DNS 资源记录
• DNS 区域采用资源记录的形式存储信息。每条资源记录均具有一个类型 , 表明其保留的数据类型
– A : 名称至 IPv4 地址
– AAAA : 名称至 IPv6 地址
– CNAME : 名称至 ” 规范名称 “ ( 包含 A/AAAA 记录的另一个名称 )
– PTR : IPv4/IPv6 地址至名称
– MX : 用于名称的邮件交换器 ( 向何处发送其电子邮件 )
– NS : 域名的名称服务器
– SOA :” 授权起始 “ , DNS 区域的信息 ( 管理信息 )
DNS 排错
• 它显示来自 DNS 查找的详细信息 , 其中包括为什么查询失败 :
– NOERROR : 查询成功
– NXDOMAIN : DNS 服务器提示不存在这样的名称
– SERVFAIL : DNS 服务器停机或 DNSSEC 响应验证失败
– REFUSED : DNS 服务器拒绝回答 ( 也许是出于访问控制原因 )
dig 输出的部分内容
• 标题指出关于查询和答案的信息 , 其中包括响应状态和设置的任何特殊标记 ( aa 表示权威答案 , 等等 )
– QUESTION : 提出实际的 DNS 查询
– ANSWER : 响应 ( 如果有 )
– AUTHORITY : 负责域 / 区域的名称服务器
– ADDITIONAL : 提供的其他信息 , 通常是关于名称服务器
– 底部的注释指出发送查询的递归名称服务器以及获得响应所花费的时间
缓存 DNS 服务器
•BIND 是最广泛使用的开源名称服务器
•在 RHEL 中 , 通过 bind 软件包提供
•防火墙开启端口 53/TCP 和 53/UDP
•BIND 的主配置文件是 /etc/named.conf
•/var/named 目录包含名称服务器所使用的其他数据文件
/etc/named.conf 的语法
• // 或 # 至行末尾是注释 ; /* 与 */ 之间的文本也
是注释 ( 可以跨越多行 )
• 指令以分号结束 (;)
• 许多指令认为地址匹配列表放在大括号中、以
CIDR 表示法表示的 IP 地址或子网列表中 , 或者
命名的 ACL 中 ( 例如 any; [ 所有主机 ] 和
none; [ 无主机 ] )
• 文件以 options 块开始 , 其中包含控制 named
如何运作的指令
• zone 块控制 named 如何查对于其具有权威性的
根名称服务器和区域
一些重要的 options 指令
•listen-on 控制 named 侦听的 IPv4 地址
•listen-on-v6 控制 named 侦听的 IPv6 地址
•allow-query 控制哪些客户端可以向 DNS 服务器询问信息
•forwarders 包含 DNS 查询将转发至的名称服务器的列表( 而不是直接联系外部名称服务器 ; 在设有防火 墙的情况中很有用 )
• 所有这些指令会将打括号中以分号分隔的元素视为地址匹配
列表 . 如
– listen-on { any; };
– allow-query { 127.0.0.1; 10.0.0.0/8 };
配置名称服务器
• 安装 bind 软件包
– yum install -y bind
• 编辑 /etc/named.conf
–listen-on port 53 { any; };
–listen-on-v6 port 53 { any; };
–allow-query { any; };
–forwarders { 172.25.254.254; };
• 启动并启用 DNS 服务器
• systemctl start named
• systemctl enable named
• 从 desktopX 进行测试
– dig classroom.example.com
准备工作:重置两个虚拟机;配置网络和yum源;
ping www.baidu.com ##显示这是一个不知道的host
服务端(高速缓存)的设定:权威服务器:172.25.254.250
1 ifconfig
2 hostname server
3 yum install bind.x86_64 -y
4 systemctl stop firewalld.service
5 ll /etc/rndc.key
6 systemctl start named
7 ll /etc/rndc.key
8 cat /dev/random ##在服务端敲东西这里内容会增多ctrl c 退出
9 cat /etc/rndc.key
10 netstat -antlpe |grep named
11 ifconfig
12 vim /etc/named.conf
12 vim /etc/host ##会看到本机下能解释的域名
13 systemctl restart named
14 netstat -antlpe |grep named
15 history
----------------------------------------------------------------------------------------
[root@server ~]# yum install bind.x86_64 -y
Loaded plugins: langpacks
rhel_dvd | 4.1 kB 00:00
(1/2): rhel_dvd/group_gz | 134 kB 00:00
(2/2): rhel_dvd/primary_db | 3.4 MB 00:00
Resolving Dependencies
--> Running transaction check
---> Package bind.x86_64 32:9.9.4-14.el7 will be installed
--> Finished Dependency Resolution
Dependencies Resolved
================================================================================
Package Arch Version Repository Size
================================================================================
Installing:
bind x86_64 32:9.9.4-14.el7 rhel_dvd 1.8 M
Transaction Summary
================================================================================
Install 1 Package
Total download size: 1.8 M
Installed size: 4.3 M
Downloading packages:
bind-9.9.4-14.el7.x86_64.rpm | 1.8 MB 00:00
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing : 32:bind-9.9.4-14.el7.x86_64 1/1
Verifying : 32:bind-9.9.4-14.el7.x86_64 1/1
Installed:
bind.x86_64 32:9.9.4-14.el7
Complete!
