Linux DNS 主从复制
程序员文章站
2022-08-08 16:22:49
设置主从 DNS 的主要是为了冗余,分担压力,防止服务器宕机后, DNS 无法正常解析。 ......
设置主从dns的主要是为了冗余,分担压力,防止服务器宕机后,dns无法正常解析。
配置 master
正常配置
dns服务。
设置主机名
[root@localhost ~]# hostnamectl set-hostname master [root@localhost ~]# bash
安装 bind 包
[root@master ~]# yum install bind bind-utils -y
编辑主配置文件
[root@master ~]# vim /etc/named.conf
- 配置监听网段、允许查询网段
listen-on port 53 { 192.168.28.128; };
allow-query { any; };
编辑区域配置文件
[root@master ~]# vim /etc/named.rfc1912.zones
zone "yun.com" in {
type master;
file "yun.com.zone";
allow-update { none; };
};
zone "100.168.192.in-addr.arpa" in {
type master;
file "100.168.192.zone";
allow-update { none; };
};
编辑区域数据配置文件
[root@master ~]# cd /var/named/
- 编辑正向区域数据文件
[root@master named]# cp -p named.localhost yun.com.zone
[root@master named]# vim yun.com.zone
$ttl 1d
@ in soa yun.com admin.yun.com. (
0 ; serial
1d ; refresh
1h ; retry
1w ; expire
3h ) ; minimum
in ns yun.com.
in a 192.168.28.128
in mx 10 mail.yun.com.
www in a 192.168.100.10
ftp in a 192.168.100.20
bbs in cname www
* in a 8.8.8.8
- 编辑反向区域数据文件
[root@master named]# cp -p yun.com.zone 100.168.192.zone
[root@master named]# vim 100.168.192.zone
$ttl 1d
@ in soa yun.com admin.yun.com. (
0 ; serial
1d ; refresh
1h ; retry
1w ; expire
3h ) ; minimum
in ns yun.com.
in a 192.168.28.128
10 in ptr www.yun.com.
20 in ptr ftp.yun.com.
启动服务
[root@master ~]# systemctl start named [root@master ~]# systemctl enable named created symlink from /etc/systemd/system/multi-user.target.wants/named.service to /usr/lib/systemd/system/named.service.
[root@master ~]# netstat -ntuap | grep named tcp 0 0 192.168.28.128:53 0.0.0.0:* listen 34822/named tcp 0 0 127.0.0.1:953 0.0.0.0:* listen 34822/named tcp6 0 0 ::1:53 :::* listen 34822/named tcp6 0 0 ::1:953 :::* listen 34822/named udp 0 0 192.168.28.128:53 0.0.0.0:* 34822/named udp6 0 0 ::1:53 :::* 34822/named
关闭防火墙
[root@master ~]# systemctl stop firewalld [root@master ~]# setenforce 0
nslookup
- 设置
dns地址
[root@master ~]# vim /etc/resolv.conf # generated by networkmanager search localdomain nameserver 192.168.28.128
- 正向查询
[root@master ~]# nslookup www.yun.com server: 192.168.28.128 address: 192.168.28.128#53 name: www.yun.com address: 192.168.100.10 [root@master ~]# nslookup ftp.yun.com server: 192.168.28.128 address: 192.168.28.128#53 name: ftp.yun.com address: 192.168.100.20 [root@master ~]# nslookup bbs.yun.com server: 192.168.28.128 address: 192.168.28.128#53 bbs.yun.com canonical name = www.yun.com. name: www.yun.com address: 192.168.100.10 [root@master ~]# nslookup asd.yun.com server: 192.168.28.128 address: 192.168.28.128#53 name: asd.yun.com address: 8.8.8.8
- 反向查询
[root@master ~]# nslookup 192.168.100.10 server: 192.168.28.128 address: 192.168.28.128#53 10.100.168.192.in-addr.arpa name = www.yun.com. [root@master ~]# nslookup 192.168.100.20 server: 192.168.28.128 address: 192.168.28.128#53 20.100.168.192.in-addr.arpa name = ftp.yun.com.
