DNS配置

实验环境

主dns：192.168.110.33

从dns：192.168.110.59

iptables and selinux disabled

yum install -y bind

主dns端

1.主配置文件（注意文件权限）

# ll /etc/named.conf

-rw-r-----. 1 root named 453 Aug 7 22:44 /etc/named.conf

# vim /etc/named.conf

options {

directory "/var/named"; #定义区域数据目录

};

zone "cheungssh.com" IN { #定义域

type master; #类型为master

file "cheungssh.com.zone"; #定义区域数据文件

};

zone "110.168.192.in-addr.arpa" { #反向解析

type master;

file "192.168.110.zone";

};

zone "." IN { #根域

type hint; #类型为根

file "named.ca";

};

zone "localhost" IN { #本地解析

type master;

2.区域数据文件（注意文件权限）

# pwd

/var/named

# ll

-rw-r-----. 1 root named 329 Aug 7 22:25 192.168.110.zone

-rw-r-----. 1 root named 427 Aug 8 00:27 cheungssh.com.zone

正向区域数据文件

# vim cheungssh.com.zone

$TTL 1D #ttl值为一天

cheungssh.com. IN SOA ns.cheungssh.com. admin.cheungssh.com. (

1026080702 ; serial #序列号(此文件修改一次，序列号必须变)

1D ; refresh #刷新时间

1H ; retry #重试时间

1W ; expire #过期时间

3H ) ; minimum #最小时常

IN NS ns #定义域所属的dns服务器

IN MX 10 mail #定义邮件记录

mail IN A 192.168.110.33

ns IN A 192.168.110.33

www IN A 192.168.110.33

ycc IN A 192.168.110.33

www IN A 192.168.110.34

ftp IN CNAME WWW #别名，ftp别名为www

vip IN A 192.168.197.100

rs1 IN A 192.168.197.105

rs2 IN A 192.168.197.107

反向区域数据文件

# vim 192.168.110.zone

$TTL 1D

@ IN SOA ns.cheungssh.com. admin.cheungssh.com. (

1026080702 ; serial

1D ; refresh

1H ; retry

1W ; expire

3H ) ; minimum

IN NS ns.cheungssh.com.

33 IN PTR ns.cheungssh.com.

33 IN PTR www.cheungssh.com.

33 IN PTR mail.cheungssh.com

34 IN PTR ns.cheungssh.com.

6 IN PTR hello.cheungssh.com.

3.在/etc/resolv.conf中指明dns服务器

# vim /etc/resolv.conf

nameserver 192.168.110.33

4.重启dns服务

5.命令测试

dig命令测试解析

# dig -t A www.cheungssh.com #-t指明rt记录

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.47.rc1.el6 <<>> -t A www.cheungssh.com

;; global options: +cmd

;; Got answer:

;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 14084

;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1

;; QUESTION SECTION:

;www.cheungssh.com. IN A

;; ANSWER SECTION:

www.cheungssh.com. 86400 IN A 192.168.110.33

www.cheungssh.com. 86400 IN A 192.168.110.34

;; AUTHORITY SECTION: #权威答案

cheungssh.com. 86400 IN NS ns.cheungssh.com.

;; ADDITIONAL SECTION: #补充段，避免二次查询，直接将主机名转换为ip

ns.cheungssh.com. 86400 IN A 192.168.110.33

;; Query time: 0 msec

;; SERVER: 192.168.110.33#53(192.168.110.33)

;; WHEN: Sun Aug 7 00:59:32 2016

;; MSG SIZE rcvd: 84

# dig -t CNAME ftp.cheungssh.com

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.47.rc1.el6 <<>> -t CNAME ftp.cheungssh.com

;; global options: +cmd

;; Got answer:

;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 57946

;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1

;; QUESTION SECTION:

;ftp.cheungssh.com. IN CNAME

;; ANSWER SECTION:

ftp.cheungssh.com. 86400 IN CNAME WWW.cheungssh.com.

