dns实验

工具

dnf install bind -y #软件即可完成安装
[root@Client ~]# dnf install bind-utils -y #安装测试工具 没有的话用
[root@client ~]# getent hosts image.yao.org
[root@client ~]# cat /etc/resolv.conf  #查看域名是否配置成功
systemctl restart named

named-checkconf #主配置文件
[root@mysql-node4 /]# named-checkconf /etc/named.rfc1912.zones  #区域管理配置文件
named-checkzone yao.org /var/named/yao.org.zone  #正向解析文件
[root@mysql-node3 named]# named-checkzone 172.25.254.arpa /var/named/172.25.254.arpa
/etc/named.conf ：#该反向解析

/etc/named.conf ：该文件是主配置文件
- /etc/named.rfc1912.zones ：这里区域管理配置文件
- /var/named : 该目录存放着详细的域名解析配置文件

正向解析

[root@mysql-node3 named]#systemctl start named
[root@mysql-node3 named]# vim /etc/named.conf
options{
	listen-on port 53 { 172.25.254.30; };服务器
	...
	allow-query     { 172.25.254.0/24; };
}
[root@Server ~]# named-checkconf
[root@mysql-node3 named]# vim /etc/named.rfc1912.zones
...
zone "yao.org" IN {
        type master;
        file "yao.org.zone" # 文件的绝对路径 /var/named/yao.org.zone
};
...
[root@mysql-node3 /]# named-checkconf /etc/named.rfc1912.zones 

[root@mysql-node3 named]# cd /var/named
[root@mysql-node3  named]# cp -p named.localhost yao.org.zone # 通过复制模创建区域解析文件
[root@mysql-node3  named]# vim heroliu.org.zone
...
$TTL 1D # 域名存活时间是一天
@       IN SOA  dns.yao.org.  mail.admin.yao. (
                                        2025042001      ; serial
                                        1D              ; refresh
                                        1H              ; retry
                                        1W              ; expire
                                        3H )            ; minimum
                        NS      dns.yao.org.
dns                     A       172.25.254.30
image                   A       172.25.254.31
www                     A       172.25.254.32
...
systemctl start/restart named
[root@Client ~]# nmcli connection modify ens160 ipv4.dns 172.25.254.30
[root@Client ~]# nmcli connection reload
[root@Client ~]# nmcli connection up ens160
[root@client ~]# cat /etc/resolv.conf
# Generated by NetworkManager
nameserver 172.25.254.30
[root@mysql-node3  named]#named-checkzone yao.org /var/named/yao.org.zone 
systemctl start/restart named

[root@Client ~]# nslookup image.heroliu.org
Server:		172.25.254.100
Address:	172.25.254.100#53

Name:	image.heroliu.org
Address: 172.25.254.101
[root@Client ~]# nslookup www.heroliu.org
[root@Client ~]# nslookup dns.heroliu.org

反向解析

如果说 正向解析：通过 域名 -> ip

那么 反向解析: 通过 ip -> 域名

[root@mysql-node3 ~]#vim /etc/named.conf
..
options{
	listen-on port 53 { 172.25.254.30; };
	...
	allow-query     { 172.25.254.0/24; };
}
[root@Server ~]# named-checkconf
[root@mysql-node3named]# cd /var/named
[root@mysql-node3named]# cp -p named.loopback 172.25.254.arpa
[root@mysql-node3 named]# vim  172.25.254.arpa
$TTL 1D
@       IN SOA  dns.yao.org. rname.invalid. (
                                        0       ; serial
                                        1D      ; refresh
                                        1H      ; retry
                                        1W      ; expire
                                        3H )    ; minimum
                        NS      dns.yao.org.
dns.yao.org.           A       172.25.254.30
31                     PTR     image.yao.org.
32                     PTR     www.yao.org.
30                     PTR     dns.yao.org.
[root@mysql-node3 named]# named-checkzone 254.25.172.in-addr.arpa 172.25.254.arpa
systemctl restart named
[root@Client ~]# getent hosts  172.25.254.31
101.254.25.31.in-addr.arpa	name = image.yao.org.
[root@Client ~]# getent hosts  172.25.254.32
[root@Client ~]# getent hosts  172.25.254.33
systemctl restart named

主从DNS服务

主服务器挂了以后，就可以从从服务器获取服务

[root@mysql-node4 / named]# nmcli connection modify ens160 ipv4.dns 172.25.254.30
[root@mysql-node4 / named]# nmcli connection reload
[root@mysql-node4 / named]# nmcli connection up ens160

[root@Server ~]# vim /etc/named.rfc1912.zones
zone "heroliu.org" IN {
        type master;
        file "heroliu.org.zone";
        allow-transfer{172.25.254.40;};
};

zone "254.25.172.in-addr.arpa" IN {
        type master;
        file "172.25.254.arpa";
        allow-transfer{172.25.254.40;};
};
[root@mysql-node3 /]# named-checkconf /etc/named.rfc1912.zones 

# 正向数据解析配置文件中
[root@Server named]# vim heroliu.org.zone
...
                        NS      dns.yao.org.
                        NS      slave.yao.org.# 新增
dns                     A       172.25.254.30
slave                   A       172.25.254.40# 新增
...
# 反向数据解析配置文件中
[root@Server named]# vim 172.25.254.arpa

...
$TTL 1D
...
                        NS      dns.yao.org.
                        NS      slave.yao.org.
31                     PTR     image.yao.org.
32                     PTR     www.yao.org.
30                     PTR     dns.yao.org.
...

从服务器

[root@Client ~]# dnf install bind -y
[root@Client ~]# nmcli connection modify ens160 ipv4.dns 172.25.254.40
[root@Client ~]# nmcli connection reload
[root@Client ~]# nmcli connection up ens160
连接已成功激活（D-Bus 活动路径：/org/freedesktop/NetworkManager/ActiveConnection/8）

[root@Client ~]# vim /etc/named.conf
 11         listen-on port 53 { 172.25.254.40; };
 19         allow-query     { 172.25.254.0/24; };
 
 [root@Client ~]# vim /etc/named.rfc1912.zones
zone "yao.org" IN {
        type slave;
        file "slaves/yao.org.zone";
        masters {172.25.254.30;};
};
zone "254.25.172.in-addr.arpa" IN {
        type slave;
        file "slaves/172.25.254.arpa";
        masters {172.25.254.30;};
};

[root@mysql-node4 /]# systemctl restart  named

关掉主服务器。看一下从服务器能否使用
[root@client ~]# getent hosts www.yao.org
172.25.254.33   www.yao.org
#可以看一下当我主服务器关掉是，从服务器是否可以使用
[root@mysql-node4 /]# ls /var/named/slaves/
172.25.254.arpa  yao.org.zone