allow-transfer
这是最重要的一步,允许传送。配置好后重启服务。
[root@master ~]# vim /etc/named.rfc1912.zones
zone "yun.com" in {
type master;
file "yun.com.zone";
allow-transfer { 192.168.28.129; };
allow-update { none; };
};
zone "100.168.192.in-addr.arpa" in {
type master;
file "100.168.192.zone";
allow-transfer { 192.168.28.129; };
allow-update { none; };
};
配置 slave
设置主机名
[root@localhost ~]# hostnamectl set-hostname slave [root@localhost ~]# bash
安装 bind 包
[root@slave ~]# yum install bind bind-utils -y
编辑主配置文件
[root@slave ~]# vim /etc/named.conf
- 配置监听网段、允许查询网段
listen-on port 53 { 192.168.28.129; };
allow-query { any; };
编辑区域配置文件
[root@slave ~]# vim /etc/named.rfc1912.zones
zone "yun.com" in {
type slave;
file "slaves/yun.com.zone";
masters { 192.168.28.128; };
allow-update { none; };
};
zone "100.168.192.in-addr.arpa" in {
type slave;
file "slaves/100.168.192.zone";
masters { 192.168.28.128; };
allow-update { none; };
};
启动服务
[root@slave ~]# systemctl start named [root@slave ~]# systemctl enable named created symlink from /etc/systemd/system/multi-user.target.wants/named.service to /usr/lib/systemd/system/named.service.
[root@slave ~]# netstat -ntuap | grep named tcp 0 0 192.168.28.129:53 0.0.0.0:* listen 1661/named tcp 0 0 127.0.0.1:953 0.0.0.0:* listen 1661/named tcp6 0 0 ::1:53 :::* listen 1661/named tcp6 0 0 ::1:953 :::* listen 1661/named udp 0 0 192.168.28.129:53 0.0.0.0:* 1661/named udp6 0 0 ::1:53 :::* 1661/named
关闭防火墙
[root@slave ~]# systemctl stop firewalld [root@slave ~]# setenforce 0
- 区域数据文件自动传送到从服务器
[root@slave ~]# ll /var/named/slaves/ total 8 -rw-r--r--. 1 named named 378 sep 12 02:11 100.168.192.zone -rw-r--r--. 1 named named 392 sep 12 02:11 yun.com.zone
nslookup
- 设置
dns地址
[root@slave ~]# vim /etc/resolv.conf # generated by networkmanager search localdomain nameserver 192.168.28.129
- 正向查询
[root@slave ~]# nslookup www.yun.com server: 192.168.28.129 address: 192.168.28.129#53 name: www.yun.com address: 192.168.100.10 [root@slave ~]# nslookup ftp.yun.com server: 192.168.28.129 address: 192.168.28.129#53 name: ftp.yun.com address: 192.168.100.20 [root@slave ~]# nslookup bbs.yun.com server: 192.168.28.129 address: 192.168.28.129#53 bbs.yun.com canonical name = www.yun.com. name: www.yun.com address: 192.168.100.10 [root@slave ~]# nslookup asd.yun.com server: 192.168.28.129 address: 192.168.28.129#53 name: asd.yun.com address: 8.8.8.8
- 反向查询
[root@slave ~]# nslookup 192.168.100.10 server: 192.168.28.129 address: 192.168.28.129#53 10.100.168.192.in-addr.arpa name = www.yun.com. [root@slave ~]# nslookup 192.168.100.20 server: 192.168.28.129 address: 192.168.28.129#53 20.100.168.192.in-addr.arpa name = ftp.yun.com.
上一篇: 非标设备多相机流水线模式缓存图片
下一篇: 榨苹果汁时削皮不?咦不削皮喝起来是这样的