1.搭建dns服务器能够对自定义的正向或者反向域完成数据解析查询。
2.配置从DNS服务器,对主dns服务器进行数据备份。
options {
listen-on port 53 { 192.168.111.130; };
directory "/var/named";
allow-query { any;};
zone "openlab.com" IN {
type master;
file "named.openlab.com";
};
zone "111.168.192.in-addr.arpa" IN {
type master;
file "named.192";
allow-update { none; };
};
[root@localhost ~]# vim /var/named/named.openlab.com ------正向资源记录文件
$TTL 1D
@ IN SOA @ zym.qq.com.(
20241031
1D
1H
3H
1D
)
@ IN NS ns.openlab.com.
ns IN A 192.168.111.130
www IN A 192.168.111.128
ftp IN A 192.168.111.131
mail IN A 192.168.111.130
wwww IN CNAME www
[root@localhost ~]# vim /var/named/named.192 ------反向资源记录文件
$TTL 1D
@ IN SOA @ rname.invalid. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS ns.openlab.com.
130 PTR ns.openlab.com
128 PTR www.openlab.com
131 PTR ftp.openlab.com
[root@localhost ~]# systemctl stop firewalld
[root@localhost ~]# setenforce 0
[root@localhost ~]# systemctl restart named
server 192.168.111.130 ----------指定要查询的结果是通过那个DNS服务器去查询
主从DNS服务器
1.完全区域传送
主服务器配置:添加 allow-transfer { 192.168.111.128; };,其他不变。
主
options {
listen-on port 53 { 192.168.111.130; };
directory "/var/named";
allow-query { any;};
allow-transfer { 192.168.111.128; }; ----------------添加
};
zone "openlab.com" IN {
type master;
file "named.openlab.com";
};
zone "111.168.192.in-addr.arpa" IN {
type master;
file "named.192";
allow-update { none; };
};
[root@localhost ~]# vim /var/named/named.openlab.com ------正向
$TTL 1D
@ IN SOA @ zym.qq.com.(
20241031
1D
1H
3H
1D
)
@ IN NS ns.openlab.com.
ns IN A 192.168.111.130
www IN A 192.168.111.128
ftp IN A 192.168.111.131
mail IN A 192.168.111.130
wwww IN CNAME www
[root@localhost ~]# vim /var/named/named.192 ------反向
$TTL 1D
@ IN SOA @ rname.invalid. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS ns.openlab.com.
130 PTR ns.openlab.com
128 PTR www.openlab.com
131 PTR ftp.openlab.com
[root@localhost ~]# systemctl stop firewalld
[root@localhost ~]# setenforce 0
[root@localhost ~]# systemctl restart named
注:如果资源记录文件是通过/var/named/named.localhost模版拷贝修改
方法一:cp -a /var/named/named.localhost /var/named/named.xxxx
方法二:cp /var/named/named.localhost /var/named/named.xxxx
chmod o+r /var/named/named.xxxx
或者 chown .named /var/named/named.xxxx
从
[root@localhost ~]# mount /dev/sr0 /mnt
mount: /mnt: /dev/sr0 already mounted on /mnt.
[root@localhost ~]# systemctl disable firewalld
[root@localhost ~]# setenforce 0
[root@localhost ~]# dnf install bind
[root@localhost ~]# vim /etc/named.conf
[root@localhost ~]# cat /etc/named.conf
options {
listen-on port 53 { 192.168.111.128; };
directory "/var/named/slaves"; ------可以修改为/var/named/slaves
allow-query { any;};
};
zone "openlab.com" IN {
type slave; ----------------------------修改
file "named.openlab.com";
masters { 192.168.111.130; }; ----------------添加
};
zone "111.168.192.in-addr.arpa" IN {
type slave; ---------------------------修改
file "named.192";
masters { 192.168.111.130; }; ----------------添加
};
测试结果,重启从服务器主机后,在/var/named/slaves目录下可以看到正反向的资源记录文件
[root@localhost ~]# ls -l /var/named/slaves/ -----此时从服务器下没有文件
total 0
[root@localhost ~]# systemctl restart named -----从服务器重启后,在这个目录下可以看到正反向的资源记录文件
[root@localhost ~]# ls -l /var/named/slaves/
total 8
-rw-r--r--. 1 named named 523 Nov 2 05:26 named.192
-rw-r--r--. 1 named named 396 Nov 2 05:26 named.openlab.com
增量区域传送
主服务器修改四个部分
主服务器
[root@localhost ~]# vim /var/named/named.openlab.com
$TTL 1D
@ IN SOA @ zym.qq.com (
2024103000
1D -------------------------全部修改为1
1H
1H
1D )
IN NS ns.openlab.com.
IN NS slave.openlab.com. ---------------------------添加一个域名
ns IN A 192.168.111.130
slave IN A 192.168.111.128 ---------------------------添加
www IN A 192.168.111.128
ftp IN A 192.168.111.131
mail IN A 192.168.111.130
http IN A 192.168.111.128 ------------------------------追加
wwww IN CNAME www
[root@localhost ~]# systemctl restart named --------------主服务器重启服务(在监听日志之后操作)
从服务器中监听日志信息,在尾部追加信息
[root@bogon ~]# tail -f /var/log/messages
验证
server 192.168.111.130 ------------------------在从服务器上登主服务器DNS
Default server: 192.168.111.130
Address: 192.168.111.130#53
http.openlab.com -----------------------------------http为新添加的
Server: 192.168.111.130
Address: 192.168.111.130#53
Name: http.openlab.com
Address: 192.168.111.130