正向解析
服务端IP | 客户端IP | 网址 |
192.168.160.134 | 192.168.160.135 | www.openlab.com |
一、首先做准备工作:
关闭安全软件,关闭防火墙,下载bind软件
[root@server ~]# setenforce 0
[root@server ~]# systemctl stop firewalld
[root@server ~]# yum install bind -y
服务端配置静态IP:
[root@server ~]# nmcli c modify ens33 ipv4.method manual ipv4.addresses 192.168.160.134/24 ipv4.gateway 192.168.160.2 ipv4.dns 114.114.114.114
[root@server ~]# nmcli c reload
[root@server ~]# nmcli c up ens33
连接已成功激活(D-Bus 活动路径:/org/freedesktop/NetworkManager/ActiveConnection/3)
客户端配置静态IP:
[root@node ~]# nmcli c modify ens33 ipv4.method manual ipv4.addresses 192.168.160.135/24 ipv4.gateway 192.168.160.2 ipv4.dns 114.114.114.114
[root@node ~]# nmcli c reload
[root@node ~]# nmcli c up ens33
连接已成功激活(D-Bus 活动路径:/org/freedesktop/NetworkManager/ActiveConnection/2)
[root@node ~]#
二、配置DNS
服务端操作:编辑bind主配置文件
[root@server ~]# vim /etc/named.conf
# 需改2行
listen-on port 53 { any; }; # any为允许所有主机
allow-query { any; };
服务端操作:编辑区域配置文件,可以选择一个模版修改局部(推荐),也可以全部清空重启写入数据
[root@server ~]# vim /etc/named.rfc1912.zones
服务端操作,编辑数据配置文件,使用拷贝命令将模版文件(/var/named/named.localhost)复制一份在修改局部
[root@server ~]# cd /var/named
[root@server named]# ls
data named.ca named.localhost slaves
dynamic named.empty named.loopback
[root@server named]# cp -a named.localhost openlab.com.zone
[root@server named]# vim openlab.com.zone
$TTL 1D
openlab.com. IN SOA ns.openlab.com. admin.openlab.com. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
openlab.com. IN NS ns.openlab.com.
ns.openlab.com. IN A 192.168.160.134
www.openlab.com. IN A 192.168.160.134
ftp.openlab.com. IN A 192.168.160.134
bbs.openlab.com. IN A 192.168.160.134
www1.openlab.com. IN CNAME www.openlab.com.
~
服务端重启服务
[root@server named]# systemctl restart named
测试
定义客户端,将客户端的dns修改为服务端的IP地址
[root@node ~]# vim /etc/sysconfig/network-scripts/ifcfg-ens33
#DNS1=192.168.160.134;
[root@node ~]# nmcli c reload
[root@node ~]# nmcli c up ens33
连接已成功激活(D-Bus 活动路径:/org/freedesktop/NetworkManager/ActiveConnection/7)
[root@node ~]# nslookup www.openlab.com
Server: 192.168.160.134
Address: 192.168.160.134#53
Name: www.openlab.com
Address: 192.168.160.134
[root@node ~]# nslookup # 进入交互模式
> bbs.openlab.com
Server: 192.168.160.134
Address: 192.168.160.134#53
Name: bbs.openlab.com
Address: 192.168.160.134
[root@node ~]# dig www.opnelab.com
; <<>> DiG 9.16.23 <<>> www.opnelab.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 60469
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
; COOKIE: 5483f83acccc58300100000065ebf81200313f8cdcc019d1 (good)
;; QUESTION SECTION:
;www.opnelab.com. IN A
;; Query time: 3164 msec
;; SERVER: 192.168.160.134#53(192.168.160.134)
;; WHEN: Sat Apr 13 17:56:33 CST 2024
;; MSG SIZE rcvd: 72
[root@node ~]# nslookup www1.openlab.com
Server: 192.168.160.134
Address: 192.168.160.134#53
www1.openlab.com canonical name = www.openlab.com.
Name: www.openlab.com
Address: 192.168.160.134
反向解析
服务端IP | 客户端IP | 网址 |
192.168.160.134 | 192.168.160.135 | www.openlab.com |
一、首先做准备工作:
关闭安全软件,关闭防火墙,下载bind软件
[root@server ~]# setenforce 0
setenforce: SELinux is disabled
[root@server ~]# systemctl stop firewalld
[root@server ~]# yum install bind -y
服务端配置静态IP
nmcli c modify ens33 ipv4.method manual ipv4.addresses 192.168.160.134/24 ipv4.gateway 192.168.160.2 ipv4.dns 114.114.114.114
[root@server ~]# nmcli c reload
[root@server ~]# nmcli c up ens33
连接已成功激活(D-Bus 活动路径:/org/freedesktop/NetworkManager/ActiveConnection/3)
客户端配置静态IP
nmcli c modify ens33 ipv4.method manual ipv4.addresses 192.168.160.135/24 ipv4.gateway 192.168.160.2 ipv4.dns 192.168.160.134
[root@node ~]# nmcli c reload
[root@node ~]# nmcli c up ens33
连接已成功激活(D-Bus 活动路径:/org/freedesktop/NetworkManager/ActiveConnection/3)
二、配置DNS
服务端操作,编辑主配置文件
[root@server ~]# vim /etc/named.conf
# 需改2行
listen-on port 53 { any; }; # any为允许所有主机
allow-query { 192.168.160.135; };
服务端操作,编辑区域配置文件,添加反向解析记录,注意:区域名称中IP地址反向书写,只需书写网段号
[root@server named]# vim /etc/named.rfc1912.zones
服务端操作,编辑数据配置文件,复制一份反向解析模版(/var/named/named.loopback),复制时需要加-a 参数,在修改局部即可
[root@server ~]# cd /var/named
[root@server named]# ls
data dynamic named.ca named.empty named.localhost named.loopback slaves
[root@server named]# cp -a named.loopback 192.168.160.arpa
[root@server named]# vim 192.168.160.arpa
$TTL 1D
@ IN SOA ns.openlab.com. jenny.qq.com. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
IN NS ns.openlab.com.
ns.openlab.com. IN A 192.168.160.134
134 IN PTR ns.openlab.com.
134 IN PTR www.openlab.com.
134 IN PTR ftp.openlab.com.
~
重启服务
[root@server named]# systemctl restart named
客户端测试
[root@node ~]# nslookup 192.168.160.134
134.160.168.192.in-addr.arpa name = www.openlab.com.
134.160.168.192.in-addr.arpa name = ftp.openlab.com.
134.160.168.192.in-addr.arpa name = ns.openlab.com.
实验完成!