Linux dns服务器介绍

DNS(Domain Name System),域名解析,简单说就是域名查找ip,也可以是ip查找域名,可以相互解析。
正向解析 :FQDN --> IP
反向解析 :IP --> FQDN
解析过程大致如下:

资源记录:Resource Record, 简称rr; 记录有类型:A, AAAA, PTR, SOA, NS, CNAME, MX
SOA:Start Of Authority,起始授权记录; 一个区域解析库有且只能有一个SOA记录,而且必须放在第一条;
NS:Name Service,域名服务记录;一个区域解析库可以有多个NS记录;其中一个为主的;
A: Address, 地址记录,FQDN --> IPv4;
AAAA:地址记录, FQDN --> IPv6;
CNAME:Canonical Name,别名记录;
PTR:Pointer,IP --> FQDN
MX:Mail eXchanger,邮件交换器;优先级:0-99,数字越小优先级越高;


基本配置

1、安装

[[email protected] certs]# yum  install bind
#可能安装
[[email protected] certs]# yum  install bind-libs     #依赖库
[[email protected] certs]# yum  install bind-utils    #dns 工具 dig host等

2、配置主配置文件

[[email protected] named]# vim /etc/named.conf
acl allow_querys {
        localhost;
};
acl allow_transfers {
        none;
};
acl allow_recursions {
        any;
};
acl allow_updates {
        none;
};

options {
    listen-on port 53 { 192.168.1.102; };   //绑定ip 端口
    //listen-on-v6 port 53 { ::1; };        //ipv6 不用注释
    allow-query     { allow_querys; };       //允许查询的主机;白名单;
    allow-recursion { allow_recursions; };  //允许递归查询白名单
    dnssec-enable no;
    dnssec-validation no;
    //其余不变
}

#检查配置文件
[[email protected] named]# named-checkconf

3、启动

[[email protected] named]# systemctl start named
[[email protected] named]# systemctl status named
● named.service - Berkeley Internet Name Domain (DNS)
   Loaded: loaded (/usr/lib/systemd/system/named.service; disabled; vendor preset: disabled)
   Active: active (running) since Fri 2018-05-11 12:04:26 EDT; 19s ago
   .....

[[email protected] named]# netstat -lntup|grep named
tcp        0      0 192.168.1.102:53        0.0.0.0:*               LISTEN      26195/named      #用户主从等其他服务
tcp        0      0 127.0.0.1:953           0.0.0.0:*               LISTEN      26195/named      #rndc 端口,这个进程不能对外开放,dns进程管理
tcp6       0      0 ::1:953                 :::*                    LISTEN      26195/named
udp        0      0 192.168.1.102:53        0.0.0.0:*                           26195/named      #dns解析进程

4、测试

#dig  [+(no)trace]  -t 资源类型  查询对象  [dns serverip]
[[email protected] named]# dig -t A www.baidu.com @192.168.1.102   #如果本机dns指向 不是本机的话

[[email protected] test]# vim /etc/resolv.conf    #dns指向本机
search localdomain zander.com
nameserver 192.168.1.106 

#host 工具
[[email protected] test]# host -t A www.baidu.com
www.baidu.com has address 183.232.231.173
www.baidu.com has address 183.232.231.172
[[email protected] test]# host -t NS www.baidu.com
www.baidu.com is an alias for www.a.shifen.com.
[[email protected] test]# host -t NS www.a.shifen.com.

区域配置

正向区域配置

1、配置文件添加zone

 #这个文件在/etc/named.conf 中被引入
[[email protected] certs]# vim /etc/named.rfc1912.zones
zone "zander.com" IN{
        type master;
        file "zander.com.zone";
        allow-transfer { allow_transfers; };
        allow-update { allow_updates; };
};

