码上快乐

相关内容   简体   繁体

redhat配置dns服务器bind

本文转载自  查看原文  2019-05-08 22:49  556 

配置Oracle11g的RAC需要使用DNS服务器来解析SCAN IP,本文就是以此为例介绍bind服务器的使用。首先科普一下bind服务器,属于企业级产品了,还是开源的:

Bind是Berkeley Internet Name Domain Service的简写,它是一款实现DNS服务器的开放源码软件。Bind原本是美国DARPA资助伯克利大学(Berkeley)开设的一个研究生课题,后来经过多年的变化发展,已经成为世界上使用最为广泛的DNS服务器软件,目前Internet上半数以上的DNS服务器有都是用Bind来架设的。参考文档:http://www.cnblogs.com/luoahong/p/7859000.html

内网使用的简单场合就使用基本的功能足够了。要使用内网的dns服务器解析,每个主机都有配置本地的服务器。linux中的配置就在/etc/resolv.conf文件修改。配置方法参考下面:

/etc/resolv.conf 该文件是DNS域名解析的配置文件,它的格式很简单,每行以一个关键字开头,后接配置参数。 resolv.conf的关键字主要有四个,分别是: nameserver #定义DNS服务器的IP地址 domain #定义本地域名 search #定义域名的搜索列表 sortlist #对返回的域名进行排序 详细说明: nameserver 表明DNS服务器的IP地址。可以有很多行的nameserver,每一个带一个IP地址。在查询时就按nameserver在本文件中的顺序进行, 且只有当第一个nameserver没有反应时才查询下面的nameserver。 domain  声明主机的域名。很多程序用到它,如邮件系统;当为没有域名的主机进行DNS查询时,也要用到。 如果没有域名,主机名将被使用,删除所有在第一个点( .)前面的内容。 search   它的多个参数指明域名查询顺序。当要查询没有域名的主机,主机将在由search声明的域中分别查找。 domain和search不能共存;如果同时存在,后面出现的将会被使用。 sortlist   允许将得到域名结果进行特定的排序。它的参数为网络/掩码对,允许任意的排列顺序。 /etc/resolv.conf的一个示例: domain centoscn.com search www.centocn.com www.wgjlb.com nameserver 202.96.128.86 nameserver 202.96.128.166 最主要是nameserver关键字,如果没指定nameserver就找不到DNS服务器,其它关键字是可选的。Red Hat中没有提供缺省的/etc/resolv.conf文件,它的内容是根据在安装时给出的选项动态创建的。

redhat主机地址:192.168.2.60 。本地域名:localdomain,因为安装了bind-chroot,修改配置文件就在/var/named/chroot/etc/named.conf,/etc/named.conf则无效(bind运行后chroot的etc里面的name.rfc1912.zones好像会更新到/etc里面的name.rfc1912.zones)

(In the zone definitions we defined the file containing the zone configuration. These files are located in the "/var/named/" directory. If you are using the "chroot" version of BIND, the location of the following files will be "/var/named/chroot/var/named" and you may need to change their group ownership to "named".)

此文件可以从该目录下named.caching-nameserver.conf复制而来。

配置信息如下:

options { listen-on port 53 { any; };            //所有机器都可以使用该dns服务器查询
        listen-on-v6 port 53 { ::1; };         //ip v6格式的写法,同上一个意思
        directory       "/var/named"; dump-file       "/var/named/data/cache_dump.db"; statistics-file "/var/named/data/named_stats.txt"; memstatistics-file "/var/named/data/named_mem_stats.txt"; // query-source port 53; // query-source-v6 port 53;

 allow-query { any; }; allow-query-cache { any; }; }; logging { channel default_debug { file "data/named.run"; severity dynamic; }; }; view localhost_resolver { match-clients { any; }; match-destinations { any; }; recursion yes; include "/etc/named.rfc1912.zones"; };

然后配置正向ZONE和反向ZONE,配置文件为/var/named/chroot/etc/named.rfc1912.zones。因为现在我们的本地域名设置为localdomain,默认情况下zone文件里面在第15到第20行已经包含了localdomain域名的正向解析配置了,所以不用添加。如果本地域名适用其他域名如xxx.com之类,就需要参照localdomain的配置来修改即可。

