Centos7搭建主从DNS服务器
作者: / 2019-08-09 / 浏览次数:
# 主从dns服务器均需要安装bind、bind-chroot、bind-utils
yum -y install bind bind-utils bind-chroot
# 如果防火墙开启,配置防火墙,添加服务
firewall-cmd --permanent --add-service=dns
firewall-cmd --reload



2、主dns服务器配置

# 编辑配置文件
vim /etc/named.conf
# 找到其中两行
listen-on port 53 { 127.0.0.1; };
allow-query { localhost; };
# 修改为
listen-on port 53 { any; };
allow-query { any; };







3、配置正向解析

# 编辑文件/etc/named.rfc1912.zones,在末尾添加需要解析的域
 zone "test1.com" in {
 type master;
 file "data/test1.com.zone";
# 创建test1.com.zone解析域
vim /var/named/data/test1.com.zone
 $ttl 3h 
 @ in soa test1.com. root  ; minimum 
in ns @ in a 192.168.11.10 www in a 192.168.11.10 ftp in a 192.168.11.10
# 编辑/etc/resolv.conf,添加
search localdomain
nameserver 192.168.11.10




4、重启dns服务器

# 重启named
systemctl restart named
# 查看状态
systemctl status named

5、检查解析是否成功

# ping命令验证
ping -c 4 www.test1.com
# 输出如下即解析成功 ping www.test1.com 56 bytes of data. 64 bytes from ftp.test1.com : icmp_seq=1 ttl=64 time=0.033 ms 64 bytes from ftp.test1.com : icmp_seq=2 ttl=64 time=0.058 ms 64 bytes from ftp.test1.com : icmp_seq=3 ttl=64 time=0.066 ms 64 bytes from ftp.test1.com : icmp_seq=4 ttl=64 time=0.057 ms --- www.test1.com ping statistics --- 4 packets transmitted, 4 received, 0% packet loss, time 3000ms rtt min/avg/max/mdev = 0.033/0.053/0.066/0.014 ms
# nslookup命令验证 nslookup www.test1.com # 输出如下即解析成功
server: 192.168.11.10 address: 192.168.11.10#53 name: www.test1.com address: 192.168.11.10



6、配置反向解析

# 编辑文件/etc/named.rfc1912.zones,在末尾添加 
vim etc/named.rfc1912.zones
 zone "11.168.192.in-addr.arpa" in {
 type master;
 file "data/11.168.192.zone"; 
# 创建11.168.192.zone解析域
vim /var/named/data/11.168.192.zone
 $ttl 3h
 @ in soa web3.com. root  ; minimum
 @ in ns www.test1.com.
 10 in ptr www.test1.com.
 10 in ptr ftp.test1.com.

7、重启dns服务器

# 重启named
systemctl restart named
# 查看状态
systemctl status named

8、检查解析是否成功

# ping命令验证
ping -c 4 192.168.11.10
# 输出如下即解析成功
 ping 192.168.11.10  56 bytes of data.
 64 bytes from 192.168.11.10: icmp_seq=1 ttl=64 time=0.061 ms
 64 bytes from 192.168.11.10: icmp_seq=2 ttl=64 time=0.058 ms
 64 bytes from 192.168.11.10: icmp_seq=3 ttl=64 time=0.081 ms
 64 bytes from 192.168.11.10: icmp_seq=4 ttl=64 time=0.060 ms
 --- 192.168.11.10 ping statistics ---
 4 packets transmitted, 4 received, 0% packet loss, time 3000ms
 rtt min/avg/max/mdev = 0.058/0.065/0.081/0.009 ms
# nslookup命令验证
nslookup 192.168.11.10
# 输出如下即解析成功
 server: 192.168.11.10
 address: 192.168.11.10#53
 10.11.168.192.in-addr.arpa name = ftp.test1.com.
 10.11.168.192.in-addr.arpa name = www.test1.com.