[[email protected] named]# named-checkconf

2、具体区域配置添加

[[email protected] named]# cd /var/named/
[[email protected] named]# vim zander.com.zone
$TTL 3600
$ORIGIN zander.com.
@       IN      SOA     zander.com.     admin.zander.com. (       ;Start Of Authority,起始授权记录,只能第一条,且唯一
        20180530                                                  ;每次修改配置文件都要修改序列号
        1H                                                        ;refresh
        10M                                                       ;retry
        3D                                                        ;expire
        1D)                                                       ;  放弃
        IN      NS      ns1                                       ;Name Service,域名服务记录;一个区域解析库可以有多个NS记录;其中一个为主的;
        IN      MX      10      mx1                               ;Mail eXchanger,邮件交换器;
ns1     IN      A       192.168.1.102                             ;Address, 地址记录,FQDN --> IPv4;
mx1     IN      A       192.168.1.106
www     IN      A       192.168.1.106
web     IN      CNAME   www                                       ;别名
bbs     IN      A       192.168.1.103
bbs     IN      A       192.168.1.106

#修改文件属性
[[email protected] named]# chgrp  named  /var/named/zander.com.zone
[[email protected] named]# chmod  o=  /var/named/zander.com.zone
[[email protected] named]# named-checkzone zander.com /var/named/zander.com.zone   

3、配置重载

[[email protected] named]# rndc reload
#或者
[[email protected] named]# systemctl reload named

4、测试

[[email protected] named]# host -t A www.zander.com
www.zander.com has address 192.168.1.106
#轮询
[[email protected] named]# host -t A bbs.zander.com
bbs.zander.com has address 192.168.1.106
bbs.zander.com has address 192.168.1.103
[[email protected] named]# host -t A bbs.zander.com
bbs.zander.com has address 192.168.1.103
bbs.zander.com has address 192.168.1.106
#别名
[[email protected] named]# host -t A  web.zander.com
web.zander.com is an alias for www.zander.com.
www.zander.com has address 192.168.1.106

#
[[email protected] named]# dig -t A www.zander.com

; <<>> DiG 9.9.4-RedHat-9.9.4-51.el7_4.2 <<>> -t A www.zander.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 8271
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 3

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;www.zander.com.            IN  A

;; ANSWER SECTION:
www.zander.com.     3600    IN  A   192.168.1.106

;; AUTHORITY SECTION:
zander.com.     3600    IN  NS  ns1.zander.com.
zander.com.     3600    IN  NS  ns2.zander.com.

;; ADDITIONAL SECTION:
ns1.zander.com.     3600    IN  A   192.168.1.102
ns2.zander.com.     3600    IN  A   192.168.1.114

;; Query time: 0 msec
;; SERVER: 192.168.1.102#53(192.168.1.102)     #注意解析服务地址
;; WHEN: Fri May 11 12:25:02 EDT 2018
;; MSG SIZE  rcvd: 127

反向区域配置

1、配置文件添加

[[email protected] named]# vim /etc/named.rfc1912.zones
zone "1.168.192.in-addr.arpa" IN{
        type master;
        file "192.168.1.zone";
        allow-transfer { allow_transfers; };
        allow-update { allow_updates; };
};
[[email protected] named]# named-checkconf

2、反向区域配置

[[email protected] named]# vim 192.168.1.zone
$TTL 3600
$ORIGIN 1.168.192.in-addr.arpa.
@       IN      SOA     ns1.zander.com. admin.zander.com. (
        20180513
        1H
        10M
        3D
        1D)
        IN      NS      ns1.zander.com.
102     IN      PTR     ns1.zander.com.
106     IN      PTR     mx1.zander.com.
106     IN      PTR     www.zander.com.
103     IN      PTR     bbs.zander.com.
106     IN      PTR     bbs.zander.com.

[[email protected] named]# chgrp  named 192.168.1.zone
[[email protected] named]# chmod  o= 192.168.1.zone

[[email protected] named]# named-checkzone 1.168.192.in-addr.arpa  192.168.1.zone

3、重载

[[email protected] named]# rndc reload

4、测试

[[email protected] named]# dig -x 192.168.1.106

; <<>> DiG 9.9.4-RedHat-9.9.4-51.el7_4.2 <<>> -x 192.168.1.106
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 56634
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 5, AUTHORITY: 2, ADDITIONAL: 3

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.1.168.192.in-addr.arpa.    IN  PTR

;; ANSWER SECTION:
106.1.168.192.in-addr.arpa. 3600 IN PTR mx1.zander.com.
106.1.168.192.in-addr.arpa. 3600 IN PTR pop3.zander.com.
106.1.168.192.in-addr.arpa. 3600 IN PTR www.zander.com.
106.1.168.192.in-addr.arpa. 3600 IN PTR bbs.zander.com.
106.1.168.192.in-addr.arpa. 3600 IN PTR ns1.zander.com.

