DNS练习

Myosotis5132025-11-16 11:20

练习内容:配置dns主从服务,要求从服务器能够定时从主服务器同步数据。

主服务器: 192.168.92.132

从服务器: 192.168.92.133

基础配置 软件安装以及网卡设置,以下为从服务器代码。

复制代码 
[root@localhost ~]# setenforce 0
[root@localhost ~]# systemctl stop firewalld.service 
[root@localhost ~]# mount /dev/sr0 /mnt
mount: /mnt: WARNING: source write-protected, mounted read-only.
[root@localhost ~]# dnf install -y bind
Updating Subscription Management repositories.
Unable to read consumer identity

This system is not registered with an entitlement server. You can use "rhc" or "subscription-manager" to register.

BaseOS                                                                          2.7 MB/s | 2.7 kB     00:00    
App                                                                             3.1 MB/s | 3.2 kB     00:00    
Dependencies resolved.
================================================================================================================
 Package                       Architecture       Version                           Repository             Size
================================================================================================================
Installing:
 bind                          x86_64             32:9.16.23-24.el9_5               AppStream             509 k
Installing dependencies:
 bind-dnssec-doc               noarch             32:9.16.23-24.el9_5               AppStream              49 k
 python3-bind                  noarch             32:9.16.23-24.el9_5               AppStream              72 k
 python3-ply                   noarch             3.11-14.el9                       BaseOS                111 k
Installing weak dependencies:
 bind-dnssec-utils             x86_64             32:9.16.23-24.el9_5               AppStream             122 k

Transaction Summary
================================================================================================================
Install  5 Packages

Total size: 862 k
Installed size: 2.5 M
Downloading Packages:
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
  Preparing        :                                                                                        1/1 
  Installing       : bind-dnssec-doc-32:9.16.23-24.el9_5.noarch                                             1/5 
  Installing       : python3-ply-3.11-14.el9.noarch                                                         2/5 
  Installing       : python3-bind-32:9.16.23-24.el9_5.noarch                                                3/5 
  Installing       : bind-dnssec-utils-32:9.16.23-24.el9_5.x86_64                                           4/5 
  Running scriptlet: bind-32:9.16.23-24.el9_5.x86_64                                                        5/5 
  Installing       : bind-32:9.16.23-24.el9_5.x86_64                                                        5/5 
  Running scriptlet: bind-32:9.16.23-24.el9_5.x86_64                                                        5/5 
  Verifying        : python3-ply-3.11-14.el9.noarch                                                         1/5 
  Verifying        : bind-32:9.16.23-24.el9_5.x86_64                                                        2/5 
  Verifying        : bind-dnssec-doc-32:9.16.23-24.el9_5.noarch                                             3/5 
  Verifying        : bind-dnssec-utils-32:9.16.23-24.el9_5.x86_64                                           4/5 
  Verifying        : python3-bind-32:9.16.23-24.el9_5.noarch                                                5/5 
Installed products updated.

Installed:
  bind-32:9.16.23-24.el9_5.x86_64                         bind-dnssec-doc-32:9.16.23-24.el9_5.noarch           
  bind-dnssec-utils-32:9.16.23-24.el9_5.x86_64            python3-bind-32:9.16.23-24.el9_5.noarch              
  python3-ply-3.11-14.el9.noarch                         

Complete!
[root@localhost ~]# nmcli connection modify ens160 ipv4.method manual ipv4.addresses 192.168.92.133/24 ipv4.gateway 192.168.92.2 ipv4.dns 192.168.92.133
[root@localhost ~]# nmcli c reload 
[root@localhost ~]# nmcli c up ens160 
Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/3)

编辑主服务器配置,从服务器同理

复制代码 
[root@alpha ~]# vim /etc/named.conf 

options {
        listen-on port 53 { any; };
        listen-on-v6 port 53 { ::1; };
        directory       "/var/named";
        dump-file       "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
        memstatistics-file "/var/named/data/named_mem_stats.txt";
        secroots-file   "/var/named/data/named.secroots";
        recursing-file  "/var/named/data/named.recursing";
        allow-query     { any; };

[root@alpha ~]# vim /etc/named.rfc1912.zones
  zone "openlab.com" IN {
        type master;
        file "openlab.com.zone";
        allow-transfer { 192.168.92.133; };
};
zone "92.168.192.in-addr.arpa" IN {
        type master;
        file "192.168.92.arpa";
        allow-transfer { 192.168.92.133; };
};

主服务端正反向解析

复制代码 
[root@alpha ~]# cd /var/named
[root@alpha named]# cp -a named.localhost openlab.com.zone
[root@alpha named]# vim openlab.com.zone 
$TTL 1D
@       IN SOA  ns.openlab.com. admin.openlab.com. (
                                        0       ; serial
                                        1D      ; refresh
                                        1H      ; retry
                                        1W      ; expire
                                        3H )    ; minimum
        NS      ns.openlab.com.
        NS      slave.openlab.com.
ns      IN      A       192.168.92.132
www     IN      A       192.168.92.132
bbs     IN      A       192.168.92.132
ftp     IN      CNAME   www
slave   IN      A       192.168.92.133

[root@alpha named]# cp -a named.loopback 192.168.92.arpa
[root@alpha named]# vim /var/named/192.168.92.arpa 
$TTL 1D
@       IN SOA  ns.openlab.com admin.openlab.com. (
                                        0       ; serial
                                        1D      ; refresh
                                        1H      ; retry
                                        1W      ; expire
                                        3H )    ; minimum
        NS      ns.openlab.com.
        NS      slave.openlab.com.
130     IN      PTR     ns.openlab.com.
130     IN      PTR     www.openlab.com.
130     IN      PTR     bbs.openlab.com.
130     IN      PTR     ftp.openlab.com.
131     IN      PTR     slave.openlab.com.

结果测试

相关推荐
QQ__176461982411 分钟前
Ubuntu系统创建新用户与删除用户
linux·运维·服务器
渣渣盟41 分钟前
Linux邮件服务器快速搭建指南
linux·服务器·开发语言
6极地诈唬43 分钟前
【PG漫步】DELETE不会改变本地文件的大小,VACUUM也不会
linux·服务器·数据库
ArrebolJiuZhou43 分钟前
00 arm开发环境的搭建
linux·arm开发·单片机·嵌入式硬件
谷雨不太卷1 小时前
Linux_文件权限
linux·运维·服务器
无泪无花月隐星沉2 小时前
uos server 1070e lvm格式磁盘扩容分区
linux·运维·uos
Bruce_Liuxiaowei2 小时前
Nmap+Fofa 一体化信息搜集工具打造
运维·开发语言·网络·网络安全
食咗未2 小时前
Linux USB HOST EXTERNAL STORAGE
linux·驱动开发
食咗未2 小时前
Linux USB HOST HID
linux·驱动开发·人机交互
Xの哲學2 小时前
Linux SLAB分配器深度解剖
linux·服务器·网络·算法·边缘计算
热门推荐
01GitHub 镜像站点02从快手“12·22”直播攻击事件看:一次教科书式的业务层饱和攻击03电脑检测软件—图吧工具箱043D 圣诞树网页代码05Linux下V2Ray安装配置指南06UV安装并设置国内源07在VSCode配置Java开发环境的保姆级教程(适配各类AI编程IDE)08jdk21下载、安装(Windows、Linux、macOS)09Claude Code Skills 实用使用手册10Gemini3 生成的基于手势控制3D粒子圣诞树