DNS管理

程序员文章站 2022-07-01 08:04:30

一、简述DNS服务器原理，并搭建主-辅服务器。二、搭建并实现智能DNS。三、编译安装Mariadb，并启动后可以正常登录。...

一、简述DNS服务器原理，并搭建主-辅服务器。

DNS服务器原理：

1.客户机提出域名解析请求，并将该请求发送给本地的域名服务器；
2.当本地的域名服务器收到请求后，就先查询本地的缓存，如果有该纪录项，则本地的域名服务器就直接把查询的结果返回;
3.如果本地的缓存中没有该纪录，则本地域名服务器就直接把请道求发给根域名服务器，然后根域名服务器再返回内给本地域名服务器一个所查询域(根的子域) 的主域名服务器的地址;
4.本地服务器再向上一步返回的域名服务器发送请求，然后接受请求的服务器查询自己的缓存，如果没有该纪录，则返回相关的下级的域名服务器的地址;
5.重复第四步，直到找到正确的纪录;
6.本地域名服务器把返回的结果保存到缓存，以备下一次使用，同时还将结果返回给客户容机。

搭建主DNS服务器：

1.安装DNS服务包bind包

[root@centos7 ~]#yum install bind -y
[root@centos7 ~]#systemctl start named   #启动服务

2.修改主配置文件/etc/named.conf

[root@centos7 ~]#vim /etc/named.conf
...
// listen-on port 53 { 127.0.0.1; };   		#注释掉，监听本机所有IP
...
//&nbsp; allow-query  { localhost; };    	#注释掉，允许所有IP的请求
    allow-transfer { 192.168.45.17; }; 		#允许本区域传输至特定的从DNS服务器
...

3.创建需要定义的域lance.com,配置文件/etc/named.rfc1912.zones

[root@centos7 ~]#vim /etc/named.rfc1912.zones
...
zone "lance.com" {
	type master               #DNS服务器类型为主DNS
	file "lance.com.zone";     #定义lance.com域数据库文件名
};
...
[root@centos7 ~]#named-checkconf      #检查主配置文件

4.创建编辑域数据库配置文件

[root@centos7 ~]#vim /var/named/lance.com.zone
$TTL 1D                              #定义该域名各种记录的默认TTL值
@ IN SOA master admin ( 
                      0             #用来标记ZONE文件更新，如果发生更新则Serial要单增，否则MASTER不会通知SLAVE进行更新。
                      1H             #标记SLAVE服务器多长时间主动(忽略MASTER的更新通知)向MASTER复核Serial是否有变，如有变则更新之。
                      3M              #如Refresh过程不能完成，重试的时间间隔。
                      1W              #如SLAVE无法与MASTER取得联系，SLAVE继续提供DNS服务的时间，这里为1W(一周时间)。时间到期后SLAVE仍然无法联系MASTER则停止工作，拒绝继续提供服务。
                      1D )            #定义了DNS对否定回答(访问的记录在权威DNS上不存在)的缓存时间
NS master
master A 192.168.45.10
websrv A 192.168.45.7
www CNAME websrv
ftp A 192.168.45.11
[root@centos7 ~]#chgrp named /var/named/lance.com.zone
[root@centos7 ~]#chmod o= /var/named/lance.com.zone
[root@centos7 ~]#named-checkzone lance.com  #检查域数据库配置文件/var/named/lance.com.zone
zone lance.com/IN: loaded serial 0
OK
[root@centos7 ~]#rndc reload            #重新加载配置文件
server reload successful

测试主DNS：

[root@centos6 ~]#dig www.lance.com @192.168.45.7

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.68.rc1.el6 <<>> www.lance.com @192.168.45.7
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 36999
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 1, ADDITIONAL: 1

;; QUESTION SECTION:
;www.lance.com.			IN	A

;; ANSWER SECTION:
www.lance.com.		86400	IN	CNAME	websrv.lance.com.
websrv.lance.com.	86400	IN	A	192.168.45.7

;; AUTHORITY SECTION:
lance.com.		86400	IN	NS	master.lance.com.

;; ADDITIONAL SECTION:
master.lance.com.	86400	IN	A	192.168.45.10

;; Query time: 2 msec
;; SERVER: 192.168.45.7#53(192.168.45.7)
;; WHEN: Wed Jul 15 14:55:35 2020
;; MSG SIZE  rcvd: 105


[root@centos6 ~]#dig ftp.lance.com @192.168.45.7

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.68.rc1.el6 <<>> ftp.lance.com @192.168.45.7
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 7185
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1

;; QUESTION SECTION:
;ftp.lance.com.			IN	A

;; ANSWER SECTION:
ftp.lance.com.		86400	IN	A	192.168.45.11

;; AUTHORITY SECTION:
lance.com.		86400	IN	NS	master.lance.com.