;; AUTHORITY SECTION:
1.168.192.in-addr.arpa. 3600    IN  NS  ns1.zander.com.
1.168.192.in-addr.arpa. 3600    IN  NS  ns2.zander.com.

;; ADDITIONAL SECTION:
ns1.zander.com.     3600    IN  A   192.168.1.102
ns2.zander.com.     3600    IN  A   192.168.1.114

;; Query time: 0 msec
;; SERVER: 192.168.1.102#53(192.168.1.102)
;; WHEN: Fri May 11 12:47:49 EDT 2018
;; MSG SIZE  rcvd: 220

从节点配置

1、同步时间
2、 从节点配置

[[email protected] slaves]# vim /etc/named.conf
参考基本配置

[[email protected] named]# named-checkconf

[[email protected] slaves]# vim /etc/named.rfc1912.zones
zone "zander.com" IN{
        type slave;
        file "slaves/zander.com.zone";
        masters { 192.168.1.102; };
        allow-transfer { allow_transfers; };    #none  从节点必须none
};

zone "1.168.192.in-addr.arpa" IN{
        type slave;
        file "slaves/192.168.1.zone";
        masters { 192.168.1.102; };
        allow-transfer { allow_transfers; };     #none  从节点必须none
};

[[email protected] slaves]# named-checkconf

3、主节点配置

[[email protected] named]# vim /etc/named.rfc1912.zones
zone "zander.com" IN{
        type master;
        file "zander.com.zone";
        allow-transfer { allow_transfers; };   # 添加 节点
        allow-update { allow_updates; };
};
zone "1.168.192.in-addr.arpa" IN{
        type master;
        file "192.168.1.zone";
        allow-transfer { allow_transfers; };# 添加 节点
        allow-update { allow_updates; };
};

[[email protected] named]# vim /etc/named.conf
acl allow_transfers {
        192.168.1.114;
};

[[email protected] named]# vim /var/named/zander.com.zone
$TTL 3600
$ORIGIN zander.com.
@       IN      SOA     zander.com.     admin.zander.com. (
        20180530
        1H
        10M
        3D
        1D)
        IN      NS      ns1
        IN      NS      ns2                #添加从节点      名字随便取,跟节点真正名字无关
        IN      MX      10      mx1
ns2     IN      A       192.168.1.114      #从节点指向
ns1     IN      A       192.168.1.102
mx1     IN      A       192.168.1.106
www     IN      A       192.168.1.106
web     IN      CNAME   www
bbs     IN      A       192.168.1.103
bbs     IN      A       192.168.1.106

[[email protected] named]# vim /var/named/192.168.1.zone
$TTL 3600
$ORIGIN 1.168.192.in-addr.arpa.
@       IN      SOA     ns1.zander.com. admin.zander.com. (
        20180513
        1H
        10M
        3D
        1D)
        IN      NS      ns1.zander.com.
        IN      NS      ns2.zander.com.  #添加从节点
114     IN      PTR     ns2.zander.com.  #从节点指向
102     IN      PTR     ns1.zander.com.
106     IN      PTR     mx1.zander.com.
106     IN      PTR     www.zander.com.
103     IN      PTR     bbs.zander.com.
106     IN      PTR     bbs.zander.com.

