DNS练习

Myosotis5132025-11-16 11:20

练习内容:配置dns主从服务,要求从服务器能够定时从主服务器同步数据。

主服务器: 192.168.92.132

从服务器: 192.168.92.133

基础配置 软件安装以及网卡设置,以下为从服务器代码。

复制代码 
[root@localhost ~]# setenforce 0
[root@localhost ~]# systemctl stop firewalld.service 
[root@localhost ~]# mount /dev/sr0 /mnt
mount: /mnt: WARNING: source write-protected, mounted read-only.
[root@localhost ~]# dnf install -y bind
Updating Subscription Management repositories.
Unable to read consumer identity

This system is not registered with an entitlement server. You can use "rhc" or "subscription-manager" to register.

BaseOS                                                                          2.7 MB/s | 2.7 kB     00:00    
App                                                                             3.1 MB/s | 3.2 kB     00:00    
Dependencies resolved.
================================================================================================================
 Package                       Architecture       Version                           Repository             Size
================================================================================================================
Installing:
 bind                          x86_64             32:9.16.23-24.el9_5               AppStream             509 k
Installing dependencies:
 bind-dnssec-doc               noarch             32:9.16.23-24.el9_5               AppStream              49 k
 python3-bind                  noarch             32:9.16.23-24.el9_5               AppStream              72 k
 python3-ply                   noarch             3.11-14.el9                       BaseOS                111 k
Installing weak dependencies:
 bind-dnssec-utils             x86_64             32:9.16.23-24.el9_5               AppStream             122 k

Transaction Summary
================================================================================================================
Install  5 Packages

Total size: 862 k
Installed size: 2.5 M
Downloading Packages:
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
  Preparing        :                                                                                        1/1 
  Installing       : bind-dnssec-doc-32:9.16.23-24.el9_5.noarch                                             1/5 
  Installing       : python3-ply-3.11-14.el9.noarch                                                         2/5 
  Installing       : python3-bind-32:9.16.23-24.el9_5.noarch                                                3/5 
  Installing       : bind-dnssec-utils-32:9.16.23-24.el9_5.x86_64                                           4/5 
  Running scriptlet: bind-32:9.16.23-24.el9_5.x86_64                                                        5/5 
  Installing       : bind-32:9.16.23-24.el9_5.x86_64                                                        5/5 
  Running scriptlet: bind-32:9.16.23-24.el9_5.x86_64                                                        5/5 
  Verifying        : python3-ply-3.11-14.el9.noarch                                                         1/5 
  Verifying        : bind-32:9.16.23-24.el9_5.x86_64                                                        2/5 
  Verifying        : bind-dnssec-doc-32:9.16.23-24.el9_5.noarch                                             3/5 
  Verifying        : bind-dnssec-utils-32:9.16.23-24.el9_5.x86_64                                           4/5 
  Verifying        : python3-bind-32:9.16.23-24.el9_5.noarch                                                5/5 
Installed products updated.

Installed:
  bind-32:9.16.23-24.el9_5.x86_64                         bind-dnssec-doc-32:9.16.23-24.el9_5.noarch           
  bind-dnssec-utils-32:9.16.23-24.el9_5.x86_64            python3-bind-32:9.16.23-24.el9_5.noarch              
  python3-ply-3.11-14.el9.noarch                         

Complete!
[root@localhost ~]# nmcli connection modify ens160 ipv4.method manual ipv4.addresses 192.168.92.133/24 ipv4.gateway 192.168.92.2 ipv4.dns 192.168.92.133
[root@localhost ~]# nmcli c reload 
[root@localhost ~]# nmcli c up ens160 
Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/3)

编辑主服务器配置,从服务器同理

复制代码 
[root@alpha ~]# vim /etc/named.conf 

options {
        listen-on port 53 { any; };
        listen-on-v6 port 53 { ::1; };
        directory       "/var/named";
        dump-file       "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
        memstatistics-file "/var/named/data/named_mem_stats.txt";
        secroots-file   "/var/named/data/named.secroots";
        recursing-file  "/var/named/data/named.recursing";
        allow-query     { any; };

