DNS(domain name server)简单的讲就是域名解析服务器,是伯克利大学科研的成果,对于IP挑战大家记忆力的时候,DNS无疑成了救命稻草,因为他的效率较之前使用的hosts和NIS有了质的飞跃,想了解DNS的详尽知识,大家请去互联网上去看啦!
实验平台:VM下两台linux centos5.5服务器,一台作为主服务器(master),另一台作为辅助服务器(slave)
IP规划:
主服务器:192.168.1.193
辅服务器:192.168.1.195
第一:在主辅服务器上都要做的设置
首先就是是安装DNS套件
[root@localhost ~]# yum -y install bind bind-chroot ypbind bind-utils caching-nameserver
第二:在主服务器上的设置(关键)
[root@localhost ~]# cd /var/named/chroot/etc///进入主设置档案所在的目录
[root@localhost etc]# cp -p named.caching-nameserver.conf named.conf//制作主配置文件
以下这个步骤的含义是:每次服务启动时默认的会去/etc目录下去搜索配置文件,做这个软连接也是这个原因。
[root@localhost etc]# ln -s /var/named/chroot/etc/named.conf /etc/named.conf
以下这个步骤是对rndc的设置(借助rndc对DNS服务器的管理,可以在不关闭DNS服务器的情况下,更新主服务器做过的修改)
[root@localhost ~]# rndc-confgen > /etc/rndc.conf//生成rndc的主配置文档
对这个档案不做任何的修改,只需把DNS需要的部分复制过去即可
[root@localhost ~]# vi /etc/rndc.conf
[root@localhost ~]# vi /etc/named.conf//修改主配置文件,主要修改以下列出的部分即可
listen-on port 53 { any; };
forwarders{202.102.240.65;};
allow-query{ any; };
allow-query-cache { any; };
match-clients{ any; };
match-destinations { any; };
###################### rndc-confgen###################
key "rndckey" {
algorithm hmac-md5;
secret "JkZ/MxIb8I58yefvWMkpIw==";
};
controls {
inet 127.0.0.1 port 953
allow { 127.0.0.1; } keys { "rndckey"; };
};
############################END ##################
以上这个步骤就是可以使用#rdnc reload重载配置文件
[root@localhost ~]# vi /etc/named.rfc1912.zones//添加自己的域
zone "ethnicity.com" IN {
type master;
file "named.ethnicity.com";
allow-update { none; };
allow-transfer { 192.168.1.195;};//这就是针对辅服务器做的设置
also-notify { 192.168.1.195; };
};
zone "1.168.192.in-addr.arpa" IN {
type master;
file "named.192.168.1";
allow-update { none; };
allow-transfer { 192.168.1.195;};
also-notify { 192.168.1.195; };
};
以下这个步骤是建立自己域名的配置文件
[root@localhost named]# cp -p localhost.zone named.ethnicity.com
[root@localhost named]# cp -p named.local named.192.168.1
[root@localhost named]# vi named.ethnicity.com//设置正解
$TTL86400
@IN SOAdns.ethnicity.com.root.ethnicity.com. (
46; serial (d. adams)
3H; refresh
15M; retry
1W; expiry
1D ); minimum
IN NSdns.ethnicity.com.
@IN MX 10mail.ethnicity.com.
www1IN A192.168.1.195
www2IN A192.168.1.196
www3IN A192.168.1.193
linuxIN CNAMEwww2
[root@localhost named]# vi named.192.168.1//设置反解
$TTL86400
@INSOAdns.ethnicity.com. root.ethnicity.com.(
1997022700 ; Serial
28800; Refresh
14400; Retry
3600000; Expire
86400 ); Minimum
INNSdns.ethnicity.com.
195INPTRwww1.ethnicity.com.
196INPTRwww2.ethnicity.com.
193INPTRwww3.ethnicity.com.
[root@localhost ~]# vi /etc/resolv.conf
nameserver 192.168.1.193
然后是简单的测试
[root@localhost ~]# /etc/init.d/named restart
[root@localhost ~]# nslookup//以下测试可知正反解都可以成功
> 192.168.1.195
Server:192.168.1.193
Address:192.168.1.193#53
195.1.168.192.in-addr.arpaname = www1.ethnicity.com.
> www2.ethnicity.com
Server:192.168.1.193
Address:192.168.1.193#53
Name:www2.ethnicity.com
Address: 192.168.1.196
> exit
最后把配置文件同步到辅服务器上
[root@localhost ~]# scp /var/named/chroot/etc/named.conf 192.168.1.195:/var/named/chroot/etc/
[root@localhost~]#scp /var/named/chroot/etc/named.rfc1912.zones 192.168.1.195:/var/named/chroot/etc/
第二:在辅服务器上的设置
[root@localhost ~]# chgrp named /var/named/chroot/etc/named.conf
[root@localhost etc]# ln -s /var/named/chroot/etc/named.conf /etc/named.conf
[root@localhost ~]# vi /etc/named.conf
listen-on port 53 { any; };
forwarders{202.102.240.65;};
allow-query{ any; };
allow-query-cache { any; };
match-clients{ any; };
match-destinations { any; };
[root@localhost ~]# vi /etc/named.rfc1912.zones//添加以下的域
zone "ethnicity.com" IN {
type slave;
file "slaves/named.ethnicity.com";
masters { 192.168.1.193; };
};
zone "1.168.192.in-addr.arpa" IN {
type slave;
file "slaves/named.192.168.1";
masters { 192.168.1.193; };
};
[root@localhost ~]# /etc/init.d/named restart//重启服务器就可以看到辅服务器的配置文件
[root@localhost ~]# ll /var/named/chroot/var/named/slaves/
total 16
-rw-rw-r-- 1 named named 398 Oct 25 07:06 named.192.168.1
-rw-r--r-- 1 named named 466 Oct 25 07:42 named.ethnicity.com
第三:测试的部分
这个步骤主要是观察在主服务器修改配置文件是,通过#rndc reload时,辅服务器数据的同步状况。
[root@localhost named]# vi named.ethnicity.com//在主服务器域文件内添加两个CNAME。并且修改46; serial (d. adams)
$TTL86400
@IN SOAdns.ethnicity.com.root.ethnicity.com. (
46; serial (d. adams)
3H; refresh
15M; retry
1W; expiry
1D ); minimum
IN NSdns.ethnicity.com.
@IN MX 10mail.ethnicity.com.
www1IN A192.168.1.195
www2IN A192.168.1.196
www3IN A192.168.1.193
linuxIN CNAMEwww2
wanyanIN CNAMEwww3
ethnicityIN CNAMEwww1
[root@localhost named]# rndc reload
server reload successful
接着在辅服务器上查看变化,发现和主服务器是数据同步的。
[root@localhost ~]# cat /var/named/chroot/var/named/slaves/named.ethnicity.com
$ORIGIN .
$TTL 86400; 1 day
ethnicity.comIN SOAdns.ethnicity.com. root.ethnicity.com. (
46; serial
10800; refresh (3 hours)
900; retry (15 minutes)
604800; expire (1 week)
86400; minimum (1 day)
)
NSdns.ethnicity.com.
MX10 mail.ethnicity.com.
$ORIGIN ethnicity.com.
ethnicityCNAMEwww1
linuxCNAMEwww2
wanyanCNAMEwww3
www1A192.168.1.195
www2A192.168.1.196
www3A192.168.1.193