[[email protected] named]# named-checkconf
[[email protected] named]# named-checkzone zander.com /var/named/zander.com.zone
[[email protected] named]# named-checkzone 1.168.192.in-addr.arpa  192.168.1.zone

[[email protected] named]# rndc reload

4、从节点重启

[[email protected] slaves]# systemctl restart named
[[email protected] slaves]# ls
192.168.1.zone  zander.com.zone

5、从各自节点测试

[[email protected] slaves]# dig -t A www.zander.com

; <<>> DiG 9.9.4-RedHat-9.9.4-61.el7 <<>> -t A www.zander.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 33358
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 3

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;www.zander.com.            IN  A

;; ANSWER SECTION:
www.zander.com.     3600    IN  A   192.168.1.106

;; AUTHORITY SECTION:
zander.com.     3600    IN  NS  ns2.zander.com.
zander.com.     3600    IN  NS  ns1.zander.com.

;; ADDITIONAL SECTION:
ns1.zander.com.     3600    IN  A   192.168.1.102
ns2.zander.com.     3600    IN  A   192.168.1.114

;; Query time: 0 msec
;; SERVER: 192.168.1.114#53(192.168.1.114)
;; WHEN: 五 5月 11 14:19:22 CST 2018
;; MSG SIZE  rcvd: 127

# 从节点
[[email protected] slaves]# dig -x 192.168.1.106

; <<>> DiG 9.9.4-RedHat-9.9.4-61.el7 <<>> -x 192.168.1.106
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 24153
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 5, AUTHORITY: 2, ADDITIONAL: 3

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.1.168.192.in-addr.arpa.    IN  PTR

;; ANSWER SECTION:
106.1.168.192.in-addr.arpa. 3600 IN PTR mx1.zander.com.
106.1.168.192.in-addr.arpa. 3600 IN PTR pop3.zander.com.
106.1.168.192.in-addr.arpa. 3600 IN PTR ns1.zander.com.
106.1.168.192.in-addr.arpa. 3600 IN PTR www.zander.com.
106.1.168.192.in-addr.arpa. 3600 IN PTR bbs.zander.com.

;; AUTHORITY SECTION:
1.168.192.in-addr.arpa. 3600    IN  NS  ns1.zander.com.
1.168.192.in-addr.arpa. 3600    IN  NS  ns2.zander.com.

;; ADDITIONAL SECTION:
ns1.zander.com.     3600    IN  A   192.168.1.102
ns2.zander.com.     3600    IN  A   192.168.1.114

;; Query time: 0 msec
;; SERVER: 192.168.1.114#53(192.168.1.114)
;; WHEN: 五 5月 11 14:24:50 CST 2018
;; MSG SIZE  rcvd: 220

6、在主节点添加一条记录

[[email protected] named]# vim /var/named/zander.com.zone
pop3    IN      A       192.168.1.106
更新序列号

[[email protected] named]# named-checkconf
[[email protected] named]# rndc reload

7、从服务器查看

[[email protected] slaves]# dig -t A  pop3.zander.com

; <<>> DiG 9.9.4-RedHat-9.9.4-61.el7 <<>> -t A pop3.zander.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 42653
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 3

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;pop3.zander.com.       IN  A

;; ANSWER SECTION:
pop3.zander.com.    3600    IN  A   192.168.1.106
.....

8、模拟测试区域传送

#从主的地方拉
[[email protected] slaves]# dig -t axfr zander.com @192.168.1.102

; <<>> DiG 9.9.4-RedHat-9.9.4-61.el7 <<>> -t axfr zander.com @192.168.1.102
;; global options: +cmd
zander.com.     3600    IN  SOA zander.com. admin.zander.com. 20180530 3600 600 259200 86400
zander.com.     3600    IN  NS  ns1.zander.com.
zander.com.     3600    IN  NS  ns2.zander.com.
bbs.zander.com.     3600    IN  A   192.168.1.103
bbs.zander.com.     3600    IN  A   192.168.1.106
mx1.zander.com.     3600    IN  A   192.168.1.106
ns1.zander.com.     3600    IN  A   192.168.1.102
ns2.zander.com.     3600    IN  A   192.168.1.114
ops.zander.com.     3600    IN  NS  ns2.ops.zander.com.
ops.zander.com.     3600    IN  MX  10 mx1.zander.com.
ns2.ops.zander.com. 3600    IN  A   192.168.1.125
pop3.zander.com.    3600    IN  A   192.168.1.106
web.zander.com.     3600    IN  CNAME   www.zander.com.
www.zander.com.     3600    IN  A   192.168.1.106
zander.com.     3600    IN  SOA zander.com. admin.zander.com. 20180530 3600 600 259200 86400
;; Query time: 1 msec
;; SERVER: 192.168.1.102#53(192.168.1.102)
;; WHEN: 五 5月 11 14:26:51 CST 2018
;; XFR size: 15 records (messages 1, bytes 343)

