DNS訪問的順序
Image 2.jpg
| VM | IP | 簡稱 |
|---|---|---|
| C | 172.18.51.12 | 12 |
| S | 172.18.51.13 | 13 |
| 根 | 172.18.51.14 | 14 |
| com | 172.18.51.15 | 15 |
| 主 | 172.18.51.16 | 16 |
| 從 | 172.18.51.17 | 17 |
實現(xiàn)DNS轉(zhuǎn)發(fā)模擬實驗腌逢,需要6臺虛擬機
| VM | IP | 簡稱 |
|---|---|---|
| C | 172.18.51.12 | 12 |
| S | 172.18.51.13 | 13 |
| 根 | 172.18.51.14 | 14 |
| com | 172.18.51.15 | 15 |
| 主 | 172.18.51.16 | 16 |
| 從 | 172.18.51.17 | 17 |
配置順序:
主>從>com>根>S>C
配置前為了放置中間出現(xiàn)意外首先確定
關閉selinux邓深,清空iptables整胃,安裝bind
14中配置
vim /etc/named.conf
注釋掉
# listen-on port 53 { 127.0.0.1; };
# allow-query { localhost; };
讓域內(nèi)所有服務器知道自己是根服務器
vim /var/named/named.ca
修改
;; QUESTION SECTION:
;. IN NS
;; ANSWER SECTION:
. 518400 IN NS a.root-servers.net.
a.root-servers.net. 3600000 IN A 172.18.51.14
下面多余部分刪掉就可以不放心可以注釋掉
分發(fā)/var/named/named.ca給所有主機13巢掺、15钻注、16淆九、17
scp /var/named/named.ca 172.18.51.17:/var/named
Are you sure you want to continue connecting (yes/no)? yes
root@172.18.51.17's password:
named.ca 100% 478 0.5KB/s 00:00
在/etc/named.rfc1912.zones中配置根
vim /etc/named.rfc1912.zones
#添加
zone "." IN {
type master;
file "root.zone";
};
在/etc/named.conf文件中有個根的指向需要刪除
vim /etc/named.conf
#刪除或注釋掉下面內(nèi)容
# zone "." IN {
# type hint;
# file "named.ca";
# };
然后對com進行委派
vim /var/named/root.zone
$TTL 86400 ; 1 day
@ IN SOA dns1 admin.nigaha.com. (
1002 ; serial
86400 ; refresh (1 day)
3600 ; retry (1 hour)
604800 ; expire (1 week)
10800 ; minimum (3 hours)
)
NS dns1 #dns1是本機
com NS dns2 #com指向dns2
dns1 A 172.18.51.14 #本機地址
dns2 A 172.18.51.15 #dns2指向com的ip
重啟服務统锤,7版本和6版本不一樣
15中配置
先修改配置,先建立com
vim /etc/named.rfc1912.zones
#添加
zone "com" {
type master;
file "com.zone";
};
創(chuàng)建com的域
vim /var/named/com.zone
$TTL 86400 ; 1 day
@ IN SOA dns1.nigaha.com. admin.nigaha.com. (
1002 ; serial
86400 ; refresh (1 day)
3600 ; retry (1 hour)
604800 ; expire (1 week)
10800 ; minimum (3 hours)
)
NS dns1
nigaha NS dns2
nigaha NS dns3
dns1 A 172.18.51.15
dns2 A 172.18.51.16
dns3 A 172.18.51.16
websrv A 172.18.51.111
www CNAME websrv
如果com擁有從服務器的話dns1中ip必須為本機ip,不然不影響實驗效果
(另外需要再加條NS記錄指向從服務器也就是dns3炭庙,如果不加不影響效果饲窿,但是你要的從服務器就沒卵用了)
注意!;捞恪逾雄!重啟服務
套路有點不對,現(xiàn)在配主從服務器
16中配置
在“options”的段里
vim /etc/named.conf
注釋掉
# listen-on port 53 { 127.0.0.1; };
# allow-query { localhost; };
配置域
#添加
vim /etc/named.rfc1912.zones
zone "nigaha.com" {
type master;
file "nigaha.com.zone";
// allow-transfer { any;}; #這個可以忽略
};
創(chuàng)建區(qū)域數(shù)據(jù)文件
vim /var/named/nigaha.com.zone
$TTL 86400 ; 1 day
@ IN SOA dns1.nigaha.com. admin.nigaha.com. (
1002 ; serial
86400 ; refresh (1 day)
3600 ; retry (1 hour)
604800 ; expire (1 week)
10800 ; minimum (3 hours)
)
NS dns1.nigaha.com.
NS dns2.nigaha.com.
dns1 A 172.18.51.14
dns2 A 172.18.51.17
websrv A 172.18.51.14
www CNAME websrv
17中配置
在“options”的段里
vim /etc/named.conf
注釋掉
# listen-on port 53 { 127.0.0.1; };
# allow-query { localhost; };
配置域
#添加
zone "nigaha.com" {
type slave;
masters {172.18.51.16; };
file "slaves/nigaha.com.slaves.zone";
};
看看有木有域數(shù)據(jù)文件呀
cd /var/named/slaves;ls
nigaha.com.slaves.zone
13中配置
先確定下根在不在
vim /var/named/named.ca
;; QUESTION SECTION:
;. IN NS
;; ANSWER SECTION:
. 518400 IN NS a.root-servers.net.
a.root-servers.net. 3600000 IN A 172.18.51.14 #對的就是他!
查看配置文件/ect/named.conf
vim /etc/named.conf
注釋掉
# listen-on port 53 { 127.0.0.1; };
# allow-query { localhost; };
開打(重啟服務)嘲驾!開打(重啟服務)淌哟!開打(重啟服務)!
12號驗證
dig www.nigaha.com @172.18.51.13
; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.62.rc1.el6 <<>> www.nigaha.com @172.18.51.13
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 59258
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 2, ADDITIONAL: 2
;; QUESTION SECTION:
;www.nigaha.com. IN A
;; ANSWER SECTION:
www.nigaha.com. 86400 IN CNAME websrv.nigaha.com.
websrv.nigaha.com. 86400 IN A 172.18.51.14
;; AUTHORITY SECTION:
nigaha.com. 86400 IN NS dns1.nigaha.com.
nigaha.com. 86400 IN NS dns2.nigaha.com.
;; ADDITIONAL SECTION:
dns2.nigaha.com. 86400 IN A 172.18.51.17
dns1.nigaha.com. 86400 IN A 172.18.51.14
;; Query time: 11 msec
;; SERVER: 172.18.51.13#53(172.18.51.13)
;; WHEN: Mon Sep 25 10:52:43 2017
;; MSG SIZE rcvd: 139
成功辽故!