;; ADDITIONAL SECTION:
master.lance.com.	86400	IN	A	192.168.45.7

;; Query time: 0 msec
;; SERVER: 192.168.45.7#53(192.168.45.7)
;; WHEN: Wed Jul 15 15:04:59 2020
;; MSG SIZE  rcvd: 84

从DNS服务器搭建：
1.安装DNS服务包bind包

[root@centos7 ~]#yum install bind -y

2.修改主配置文件/etc/named.conf

[root@centos7 ~]#vim /etc/named.conf
// listen-on port 53 { 127.0.0.1; };		 	 #注释掉，监听本机所有IP
...
//  allow-query  { localhost; };				 #注释掉，允许所有IP的请求
...
    allow-transfer { none; };#拒绝传送

3.修改配置文件/etc/named.rfc1912.zones

[root@centos7 ~]#vim /etc/named.rfc1912.zones
...
zone "lance.com" {
		 type slave; 		 					#DNS服务器类型为从DNS
		masters {192.168.45.7;}; 				#定义主DNS服务器地址
		file "slaves/lance.com.zone.slave"; 	#定义从DNS库文件 
};
...
[root@centos7 ~]#named-checkconf 			 	#检查主配置文件
[root@centos7 ~]#systemctl start named
[root@centos7 ~]#ll /var/named/slaves/lance.com.zone.slave 		 #该文件自动生成
-rw-r--r-- 1 named named 347 7月  15 15:51 /var/named/slaves/lance.com.zone.slave

测试从DNS：

[root@centos6 ~]#dig www.lance.com @192.168.45.17

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.68.rc1.el6 <<>> www.lance.com @192.168.45.17
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 53386
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 1, ADDITIONAL: 1

;; QUESTION SECTION:
;www.lance.com.			IN	A

;; ANSWER SECTION:
www.lance.com.		86400	IN	CNAME	websrv.lance.com.
websrv.lance.com.	86400	IN	A	192.168.45.10

;; AUTHORITY SECTION:
lance.com.		86400	IN	NS	master.lance.com.

;; ADDITIONAL SECTION:
master.lance.com.	86400	IN	A	192.168.45.7

;; Query time: 0 msec
;; SERVER: 192.168.45.17#53(192.168.45.17)
;; WHEN: Wed Jul 15 15:54:25 2020
;; MSG SIZE  rcvd: 105

[root@centos6 ~]#dig ftp.lance.com @192.168.45.17

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.68.rc1.el6 <<>> ftp.lance.com @192.168.45.17
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 46159
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1

;; QUESTION SECTION:
;ftp.lance.com.			IN	A

;; ANSWER SECTION:
ftp.lance.com.		86400	IN	A	192.168.45.11

;; AUTHORITY SECTION:
lance.com.		86400	IN	NS	master.lance.com.

;; ADDITIONAL SECTION:
master.lance.com.	86400	IN	A	192.168.45.7

;; Query time: 0 msec
;; SERVER: 192.168.45.17#53(192.168.45.17)
;; WHEN: Wed Jul 15 15:54:32 2020
;; MSG SIZE  rcvd: 84

主从同步测试：
1.在主DNS服务器上编辑/var/named/lance.com.zone

[root@centos7 ~]#vim /var/named/lance.com.zone
... 
@	IN	SOA	master	admin	( 1 1H 3M 1W 1D )	#增加版本号  
				NS	ns1 			   #添加从服务器NS记录
ns1			 A 	192.168.45.17
test		 A  192.168.45.12 
...
[root@centos7 ~]#rndc reload 	#同步配置
server reload successful

2.在从服务器查看数据库文件

[root@centos7 ~]#ll /var/named/slaves/lance.com.zone.slave
-rw-r--r-- 1 named named 447 7月 15 16:09 /var/named/slaves/lance.com.zone.slave

从时间看出该文件已更新

3.测试从服务器是否可以正常解析test.lance.com

[root@centos6 ~]#dig test.lance.com @192.168.45.17

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.68.rc1.el6 <<>> test.lance.com @192.168.45.17
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 29713
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2

;; QUESTION SECTION:
;test.lance.com.			IN	A

;; ANSWER SECTION:
test.lance.com.		86400	IN	A	192.168.45.12

;; AUTHORITY SECTION:
lance.com.		86400	IN	NS	ns1.lance.com.
lance.com.		86400	IN	NS	master.lance.com.

