构建域名服务器DNS
1、概述
1、概念
DNS Domain Name System 域名解析系统
2、原理
一次递归屡次迭代
3、DNS做用
正向解析:将域名转换成对应的IP地址
反向解析:将IP地址转换成对应的域名
4、使用端口 53 domain TCP UDP查询
若是查询时以UDP没有查询到完整的信息时,就会再次以TCP协议来从新查询
主DNS于从DNS同步时使用TCP协议
实验配置
1、 实验环境
主DNS: 主机名 master.daren.com IP地址192.168.0.1
从DNS: 主机名 slave.daren.com IP地址 192.168.0.2
缓存DNS: 主机名cache.daren.com IP地址 192.168.0.3
WEB服务器: 主机名 www.daren.com IP地址 192.168.0.10
PC IP地址为192.168.0.5
主DNS的配置
1、环境的设置
[root@master ~]# cat /etc/sysconfig/network
NETWORKING=yes
NETWORKING_IPV6=no
HOSTNAME=master.daren.com
[root@master ~]# cat /etc/sysconfig/network-scripts/ifcfg-eth0
# Advanced Micro Devices [AMD] 79c970 [PCnet32 LANCE]
DEVICE=eth0
BOOTPROTO=static
IPADDR=192.168.0.1
NETMASK=255.255.255.0
ONBOOT=yes
HWADDR=00:0c:29:52:bc:e0
|
2、安装软件包
[root@master ~]# yum -y install bind*
[root@master ~]# yum -y install caching*
|
3、修改主配置文件
[root@master etc]# cd /var/named/chroot/etc/
[root@master etc]# cp named.caching-nameserver.conf named.conf
[root@master etc]# vim named.conf
options {
listen-on port 53 { any; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { any; };
allow-query-cache { any; };
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
view any_resolver {
match-clients { any; };
match-destinations { any; };
recursion yes;
include "/etc/named.zone ";
};
|
4、区域配置文件
[root@master etc]# cp -a named.rfc1912.zones named.zone
[root@master etc]# vim named.zone
27 zone "daren.com" IN {
28 type master;
29 file "daren.zone";
30 allow-update { none; };
31 };
32
33 zone "0.168.192.in-addr.arpa" IN {
34 type master;
35 file "daren.addr";
36 allow-update { none; };
37 };
|
5、修改区域数据库文件:正向解析
[root@master ~]# cd /var/named/chroot/var/named/
[root@master named]# cp -a named.local daren.zone
[root@master named]# vim daren.zone
$TTL 86400
@ IN SOA daren.com. root.daren.com. (
1997022700 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS master.daren.com.
master IN A 192.168.0.1
www IN A 192.168.0.10
mail IN A 192.168.0.20
|
反向解析
[root@master named]# cp -a daren.zone daren.addr
[root@master named]# vim daren.addr
$TTL 86400
@ IN SOA daren.com. root.daren.com. (
1997022700 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS master.daren.com.
1 IN PTR master.daren.com.
10 IN PRR www.daren.com.
|
6、重启named服务
[root@master named]# service named restart
从DNS的配置
一、 修改主配置文件
[root@slave etc]# vim named.conf
options {
listen-on port 53 { any; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { any; };
allow-query-cache { any; };
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
view any_resolver {
match-clients { any; };
match-destinations { any; };
recursion yes;
include "/etc/named.zone";
"named.conf" 41L, 1179C
|
二、 修改区域配置文件
[root@slave etc]# vim named.zone
27 zone "daren.com" IN {
28 type slave;
29 file "slaves/daren.zone";
30 masters { 192.168.0.1; };
31 };
39 zone "0.168.192.in-addr.arpa" IN {
40 type slave;
41 file "slaves/daren.addr";
42 masters { 192.168.0.1; };
43 ;
|
3、重启named服务
[root@slave etc]# service named restar
4、查看同步过来的文件
[root@slave named]# cd slaves/
[root@slave slaves]# ls
daren.addr daren.zone
|
缓存DNS的配置
一、 修改主配置文件
options {
listen-on port 53 { any; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
forwarders { 192.168.0.1; };
allow-query { any; };
allow-query-cache { any; };
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
view any_resolver {
match-clients { any; };
match-destinations { any; };
recursion yes;
include "/etc/named.rfc1912.zones";
"named.conf" 41L, 1219C
|
2、重启named服务
[root@slave etc]# service named restart
客户端的测试
一、 主DNS的测试
将客户端的DNS指向主DNS的IP 192.168.0.1
进入cmd依次执行
Nslookup master.daren.com
Nslookup www.daren.com
Nslookup mail.daren.com
看可否解析到正确的地址
二、 从DNS的测试
将客户端的DNS指向从DNS的IP 192.168.0.2
进入cmd执行
Nslookup www.daren.com
看可否解析到正确的地址
三、 缓存DNS的测试
将客户端的DNS指向缓存DNS的IP 192.168.0.3
进入cmd依次执行
Nslookup www.daren.com
看可否解析到正确的地址
vim /var/named/chroot/etc/named.conf
//forwarders { 192.168.0.1; }; (将转发去掉)
将客户端的缓存清一下
Ipconfig /flushdns
再次执行
Nslookup www.daren.com
看可否解析到正确的地址