主从DNS服务器实验
主从DNS服务器实验
实验1:完全区域传送
-
将一个区域文件复制到多个服务器上的过程叫做区域传送。
-
将主服务器上的所有信息复制到辅助服务器上来实现完全区域传送,即复制整个区域文件
-
服务器说明:
| 设备 | IP | 系统 |
|---|---|---|
| 主服务器 | 192.168.235.128 | Euler |
| 从服务器 | 192.168.235.131 | Euler |
配置前提:两个服务器恢复快照,关闭防火墙和linux,安装软件
[root@server ~]# systemctl stop firewalld.service
[root@server ~]# setenforce 0
[root@server ~]# mount /dev/sr1 /mnt
mount: /mnt: WARNING: source write-protected, mounted read-only.
[root@server ~]# dnf install bind -y
主服务器
### 配置主服务器的主配置文件
[root@server ~]# vim /etc/named.conf
options {
listen-on port 53 { 192.168.235.128; };
directory "/var/named";
allow-query { any; };
allow-transfer { 192.168.235.131; }; # 允许传送资源记录文件到从服务器主机
};
zone "openlab.com" IN {
type master;
file "named.openlab.com";
};
zone "235.168.192.in-addr.arpa" IN {
type master;
file "name.192";
allow-update { none; };
};
### 配置主服务器上的正反向解析数据文件
[root@server ~]# vim /var/named/named.192
$TTL 1D
@ IN SOA @ rname.invalid. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS ns.openlab.com.
ns IN A 192.168.235.128
www IN A 192.168.235.222
wwww IN CNAME WWW
128 PTR ns.openlab.com.
111 PTR www.openlab.com.
123 PTR ftp.openlab.com.
# 重启named服务
[root@server ~]# systemctl restart named
从服务器
## 配置从服务器的主配置文件
[root@client ~]# vim /etc/named.conf
options {
listen-on port 53 { 192.168.235.131; };
directory "/var/named/slaves";
allow-query { any; };
};
zone "openlab.com" IN {
type slave;
file "named.openlab.com";
masters { 192.168.235.128; };
};
zone "235.168.192.in-addr.arpa" IN {
type slave;
file "named.192";
masters { 192.168.235.128; };
};
## 重启named服务,在重启服务的同时从服务器向主服务器发出同步请求
[root@client ~]# systemctl restart named
[root@client ~]# ll /var/named/slaves/
total 16
-rw-r--r--. 1 named named 821 Nov 3 12:09 managed-keys.bind
-rw-r--r--. 1 named named 1717 Nov 3 12:09 managed-keys.bind.jnl
-rw-r--r--. 1 named named 403 Nov 2 09:38 named.192
-rw-r--r--. 1 named named 622 Nov 3 12:09 named.openlab.com
# 验证
[root@client ~]# nslookup 192.168.235.128
128.235.168.192.in-addr.arpaname = ns.openlab.com.
[root@client ~]# nslookup 192.168.235.111
111.235.168.192.in-addr.arpaname = www.openlab.com.
[root@client ~]# nslookup www.openlab.com
Server:192.168.235.128
Address:192.168.235.128#53
Name:www.openlab.com
Address: 192.168.235.222
[root@client ~]# nslookup ftp.openlab.com
Server:192.168.235.128
Address:192.168.235.128#53
Name:ftp.openlab.com
Address: 192.168.235.123
实验2:增量区域传送
功能:仅复制区域里变化的文件
主服务器
[root@server ~]# vim /var/named/named.openlab.com
$TTL 1D
@ IN SOA @ rname.invalid. (
2024110301
1M
1M
1M
3M )
IN NS ns.openlab.com.
IN NS slave.openlab.com.
slave IN A 192.168.235.131
ns IN A 192.168.235.128
www IN A 192.168.235.222
ftp IN A 192.168.235.123
mail IN A 192.168.235.111
wwww IN CNAME WWW
# 重启服务,在从服务器同步监听之后做
[root@server ~]# systemctl restart named
从服务器
## 同步监听
[root@client ~]# tail -f /var/log/messages
Nov 3 12:19:58 localhost named[3528]: client @0x7f164805a4f8 192.168.235.128#55497: received notify for zone 'openlab.com'
Nov 3 12:19:58 localhost named[3528]: zone openlab.com/IN: notify from 192.168.235.128#55497: serial 2024110301
Nov 3 12:19:58 localhost named[3528]: zone openlab.com/IN: Transfer started.
Nov 3 12:19:58 localhost named[3528]: transfer of 'openlab.com/IN' from 192.168.235.128#53: connected using 192.168.235.131#47187
Nov 3 12:19:58 localhost named[3528]: zone openlab.com/IN: transferred serial 2024110301
Nov 3 12:19:58 localhost named[3528]: transfer of 'openlab.com/IN' from 192.168.235.128#53: Transfer status: success # 同步成功
Nov 3 12:19:58 localhost named[3528]: transfer of 'openlab.com/IN' from 192.168.235.128#53: Transfer completed: 1 messages, 13 records, 321 bytes, 0.002 secs (160500 bytes/sec) (serial 2024110301)
Nov 3 12:19:58 localhost named[3528]: zone openlab.com/IN: sending notifies (serial 2024110301)
# 验证:
[root@client ~]# nslookup
> server 192.168.235.131
Default server: 192.168.235.131
Address: 192.168.235.131#53
> ftp.openlab.com
Server:192.168.235.131
Address:192.168.235.131#53
Name:ftp.openlab.com
Address: 192.168.235.123
> mail.openlab.com
Server:192.168.235.131
Address:192.168.235.131#53
Name:mail.openlab.com
Address: 192.168.235.111
>
实验3:转发区域传送
由于物理主机不支持同时开启三台主机,所以该转发功能仅存在于理论,未进行真实的实验,下面的配置信息和结果仅供理论参考:
主服务器
[root@server ~]# vim /etc/named.conf
options {
listen-on port 53 { 192.168.235.133; };
forwarders { 192.168.235.128; };
forward only;
};
zone "openlab.com" IN {
type master;
file "named.openlab.com";
};
zone "qq.com" IN {
type master;
file "named.openlab.com";
};
zone "235.168.192.in-addr.arpa" IN {
type master;
file "named.192";
allow-update { none; };
};
[root@server ~]# vim /var/named/named.openlab.com
$TTL 1D
@ IN SOA @ rname.invalid. (
2024110101
1M
1M
1M
3M )
IN NS ns.openlab.com.
IN NS slave.openlab.com.
slave IN A 192.168.235.131
ns IN A 192.168.235.128
www IN A 192.168.235.222
ftp IN A 192.168.235.123
mail IN A 192.168.235.111
wwww IN CNAME WWW
131 PTR slave.openlab.com.
128 PTR ns.openlab.com.
123 PTR ftp.openlab.com.
# 重启named服务
[root@server ~]# systemctl restart named
从服务器
# 验证:
[root@client ~]# nslookup 192.168.235.128
128.235.168.192.in-addr.arpaname = ns.openlab.com.
[root@client ~]# nslookup 192.168.235.111
111.235.168.192.in-addr.arpaname = www.openlab.com.
[root@client ~]# nslookup www.openlab.com
Server:192.168.235.128
Address:192.168.235.128#53
Name:www.openlab.com
Address: 192.168.235.222
原文地址:https://blog.csdn.net/m0_75008371/article/details/143464019
免责声明:本站文章内容转载自网络资源,如本站内容侵犯了原著者的合法权益,可联系本站删除。更多内容请关注自学内容网(zxcms.com)!