-名稱解析服務:即域名和服務器IP地址相對應澎埠,用戶在訪問域名的時候旬盯,會啟動正向解析在互聯(lián)網(wǎng)找到該域名對應的服務器IP地址批幌,從而進行訪問。
-DNS服務實現(xiàn)原理:主機A需要訪問某個網(wǎng)站B扶叉,首先(遞歸查詢)向局域網(wǎng)的DNS服務發(fā)出請求,局域網(wǎng)DNS查看緩存帕膜,如果DNS找到目標IP則返回結果給主機A枣氧,如果沒找到則訪問互聯(lián)網(wǎng)根DNS(迭代查詢)服務器、頂級DNS服務器垮刹、二級DNS服務器等一級一級往下查詢达吞,直到找到目標IP地址并返回給主機A。
-DNS實現(xiàn)工作方式:分布式
DNS服務工作原理.png
第一步:安裝DNS工具包荒典、測試工具包
yum install -y bind bind-utils
查看文件列表酪劫、找到關鍵配置文件/etc/named.conf
rpm -ql bind
/etc/logrotate.d/named
/etc/named
/etc/named.conf
/etc/named.iscdlv.key
/etc/named.rfc1912.zones
/etc/named.root.key
/etc/rndc.conf
/etc/rndc.key
/etc/rwtab.d/named
/etc/sysconfig/named
/run/named
/usr/bin/arpaname
/usr/bin/named-rrchecker
/usr/lib/python2.7/site-packages/isc
/usr/lib/python2.7/site-packages/isc-2.0-py2.7.egg-info
第二步:修改配置文件、DNS修改為本機地址
vim ifcfg-ens33
IPV6INIT="yes"
IPV6_AUTOCONF="yes"
BOOTPROTO="static"
DEVICE="ens33"
ONBOOT="yes"
UUID="3a3bad16-9456-4863-8ebf-70b2d3033539"
IPADDR=192.168.1.29
GATEWAY=192.168.1.2
NETMASK=255.255.255.0
PREFIX=24
DNS=192.168.1.29
第三步:啟動服務
systemctl start named
systemctl status named
● named.service - Berkeley Internet Name Domain (DNS)
Loaded: loaded (/usr/lib/systemd/system/named.service; disabled; vendor preset: disabled)
Active: active (running) since Sat 2022-01-22 02:16:20 CST; 2s ago
Process: 2408 ExecStart=/usr/sbin/named -u named -c ${NAMEDCONF} $OPTIONS (code=exited, status=0/SUCCESS)
Process: 2405 ExecStartPre=/bin/bash -c if [ ! "$DISABLE_ZONE_CHECKING" == "yes" ]; then /usr/sbin/named-checkconf -z "$NAMEDCONF"; else echo "Checking of zone files is disabled"; fi (code=exited, status=0/SUCCESS)
Main PID: 2410 (named)
CGroup: /system.slice/named.service
└─2410 /usr/sbin/named -u named -c /etc/named.conf
Jan 22 02:16:20 centos_7.9 named[2410]: network unreachable resolving './DNSKEY/IN': 2001:7fd::1#53
Jan 22 02:16:20 centos_7.9 named[2410]: network unreachable resolving './NS/IN': 2001:7fd::1#53
Jan 22 02:16:20 centos_7.9 named[2410]: network unreachable resolving './DNSKEY/IN': 2001:7fe::53#53
Jan 22 02:16:20 centos_7.9 named[2410]: network unreachable resolving './NS/IN': 2001:7fe::53#53
Jan 22 02:16:20 centos_7.9 named[2410]: network unreachable resolving './DNSKEY/IN': 2001:503:ba3e::2:30#53
Jan 22 02:16:20 centos_7.9 named[2410]: network unreachable resolving './NS/IN': 2001:503:ba3e::2:30#53
Jan 22 02:16:20 centos_7.9 named[2410]: network unreachable resolving './DNSKEY/IN': 2001:500:12::d0d#53
Jan 22 02:16:20 centos_7.9 named[2410]: network unreachable resolving './NS/IN': 2001:500:12::d0d#53
Jan 22 02:16:20 centos_7.9 named[2410]: managed-keys-zone: Key 20326 for zone . acceptance timer complete: key now trusted
Jan 22 02:16:20 centos_7.9 named[2410]: resolver priming query complete
第四步:重啟網(wǎng)絡服務并測試
systemctl restart network
ping www.baidu.com
PING www.a.shifen.com (14.215.177.38) 56(84) bytes of data.
64 bytes from 14.215.177.38 (14.215.177.38): icmp_seq=1 ttl=128 time=10.6 ms
64 bytes from 14.215.177.38 (14.215.177.38): icmp_seq=2 ttl=128 time=12.2 ms
64 bytes from 14.215.177.38 (14.215.177.38): icmp_seq=3 ttl=128 time=10.2 ms
64 bytes from 14.215.177.38 (14.215.177.38): icmp_seq=4 ttl=128 time=9.85 ms
64 bytes from 14.215.177.38 (14.215.177.38): icmp_seq=5 ttl=128 time=25.9 ms
^C
--- www.a.shifen.com ping statistics ---
5 packets transmitted, 5 received, 0% packet loss, time 5946ms
rtt min/avg/max/mdev = 9.855/13.803/25.941/6.125 ms