9、配置从dns服务器

# 先修改主dns服务器的配置/etc/named.rfc1912.zones
vim /etc/named.rfc1912.zones
 zone "test1.com" in {
 type master;
 file "data/test1.com.zone";
 allow-transfer {192.168.11.11;};
 notify yes;
 also-notify {192.168.11.11;};
 zone "11.168.192.in-addr.arpa" in {
 type master;
 file "data/11.168.192.zone";
 allow-transfer {192.168.11.11;}; 
 notify yes; 
 also-notify {192.168.11.11;}; 
};

10、配置从dns服务器正向解析

# 编辑named.conf文件
vim /etc/named.conf
 # 找到其中两行 
 listen-on port 53 { 127.0.0.1; }; 
 allow-query { localhost; };
 # 修改为
 listen-on port 53 { any; };
 allow-query { any; };
# 编辑文件/etc/named.rfc1912.zones,在末尾添加需要解析的域 
vim /etc/named.rfc1912.zones
zone "test1.com" in { type slave; file "data/test1.com.zone"; }; masters { 192.168.11.10; }; # 创建test1.com.zonek空文件 touch /var/named/data/test1.com.zone # 设置所有者 chown named:named test1.com.zone # 编辑/etc/resolv.conf,添加
vim /etc/resolv.conf search localdomain nameserver 192.168.11.11


11、重启dns服务器

# 重启named
systemctl restart named
# 查看状态
systemctl status named

12、检测解析是否成功

# ping命令验证
ping -c 4 www.test1.com
# 输出如下即解析成功
 ping www.test1.com  56 bytes of data.
 64 bytes from ftp.test1.com : icmp_seq=1 ttl=64 time=0.033 ms
 64 bytes from ftp.test1.com : icmp_seq=2 ttl=64 time=0.058 ms
 64 bytes from ftp.test1.com : icmp_seq=3 ttl=64 time=0.066 ms
 64 bytes from ftp.test1.com : icmp_seq=4 ttl=64 time=0.057 ms
 --- www.test1.com ping statistics ---
 4 packets transmitted, 4 received, 0% packet loss, time 3000ms
 rtt min/avg/max/mdev = 0.033/0.053/0.066/0.014 ms
# nslookup命令验证
nslookup
 www.test1.com
# 输出如下即解析成功
 server: 192.168.11.11
 address: 192.168.11.11#53
 name: www.test1.com
 address: 192.168.11.10

13、配置从dns服务器反向解析

# 在文件/etc/named.rfc1912.zones中添加 
vim etc/named.rfc1912.zones
 zone "11.168.192.in-addr.arpa" in {
 type master;
 file "data/11.168.192.zone";
 masters { 192.168.11.10; }; 
# 创建空文件11.168.192.zone
touch /var/named/data/11.168.192.zone
# 设置所有者
chown named:named 11.168.192.zone



14、重启dns服务器

# 重启named
systemctl restart named
# 查看状态
systemctl status named

15、查看文件/var/named/data/test1.com.zone和/var/named/data/11.168.192.zone是否有二进制数据

cat /var/named/data/test1.com.zone
cat /var/named/data/11.168.192.zone

16、检查解析是否成功

# ping命令验证
ping -c 4 192.168.11.11
# 输出如下即解析成功
 ping 192.168.11.11  56 bytes of data.
 64 bytes from 192.168.11.11: icmp_seq=1 ttl=64 time=0.061 ms
 64 bytes from 192.168.11.11: icmp_seq=2 ttl=64 time=0.058 ms
 64 bytes from 192.168.11.11: icmp_seq=3 ttl=64 time=0.081 ms
 64 bytes from 192.168.11.11: icmp_seq=4 ttl=64 time=0.060 ms
 --- 192.168.11.11 ping statistics ---
 4 packets transmitted, 4 received, 0% packet loss, time 3000ms
 rtt min/avg/max/mdev = 0.058/0.065/0.081/0.009 ms
# nslookup命令验证
nslookup 192.168.11.11
# 输出如下即解析成功
 server: 192.168.11.11
 address: 192.168.11.11#53
 10.11.168.192.in-addr.arpa name = ftp.test1.com.
 10.11.168.192.in-addr.arpa name = www.test1.com.
【某某业务】网站建设、网站设计、服务器空间租售、网站维护、网站托管、网站优化、百度推广、自媒体营销、微信公众号
如有意向---联系我们
热门栏目
热门资讯

网站建设 网站托管 成功案例 新闻动态 关于我们 联系我们 服务器空间 加盟合作 网站优化

备案号: 

公司地址:江苏省南京市玄武区玄武湖 咨询QQ:9490489 手机: 电话: