec-validation yes;

將"yes"改爲"no"

systemctl start named 開啓服務

dns分離解析: 製作正反域
vi /etc/named.conf
listen-on port 53 { any; };
allow-query { any; };

//zone "." IN {
// type hint;
// file "named.ca";
//};

vi /etc/named.rfc1912.zones

acl "china" { 192.168.80.0/24; };
acl "american" { 192.168.90.0/24; };m'm

view "china" {
match-clients { "china"; };
zone "xiaoshuo.com" IN {
type master;
file "xiaoshuo.com.zone";
};
};

view "american" {
match-clients { "american"; };
zone "xiaoshuo.com" IN {
type master;
file "xiaoshuo.com.local";
};
};

cd /var/named/

cp -p named.localhost xiaoshuo.com.zone 複製模板named.localhost

vi xiaoshuo.com.zone 配置名爲xiaoshuo.com.zone和xiaoshuo.com.local

$TTL 1D
@ IN SOA xiaoshuo.com. 18013882536.163.com (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS dns.xiaoshuo.com.
dns IN A 192.168.80.100
www IN A 192.168.80.100

cp -p xiaoshuo.com.zone xiaoshuo.com.local

vi xiaoshuo.com.local

$TTL 1D
@ IN SOA xiaoshuo.com. 18013882536.163.com (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS dns.xiaoshuo.com.
dns IN A 192.168.90.100
www IN A 192.168.90.100

named-checkconf

systemctl start named

測試驗證

DNS服務器主從同步:
首先同步時間:
在主域名服務器上:
yum install ntp -y

vi /etc/ntp.conf
restrict 192.168.80.0 mask 255.255.255.0 nomodify notrap
server 127.127.1.0
fudge 127.127.1.0 stratum 8

service ntpd start
systemctl enable ntpd

從域名服務器上:
yum install ntp -y

ntpdate 192.168.80.100

搭建主從同步:

在主域名服務器上:
vi /etc/named.conf
修改以下內容:
listen-on port 53 { any; };
allow-query { any; };

vi /etc/named.rfc1912.zones

zone "hello.com" IN {
type master;
file "hello.com.zone";
allow-update { 192.168.80.101; };
also-notify { 192.168.80.101; };
};

zone "80.168.192.in-addr.arpa" IN {
type master;
file "hello.com.local";
allow-update { 192.168.80.101; };
also-notify { 192.168.80.101; };
};

cd /var/named/

cp -p named.localhost hello.com.zone

vi hello.com.zone

$TTL 1D
@ IN SOA hello.com. 18013882536.qq.com (
1 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS dns.hello.com.
dns IN A 192.168.80.100
www IN A 192.168.80.101
ftp IN A 192.168.80.102

cp -p hello.com.zone hello.com.local

vi hello.com.local

$TTL 1D
@ IN SOA hello.com. 18013882536.qq.com (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS dns.hello.com.
100 IN PTR dns.hello.com.
101 IN PTR www.hello.com.

systemctl start named

在從域名服務器中:

vi /etc/named.conf
修改以下內容:
listen-on port 53 { any; };
allow-query { any; };

vi /etc/named.rfc1912.zones

zone "hello.com" IN {
type slave;
masters { 192.168.80.100; };
file "slaves/hello.com.zone";
};
zone "80.168.192.in-addr.arpa" IN {
type slave;
masters { 192.168.80.100; };
file "slaves/hello.com.local";
};

systemctl start named

cat hello.com.zone

注:如果從域名服務器同步過去的數據配置文件出現亂碼,使用以下方法解決:
vi /etc/named.conf
masterfile-format text ;

測試能否實時同步:
在主域名服務器中添加新的解析記錄,並更改序列號
查看從域名服務器是否實時同步該數據

發表評論
所有評論
還沒有人評論,想成為第一個評論的人麼? 請在上方評論欄輸入並且點擊發布.
相關文章

部分網站打不開

179390988 2019-02-23 14:05:54

DNS 搭建(視圖功能)

大將軍繼華 2019-02-23 13:37:43

Amoeba for MySQL學習研究之配置

lvrenX 2019-02-24 13:04:33

VMware Tools 安裝、卸載及配置

如沐陽光 2019-02-24 13:00:22

配置EIGRP

wpgs 2019-02-23 14:05:20

配置基本的邊界網關協議(BGP)

wpgs 2019-02-23 14:05:20

如何備份cisco路由器配置文件

talkstone 2019-02-23 13:59:02

核心網絡設備配置及參數如何備份

talkstone 2019-02-23 13:59:02

交換機的啓動及基本配置

talkstone 2019-02-23 13:59:02

交換機基本配置

talkstone 2019-02-23 13:59:02

Cisco路由器安全配置必用10條命令

LQ_112 2019-02-23 13:47:18

轉貼:51cto論壇

spirit9 2019-02-23 13:37:48

OSPF 多區域配置

程張飛 2019-02-23 13:37:42

配置數據庫服務器

程張飛 2019-02-23 13:37:42

配置虛擬網站主機

程張飛 2019-02-23 13:37:42