 15 zone "localdomain" IN { 16 type master; 17         file "localdomain.zone"; 18         allow-update { none; }; 19 };
或者:
zone "xxx.com" IN {
        type master;
        file "xxx.com.zone";
        allow-update { none; };
};

反向配置则根据内网网段来配置,本地网段:192.168.2.0/24,另外一个网段为:10.10.10.0/24所以配置为:

zone "2.168.192.in-addr.arpa" IN { type master; file "2.168.192.in-addr.arpa"; allow-update { none; }; }; zone "10.10.10.in-addr.arpa" IN { type master; file "10.10.10.in-addr.arpa"; allow-update { none; }; };

接着,配置正反向解析数据库文件。利用/var/named/chroot/var/named/localhost.zone 复制生成正向解析的数据库文件,利用/var/named/chroot/var/named/localhost.zone 复制生成名为2.168.192.in-addr.arpa 的反向解析的数据库文件,记得带-p参数传递权限。

[root@linux named]# cp -p localhost.zone ./localdomain.zone [root@linux named]# cp -p localhost.zone ./2.168.192.in-addr.arpa

再编辑解析数据库文件,使用不带域名后缀的short name即可。具体RAC环境的网络规划为:

Host name

Short  hostname

IP type

IP address

Interface

snode1.localdomain

snode1

Public ip

192.168.2.21

eth0

snode1-vip.localdomain

snode1-vip

Virtual ip

192.168.2.22

eth0:1

snode1-priv.localdomain

snode1-priv

Private ip

10.10.10.21

eth1

snode2.localdomain

snode2

Public ip

192.168.2.24

eth0

snode2-vip.localdomain

snode2-vip

Virtual ip

192.168.2.25

eth0:1

snode2-priv.localdomain

snode2-priv

Private ip

10.10.10.22

eth1

pnode1.localdomain

pnode1

Public ip

192.168.2.11

eth0

pnode1-vip.localdomain

pnode1-vip

Virtual ip

192.168.2.12

eth0:1

pnode1-priv.localdomain

pnode1-priv

Private ip

10.10.10.11

eth1

pnode2.localdomain

pnode2

Public ip

192.168.2.14

eth0

pnode2-vip.localdomain

pnode2-vip

Virtual ip

192.168.2.15

eth0:1

pnode2-priv.localdomain

pnode2-priv

Private ip

10.10.10.12

eth1

scan-cluster.localdomain

scan-cluster

Scan ip

192.168.2.23

eth0

scan-cluster.localdomain

scan-cluster

Scan ip

192.168.2.26

eth0

scan-cluster.localdomain

scan-cluster

Scan ip

192.168.2.13

eth0

配置完成的解析数据库文件为:

[root@linux named]# vim localdomain.zone $TTL 86400
@ IN SOA localhost root ( 42 ; serial (d. adams) 3H ; refresh 15M ; retry 1W ; expiry 1D ) ; minimum IN NS localhost localhost IN A 127.0.0.1
pnode1 IN A 192.168.2.11
pnode1-vip      IN A            192.168.2.12
pnode1-priv     IN A            10.10.10.11
pnode2 IN A 192.168.2.14
pnode2-vip      IN A            192.168.2.15
pnode2-priv     IN A            10.10.10.12
snode1 IN A 192.168.2.21
snode1-vip      IN A            192.168.2.22
snode1-priv     IN A            10.10.10.21
snode2 IN A 192.168.2.24
snode2-vip      IN A            192.168.2.25
snode2-priv     IN A            10.10.10.22
scan-cluster    IN A            192.168.2.13
scan-cluster    IN A            192.168.2.23
scan-cluster    IN A            192.168.2.26

[root@linux named]# vim 2.168.192.in-addr.arpa $TTL 86400
@ IN SOA localhost. root.localhost. ( 1997022700 ; Serial 28800 ; Refresh 14400 ; Retry 3600000 ; Expire 86400 ) ; Minimum IN NS localhost. 60 IN PTR localhost. 11 IN PTR pnode1.localdomain 12      IN      PTR     pnode1-vip.localdomain 14 IN PTR pnode2.localdomain 15      IN      PTR     pnode2-vip.localdomain 21 IN PTR snode1.localdomain 22      IN      PTR     snode1-vip.localdomain 24 IN PTR snode2.localdomain 25      IN      PTR     snode2-vip.localdomain 23      IN      PTR     scan-cluster.localdomain 26      IN      PTR     scan-cluster.localdomain 13      IN      PTR     scan-cluster.localdomain