;; ADDITIONAL SECTION:
master.lance.com.	86400	IN	A	192.168.45.7
ns1.lance.com.		86400	IN	A	192.168.45.17

;; Query time: 0 msec
;; SERVER: 192.168.45.17#53(192.168.45.17)
;; WHEN: Wed Jul 15 16:11:21 2020
;; MSG SIZE  rcvd: 119

二、搭建并实现智能DNS。
1.安装DNS服务包bind包

[root@centos7 ~]#yum install bind -y

2.修改主配置文件/etc/named.conf

[root@centos7 ~]#vim /etc/named.conf
...
acl beijingnet {
	192.168.45.0/24;
};
acl tianjinnet {
	10.107.0.0/16;
};
acl othernet {
	 any;
};
...
// listen-on port 53 { 127.0.0.1; };
...
// allow-query  { localhost; };
...
logging {
	channel default_debug {
		file "data/named.run";
		severity dynamic;
 		};
};
view view_beijing {
	match-clients { beijingnet;};
	include "/etc/named.rfc1912.zones.bj";
};
view view_tianjin {
	match-clients { tianjinnet;};
	include "/etc/named.rfc1912.zones.tj";
};
view view_other {
	match-clients { othernet;};
	include "/etc/named.rfc1912.zones.other";
};
include "/etc/named.root.key";

3.增加修改zone文件

[root@centos7 ~]#cp /etc/named.rfc1912.zones /etc/named.rfc1912.zones.bj
[root@centos7 ~]#cp /etc/named.rfc1912.zones /etc/named.rfc1912.zones.tj
[root@centos7 ~]#mv /etc/named.rfc1912.zones /etc/named.rfc1912.zones.other
[root@centos7 ~]#vim /etc/named.rfc1912.zones.bj
...
zone "." IN {
	type hint;
	file "named.ca";
};
zone "lance.com" {
	 type master;
	file "lance.com.zone.bj";
};
...
[root@centos7 ~]#vim /etc/named.rfc1912.zones.tj
...
zone "." IN {
	type hint;
	file "named.ca";
};
zone "lance.com" {
	 type master;
	 file "lance.com.zone.tj";
};
...
[root@centos7 ~]#vim /etc/named.rfc1912.zones.other
...
zone "." IN {
	type hint;
	file "named.ca";
};
zone "lance.com" {
 	 type master;
	 file "lance.com.zone.other";
};
...
[root@centos7 ~]#chgrp named /etc/named.rfc1912.zones.*		  #修改zone文件所属组

4.增加修改各个zone数据库文件

[root@centos7 ~]#vim /var/named/lance.com.zone.bj
$TTL 1D
@ IN SOA ns1 admin ( 1 1H 3M 1W 1D )
NS ns1
ns1 A 192.168.45.7
www A 192.168.45.10
[root@centos7 ~]#vim /var/named/lance.com.zone.tj
$TTL 1D
@ IN SOA ns1 admin ( 1 1H 3M 1W 1D )
NS ns1
ns1 A 192.168.45.7
www A 10.107.12.10
[root@centos7 ~]#vim /var/named/lance.com.zone.other
$TTL 1D
@ IN SOA ns1 admin ( 1 1H 3M 1W 1D )
NS ns1
ns1 A 192.168.45.7
www A 114.114.114
[root@centos7 ~]#systemctl start named

5.在不同网段分别测试

[root@centos6 ~]#dig www.lance.com @192.168.45.7

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.68.rc1.el6 <<>> www.lance.com @192.168.45.7
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 44704
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1

;; QUESTION SECTION:
;www.lance.com.			IN	A

;; ANSWER SECTION:
www.lance.com.		86400	IN	A	192.168.45.10

;; AUTHORITY SECTION:
lance.com.		86400	IN	NS	ns1.lance.com.

;; ADDITIONAL SECTION:
ns1.lance.com.		86400	IN	A	192.168.45.7

;; Query time: 1 msec
;; SERVER: 192.168.45.7#53(192.168.45.7)
;; WHEN: Thu Jul 16 10:13:49 2020
;; MSG SIZE  rcvd: 81

[root@centos7 ~]#dig www.lance.com @10.107.12.20

; <<>> DiG 9.11.4-P2-RedHat-9.11.4-16.P2.el7 <<>> www.lance.com @10.107.12.20
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 27513
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;www.lance.com.			IN	A

;; ANSWER SECTION:
www.lance.com.		86400	IN	A	10.107.12.10

;; AUTHORITY SECTION:
lance.com.		86400	IN	NS	ns1.lance.com.