[root@alpha ~]# vim /etc/named.rfc1912.zones
  zone "openlab.com" IN {
        type master;
        file "openlab.com.zone";
        allow-transfer { 192.168.92.133; };
};
zone "92.168.192.in-addr.arpa" IN {
        type master;
        file "192.168.92.arpa";
        allow-transfer { 192.168.92.133; };
};

主服务端正反向解析

复制代码 
[root@alpha ~]# cd /var/named
[root@alpha named]# cp -a named.localhost openlab.com.zone
[root@alpha named]# vim openlab.com.zone 
$TTL 1D
@       IN SOA  ns.openlab.com. admin.openlab.com. (
                                        0       ; serial
                                        1D      ; refresh
                                        1H      ; retry
                                        1W      ; expire
                                        3H )    ; minimum
        NS      ns.openlab.com.
        NS      slave.openlab.com.
ns      IN      A       192.168.92.132
www     IN      A       192.168.92.132
bbs     IN      A       192.168.92.132
ftp     IN      CNAME   www
slave   IN      A       192.168.92.133

[root@alpha named]# cp -a named.loopback 192.168.92.arpa
[root@alpha named]# vim /var/named/192.168.92.arpa 
$TTL 1D
@       IN SOA  ns.openlab.com admin.openlab.com. (
                                        0       ; serial
                                        1D      ; refresh
                                        1H      ; retry
                                        1W      ; expire
                                        3H )    ; minimum
        NS      ns.openlab.com.
        NS      slave.openlab.com.
130     IN      PTR     ns.openlab.com.
130     IN      PTR     www.openlab.com.
130     IN      PTR     bbs.openlab.com.
130     IN      PTR     ftp.openlab.com.
131     IN      PTR     slave.openlab.com.

结果测试

相关推荐
小糖学代码5 小时前
LLM系列:1.python入门:3.布尔型对象
linux·开发语言·python
shizhan_cloud5 小时前
Shell 函数的知识与实践
linux·运维
Deng8723473485 小时前
代码语法检查工具
linux·服务器·windows
霍夫曼7 小时前
UTC时间与本地时间转换问题
java·linux·服务器·前端·javascript
2301_810746317 小时前
CKA冲刺40天笔记 - day20-day21 SSL/TLS详解
运维·笔记·网络协议·kubernetes·ssl
❀͜͡傀儡师7 小时前
docker 部署 komari-monitor监控
运维·docker·容器·komari
物联网软硬件开发-轨物科技8 小时前
【轨物方案】软硬件一体赋能,开启矿山机械远程智慧运维新篇章
运维
月熊8 小时前
在root无法通过登录界面进去时,通过原本的普通用户qiujian如何把它修改为自己指定的用户名
linux·运维·服务器
大江东去浪淘尽千古风流人物9 小时前
【DSP】向量化操作的误差来源分析及其经典解决方案
linux·运维·人工智能·算法·vr·dsp开发·mr
打码人的日常分享9 小时前
智慧城市一网统管建设方案,新型城市整体建设方案(PPT)
大数据·运维·服务器·人工智能·信息可视化·智慧城市
热门推荐
01GitHub 镜像站点02【超详细教程】手把手教你从微软官网免费下载Windows 10官方原版ISO镜像(2025最新版)03智能库存管理的需求预测模型:从业务痛点到落地代码的完整实践04React CVE-2025-55182漏洞排查与修复指南05安娜的档案(Anna’s Archive) 镜像网站/国内最新可访问入口(持续更新)06BongoCat - 跨平台键盘猫动画工具07UV安装并设置国内源08打造高效订单处理!ZKmall开源商城的统一履约中心架构解析09本地部署阿里最新开源的Z-Image10Linux下V2Ray安装配置指南