Bind 9 主辅Master/Slave DNS服务配置

 未分类  Add comments
6月 062019
 

实验环境

10.4.7.234 ns1.hostname.com
10.4.7.235 ns2.hostname.com
10.4.7.236 client.hostname.com

设置主机名(10.4.7.234)

[root@iZj6c1pigvpz2jl6zy1cgbZ ~]# hostnamectl set-hostname ns1.hostname.com
[root@iZj6c1pigvpz2jl6zy1cgbZ ~]# exit
logout

[root@ns1 ~]# hostname 
ns1.hostname.com
[root@ns1 ~]# ping -c 4 ns1.hostname.com
PING ns1.hostname.com (10.4.7.234) 56(84) bytes of data.
64 bytes from iZj6c1pigvpz2jl6zy1cgbZ (10.4.7.234): icmp_seq=1 ttl=64 time=0.011 ms
64 bytes from iZj6c1pigvpz2jl6zy1cgbZ (10.4.7.234): icmp_seq=2 ttl=64 time=0.025 ms
64 bytes from iZj6c1pigvpz2jl6zy1cgbZ (10.4.7.234): icmp_seq=3 ttl=64 time=0.026 ms
64 bytes from iZj6c1pigvpz2jl6zy1cgbZ (10.4.7.234): icmp_seq=4 ttl=64 time=0.027 ms

--- ns1.hostname.com ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 2999ms
rtt min/avg/max/mdev = 0.011/0.022/0.027/0.007 ms
[root@ns1 ~]#

设置主机名(10.4.7.235)

[root@iZj6c1pigvpz2jl6zy1cgaZ ~]# hostnamectl set-hostname ns2.hostname.com
[root@iZj6c1pigvpz2jl6zy1cgaZ ~]# exit
logout

[root@ns2 ~]# hostname
ns2.hostname.com
[root@ns2 ~]# ping -c 4 ns2.hostname.com
PING ns2.hostname.com (10.4.7.235) 56(84) bytes of data.
64 bytes from iZj6c1pigvpz2jl6zy1cgaZ (10.4.7.235): icmp_seq=1 ttl=64 time=0.014 ms
64 bytes from iZj6c1pigvpz2jl6zy1cgaZ (10.4.7.235): icmp_seq=2 ttl=64 time=0.028 ms
64 bytes from iZj6c1pigvpz2jl6zy1cgaZ (10.4.7.235): icmp_seq=3 ttl=64 time=0.027 ms
64 bytes from iZj6c1pigvpz2jl6zy1cgaZ (10.4.7.235): icmp_seq=4 ttl=64 time=0.028 ms

--- ns2.hostname.com ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 2999ms
rtt min/avg/max/mdev = 0.014/0.024/0.028/0.006 ms
[root@ns2 ~]#

设置主机名(10.4.7.236)

[root@iZj6c1pigvpz2jl6zy1cgcZ ~]# hostnamectl set-hostname client.hostname.com
[root@iZj6c1pigvpz2jl6zy1cgcZ ~]# exit
logout

[root@client ~]# hostname
client.hostname.com
[root@client ~]# ping -c 4 client.hostname.com
PING client.hostname.com (10.4.7.236) 56(84) bytes of data.
64 bytes from iZj6c1pigvpz2jl6zy1cgcZ (10.4.7.236): icmp_seq=1 ttl=64 time=0.013 ms
64 bytes from iZj6c1pigvpz2jl6zy1cgcZ (10.4.7.236): icmp_seq=2 ttl=64 time=0.028 ms
64 bytes from iZj6c1pigvpz2jl6zy1cgcZ (10.4.7.236): icmp_seq=3 ttl=64 time=0.028 ms
64 bytes from iZj6c1pigvpz2jl6zy1cgcZ (10.4.7.236): icmp_seq=4 ttl=64 time=0.026 ms

--- client.hostname.com ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3000ms
rtt min/avg/max/mdev = 0.013/0.023/0.028/0.008 ms
[root@client ~]#