;; ADDITIONAL SECTION:
ns1.lance.com.		86400	IN	A	192.168.45.7

;; Query time: 1 msec
;; SERVER: 10.107.12.20#53(10.107.12.20)
;; WHEN: 四 7月 16 10:15:16 CST 2020
;; MSG SIZE  rcvd: 92

[root@centos7 ~]#dig www.lance.com @127.0.0.1

; <<>> DiG 9.11.4-P2-RedHat-9.11.4-16.P2.el7 <<>> www.lance.com @127.0.0.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 6325
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;www.lance.com.			IN	A

;; ANSWER SECTION:
www.lance.com.		86400	IN	A	114.114.114.114

;; AUTHORITY SECTION:
lance.com.		86400	IN	NS	ns1.lance.com.

;; ADDITIONAL SECTION:
ns1.lance.com.		86400	IN	A	192.168.45.7

;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: 四 7月 16 10:15:57 CST 2020
;; MSG SIZE  rcvd: 92

三、编译安装Mariadb，并启动后可以正常登录。
1.安装编译环境包

[root@centos7 ~]#yum install bison bison-devel zlib-devel \
> libcurl-devel libarchive-devel boost-devel gcc gcc-c++ \
> cmake ncurses-devel gnutls-devel libxml2-devel \
> openssl-devel libevent-devel libaio-devel -y

2.做准备用户和数据目录
创建逻辑卷，创建数据库文件目录：

[root@centos7 ~]#fdisk /dev/sda
欢迎使用 fdisk (util-linux 2.23.2)。
更改将停留在内存中，直到您决定将更改写入磁盘。
使用写入命令前请三思。
命令(输入 m 获取帮助)：n
All primary partitions are in use
添加逻辑分区 6
起始 扇区 (220207104-419430399，默认为 220207104)：
将使用默认值 220207104
Last 扇区, +扇区 or +size{K,M,G} (220207104-419430399，默认为 419430399)：
将使用默认值 419430399
分区 6 已设置为 Linux 类型，大小设为 95 GiB
命令(输入 m 获取帮助)：t
分区号 (1-6，默认 6)：6   
Hex 代码(输入 L 列出所有代码)：8e
已将分区“Linux”的类型更改为“Linux LVM”
命令(输入 m 获取帮助)：w
The partition table has been altered!
Calling ioctl() to re-read partition table.
WARNING: Re-reading the partition table failed with error 16: 设备或资源忙.
The kernel still uses the old table. The new table will be used at
the next reboot or after you run partprobe(8) or kpartx(8)
正在同步磁盘。
[root@centos7 ~]#partprobe 
Warning: 无法以读写方式打开 /dev/sr0 (只读文件系统)。/dev/sr0 已按照只读方式打开。
Warning: 无法以读写方式打开 /dev/sr1 (只读文件系统)。/dev/sr1 已按照只读方式打开。
[root@centos7 ~]#pvcreate /dev/sda6
  Physical volume "/dev/sda6" successfully created.
[root@centos7 ~]#vgcreate vg0 /dev/sda6 -s 16M
  Volume group "vg0" successfully created
[root@centos7 ~]#lvcreate -n mysql -l 50%free vg0
  Logical volume "mysql" created.
[root@centos7 ~]#mkfs.xfs /dev/vg0/mysql
[root@centos7 ~]#mkdir /data/mysql     #创建MySQL数据库目录
[root@centos7 ~]#vim /etc/fstab 
...
UUID=927947dc-e6d0-4f5d-99e1-6fe5cdd00b83 /data/mysql xfs defaults 0 0
[root@centos7 ~]#mount -a
[root@centos7 ~]#chown mysql.mysql /data/mysql #设置文件夹权限