[root@server ~]# systemctl stop firewalld.service
[root@server ~]# ll /etc/rndc.key
ls: cannot access /etc/rndc.key: No such file or directory
[root@server ~]# systemctl start named
[root@server ~]# ll /etc/rndc.key
-rw-r-----. 1 root named 77 May 5 22:12 /etc/rndc.key
[root@server ~]# cat /dev/random
�ez<,_�b�u~����/iD��
x�8����5��x�6g
���ا�3��[d~zjw��ۚ^C
[root@server ~]# cat /etc/rndc.key
key "rndc-key" {
algorithm hmac-md5;
secret "cwAT9eheIAnYZ3wcZOLGBQ==";
};
[root@server ~]# netstat -antlpe |grep named
tcp 0 0 127.0.0.1:953 0.0.0.0:* LISTEN 25 101696 5123/named
tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN 25 101637 5123/named
tcp6 0 0 ::1:953 :::* LISTEN 25 101697 5123/named
tcp6 0 0 ::1:53 :::* LISTEN 25 101639 5123/named
[root@server ~]# ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.25.254.205 netmask 255.255.255.0 broadcast 172.25.254.255
inet6 fe80::5054:ff:fe00:50b prefixlen 64 scopeid 0x20<link>
ether 52:54:00:00:05:0b txqueuelen 1000 (Ethernet)
RX packets 88217 bytes 645729783 (615.8 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 60467 bytes 4149051 (3.9 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 0 (Local Loopback)
RX packets 280 bytes 23836 (23.2 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 280 bytes 23836 (23.2 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
[root@server ~]# vim /etc/named.conf
[root@server ~]# systemctl restart named
[root@server ~]# netstat -antlpe |grep named
tcp 0 0 127.0.0.1:953 0.0.0.0:* LISTEN 25 110181 5318/named
tcp 0 0 172.25.254.205:53 0.0.0.0:* LISTEN 25 110176 5318/named
tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN 25 110174 5318/named
tcp6 0 0 ::1:953 :::* LISTEN 25 110182 5318/named
tcp6 0 0 ::1:53 :::* LISTEN 25 110178 5318/named
---------------------------------------------------------------------------------------
客户端:
3 vim /etc/resolv.conf
4 dig www.baidu.com
----------------------------------------------------------------------------------------
[root@desktop ~]# vim /etc/resolv.conf
[root@desktop ~]# dig www.baidu.com
; <<>> DiG 9.9.4-RedHat-9.9.4-14.el7 <<>> www.baidu.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 8036
;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 13, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;www.baidu.com. IN A
;; ANSWER SECTION:
www.baidu.com. 12 IN CNAME www.a.shifen.com.
www.a.shifen.com. 243 IN A 183.232.231.173
www.a.shifen.com. 243 IN A 183.232.231.172
;; AUTHORITY SECTION:
. 512855 IN NS l.root-servers.net.
. 512855 IN NS e.root-servers.net.
. 512855 IN NS i.root-servers.net.
. 512855 IN NS k.root-servers.net.
. 512855 IN NS j.root-servers.net.
. 512855 IN NS b.root-servers.net.
. 512855 IN NS g.root-servers.net.
. 512855 IN NS m.root-servers.net.
. 512855 IN NS c.root-servers.net.
. 512855 IN NS d.root-servers.net.
. 512855 IN NS h.root-servers.net.
. 512855 IN NS a.root-servers.net.
. 512855 IN NS f.root-servers.net.