#从 从节点拉,因为从节点关闭拉节点传输功能
[[email protected] slaves]# dig -t axfr zander.com @192.168.1.104
^C[[email protected] slaves]# dig -t axfr zander.com @192.168.1.114

; <<>> DiG 9.9.4-RedHat-9.9.4-61.el7 <<>> -t axfr zander.com @192.168.1.114
;; global options: +cmd
; Transfer failed.

子域配置 转发

1、主节点

[[email protected] named]# vim /etc/named.conf
acl allow_querys {
        any;            #配置查询白名单
};

[[email protected] named]# vim zander.com.zone
ops.zander.com. IN      NS      ns2.ops.zander.com.
ns2.ops.zander.com.     IN      A       192.168.1.125
修改序列号

[[email protected] named]# named-checkconf
[[email protected] named]# rndc reload

2、子节点配置

[[email protected] named]# vim /etc/named.conf
acl allow_querys {
        any;
};
acl allow_transfers {
        none;
};
acl allow_recursions {
        any;
};
acl allow_updates {
        none;
};
options {
        listen-on port 53 { 192.168.1.125; };
         allow-query     { allow_querys; };
         rallow-recursion { allow_recursions; };
}

[[email protected] named]# vim /etc/named.rfc1912.zones
zone "ops.zander.com" IN {
        type master;
        file "ops.zander.com.zone";
        allow-update { allow_updates; };
        allow-transfer { allow_transfers; };
};
#子域转发父域
zone "zander.com" IN {
        type forward;
        forward only;
        forwarders { 192.168.1.102; 192.168.1.114; };
};

[[email protected] named]# cd /var/named/
[[email protected] named]# vim ops.zander.com.zone
$TTL 3600
$ORIGIN ops.zander.com.
@       IN      SOA     ops.zander.com. admin.ops.zander.com. (
        20180512
        1H
        10M
        3D
        1D)
        IN      NS      ns1
ns1     IN      A       192.168.1.125
www     IN      A       192.168.1.125

[[email protected] named]# chgrp named ops.zander.com.zone
[[email protected] named]# chmod o= ops.zander.com.zone
[[email protected] named]# named-checkconf
[[email protected] named]# named-checkzone ops.zander.com ops.zander.com.zone
[[email protected] named]# systemctl restart named

3、测试

#子域自测
[[email protected] named]# host -t A www.ops.zander.com
www.ops.zander.com has address 192.168.1.125
#子域转发到父域
[[email protected] named]# host -t A www.zander.com
www.zander.com has address 192.168.1.106

#父域解析子域
[[email protected] named]#  host -t A www.ops.zander.com
www.ops.zander.com has address 192.168.1.125
[[email protected] named]# dig -t A www.ops.zander.com

; <<>> DiG 9.9.4-RedHat-9.9.4-51.el7_4.2 <<>> -t A www.ops.zander.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 55064
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;www.ops.zander.com.        IN  A

;; ANSWER SECTION:
www.ops.zander.com. 3591    IN  A   192.168.1.125

;; AUTHORITY SECTION:
ops.zander.com.     3591    IN  NS  ns1.ops.zander.com.