创建用户：

[root@centos7 ~]#useradd -r -s /sbin/nologin -d /data/mysql mysql

解压mariadb包：

[root@centos7 data]#tar xf mariadb-10.2.25.tar.gz

3.cmake编译安装

[root@centos7 data]#cd mariadb-10.2.32/
[root@centos7 data]#cmake . \
> -DCMAKE_INSTALL_PREFIX=/app/mysql \
> -DMYSQL_DATADIR=/data/mysql/ \
> -DSYSCONFDIR=/etc/ \
> -DMYSQL_USER=mysql \
> -DWITH_INNOBASE_STORAGE_ENGINE=1 \
> -DWITH_ARCHIVE_STORAGE_ENGINE=1 \
> -DWITH_BLACKHOLE_STORAGE_ENGINE=1 \
> -DWITH_PARTITION_STORAGE_ENGINE=1 \
> -DWITHOUT_MROONGA_STORAGE_ENGINE=1 \
> -DWITH_DEBUG=0 \
> -DWITH_READLINE=1 \
> -DWITH_SSL=system \
> -DWITH_ZLIB=system \
> -DWITH_LIBWRAP=0 \
> -DENABLED_LOCAL_INFILE=1 \
> -DMYSQL_UNIX_ADDR=/data/mysql/mysql.sock \
> -DDEFAULT_CHARSET=utf8 \
> -DDEFAULT_COLLATION=utf8_general_ci
[root@centos7 mariadb-10.2.32]#make -j 2 && make install

4.准备环境变量

[root@centos7 mariadb-10.2.32]#echo 'PATH=/app/mysql/bin:$PATH' > /etc/profile.d/mysql.sh
[root@centos7 mariadb-10.2.32]#. /etc/profile.d/mysql.sh

5.生成数据库文件

[root@centos7 mariadb-10.2.32]#cd /app/mysql/
[root@centos7 mysql]#scripts/mysql_install_db --datadir=/data/mysql --user=mysql
Installing MariaDB/MySQL system tables in '/data/mysql' …
OK

6.准备配置文件

[root@centos7 mysql]#cp /app/mysql/support-files/my-huge.cnf /etc/my.cnf
cp：是否覆盖"/etc/my.cnf"？ y

7.准备启动脚本

[root@centos7 mysql]#cp /app/mysql/support-files/mysql.server /etc/init.d/mysqld

8.启动服务

[root@centos7 mysql]#chkconfig --add mysqld
[root@centos7 mysql]#service mysqld start
Starting mysqld (via systemctl): [ OK ]

9.登陆验证

[root@centos7 mysql]#ss -ntl
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 127.0.0.1:631 :
LISTEN 0 100 *:25 *:*
LISTEN 0 128 *:36635 *:*
LISTEN 0 5 127.0.0.1:25151 :
LISTEN 0 128 *:111 *:*
LISTEN 0 128 *:22 *:*
LISTEN 0 128 [::1]:631 [::]:*
LISTEN 0 100 [::]:25 [::]:*
LISTEN 0 128 [::]:36391 [::]:*
LISTEN 0 80 [::]:3306 [::]:*
LISTEN 0 128 [::]:111 [::]:*
LISTEN 0 128 [::]:80 [::]:*
LISTEN 0 128 [::]:22 [::]:*

[root@centos7 mysql]#mysql
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 10
Server version: 10.2.32-MariaDB-log Source distribution
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
MariaDB [(none)]> \s
mysql Ver 15.1 Distrib 10.2.32-MariaDB, for Linux (x86_64) using readline 5.1
Connection id: 10
Current database:
Current user: root@localhost
SSL: Not in use
Current pager: stdout
Using outfile: ''
Using delimiter: ;
Server: MariaDB
Server version: 10.2.32-MariaDB-log Source distribution
Protocol version: 10
Connection: Localhost via UNIX socket
Server characterset: utf8
Db characterset: utf8
Client characterset: utf8
Conn. characterset: utf8
UNIX socket: /data/mysql/mysql.sock
Uptime: 1 min 33 sec
Threads: 8 Questions: 5 Slow queries: 0 Opens: 17 Flush tables: 1 Open tables: 11 Queries per second avg: 0.053

本文地址：https://blog.csdn.net/weixin_42573182/article/details/107316877

DNS管理

大势至局域网服务器共享文件管理系统和服务器文件管理软件核心功能

sublime text3的package control安装失效的解决方法(插件安装包管理)

Linux下安装DNS+Sendmail服务的方法

Database.NET强大的数据库查询管理工具使用图文教程

怎样使用Clover给资源管理器加上标签功能

Windows优化大师Wopti内存管理图文教程

使用USBDeview工具来帮您随时随地批量管理USB设备

推荐一款简单好用、功能强大的服务器共享文件管理软件、共享文件管理免客户端的软件

稻草人便民工具快捷工具快速管理PC提升使用计算机的效率

oracle区管理和段空间管理详细介绍