DNS练习

练习内容:配置dns主从服务,要求从服务器能够定时从主服务器同步数据。

主服务器: 192.168.92.132

从服务器: 192.168.92.133

基础配置 软件安装以及网卡设置,以下为从服务器代码。

复制代码
[root@localhost ~]# setenforce 0
[root@localhost ~]# systemctl stop firewalld.service 
[root@localhost ~]# mount /dev/sr0 /mnt
mount: /mnt: WARNING: source write-protected, mounted read-only.
[root@localhost ~]# dnf install -y bind
Updating Subscription Management repositories.
Unable to read consumer identity

This system is not registered with an entitlement server. You can use "rhc" or "subscription-manager" to register.

BaseOS                                                                          2.7 MB/s | 2.7 kB     00:00    
App                                                                             3.1 MB/s | 3.2 kB     00:00    
Dependencies resolved.
================================================================================================================
 Package                       Architecture       Version                           Repository             Size
================================================================================================================
Installing:
 bind                          x86_64             32:9.16.23-24.el9_5               AppStream             509 k
Installing dependencies:
 bind-dnssec-doc               noarch             32:9.16.23-24.el9_5               AppStream              49 k
 python3-bind                  noarch             32:9.16.23-24.el9_5               AppStream              72 k
 python3-ply                   noarch             3.11-14.el9                       BaseOS                111 k
Installing weak dependencies:
 bind-dnssec-utils             x86_64             32:9.16.23-24.el9_5               AppStream             122 k

Transaction Summary
================================================================================================================
Install  5 Packages

Total size: 862 k
Installed size: 2.5 M
Downloading Packages:
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
  Preparing        :                                                                                        1/1 
  Installing       : bind-dnssec-doc-32:9.16.23-24.el9_5.noarch                                             1/5 
  Installing       : python3-ply-3.11-14.el9.noarch                                                         2/5 
  Installing       : python3-bind-32:9.16.23-24.el9_5.noarch                                                3/5 
  Installing       : bind-dnssec-utils-32:9.16.23-24.el9_5.x86_64                                           4/5 
  Running scriptlet: bind-32:9.16.23-24.el9_5.x86_64                                                        5/5 
  Installing       : bind-32:9.16.23-24.el9_5.x86_64                                                        5/5 
  Running scriptlet: bind-32:9.16.23-24.el9_5.x86_64                                                        5/5 
  Verifying        : python3-ply-3.11-14.el9.noarch                                                         1/5 
  Verifying        : bind-32:9.16.23-24.el9_5.x86_64                                                        2/5 
  Verifying        : bind-dnssec-doc-32:9.16.23-24.el9_5.noarch                                             3/5 
  Verifying        : bind-dnssec-utils-32:9.16.23-24.el9_5.x86_64                                           4/5 
  Verifying        : python3-bind-32:9.16.23-24.el9_5.noarch                                                5/5 
Installed products updated.

Installed:
  bind-32:9.16.23-24.el9_5.x86_64                         bind-dnssec-doc-32:9.16.23-24.el9_5.noarch           
  bind-dnssec-utils-32:9.16.23-24.el9_5.x86_64            python3-bind-32:9.16.23-24.el9_5.noarch              
  python3-ply-3.11-14.el9.noarch                         

Complete!
[root@localhost ~]# nmcli connection modify ens160 ipv4.method manual ipv4.addresses 192.168.92.133/24 ipv4.gateway 192.168.92.2 ipv4.dns 192.168.92.133
[root@localhost ~]# nmcli c reload 
[root@localhost ~]# nmcli c up ens160 
Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/3)

编辑主服务器配置,从服务器同理

复制代码
[root@alpha ~]# vim /etc/named.conf 

options {
        listen-on port 53 { any; };
        listen-on-v6 port 53 { ::1; };
        directory       "/var/named";
        dump-file       "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
        memstatistics-file "/var/named/data/named_mem_stats.txt";
        secroots-file   "/var/named/data/named.secroots";
        recursing-file  "/var/named/data/named.recursing";
        allow-query     { any; };

[root@alpha ~]# vim /etc/named.rfc1912.zones
  zone "openlab.com" IN {
        type master;
        file "openlab.com.zone";
        allow-transfer { 192.168.92.133; };
};
zone "92.168.192.in-addr.arpa" IN {
        type master;
        file "192.168.92.arpa";
        allow-transfer { 192.168.92.133; };
};

主服务端正反向解析

复制代码
[root@alpha ~]# cd /var/named
[root@alpha named]# cp -a named.localhost openlab.com.zone
[root@alpha named]# vim openlab.com.zone 
$TTL 1D
@       IN SOA  ns.openlab.com. admin.openlab.com. (
                                        0       ; serial
                                        1D      ; refresh
                                        1H      ; retry
                                        1W      ; expire
                                        3H )    ; minimum
        NS      ns.openlab.com.
        NS      slave.openlab.com.
ns      IN      A       192.168.92.132
www     IN      A       192.168.92.132
bbs     IN      A       192.168.92.132
ftp     IN      CNAME   www
slave   IN      A       192.168.92.133

[root@alpha named]# cp -a named.loopback 192.168.92.arpa
[root@alpha named]# vim /var/named/192.168.92.arpa 
$TTL 1D
@       IN SOA  ns.openlab.com admin.openlab.com. (
                                        0       ; serial
                                        1D      ; refresh
                                        1H      ; retry
                                        1W      ; expire
                                        3H )    ; minimum
        NS      ns.openlab.com.
        NS      slave.openlab.com.
130     IN      PTR     ns.openlab.com.
130     IN      PTR     www.openlab.com.
130     IN      PTR     bbs.openlab.com.
130     IN      PTR     ftp.openlab.com.
131     IN      PTR     slave.openlab.com.

结果测试

相关推荐
敖行客 Allthinker16 小时前
企业级多台服务器组装 K3s 高性能集群实战指南
运维·服务器·团队开发
RisunJan16 小时前
Linux命令-readonly(Bash 内建设置只读变量)
linux
m0_7373025817 小时前
OpenClaw:赋予大模型执行能力的开源本地 AI 智能体
服务器
Web极客码17 小时前
在WordPress Multisite中添加超级管理员用户
服务器·php·网站
TTBIGDATA17 小时前
【Ambari Plus】10.HBase 安装
大数据·运维·hadoop·ambari·hdp·cdh·bigtop
FlightYe17 小时前
FFmpeg移动端硬解机制
linux·网络·ffmpeg·音视频·实时音视频·视频编解码
京韵养生记17 小时前
【无标题】
java·服务器·前端
笨笨没好名字17 小时前
Leetcode刷题python3版第一周(下)
linux·算法·leetcode
艾伦_耶格宇17 小时前
【ELK】-2 ELK的搭建
运维·elk
huainingning18 小时前
锐捷ACL单向TCP互通组网-通过Established状态回包实现
服务器·网络·tcp/ip