;; AUTHORITY SECTION:

cheungssh.com. 86400 IN NS ns.cheungssh.com.

;; ADDITIONAL SECTION:

ns.cheungssh.com. 86400 IN A 192.168.110.33

;; Query time: 0 msec

;; SERVER: 192.168.110.33#53(192.168.110.33)

;; WHEN: Sun Aug 7 01:10:39 2016

;; MSG SIZE rcvd: 86

# dig -t NS cheungssh.com

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.47.rc1.el6 <<>> -t NS cheungssh.com

;; global options: +cmd

;; Got answer:

;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 31012

;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; QUESTION SECTION:

;cheungssh.com. IN NS

;; ANSWER SECTION:

cheungssh.com. 86400 IN NS ns.cheungssh.com.

;; ADDITIONAL SECTION:

ns.cheungssh.com. 86400 IN A 192.168.110.33

;; Query time: 0 msec

;; SERVER: 192.168.110.33#53(192.168.110.33)

;; WHEN: Sun Aug 7 01:11:56 2016

;; MSG SIZE rcvd: 64

dig测试反向解析

# dig -x 192.168.110.33

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.47.rc1.el6 <<>> -x 192.168.110.33

;; global options: +cmd

;; Got answer:

;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 6945

;; flags: qr aa rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 1, ADDITIONAL: 1

;; QUESTION SECTION:

;33.110.168.192.in-addr.arpa. IN PTR

;; ANSWER SECTION:

33.110.168.192.in-addr.arpa. 86400 IN PTR www.cheungssh.com.

33.110.168.192.in-addr.arpa. 86400 IN PTR mail.cheungssh.com.110.168.192.in-addr.arpa.

33.110.168.192.in-addr.arpa. 86400 IN PTR ns.cheungssh.com.

;; AUTHORITY SECTION:

110.168.192.in-addr.arpa. 86400 IN NS ns.cheungssh.com.

;; ADDITIONAL SECTION:

ns.cheungssh.com. 86400 IN A 192.168.110.33

;; Query time: 0 msec

;; SERVER: 192.168.110.33#53(192.168.110.33)

;; WHEN: Sun Aug 7 01:37:53 2016

;; MSG SIZE rcvd: 156

host命令测试解析

# host -t A www.cheungssh.com

www.cheungssh.com has address 192.168.110.33

www.cheungssh.com has address 192.168.110.34

# host -t A www.cheungssh.com

www.cheungssh.com has address 192.168.110.34

www.cheungssh.com has address 192.168.110.33

# host -t NS cheungssh.com

cheungssh.com name server ns.cheungssh.com.

# host -t MX cheungssh.com

cheungssh.com mail is handled by 10 mail.cheungssh.com. #10表示优先级是10

# host -t SOA cheungssh.com

cheungssh.com has SOA record ns.cheungssh.com. admin.cheungssh.com. 1026080701 86400 3600 604800 10800

从dns端

1.主配置文件（注意文件权限）

# ll /etc/named.conf

-rw-r-----. 1 root named 523 Aug 7 22:00 /etc/named.conf

# cat /etc/named.conf

options {

directory "/var/named";

};

zone "cheungssh.com" IN {

type slave; #类型为slave

file "slaves/cheungssh.com.zone"; #区域数据文件在slaves下

masters { 192.168.110.33; }; #指明主dns

};

zone "110.168.192.in-addr.arpa" {

type slave;

file "slaves/192.168.110.zone";

masters { 192.168.110.33; };

};

zone "." IN {

type hint;

file "named.ca";

};

zone "localhost" IN {

type master;

file "named.localhost";

};

zone "0.0.127.in-addr.arpa" IN {

type master;

file "named.loopback";

};

#include "/etc/named.rfc1912.zones";

#include "/etc/named.root.key";

2.在/etc/resolv.conf中指明dns服务器

# vim /etc/resolv.conf

nameserver 192.168.110.33

3.重启dns服务，区域数据文件会从主dns同步至/var/named/slaves目录下

4.区域数据文件（注意文件权限,从主dns同步过来，一般权限不存在问题）

#pwd

/var/named

# ll

total 8

-rw-r--r--. 1 named named 458 Aug 7 23:01 192.168.110.zone

-rw-r--r--. 1 named named 459 Aug 7 23:01 cheungssh.com.zone

# cat cheungssh.com.zone

$ORIGIN .