安装bind及bind-utils软件包

[root@ns1 ~]# yum -y install bind bind-utils
[root@ns2 ~]# yum -y install bind bind-utils
[root@client ~]# yum -y install bind-utils

修改主DNS服务器的主配置文件

[root@ns1 ~]# vi /etc/named.conf
修改以下行内容
13 listen-on port 53 { 10.4.7.234; };
21 allow-query { any; };
35 dnssec-enable no;
36 dnssec-validation no;
添加以下内容
allow-transfer { 10.4.7.235; };
allow-notify { 10.4.7.235; };

新增区域配置

[root@ns1 ~]# vi /etc/named.rfc1912.zones 
zone "hostname.com" IN {
type master;
file "hostname.com.zone";
allow-update { none; };
};

创建区域配置文件

[root@ns1 ~]# vi /var/named/hostname.com.zone
$TTL 600 ; 10 minutes
@ IN SOA ns1.hostname.com. hostmaster.hostname.com. (
20190001 ; serial number
10800 ; refresh time (3 hours)
900 ; retry time (15 minutes)
604800 ; expire time (1 week)
86400 ; minimum (1 day)
)
NS ns1.hostname.com.
NS ns2.hostname.com.
$ORIGIN hostname.com.
$TTL 60 ; 1 minute
ns1 A 10.4.7.234
ns2 A 10.4.7.235
client A 10.4.7.236

检查配置信息

[root@ns1 ~]# named-checkconf 
[root@ns1 ~]# named-checkzone hostname.com. /var/named/hostname.com.zone 
zone hostname.com/IN: loaded serial 20190001
OK
[root@ns1 ~]#

重启服务并查看监听和验证解析

配置从DNS服务器

修改从DNS服务器的主配置文件

[root@ns2 ~]# vi /etc/named.conf
修改客户机DNS配置
13 listen-on port 53 { 10.4.7.235; };
21 allow-query { any; };
35 dnssec-enable no;
36 dnssec-validation no;
增加
masterfile-format text;

添加区域配置

[root@ns2 ~]# vi /etc/named.rfc1912.zones
zone "hostname.com" IN {
type slave;
masters { 10.4.7.234; };
file "slaves/hostname.com.zone";
};

检查配置启动服务

[root@ns2 ~]# named-checkconf 
[root@ns2 ~]# systemctl enable named
Created symlink from /etc/systemd/system/multi-user.target.wants/named.service to /usr/lib/systemd/system/named.service.
[root@ns2 ~]# systemctl start named
[root@ns2 ~]#

查看端口监听

检查完全区域传送信息及查看本地已同步的区域配置文件

验证解析

客户机配置

Ping 客户机本机及两台DNS主机的域名,默认只有本机响应

[root@client ~]# ping -c 1 client.hostname.com
PING client.hostname.com (10.4.7.236) 56(84) bytes of data.
64 bytes from iZj6c1pigvpz2jl6zy1cgcZ (10.4.7.236): icmp_seq=1 ttl=64 time=0.011 ms

--- client.hostname.com ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 0.011/0.011/0.011/0.000 ms
[root@client ~]# ping -c 1 ns1.hostname.com
ping: ns1.hostname.com: Name or service not known
[root@client ~]# ping -c 1 ns2.hostname.com
ping: ns2.hostname.com: Name or service not known
[root@client ~]#

查看当前主机DNS配置

[root@client ~]# cat /etc/resolv.conf 
options timeout:2 attempts:3 rotate single-request-reopen
; generated by /usr/sbin/dhclient-script
nameserver 100.100.2.136
nameserver 100.100.2.138
[root@client ~]#

修改DNS

[root@client ~]# vi /etc/resolv.conf
options timeout:2 attempts:3 rotate single-request-reopen
; generated by /usr/sbin/dhclient-script
#nameserver 100.100.2.136
#nameserver 100.100.2.138
nameserver 10.4.7.234
nameserver 10.4.7.235

再次ping两台DNS服务器的主机名,及使用nslookup查询,主辅DNS均能够响应客户端查询

 Leave a Reply

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

(required)

(required)

此站点使用Akismet来减少垃圾评论。了解我们如何处理您的评论数据