;; ADDITIONAL SECTION:
ns1.ops.zander.com. 3591    IN  A   192.168.1.125

;; Query time: 0 msec
;; SERVER: 192.168.1.102#53(192.168.1.102)
;; WHEN: Fri May 11 13:35:51 EDT 2018
;; MSG SIZE  rcvd: 97

测压

测压使用queryperf工具,rpm默认没编译
1、安装

[[email protected] ~]# wget http://ftp.isc.org/isc/bind9/9.9.4/bind-9.9.4.tar.gz
[[email protected] ~]# tar xf bind-9.9.4.tar.gz
[[email protected] ~]# cd bind-9.9.4/contrib/queryperf/
[[email protected] queryperf]# sh configure
[[email protected] queryperf]# make
[[email protected] queryperf]# ls
config.h     config.log     configure     input     Makefile.in  queryperf    queryperf.o    README
config.h.in  config.status  configure.in  Makefile  missing      queryperf.c  querytest.txt  utils

2、解析条目

[[email protected] queryperf]# vim querytest.txt
www.baidu.com  A
www.163.com  A
www.taobao.com  A
www.zander.com A
bbs.zander.com A
www.ops.zander.com A
#复制2w行

3、测压

[[email protected] queryperf]# wc -l querytest.txt
23646 querytest.txt

[[email protected] queryperf]# ./queryperf -d querytest.txt -s 192.168.1.102

DNS Query Performance Testing Tool
Version: $Id: queryperf.c,v 1.12 2007/09/05 07:36:04 marka Exp $

[Status] Processing input data
[Status] Sending queries (beginning with 192.168.1.102)
[Timeout] Query timed out: msg id 146
[Timeout] Query timed out: msg id 147
[Timeout] Query timed out: msg id 149
[Timeout] Query timed out: msg id 150
[Timeout] Query timed out: msg id 151
[Timeout] Query timed out: msg id 152
[Timeout] Query timed out: msg id 153
[Timeout] Query timed out: msg id 167
[Timeout] Query timed out: msg id 171
[Timeout] Query timed out: msg id 176
[Status] Testing complete

Statistics:

  Parse input file:     once
  Ended due to:         reaching end of file

  Queries sent:         23646 queries    #发送个数
  Queries completed:    23646 queries    #成功
  Queries lost:         0 queries
  Queries delayed(?):   0 queries

  RTT max:          0.012205 sec
  RTT min:              0.000022 sec
  RTT average:          0.000239 sec
  RTT std deviation:    0.000275 sec
  RTT out of range:     0 queries

  Percentage completed: 100.00%
  Percentage lost:        0.00%

  Started at:           Fri May 11 14:01:27 2018
  Finished at:          Fri May 11 14:01:32 2018
  Ran for:              5.009058 seconds

  Queries per second:   4720.648074 qps    #每秒执行

原文地址:http://blog.51cto.com/marvin89/2115294

时间: 2024-10-14 07:37:03

Linux dns服务器介绍的相关文章

Linux DNS服务器子域授权、转发器和转发域配置实例(三)

DNS子域授权: 这里我们只演示正向解析的子域授权   父域能够解析子域的A记录(不是权威的,因为不是自身解析的),  子域不能解析父域的A记录,如果非要解析父域中的地址过程是:先去找互联网的根域在层层到下查找.(但是我们可以在子域建立转发,使能够解析父域的A记录) 实例: 说明父域为:ning.com子域1为:ning1.ning.com 子域2为:ning2.ning.com  补充说明:父域和子域只要能通信即可,没有必要在同一网段,我们这里为了方便操作放在一个网段了..小伙伴们明白!  实

DNS服务器介绍(二)——主从复制和区域转发

背景介绍 实际环境中为了避免单点故障,DNS服务器是由一组服务器组成每一个服务器上都有若干个区域,不同服务器上的相同区域分为主和从两种角色.由于正向和反向是不同的区域,所以多台服务器间的相同区域可以互为主从或者一主多从,本处以右图为例进行演示. DNS服务器的主从复制 1.之前已经在172.16.10.10/24主机上创建了contoso.com正反向解析区域并分别设置为主服务器,对于从服务器,只需要在配置文件中添加解析区域且zone名称必须和主服务器的zone名称保持一致,他会自动去主服务器上

