DNS练习

Myosotis5132025-11-16 11:20

练习内容:配置dns主从服务,要求从服务器能够定时从主服务器同步数据。

主服务器: 192.168.92.132

从服务器: 192.168.92.133

基础配置 软件安装以及网卡设置,以下为从服务器代码。

复制代码 
[root@localhost ~]# setenforce 0
[root@localhost ~]# systemctl stop firewalld.service 
[root@localhost ~]# mount /dev/sr0 /mnt
mount: /mnt: WARNING: source write-protected, mounted read-only.
[root@localhost ~]# dnf install -y bind
Updating Subscription Management repositories.
Unable to read consumer identity

This system is not registered with an entitlement server. You can use "rhc" or "subscription-manager" to register.

BaseOS                                                                          2.7 MB/s | 2.7 kB     00:00    
App                                                                             3.1 MB/s | 3.2 kB     00:00    
Dependencies resolved.
================================================================================================================
 Package                       Architecture       Version                           Repository             Size
================================================================================================================
Installing:
 bind                          x86_64             32:9.16.23-24.el9_5               AppStream             509 k
Installing dependencies:
 bind-dnssec-doc               noarch             32:9.16.23-24.el9_5               AppStream              49 k
 python3-bind                  noarch             32:9.16.23-24.el9_5               AppStream              72 k
 python3-ply                   noarch             3.11-14.el9                       BaseOS                111 k
Installing weak dependencies:
 bind-dnssec-utils             x86_64             32:9.16.23-24.el9_5               AppStream             122 k

Transaction Summary
================================================================================================================
Install  5 Packages

Total size: 862 k
Installed size: 2.5 M
Downloading Packages:
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
  Preparing        :                                                                                        1/1 
  Installing       : bind-dnssec-doc-32:9.16.23-24.el9_5.noarch                                             1/5 
  Installing       : python3-ply-3.11-14.el9.noarch                                                         2/5 
  Installing       : python3-bind-32:9.16.23-24.el9_5.noarch                                                3/5 
  Installing       : bind-dnssec-utils-32:9.16.23-24.el9_5.x86_64                                           4/5 
  Running scriptlet: bind-32:9.16.23-24.el9_5.x86_64                                                        5/5 
  Installing       : bind-32:9.16.23-24.el9_5.x86_64                                                        5/5 
  Running scriptlet: bind-32:9.16.23-24.el9_5.x86_64                                                        5/5 
  Verifying        : python3-ply-3.11-14.el9.noarch                                                         1/5 
  Verifying        : bind-32:9.16.23-24.el9_5.x86_64                                                        2/5 
  Verifying        : bind-dnssec-doc-32:9.16.23-24.el9_5.noarch                                             3/5 
  Verifying        : bind-dnssec-utils-32:9.16.23-24.el9_5.x86_64                                           4/5 
  Verifying        : python3-bind-32:9.16.23-24.el9_5.noarch                                                5/5 
Installed products updated.

Installed:
  bind-32:9.16.23-24.el9_5.x86_64                         bind-dnssec-doc-32:9.16.23-24.el9_5.noarch           
  bind-dnssec-utils-32:9.16.23-24.el9_5.x86_64            python3-bind-32:9.16.23-24.el9_5.noarch              
  python3-ply-3.11-14.el9.noarch                         

Complete!
[root@localhost ~]# nmcli connection modify ens160 ipv4.method manual ipv4.addresses 192.168.92.133/24 ipv4.gateway 192.168.92.2 ipv4.dns 192.168.92.133
[root@localhost ~]# nmcli c reload 
[root@localhost ~]# nmcli c up ens160 
Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/3)

编辑主服务器配置,从服务器同理

复制代码 
[root@alpha ~]# vim /etc/named.conf 

options {
        listen-on port 53 { any; };
        listen-on-v6 port 53 { ::1; };
        directory       "/var/named";
        dump-file       "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
        memstatistics-file "/var/named/data/named_mem_stats.txt";
        secroots-file   "/var/named/data/named.secroots";
        recursing-file  "/var/named/data/named.recursing";
        allow-query     { any; };

[root@alpha ~]# vim /etc/named.rfc1912.zones
  zone "openlab.com" IN {
        type master;
        file "openlab.com.zone";
        allow-transfer { 192.168.92.133; };
};
zone "92.168.192.in-addr.arpa" IN {
        type master;
        file "192.168.92.arpa";
        allow-transfer { 192.168.92.133; };
};

主服务端正反向解析

复制代码 
[root@alpha ~]# cd /var/named
[root@alpha named]# cp -a named.localhost openlab.com.zone
[root@alpha named]# vim openlab.com.zone 
$TTL 1D
@       IN SOA  ns.openlab.com. admin.openlab.com. (
                                        0       ; serial
                                        1D      ; refresh
                                        1H      ; retry
                                        1W      ; expire
                                        3H )    ; minimum
        NS      ns.openlab.com.
        NS      slave.openlab.com.
ns      IN      A       192.168.92.132
www     IN      A       192.168.92.132
bbs     IN      A       192.168.92.132
ftp     IN      CNAME   www
slave   IN      A       192.168.92.133

[root@alpha named]# cp -a named.loopback 192.168.92.arpa
[root@alpha named]# vim /var/named/192.168.92.arpa 
$TTL 1D
@       IN SOA  ns.openlab.com admin.openlab.com. (
                                        0       ; serial
                                        1D      ; refresh
                                        1H      ; retry
                                        1W      ; expire
                                        3H )    ; minimum
        NS      ns.openlab.com.
        NS      slave.openlab.com.
130     IN      PTR     ns.openlab.com.
130     IN      PTR     www.openlab.com.
130     IN      PTR     bbs.openlab.com.
130     IN      PTR     ftp.openlab.com.
131     IN      PTR     slave.openlab.com.

结果测试

相关推荐
wzyannn2 小时前
Linux字符设备驱动开发详细教程(简单字符设备驱动框架)
linux·运维·驱动开发·嵌入式
LCG元2 小时前
Linux 下的端口转发:ssh、socat、iptables 三种方案对比
linux
LCG元2 小时前
深入理解 Linux 网络命名空间:自己动手实现"虚拟网络"
linux
馨谙3 小时前
RHEL 存储堆栈完全解析:从硬件到应用的存储管理指南
服务器·开发语言·php
powerfulhell3 小时前
11.11作业
linux·运维·centos
板鸭〈小号〉3 小时前
进程间关系(linux)
linux·运维·服务器
liu****3 小时前
18.HTTP协议(一)
linux·网络·网络协议·http·udp·1024程序员节
脏脏a4 小时前
【Linux】冯诺依曼体系结构与操作系统概述
linux·服务器
恪愚4 小时前
webRTC:流程和socket搭建信令服务器
运维·服务器·webrtc
热门推荐
01GitHub 镜像站点02BongoCat - 跨平台键盘猫动画工具03UV安装并设置国内源04安娜的档案(Anna’s Archive) 镜像网站/国内最新可访问入口(持续更新)05Linux下V2Ray安装配置指南06jdk21下载、安装(Windows、Linux、macOS)07综合整理:pdf预览显示:你尝试预览的文件可能对你的计算机有害。如果你信任此文件以及其来源,请打开此文件以看其内容,如何解决以正常预览文件08使用国内镜像网站在线下载安装Qt(解决官网慢的问题)——Qt092025 最新教程:注册并切换到美区 Apple ID10MiniMax-M2 全方位配置手册:覆盖 Claude Code, Cursor, Cline 等工具