碼上歡樂
相關內容    簡體    繁體

Centos7 下配置主從dns(bind)

本文轉載自   查看原文   2019-11-28 18:28   628    linux 隨筆/ dns、bind、主備

dns 主備搭建

環境說明

系統:CentOS 7.6 x86_64
主master:10.0.0.182
備slave:10.0.0.115
 

1、安裝主要包,在主備機器都執行如下命令

yum install bind bind-utils bind-chroot -y

2、進行配置配置

 
主master上配置
/etc/named.conf 

//
// named.conf
//
// Provided by Red Hat bind package to configure the ISC BIND named(8) DNS
// server as a caching only nameserver (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
// See the BIND Administrator's Reference Manual (ARM) for details about the
// configuration located in /usr/share/doc/bind-{version}/Bv9ARM.html

options {
        listen-on port 53 { any; };
        listen-on-v6 port 53 { ::1; };
        directory       "/var/named";
        dump-file       "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
        memstatistics-file "/var/named/data/named_mem_stats.txt";
        recursing-file  "/var/named/data/named.recursing";
        secroots-file   "/var/named/data/named.secroots";
        allow-query     { any; };
        notify yes;
        recursion yes;
        dnssec-enable yes;
        dnssec-validation yes;
        bindkeys-file "/etc/named/named.root.key";
        managed-keys-directory "/var/named/dynamic";
        pid-file "/run/named/named.pid";
        session-keyfile "/run/named/session.key";
        masterfile-format text ;
};

logging {
        channel default_debug {
                file "data/named.run";
                severity dynamic;
        };
};

zone "." IN {
        type hint;
        file "named.ca";
};

#include "/etc/named/named.rfc1912.zones";
include "/etc/named/named.sx.zones";
include "/etc/named/named.root.key";

  

/etc/named/named.sx.zones,由於該文件是自定義的文件,需要手動更改下文件權限,
chown root.named /etc/named/named.sx.zones 

zone "sx" IN {
        type master;
        file "zones/sx.zone";
        allow-update { 10.0.0.115; };
        also-notify { 10.0.0.115; };
        allow-transfer { 10.0.0.115; };
};
zone "sx.com" IN {
        type master;
        file "zones/sx.com.zone";
        allow-update { 10.0.0.115; };
        also-notify { 10.0.0.115; };
        allow-transfer { 10.0.0.115; };
};
在/var/named/ 下創建zones目錄,並更改用戶屬主和屬組
mkdir /var/named/zones
chown named.named /var/named/zones
cat /var/named/zones/sx.zone 

$TTL 600
@       IN SOA  @ rname.invalid. (
                                        2       ; serial
                                        1M      ; refresh
                                        1M      ; retry
                                        1M      ; expire
                                        3H )    ; minimum
@       NS      ns1
@       NS      ns2
ns1     A       10.0.0.182
ns2     A       10.0.0.115
*     A       10.0.0.184
 
從slave上的配置
cat /etc/named.conf 

//
// named.conf
//
// Provided by Red Hat bind package to configure the ISC BIND named(8) DNS
// server as a caching only nameserver (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
// See the BIND Administrator's Reference Manual (ARM) for details about the
// configuration located in /usr/share/doc/bind-{version}/Bv9ARM.html

options {
        listen-on port 53 { any; };
        listen-on-v6 port 53 { ::1; };
        directory       "/var/named";
        dump-file       "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
        memstatistics-file "/var/named/data/named_mem_stats.txt";
        recursing-file  "/var/named/data/named.recursing";
        secroots-file   "/var/named/data/named.secroots";
        allow-query     { any; };
        recursion yes;
        dnssec-enable yes;
        dnssec-validation yes;
        bindkeys-file "/etc/named/named.root.key";
        managed-keys-directory "/var/named/dynamic";
        pid-file "/run/named/named.pid";
        session-keyfile "/run/named/session.key";
        masterfile-format text ;
};

logging {
        channel default_debug {
                file "data/named.run";
                severity dynamic;
        };
};

zone "." IN {
        type hint;
        file "named.ca";
};

#include "/etc/named/named.rfc1912.zones";
include "/etc/named/named.sx.zones";
include "/etc/named/named.root.key";
cat /etc/named/named.sx.zones
注意自定義文件屬組和屬主 

zone "sx" IN {
        type slave;
        masters { 10.0.0.182; };
        file "slaves/sx.zone";
};
zone "sx.com" IN {
        type slave;
        masters { 10.0.0.182; };
        file "slaves/sx.com.zone";
};

3、啟動(主備上分別操作)

systemctl start named
systemctl enable named
備上啟動后,配置文件會自動同步過來
啟動成功標識包含進程和端口

4、主從測試

在主上編輯zone配置文件

  

每次執行完之后serial 值增加1
然后主上執行systectl restart named
在備機上驗證配置是否同步過來
先看備機上的日志,tail -n 100 /var/log/message,正常同步會有如下類似提示日志信息

 在看配置文件

cat /var/named/slaves/sx.com.zone ,看到配置已經同步,serial 值也同步變更過來

5、客戶端配置解析測試

在內網的其他機器上配置/etc/resolv.conf 添加該dns
然后進行解析對應域名,可以正常解析
echo "nameserver 10.0.0.115" >> /etc/resolv.conf

配置調試過程中問題總結:

問題一:
配置完成后備機上zone同步過來的顯示的亂碼文件
主要原因:主從解析文件類型不同
解析方法:
從服務器配置文件(/etc/named.conf )添加並重啟服務
masterfile-format text ;
問題二:
配置完成后發現不會自動主從同步
主從同步配置需要添加如下配置
主上需要配置通知服務開啟(/etc/named.conf ),添加如下配置
notify yes;
在該配置文件上添加如下內容/etc/named/named.sx.zones
also-notify { 10.0.0.115; }; #配置備機的IP
allow-transfer { 10.0.0.115; }; #允許備機進行同步數據,同步刷新時間間隔根據zone配置的refresh的時間,進行刷新


免責聲明!

本站轉載的文章為個人學習借鑒使用,本站對版權不負任何法律責任。如果侵犯了您的隱私權益,請聯系本站郵箱yoyou2525@163.com刪除。



猜您在找 centos7 dns(bind)安裝配置 CentOS7系統DNS主從配置 CentOS7下BIND配置主從服務器和緩存服務器 CentOS7下配置DNS解析 bind域名dns解析及主從服務的配置 基於Bind實現的DNS正反向解析及主從DNS的配置 CentOS7 DNS 服務 bind9實戰 centos7安裝bind(DNS服務) centos7 配置dns Centos8 部署主從DNS服務器 - Bind
 
粵ICP備18138465號   © 2018-2025 CODEPRJ.COM