DNS服务器介绍及设置

DNS服务器是指"域名解析服务器",而域名就是我们通常所说的"网址".在互联网中识别和寻找不同的计算机,实际上是需要知道该计算机的IP地址才能进行访问.比如220.181.38.4,这个IP就是百度的电信线路IP中的一个,电信用户在地址栏中输入这个IP地址就可以直接访问百度了,而每个网站都有一个或多个IP地址,如果客户在浏览网页时要输入这些IP地址来进行访问的话,无疑是有很大记忆难度的,而通常我们都是通过域名(网址)来对网站进行访问的. 一.DNS服务器的工作原理大

Linux DNS服务器搭建和DNS 客户端配置

操作系统版本: [[email protected] named]# cat /etc/redhat-release Red Hat Enterprise Linux Server release 6.6 (Santiago) Linux下设置DNS的位置主要是, 1网卡设置配置文件里面DNS服务器地址设置, 2.系统默认DNS服务器地址设置. 3,hosts文件指定 生效顺序是: 1 hosts文件 2 网卡配置文件DNS服务地址 3 /etc/resolv.conf 安装DNS yum in

DNS服务器介绍(一)——创建DNS正反解析区域

背景介绍 DNS服务作为互联网上一个基础服务承担着将用户请求的名称转换成对应的IP或将IP转换为名称的功能.DNS实际上是将互联网上所有主机的FQDN以"."分割成若干个区域,每一个区域都有特定的主机来进行管理.以正向解析为例:当用户发起对www.contoso.com名称的解析请求时,本地DNS服务器会先查询缓存内是否有该名称的IP,如果没有此时就分为两种情况: 当客户端向本地的DNS服务器发起请求时(1),如果本地DNS服务器不允许递归查询,他会立即向客户端反馈找不到该名称对应的I

Linux DNS服务器主从复制及区域传送

什么是DNS主从复制? 简单说一下,所谓DNS主从复制,就是将主DNS服务器的解析库复制传送至从DNS服务器,进而从服务器就可以进行正向.反向解析了. 这里提一下DNS服务器类型有以下几种: 主DNS服务器 辅DNS服务器 缓存服务器(默认) 转发器 需要注意的是: 1.做主从的时候时间同步非常重要,必须保持时间的一致性: 2.DNS(bind)的版本问题,最好使用同一版本,或者从DNS版本比主DNS版本高. 什么是区域传送? 区域传送有两种类型: 完全区域传送:axfr 增量区域传送:ixfr

11.linux dns服务器建立和安装apache

dns服务器建立 1.安装bind建立dns服务器 yum install bind -y 2.安装好修改配置文件:vim /etc/named.conf 修改: listen-on port 53 { 192.168.1.145; }; 此处ip为服务器主机ip #allow-query     { localhost; }; 指定dns解析:   vim /etc/named.conf 添加新的解析域  zone "simplexue.com" IN {   type master

Linux之服务器介绍

服务器,也称伺服器,是提供计算服务的设备.由于服务器需要响应服务请求,并进行处理,因此一般来说服务器应具备承担服务并且保障服务的能力. 服务器: 服务器指的是网络中能对其他机器提供某些服务的计算机系统,相对普通PC,服务器指的是高性能计算机,稳定性.安全性要求更高服务器的高性能体现在高速的运转能力,长时间的可靠运行,强大的数据吞吐能力 服务器的构成包括处理器.硬盘.内存.系统总线等,和通用的计算机架构类似,但是由于需要提供高可靠的服务,因此在处理能力.稳定性.可靠性.安全性.可扩展性.可管理性等

Linux之DNS服务器搭建及常见DNS攻击和防御

DNS(Domain Name System,域名系统),因特网上作为域名和IP地址相互映射的一个分布式数据库,能够使用户更方便的访问互联网,而不用去记住能够被机器直接读取的IP数串.通过主机名,最终得到该主机名对应的IP地址的过程叫做域名解析(或主机名解析).DNS协议运行在UDP协议之上,使用端口号53. 主机名到IP地址的映射有两种方式: 1)静态映射,每台设备上都配置主机到IP地址的映射,各设备独立维护自己的映射表,而且只供本设备使用: 2)动态映射,建立一套域名解析系统(DNS),只在