$TTL 86400 ; 1 day

cheungssh.com IN SOA ns.cheungssh.com. admin.cheungssh.com. (

1026080702 ; serial

86400 ; refresh (1 day)

3600 ; retry (1 hour)

604800 ; expire (1 week)

10800 ; minimum (3 hours)

)

NS ns.cheungssh.com.

MX 10 mail.cheungssh.com.

$ORIGIN cheungssh.com.

ftp CNAME WWW

mail A 192.168.110.33

ns A 192.168.110.33

www A 192.168.110.33

A 192.168.110.34

ycc A 192.168.110.33

# cat 192.168.110.zone

$ORIGIN .

$TTL 86400 ; 1 day

110.168.192.in-addr.arpa IN SOA ns.cheungssh.com. admin.cheungssh.com. (

1026080702 ; serial

86400 ; refresh (1 day)

3600 ; retry (1 hour)

604800 ; expire (1 week)

10800 ; minimum (3 hours)

)

NS ns.cheungssh.com.

$ORIGIN 110.168.192.in-addr.arpa.

33 PTR ns.cheungssh.com.

PTR www.cheungssh.com.

PTR mail.cheungssh.com

34 PTR ns.cheungssh.com.

6 PTR hello.cheungssh.com.

5.测试

# dig ycc.cheungssh.com

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.47.rc1.el6 <<>> ycc.cheungssh.com

;; global options: +cmd

;; Got answer:

;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 16006

;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1

;; QUESTION SECTION:

;ycc.cheungssh.com. IN A

;; ANSWER SECTION:

ycc.cheungssh.com. 86400 IN A 192.168.110.33

;; AUTHORITY SECTION:

cheungssh.com. 86400 IN NS ns.cheungssh.com.

;; ADDITIONAL SECTION:

ns.cheungssh.com. 86400 IN A 192.168.110.33

;; Query time: 0 msec

;; SERVER: 192.168.110.59#53(192.168.110.59)

;; WHEN: Mon Aug 8 03:01:28 2016

;; MSG SIZE rcvd: 84

时间： 2024-11-05 17:32:33

DNS配置的相关文章

安装Oracle 11g RAC R2 之Linux DNS 配置

Oracle 11g RAC 集群中引入了SCAN(Single Client Access Name)的概念,也就是指集群的单客户端访问名称.SCAN 这个特性为客户端提供了单一的主机名,用于访问集群中运行的 Oracle 数据库.如果您在集群中添加或删除节点,使用 SCAN 的客户端无需更改自己的 TNS 配置.无论集群包含哪些节点,SCAN 资源及其关联的 IP 地址提供了一个稳定的名称供客户端进行连接使用.在Oracle 11g grid 安装时即要求为该特性配置DNS解析方式或GNS解

微软Azure云之企业Exchange 2016部署13—DNS配置

本节我们来配置DNS域名解析. 因为本次Exchange部署在Azure公有云上,所有用户访问通过公网来进行连接,所以这里主要是公网DNS配置. 1.DNS正向解析对于Exchange来说.如果邮件客户端仅仅使用MAPI模式连接,则需要配置mail.autodiscover.解析以及主域名的MX记录解析.如果需要其他如POP.SMTP.IMAP等服务时,有时为了区分服务DNS解析,也可以分别配置. 另外,这里设置了一条TXT解析:v=spf1 ip4: 13.78.59.202/32 –all