重启bind:/etc/init.d/named restart

验证解析结果,正向:

[root@linux named]# nslookup snode1 up scan-cluster nslookup scan-clusterServer:        192.168.2.60
Address: 192.168.2.60#53

Name: snode1.localdomain Address: 192.168.2.21

[root@linux named]# nslookup snode1-vip Server: 192.168.2.60
Address: 192.168.2.60#53

Name: snode1-vip.localdomain Address: 192.168.2.22

[root@linux named]# nslookup snode1-priv Server: 192.168.2.60
Address: 192.168.2.60#53

Name: snode1-priv.localdomain Address: 10.10.10.21

[root@linux named]# nslookup snode2 Server: 192.168.2.60
Address: 192.168.2.60#53

Name: snode2.localdomain Address: 192.168.2.24

[root@linux named]# nslookup snode2-vip Server: 192.168.2.60
Address: 192.168.2.60#53

Name: snode2-vip.localdomain Address: 192.168.2.25

[root@linux named]# nslookup snode2-priv Server: 192.168.2.60
Address: 192.168.2.60#53

Name: snode2-priv.localdomain Address: 10.10.10.22

[root@linux named]# nslookup pnode1 Server: 192.168.2.60
Address: 192.168.2.60#53

Name: pnode1.localdomain Address: 192.168.2.11

[root@linux named]# nslookup pnode1-vip Server: 192.168.2.60
Address: 192.168.2.60#53

Name: pnode1-vip.localdomain Address: 192.168.2.12

[root@linux named]# nslookup pnode1-priv Server: 192.168.2.60
Address: 192.168.2.60#53

Name: pnode1-priv.localdomain Address: 10.10.10.11

[root@linux named]# nslookup pnode2 Server: 192.168.2.60
Address: 192.168.2.60#53

Name: pnode2.localdomain Address: 192.168.2.14

[root@linux named]# nslookup pnode2-vip Server: 192.168.2.60
Address: 192.168.2.60#53

Name: pnode2-vip.localdomain Address: 192.168.2.15

[root@linux named]# nslookup pnode2-priv Server: 192.168.2.60
Address: 192.168.2.60#53

Name: pnode2-priv.localdomain Address: 10.10.10.12

[root@linux named]# nslookup scan-cluster Server: 192.168.2.60
Address: 192.168.2.60#53

Name: scan-cluster.localdomain Address: 192.168.2.13
Name: scan-cluster.localdomain Address: 192.168.2.23
Name: scan-cluster.localdomain Address: 192.168.2.26

反向:

[root@linux etc]# nslookup 192.168.2.21
Server: 192.168.2.60
Address: 192.168.2.60#53

21.2.168.192.in-addr.arpa    name = snode1.localdomain.2.168.192.in-addr.arpa. [root@linux etc]# nslookup 192.168.2.22
Server: 192.168.2.60
Address: 192.168.2.60#53

22.2.168.192.in-addr.arpa    name = snode1-vip.localdomain.2.168.192.in-addr.arpa. [root@linux etc]# nslookup 10.10.10.21
Server: 192.168.2.60
Address: 192.168.2.60#53

21.10.10.10.in-addr.arpa    name = snode1-priv.localdomain.10.10.10.in-addr.arpa. [root@linux etc]# nslookup 192.168.2.24
Server: 192.168.2.60
Address: 192.168.2.60#53

24.2.168.192.in-addr.arpa    name = snode2.localdomain.2.168.192.in-addr.arpa. [root@linux etc]# nslookup 192.168.2.25
Server: 192.168.2.60
Address: 192.168.2.60#53

25.2.168.192.in-addr.arpa    name = snode2-vip.localdomain.2.168.192.in-addr.arpa. [root@linux etc]# nslookup 10.10.10.22
Server: 192.168.2.60
Address: 192.168.2.60#53

22.10.10.10.in-addr.arpa    name = snode2-priv.localdomain.10.10.10.in-addr.arpa. [root@linux etc]# nslookup 192.168.2.11
Server: 192.168.2.60
Address: 192.168.2.60#53

