Linux 基礎知識(十)DNS服務器主從復制,子域授權
阿新 • • 發佈:2019-04-03
recursion 監聽 ever slaves ons dns服務器 hint 測試 dynamic DNS域名系統是互聯網的一項服務。它作為將域名和IP地址相互映射的一個分布式數據庫,能夠使人更方便地訪問互聯網。DNS使用TCP和UDP端口53
DNS服務器主從復制,子域授權
主服務器:10.120.123.13
從服務器:10.120.123.250
子服務器:10.120.123.251
從服務器的主配置文件:/etc/named.conf
options { listen-on port 53 { 10.120.123.250; }; //定義監聽的端口以及監聽ip //listen-on-v6 port 53 { ::1; }; //關閉IPv6 查詢 directory "/var/named"; dump-file "/var/named/data/cache_dump.db"; statistics-file "/var/named/data/named_stats.txt"; memstatistics-file "/var/named/data/named_mem_stats.txt"; recursing-file "/var/named/data/named.recursing"; secroots-file "/var/named/data/named.secroots"; allow-query { any; }; recursion yes; //允許遞歸 dnssec-enable no; //關閉DNS安全相關 dnssec-validation no; //關閉DNS安全相關 bindkeys-file "/etc/named.iscdlv.key"; managed-keys-directory "/var/named/dynamic"; pid-file "/run/named/named.pid"; session-keyfile "/run/named/session.key"; }; logging { //日誌相關的配置 channel default_debug { file "data/named.run"; severity dynamic; }; }; zone "." IN { //定義根區域 type hint; file "named.ca"; }; include "/etc/named.rfc1912.zones"; include "/etc/named.root.key";
從服務器定義區域解析庫文件:/etc/named.rfc1912.zones
zone "test.com" IN { type slave; //定義服務類型slave file "slaves/test.com.zone"; masters { 10.120.123.13; }; //定義主服務器地址 masterfile-format text; //定義格式,解決服務器區域文件亂碼 }; zone "123.120.10.in-addr.arpa" IN { type slave; //定義服務類型slave file "slaves/10.120.123.zone"; masters { 10.120.123.13; }; //定義主服務器地址 masterfile-format text; //定義格式,解決服務器區域文件亂碼 };
主服務器區域解析庫文件(/var/named/test.com.zone): 增加NS記錄
$TTL 3600 $ORIGIN test.com. @ IN SOA ns1.test.com. dnsadmin.test.com. ( 2019010818 1H 10M 3D 1D ) IN NS ns1 IN NS ns2 //從服務器 IN MX 10 mx1 IN MX 20 mx2 ns1 IN A 10.120.123.13 ns2 IN A 10.120.123.250 //從服務器 mx1 IN A 10.120.123.252 mx2 IN A 10.120.123.253 www IN A 10.120.123.254 web IN CNAME www ops IN NS ns1.ops //子域授權 ns1.ops IN A 10.120.123.251 $TTL 3600 $ORIGIN 123.120.10.in-addr.arpa. @ IN SOA ns1.test.com. nsadmin.test.com. ( 2019010802 1H 10M 3D 12H ) IN NS ns1.test.com. IN NS ns2.test.com. //從服務器 13 IN PTR ns1.test.com. 250 IN PTR ns2.test.com. //從服務器 252 IN PTR mx1.test.com. 253 IN PTR mx2.test.com. 254 IN PTR www.test.com.
子域區域解析庫文件(/var/named/ops.test.com.zone)
$TTL 3600
$ORIGIN ops.test.com.
@ IN SOA ns1.ops.test.com. nsadmin.ops.test.com. (
2019022401
1H
10M
1D
2H )
IN NS ns1
ns1 IN A 10.120.123.251
www IN A 10.120.123.251主服務器重載主配置
rndc reload從服務器開啟服務
systemctl restart named.service從服務器測試
完全區域傳送
dig -t axfr test.com @10.120.123.13
正向解析
dig -t A www.test.com @10.120.123.250
反向解析
dig -x 10.120.123.13 @10.120.123.250子域測試
dig www.ops.test.com @10.120.123.13 //主
dig www.ops.test.com @10.120.123.250 //從
dig www.ops.test.com @10.120.123.251 //子Linux 基礎知識(十)DNS服務器主從復制,子域授權