1.规划节点
部署主从节点 DNS 服务的节点规划,主从节点 DNS 服务的节点规划
IP 主机名 节点
172.16.51.8 master 主 DNS 服务器
172.16.51.21 slaver 从 DNS 服务器
2.基础准备
使 用 VMWare Workstation 软件 安装 CentOS 7.2 操作 系统, 镜像 使用 提供 的
CentOS-7-x86_64-DVD-1511.iso,最小化 CentOS 7.2 虚拟机两台。YUM 源使用本地 CetnOS
7.2 系统源
3、DNS安装
1.配置 YUM 源(两个节点)
(1)YUM 源备份
[root@master ~]# mv /etc/yum.repos.dsample/ for example named configuration files.
//
options {
listen-on port 53 { any; };
// listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { any; };
recursion yes;
34
dnssec-enable yes;
dnssec-validation yes;
bindkeys-file "/etc/named.iscdlv.key";
managed-keys-directory "/var/named/dynamic";
pid-file "/run/named/named.pid";
session-keyfile "/run/named/session.key";
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
zone "test.com" {
type master;
file "test.com.zon";
};
include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";
设置 named.conf 文件的用户权限为 named,示例代码如下:
[root@master named]# chown named /var/named/chroot/etc/named.conf
⑦创建转发域。
拷贝模板文件 named.localhost 到 test.com.zon,示例代码如下:
[root@master n
amed]# cp /var/named/named.localhost /var/named/chroot/var/named/test.com.zon
编辑 test.com.zon 文件,示例代码如下:
[root@master named]# vi test.com.zon $TTL 1D $ORIGIN test.com. @ IN SOA test.com. admin.test.com. ( 2019001; serial 1D ; refresh 1H ; retry 1W ; expire 3H ; minimum ) IN NS ns1.test.com. ns1 IN A 172.16.50.10 www IN A 172.16.51.31 ftp IN A 172.16.51.4
赋予 test.com.zon 所有权限,命令如下:
chmod -R 777 test.com.zon
⑧检查配置,如图 3-5-7 所示。
[root@master named]# named-checkconf /var/named/chroot/etc/named.conf [root@master named]# named-checkzone test.com test.com.zon
⑨配置服务
设置主机时间,示例代码如下:
[root@master named]# date -s 15:47:00
关闭 named 服务,取消开机启动,命令如下:
[root@master named]# systemctl stop named [root@master named]# systemctl disable named
设置 bind-chroot 服务开机启动,并重启。
[root@master named]# systemctl enable named-chroot ln -s '/usr/lib/systemd/system/named-chroot.service' '/etc/systemd/system/multi-user.target.wants/named-chroot.service' [root@master named]# systemctl restart named-chroot
查看 bind-chroot 服务状态,如图 3-5-8 所示。
[root@master named]# systemctl status named-chroot
⑩配置主机 DNS 服务器。
[root@master named]# vi /etc/resolv.conf ; generated by /usr/sbin/dhclient-script search openstacklocal localdomain.localdomain nameserver 172.16.51.8 //修改为当前主机 IP
11、 使用 bind 基本命令重载主配置文件和区域解析库文件,如图 所示。
[root@master named]# rndc reload [root@master named]# rndc reload test.com [root@master named]# rndc notify test.com [root@master named]# rndc reconfig
○12、 测试 DNS 解析是否正常,如图所示。
3.配置主从 DNS
①在 Master 上操作,修改 Master 的 named.conf 配置文件。
[root@master chroot]# cat /var/named/chroot/etc/named.conf
//
// named.conf
//
// Provided by Red Hat bind package to configure the ISC BIND named(8) DNS
// server as a caching only nameserver (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
options {
listen-on port 53 { any; };
// listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { any; };
recursion yes;
dnssec-enable yes;
dnssec-validation yes;
bindkeys-file "/etc/named.iscdlv.key";
managed-keys-directory "/var/named/dynamic";
pid-file "/run/named/named.pid";
session-keyfile "/run/named/session.key";
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
zone "test.com" {
type master;
file "test.com.zon";
allow-transfer {172.16.51.21;};
notify yes;
also-notify {172.16.51.21;};
};
include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";
②在 Master 编辑主服务器解析库文件,添加解析记录,示例代码如下。
[root@master chroot]# cat var/named/test.com.zon $TTL 1D $ORIGIN test.com. @ IN SOA test.com. admin.test.com. ( 2019002; serial //改值比修改前的要大,才能同步 1D ; refresh 1H ; retry 1W ; expire 3H ; minimum ) IN NS ns1.test.com. ns1 IN A 172.16.50.10 www IN A 172.16.51.31 www2 IN A 172.16.51.9 //添加记录 ftp IN A 172.16.51.4
③重新加载配置文件,如图
④在 slave 上操作,修改 slave 服务器上的 named.conf 文件,示例代码如下:
[root@slave named]# vi /var/named/chroot/etc/named.conf
//
// named.conf
//
// Provided by Red Hat bind package to configure the ISC BIND named(8) DNS
// server as a caching only nameserver (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
options {
listen-on port 53 { any; };
// listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { any; };
recursion yes;
dnssec-enable yes;
dnssec-validation yes;
bindkeys-file "/etc/named.iscdlv.key";
managed-keys-directory "/var/named/dynamic";
pid-file "/run/named/named.pid";
session-keyfile "/run/named/session.key";
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
zone "test.com" {
type slave;
file "slaves/test.com.zon";
masters { 172.16.51.8; };
};
include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";
⑤设置 slaves 目录权限和目录的所有者为 named 用户,示例代码如下。
[root@slave ~]# chmod -R 777 /var/named/chroot/var/named/slaves/ [root@slave ~]# chown -R named:named /var/named/chroot/var/named/slaves/
⑥检查语法,并在 master 和 slave 重启服务。
[root@slave ~]# named-checkconf /var/named/chroot/etc/named.conf [root@slave ~]# systemctl restart named-chroot
⑦查看从服务器是否有文件同步进来,如图 3-5-12 所示
[root@slave ~]# ll /var/named/chroot/var/named/slaves/
⑧在 master 主机用从服务器解析,(@后面指定 DNS 服务器的地址,就可以不用改本
机的 DNS 了),解析到 www2 域名,表明配置成功,如图