11.2.168.192.in-addr.arpa    name = pnode1.localdomain.2.168.192.in-addr.arpa. [root@linux etc]# nslookup 192.168.2.12
Server: 192.168.2.60
Address: 192.168.2.60#53

12.2.168.192.in-addr.arpa    name = pnode1-vip.localdomain.2.168.192.in-addr.arpa. [root@linux etc]# nslookup 10.10.10.11
Server: 192.168.2.60
Address: 192.168.2.60#53

11.10.10.10.in-addr.arpa    name = pnode1-priv.localdomain.10.10.10.in-addr.arpa. [root@linux etc]# nslookup 192.168.2.14
Server: 192.168.2.60
Address: 192.168.2.60#53

14.2.168.192.in-addr.arpa    name = pnode2.localdomain.2.168.192.in-addr.arpa. [root@linux etc]# nslookup 192.168.2.15
Server: 192.168.2.60
Address: 192.168.2.60#53

15.2.168.192.in-addr.arpa    name = pnode2-vip.localdomain.2.168.192.in-addr.arpa. [root@linux etc]# nslookup 10.10.10.12
Server: 192.168.2.60
Address: 192.168.2.60#53

12.10.10.10.in-addr.arpa    name = pnode2-priv.localdomain.10.10.10.in-addr.arpa. [root@linux etc]# nslookup 192.168.2.23
Server: 192.168.2.60
Address: 192.168.2.60#53

23.2.168.192.in-addr.arpa    name = scan-cluster.localdomain.2.168.192.in-addr.arpa. [root@linux etc]# nslookup 192.168.2.26
Server: 192.168.2.60
Address: 192.168.2.60#53

26.2.168.192.in-addr.arpa    name = scan-cluster.localdomain.2.168.192.in-addr.arpa.

说明配置成功。剩下的工作就是配置网络内其他主机的默认dns服务器地址就可以使用了。

但是在配置其他主机的DNS的服务器时我们通常使用/etc/resolv.conf文件来修改,但是我测试在centos7中修改后/etc/init.d/network restart重启网络,发现/etc/resolv.conf文件又被复原了,但是不重启网络又不能使DNS设置生效。如果是这样,解决方法就是修改网络接口的DNS配置,即/etc/sysconfig/network-script/ifcfg-ethN中增加dns的选项。参考https://blog.csdn.net/kadwf123/article/details/78786947

具体步骤关闭NetworkManager是关键,方法如下:

[root@localhost etc]# service NetworkManager stop
Redirecting to /bin/systemctl stop  NetworkManager.service

[root@localhost etc]# /bin/systemctl stop  NetworkManager.service
[root@localhost etc]# service NetworkManager status
Redirecting to /bin/systemctl status  NetworkManager.service
● NetworkManager.service - Network Manager
   Loaded: loaded (/usr/lib/systemd/system/NetworkManager.service; disabled; vendor preset: enabled)
   Active: inactive (dead) since Wed 2019-05-08 23:29:19 CST; 29s ago
  Process: 10904 ExecStart=/usr/sbin/NetworkManager --no-daemon (code=exited, status=0/SUCCESS)
Main PID: 10904 (code=exited, status=0/SUCCESS)
   CGroup: /system.slice/NetworkManager.service
           └─12251 /sbin/dhclient -d -q -sf /usr/libexec/nm-dhcp-helper -pf /...

[root@localhost etc]# chkconfig NetworkManager off
Note: Forwarding request to 'systemctl disable NetworkManager.service'.
[root@localhost etc]# systemctl disable NetworkManager.service


免责声明!

本站转载的文章为个人学习借鉴使用,本站对版权不负任何法律责任。如果侵犯了您的隐私权益,请联系本站邮箱yoyou2525@163.com删除。



猜您在找 DNS(bind)服务器安装和配置 DNS开源服务器BIND最小配置详解 【转】在CentOS 8 / RHEL 8上配置主/从BIND DNS服务器 内建DNS服务器--BIND 开源DNS服务器BIND详解 【Linux】DNS服务-BIND从服务器、缓存服务器及转发服务器配置(三) Ubuntu Linux DNS服务器 BIND9配置文件命令介绍 DNS原理和CentOS7上bind域名服务器配置详解 dns(四)-- 本地dns服务器的基本配置 Linux运维实战之DNS(bind)服务器的安装与配置
 
粤ICP备18138465号  © 2018-2025 CODEPRJ.COM