DNS(domain name server)簡單的講就是域名解析服務器,是伯克利大學科研的成果,對于IP挑戰大家記憶力的時候,DNS無疑成了救命稻草,因為他的效率較之前使用的hosts和NIS有了質的飛躍,想了解DNS的詳盡知識,大家請去互聯網上去看啦!
實驗平臺:VM下兩臺linux centos5.5服務器,一臺作為主服務器(master),另一臺作為輔助服務器(slave)
IP規劃:
主服務器:192.168.1.193
輔服務器:192.168.1.195
第一:在主輔服務器上都要做的設置
首先就是是安裝DNS套件
[root@localhost ~]# yum -y install bind bind-chroot ypbind bind-utils caching-nameserver
第二:在主服務器上的設置(關鍵)
[root@localhost ~]# cd /var/named/chroot/etc///進入主設置檔案所在的目錄
[root@localhost etc]# cp -p named.caching-nameserver.conf named.conf//制作主配置文件
以下這個步驟的含義是:每次服務啟動時默認的會去/etc目錄下去搜索配置文件,做這個軟連接也是這個原因。
[root@localhost etc]# ln -s /var/named/chroot/etc/named.conf /etc/named.conf
以下這個步驟是對rndc的設置(借助rndc對DNS服務器的管理,可以在不關閉DNS服務器的情況下,更新主服務器做過的修改)
[root@localhost ~]# rndc-confgen > /etc/rndc.conf//生成rndc的主配置文檔
對這個檔案不做任何的修改,只需把DNS需要的部分復制過去即可
[root@localhost ~]# vi /etc/rndc.conf
[root@localhost ~]# vi /etc/named.conf//修改主配置文件,主要修改以下列出的部分即可
listen-on port 53 { any; };
forwarders{202.102.240.65;};
allow-query{ any; };
allow-query-cache { any; };
match-clients{ any; };
match-destinations { any; };
###################### rndc-confgen###################
key "rndckey" {
algorithm hmac-md5;
secret "JkZ/MxIb8I58yefvWMkpIw==";
};
controls {
inet 127.0.0.1 port 953
allow { 127.0.0.1; } keys { "rndckey"; };
};
############################END ##################
以上這個步驟就是可以使用#rdnc reload重載配置文件
[root@localhost ~]# vi /etc/named.rfc1912.zones//添加自己的域
zone "ethnicity.com" IN {
type master;
file "named.ethnicity.com";
allow-update { none; };
allow-transfer { 192.168.1.195;};//這就是針對輔服務器做的設置
also-notify { 192.168.1.195; };
};
zone "1.168.192.in-addr.arpa" IN {
type master;
file "named.192.168.1";
allow-update { none; };
allow-transfer { 192.168.1.195;};
also-notify { 192.168.1.195; };
};
以下這個步驟是建立自己域名的配置文件
[root@localhost named]# cp -p localhost.zone named.ethnicity.com
[root@localhost named]# cp -p named.local named.192.168.1
[root@localhost named]# vi named.ethnicity.com//設置正解
$TTL86400
@IN SOAdns.ethnicity.com.root.ethnicity.com. (
46; serial (d. adams)
3H; refresh
15M; retry
1W; expiry
1D ); minimum
IN NSdns.ethnicity.com.
@IN MX 10mail.ethnicity.com.
www1IN A192.168.1.195
www2IN A192.168.1.196
www3IN A192.168.1.193
linuxIN CNAMEwww2
[root@localhost named]# vi named.192.168.1//設置反解
$TTL86400
@INSOAdns.ethnicity.com. root.ethnicity.com.(
1997022700 ; Serial
28800; Refresh
14400; Retry
3600000; Expire
86400 ); Minimum
INNSdns.ethnicity.com.
195INPTRwww1.ethnicity.com.
196INPTRwww2.ethnicity.com.
193INPTRwww3.ethnicity.com.
[root@localhost ~]# vi /etc/resolv.conf
nameserver 192.168.1.193
然后是簡單的測試
[root@localhost ~]# /etc/init.d/named restart
[root@localhost ~]# nslookup//以下測試可知正反解都可以成功
> 192.168.1.195
Server:192.168.1.193
Address:192.168.1.193#53
195.1.168.192.in-addr.arpaname = www1.ethnicity.com.
> www2.ethnicity.com
Server:192.168.1.193
Address:192.168.1.193#53
Name:www2.ethnicity.com
Address: 192.168.1.196
> exit
最后把配置文件同步到輔服務器上
[root@localhost ~]# scp /var/named/chroot/etc/named.conf 192.168.1.195:/var/named/chroot/etc/
[root@localhost~]#scp /var/named/chroot/etc/named.rfc1912.zones 192.168.1.195:/var/named/chroot/etc/
第二:在輔服務器上的設置
[root@localhost ~]# chgrp named /var/named/chroot/etc/named.conf
[root@localhost etc]# ln -s /var/named/chroot/etc/named.conf /etc/named.conf
[root@localhost ~]# vi /etc/named.conf
listen-on port 53 { any; };
forwarders{202.102.240.65;};
allow-query{ any; };
allow-query-cache { any; };
match-clients{ any; };
match-destinations { any; };
[root@localhost ~]# vi /etc/named.rfc1912.zones//添加以下的域
zone "ethnicity.com" IN {
type slave;
file "slaves/named.ethnicity.com";
masters { 192.168.1.193; };
};
zone "1.168.192.in-addr.arpa" IN {
type slave;
file "slaves/named.192.168.1";
masters { 192.168.1.193; };
};
[root@localhost ~]# /etc/init.d/named restart//重啟服務器就可以看到輔服務器的配置文件
[root@localhost ~]# ll /var/named/chroot/var/named/slaves/
total 16
-rw-rw-r-- 1 named named 398 Oct 25 07:06 named.192.168.1
-rw-r--r-- 1 named named 466 Oct 25 07:42 named.ethnicity.com
第三:測試的部分
這個步驟主要是觀察在主服務器修改配置文件是,通過#rndc reload時,輔服務器數據的同步狀況。
[root@localhost named]# vi named.ethnicity.com//在主服務器域文件內添加兩個CNAME。并且修改46; serial (d. adams)
$TTL86400
@IN SOAdns.ethnicity.com.root.ethnicity.com. (
46; serial (d. adams)
3H; refresh
15M; retry
1W; expiry
1D ); minimum
IN NSdns.ethnicity.com.
@IN MX 10mail.ethnicity.com.
www1IN A192.168.1.195
www2IN A192.168.1.196
www3IN A192.168.1.193
linuxIN CNAMEwww2
wanyanIN CNAMEwww3
ethnicityIN CNAMEwww1
[root@localhost named]# rndc reload
server reload successful
接著在輔服務器上查看變化,發現和主服務器是數據同步的。
[root@localhost ~]# cat /var/named/chroot/var/named/slaves/named.ethnicity.com
$ORIGIN .
$TTL 86400; 1 day
ethnicity.comIN SOAdns.ethnicity.com. root.ethnicity.com. (
46; serial
10800; refresh (3 hours)
900; retry (15 minutes)
604800; expire (1 week)
86400; minimum (1 day)
)
NSdns.ethnicity.com.
MX10 mail.ethnicity.com.
$ORIGIN ethnicity.com.
ethnicityCNAMEwww1
linuxCNAMEwww2
wanyanCNAMEwww3
www1A192.168.1.195
www2A192.168.1.196
www3A192.168.1.193
