碼上歡樂
相關內容    簡體    繁體

DNS主從域名解析之bind

本文轉載自   查看原文   2021-05-06 18:14   251    DNS域名解析之bind

環境要求:

主服務器:172.31.0.38
從服務器:172.31.0.48

安裝軟件

[root@centos8 ~]# yum install bind

改配置文件

[root@centos8 ~]# vim /etc/named.conf
options {
//      listen-on port 53 { 127.0.0.1; };
        listen-on-v6 port 53 { ::1; };
        directory       "/var/named";
        dump-file       "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
        memstatistics-file "/var/named/data/named_mem_stats.txt";
        secroots-file   "/var/named/data/named.secroots";
        recursing-file  "/var/named/data/named.recursing";
//      allow-query     { localhost; };

[root@centos8 named]# vim /etc/named.rfc1912.zones
zone "longxuan.vip" {
    type slave;
    masters {172.31.0.38;};
    file "slaves/longxuan.vip.slave";
};

重啟服務

[root@centos8 named]# systemctl enable --now named

客戶端綁定兩個DNS

[root@centos8 ~]#vim /etc/sysconfig/network-scripts/ifcfg-eth0
DNS1=172.31.0.38
DNS2=172.31.0.48

重啟網卡

[16:01:25 root@sz-kx-centos8 ~]# nmcli connection reload
[16:02:10 root@sz-kx-centos8 ~]# nmcli connection up eth0

DNS服務器添加slave

[root@localhost named]# vim /var/named/longxuan.vip.zone
$TTL 1D
@       IN SOA  master admin.longxuan.vip. (
                                2021050100      ; serial
                                        1D      ; refresh
                                        1H      ; retry
                                        1W      ; expire
                                        3H )    ; minimum
        NS      master
        NS      slave1
master  A       172.31.0.38
slave1  A       172.31.0.48
www     CNAME   cdn.longxuan.vip.
cdn     CNAME   vip.longxuan.vip.
vip     A       172.31.0.48

注意:DNS從服務器如果沒有實時同步,需要改數據的同時還要記得改序列號(版本號)

[root@localhost named]# vim /var/named/longxuan.vip.zone
$TTL 1D
@       IN SOA  master admin.longxuan.vip. (
                                2021050101      ; serial
                                        1D      ; refresh
                                        1H      ; retry
                                        1W      ; expire
                                        3H )    ; minimum
        NS      master
        NS      slave1
master  A       172.31.0.38
slave1  A       172.31.0.48
www     CNAME   cdn.longxuan.vip.
cdn     CNAME   vip.longxuan.vip.
vip     A       172.31.0.48
*       A       172.31.0.48
@       A       172.31.0.48

重啟服務

[root@localhost named]# rndc reload
server reload successful

DNS從服務器執行:

[16:30:05 root@centos8 /var/named/slaves]# ll
total 4
-rw-r--r-- 1 named named 711 May  3 16:32 longxuan.vip.slave

沒有改如下配置時一條命令就可以查看所有的DNS對應的ip地址

[16:03:02 root@sz-kx-centos8 ~]# dig -t axfr longxuan.vip

為了安全需要按照如下配置:

DNS主配置
[root@localhost named]# vim /etc/named.conf 
# 添加一下面一條信息,允許誰可以
allow-transfer {172.31.0.48;};

重啟服務
[root@localhost named]# rndc reload
server reload successful

DNS從配置
[root@localhost ~]# vim /etc/named.conf
# 添加一下面一條信息,允許誰可以,none表示沒有
 allow-transfer {none;};
 
重啟服務
[root@localhost ~]# rndc reload
server reload successful

客戶端驗證

[16:14:22 root@sz-kx-centos8 ~]# dig -t axfr longxuan.vip @172.31.0.38

; <<>> DiG 9.11.20-RedHat-9.11.20-5.el8_3.1 <<>> -t axfr longxuan.vip @172.31.0.38
;; global options: +cmd
; Transfer failed.
[16:22:10 root@sz-kx-centos8 ~]# dig -t axfr longxuan.vip @172.31.0.48

; <<>> DiG 9.11.20-RedHat-9.11.20-5.el8_3.1 <<>> -t axfr longxuan.vip @172.31.0.48
;; global options: +cmd
; Transfer failed.


免責聲明!

本站轉載的文章為個人學習借鑒使用,本站對版權不負任何法律責任。如果侵犯了您的隱私權益,請聯系本站郵箱yoyou2525@163.com刪除。



猜您在找 DNS域名解析服務(bind) bind域名dns解析及主從服務的配置 Dns域名解析過程 DNS域名解析的配置 DNS域名解析過程 DNS域名解析的過程 DNS域名解析協議 DNS域名解析順序 DNS域名解析過程 DNS域名解析的過程
 
粵ICP備18138465號   © 2018-2025 CODEPRJ.COM