Linux案例:DNS服务器配置
实验一:正向解析
服务端配置:
[root@server ~]# setenforce 0
[root@server ~]# nmcli c modify ens160 ipv4.method manual ipv4.addresses 192.168.70.131/24 ipv4.gateway 192.168.70.2 ipv4.dns 114.114.114.114
[root@server ~]# nmcli c reload
[root@server ~]# nmcli c u ens160
连接已成功激活(D-Bus 活动路径:/org/freedesktop/NetworkManager/ActiveConnection/3)
[root@server ~]# vim /etc/named.conf
[root@server ~]# vim /etc/named.rfc1912.zones
[root@server ~]# cd /var/named
[root@server named]# ls
192.168.70.arpa data dynamic named.ca named.empty named.localhost named.loopback named.openlab.com openlab.com.zone slaves
[root@server named]# cp -a named.localhost openlab.com.zone
cp:是否覆盖'openlab.com.zone'?
[root@server named]# vim openlab.com.zone
[root@server named]# systemctl restart named
客户端配置
[root@cilent ~]# setenforce 0
[root@cilent ~]# nmcli c modify ens160 ipv4.method manual ipv4.addresses 192.168.70.132/24 ipv4.gateway 192.168.70.2 ipv4.dns 114.114.114.114
[root@cilent ~]# nmcli c reload
[root@cilent ~]# nmcli c u ens160
Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/3)
[root@cilent ~]# vim /etc/sysconfig/network-scripts/ifcfg-ens160
[root@cilent ~]# nmcli c reload
[root@cilent ~]# nmcli c u ens160
Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/4)
[root@cilent ~]# nslookup www.openlab.com
Server: 192.168.70.131
Address: 192.168.70.131#53
Name: www.openlab.com
Address: 192.168.70.131
[root@cilent ~]#
[root@cilent ~]# nslookup
> bbs.openlab.com
Server: 192.168.70.131
Address: 192.168.70.131#53
Name: bbs.openlab.com
Address: 192.168.70.131
>
[root@cilent ~]# dig www.openlab.com
; <<>> DiG 9.16.23-RH <<>> www.openlab.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 14614
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
; COOKIE: 7a5edfca7630180d010000006725a90878cd979838ac7c70 (good)
;; QUESTION SECTION:
;www.openlab.com. IN A
;; ANSWER SECTION:
www.openlab.com. 86400 IN A 192.168.70.131
;; Query time: 3 msec
;; SERVER: 192.168.70.131#53(192.168.70.131)
;; WHEN: Sat Nov 02 12:22:30 CST 2024
;; MSG SIZE rcvd: 88
实验二:反向解析
服务端配置
[root@server ~]# nmcli c modify ens160 ipv4.method manual ipv4.addresses 192.168.48.130/24 ipv4.gateway 192.168.48.2 ipv4.dns 114.114.114.114
[root@server ~]# nmcli c reload
[root@server ~]# nmcli c up ens160
连接已成功激活(D-Bus 活动路径:/org/freedesktop/NetworkManager/ActiveConnection/2)
[root@server ~]# vim /etc/named.conf
# 需改2行
listen-on port 53 { any; }; # any为允许所有主机
allow-query { 192.168.48.131; }; # 此处也可以写为IP地址
[root@server ~]# vim /etc/named.conf
[root@server ~]# vim /etc/named.rfc1912.zones
[root@server ~]# cd /var/named
[root@server named]# ls
192.168.70.arpa data dynamic named.ca named.empty named.localhost named.loopback named.openlab.com openlab.com.zone slaves
[root@server named]# cp -a named.localhost openlab.com.zone
cp:是否覆盖'openlab.com.zone'?
[root@server named]# vim openlab.com.zone
[root@server named]# systemctl restart named
[root@server named]# vim /etc/named.conf
[root@server named]# vim /etc/named.rfc1912.zones
[root@server named]# ls
192.168.70.arpa data dynamic named.ca named.empty named.localhost named.loopback named.openlab.com openlab.com.zone slaves
[root@server named]# cp -a named.loopback 192.168.70.arpa
cp:是否覆盖'192.168.70.arpa'?
[root@server named]# vim 192.168.70.arpa
[root@server named]# systemctl restart named
客户端配置
[root@cilent ~]# nmcli c modify ens160 ipv4.method manual ipv4.addresses 192.168.48.131/24 ipv4.gateway 192.168.48.2 ipv4.dns 192.168.48.130 # 注意,此处dns改为服务端的IP地址,后续就不用再单独修改
[root@cilent ~]# nmcli c reload
[root@cilent ~]# nmcli c up ens160
[root@cilent ~]# nslookup 192.168.70.131
131.70.168.192.in-addr.arpa name = www.openlab.com.
131.70.168.192.in-addr.arpa name = ftp.openlab.com.
131.70.168.192.in-addr.arpa name = ns.openlab.com.
实验三:主从DNS服务器
主服务端
[root@server named]# nmcli c modify ens160 ipv4.method manual ipv4.addresses 192.168.70.131/24 ipv4.gateway 192.168.70.2 ipv4.dns 192.168.70.131
[root@server named]# nmcli c reload
[root@server named]# nmcli c u ens160
连接已成功激活(D-Bus 活动路径:/org/freedesktop/NetworkManager/ActiveConnection/4)
[root@server named]# vim /etc/named.conf
[root@server named]# vim /etc/named.rfc1912.zones
[root@server named]# ls
192.168.70.arpa data dynamic named.ca named.empty named.localhost named.loopback named.openlab.com openlab.com.zone slaves
[root@server named]# cp -a named.localhost openlab.com.zone
cp:是否覆盖'openlab.com.zone'?
[root@server named]# vim openlab.com.zone
[root@server named]# cp -a named.loopback 192.168.70.arpa
cp:是否覆盖'192.168.70.arpa'?
[root@server named]# vim 192.168.70.arpa
[root@server named]# systemctl restart named
从服务端
[root@cilent ~]# vim /etc/named.conf
[root@cilent ~]# vim /etc/named.rfc1912.zones
[root@cilent ~]# cd /var/named/slaves/
[root@cilent slaves]# ls
openlab.com.zone
[root@cilent slaves]# systemctl start named
[root@cilent slaves]# ls
192.168.70.arpa openlab.com.zone
[root@cilent slaves]# nslookup www.openlab.com
Server: 192.168.70.131
Address: 192.168.70.131#53
Name: www.openlab.com
Address: 192.168.70.131
[root@cilent slaves]# nslookup 192.168.70.131
131.70.168.192.in-addr.arpa name = ftp.openlab.com.
131.70.168.192.in-addr.arpa name = bbs.openlab.com.
131.70.168.192.in-addr.arpa name = ns.openlab.com.
131.70.168.192.in-addr.arpa name = www.openlab.com.
[root@cilent slaves]# dig @192.168.70.131 www.openlab.com
; <<>> DiG 9.16.23-RH <<>> @192.168.70.131 www.openlab.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 47991
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
; COOKIE: bfa413a2fb854884010000006725b78df48699372a4e885e (good)
;; QUESTION SECTION:
;www.openlab.com. IN A
;; ANSWER SECTION:
www.openlab.com. 86400 IN A 192.168.70.131
;; Query time: 4 msec
;; SERVER: 192.168.70.131#53(192.168.70.131)
;; WHEN: Sat Nov 02 13:24:27 CST 2024
;; MSG SIZE rcvd: 88