RHEL学习之从DNS配置

从服务器可以从主服务器上抓取指定的区域数据文件起到备份解析记录和负载均衡的作用. 主DNS服务器IP:192.168.16.20 从DNS服务器IP:192.168.16.30 1,修改主服务器区域配置文件 [[email protected] ~]# vim /etc/named.rfc1912.zones }; // named.rfc1912.zones: // // Provided by Red Hat caching-nameserver package // // ISC BIND

彻底解决Ubuntu 14.04 重启后DNS配置丢失的问题

最近得到一个比较好用的DNS,每次重启后都修改DNS配置文件 /etc/resolv.conf 重启就会失效从网上得知 /etc/resolv.conf中的DNS配置是从/etc/resolvconf/resolv.conf.d/head中加载而来,所以每回改resolv.conf都会失效,在此文件里面已经有说明打开/etc/resolv.conf内容如下:cat /etc/resolv.conf # Dynamic resolv.conf(5) file for glibc resolve

CentOS6.7 DNS配置

CentOS6.7 DNS配置 DNS(Domain Name System,域名系统),因特网上作为域名和IP地址相互映射的一个分布式数据库,能够使用户更方便的访问互联网,而不用去记住能够被机器直接读取的IP数字串.通过主机名,最终得到该主机名对应的IP地址的过程叫做域名解析(或主机名解析).DNS协议运行在UDP协议之上,使用端口号53,服务器之间备份使用TCP. 1.DNS的一些基本概念: 1).根域 . 根域"."(点),我们的网站www.qq.com,其实完整的写法是www.

DNS 配置篇二

一.子域配置 1.基本概念子域的作用是在本地DNS下再划分一个小的(子)DNS.作用的方便集中管理, 不过问题是要配置转发.父DNS可以知道解析子DNS,子DNS 则只可以解析自己本地记录,不能解析父DNS. 正向子域授权: 只需要在父域的区域解析库中添加"胶水记录", glue record 子域名称 IN NS 子域的名称服务器 ops IN NS ns.ops ops IN NS ns2.ops ns.ops IN A 172.16

DNS 配置详解

DNS 解析一个正向区域配置 (DNS 监听的服务端口是53) 1.进行程序包的安装工作 yum install bind * -y 2.编辑配置文件 vim /etc/named.rfc1912.zones 在文件的尾端进行编辑如下所示 zone "magedu.com" IN { type master; file "magedu.com.zone"; }; 然后进行编辑主配置文件 vim /etc/named.conf options { list

linux服务器dns配置丢失处理

最近公司有服务器发现配置了dns后,检查/etc/resolv.conf中也已经修改了,但重启服务器后或者重启网络服务(services networkrestart)后,dns配置丢失. 通过检查发现是由于默认系统自动启动了网络管理服务(NetworkManager)导致,需要禁用该服务.具体操作如下: 1.关闭自启动:chkconfig NetworkManager off2.停用服务:services NetworkManager stop 3.重新配置dns. 4.重启网络服务 serv

CentOS实例项目之三(一)--ZZSRV1上的DNS配置

DNS的配置相对于来说是花费时间较多的,所以写得也比较认真,详细. 1. ZZSRV1上的主DNS配置 1.1. 安装BIND # yum -y install bind bind-utils bind-chroot # rpm -qc bind /etc/logrotate.d/named /etc/named.conf /etc/named.iscdlv.key /etc/named.rfc1912.zones /etc/named.root.key /etc/rndc.conf /etc/

CentOS项目实例之三（二）--ZZSRV2上DNS配置

1. ZZSRV2上的DNS配置 1.1. 安装BIND 与ZZSRV1上的主DNS配安装一样. 1.2. 配置 1.2.1. Cache Only Server 与ZZSRV1上的主DNS配安装一样. 1.2.2. 添加辅助Zone # vi /etc/named.conf 添加如下zone信息 zone "bigcloud.local" IN { type slave; masters {192.168.188.11; }; file