;; Query time: 12 msec
;; SERVER: 172.25.254.205#53(172.25.254.205)
;; WHEN: Fri May 05 22:23:08 EDT 2017
;; MSG SIZE rcvd: 312
-----------------------------------------------------------------------------------------
正向解析
服务端:
1 vim /etc/named.conf ##更改配置
2 vim /etc/named.rfc1912.zones ##/etc/named.conf包含这个文件,写在这里使主文件简洁
3 cd /var/named
4 ls
5 ll
6 cp -p named.localhost westos.com.zone ##此类文件权限特殊,所以要-p复制
7 vim westos.com.zone ##建立这个不存在的文件。否则重启服务会报错
8 systemctl restart named
9 history
[root@server named]# vim /etc/named.conf
[root@server named]# vim /etc/named.rfc1912.zones
[root@server named]# vim westos.com.zone
---------------------------------------------------------------------------------------
[root@server ~]# vim /etc/named.conf
[root@server ~]# vim /etc/named.rfc1912.zones
[root@server ~]# cd /var/named
[root@server named]# ls
data dynamic named.ca named.empty named.localhost named.loopback slaves
[root@server named]# ll
total 16
drwxrwx---. 2 named named 22 May 5 22:12 data
drwxrwx---. 2 named named 30 May 5 22:21 dynamic
-rw-r-----. 1 root named 2076 Jan 28 2013 named.ca
-rw-r-----. 1 root named 152 Dec 15 2009 named.empty
-rw-r-----. 1 root named 152 Jun 21 2007 named.localhost
-rw-r-----. 1 root named 168 Dec 15 2009 named.loopback
drwxrwx---. 2 named named 6 Jan 29 2014 slaves
[root@server named]# cp -p named.localhost westos.com.zone
[root@server named]# vim westos.com.zone
[root@server named]# systemctl restart named
--------------------------------------------------------------------------------
客户端:
或下面
-------------------------------------------------------------------------------[root@desktop ~]# dig www.westos.com
; <<>> DiG 9.9.4-RedHat-9.9.4-14.el7 <<>> www.westos.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 3309
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;www.westos.com. IN A
;; ANSWER SECTION:
www.westos.com. 86400 IN A 172.25.254.105
;; AUTHORITY SECTION:
westos.com. 86400 IN NS dns.westos.com.
;; ADDITIONAL SECTION:
dns.westos.com. 86400 IN A 172.25.254.205
;; Query time: 1 msec
;; SERVER: 172.25.254.205#53(172.25.254.205)
;; WHEN: Fri May 05 22:56:36 EDT 2017
;; MSG SIZE rcvd: 93
-----------------------------------------------------------------------------
cname,邮件
服务端:
[root@server named]# vim westos.com.zone
[root@server named]# systemctl restart named
[root@server named]# cat westos.com.zone
$TTL 1D
@ IN SOA dns.westos.com. root.westos.com. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS dns.westos.com.
dns A 172.25.254.205
www A 172.25.254.105
music CNAME music.a.westos.com.
music.a A 172.25.254.111
music.a A 172.25.254.222
westos.com. MX 1 172.25.254.205.
客户端:
7 dig music.westos.com
8 dig -t mx westos.com
9 mail root@westos.com
10 mailq
-----------------------------------------------------------------------------
[root@desktop ~]# dig music.westos.com
; <<>> DiG 9.9.4-RedHat-9.9.4-14.el7 <<>> music.westos.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 54552
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 1, ADDITIONAL: 2
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;music.westos.com. IN A
;; ANSWER SECTION:
music.westos.com. 86400 IN CNAME music.a.westos.com.
music.a.westos.com. 86400 IN A 172.25.254.222
music.a.westos.com. 86400 IN A 172.25.254.111
;; AUTHORITY SECTION:
westos.com. 86400 IN NS dns.westos.com.
;; ADDITIONAL SECTION:
dns.westos.com. 86400 IN A 172.25.254.205
;; Query time: 1 msec
;; SERVER: 172.25.254.205#53(172.25.254.205)
;; WHEN: Fri May 05 23:29:16 EDT 2017
;; MSG SIZE rcvd: 133
[root@desktop ~]# dig -t mx westos.com
; <<>> DiG 9.9.4-RedHat-9.9.4-14.el7 <<>> -t mx westos.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 20531
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;westos.com. IN MX
;; ANSWER SECTION:
westos.com. 86400 IN MX 1 172.25.254.205.
;; AUTHORITY SECTION:
westos.com. 86400 IN NS dns.westos.com.
;; ADDITIONAL SECTION:
dns.westos.com. 86400 IN A 172.25.254.205
;; Query time: 0 msec
;; SERVER: 172.25.254.205#53(172.25.254.205)
;; WHEN: Fri May 05 23:29:32 EDT 2017
;; MSG SIZE rcvd: 103
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
[root@desktop ~]# mail root@westos.com
Subject: wgir
rwgtethy
sa
EOT ##ctrl+d 退出cd
[root@desktop ~]# mailq
-Queue ID- --Size-- ----Arrival Time---- -Sender/Recipient-------
31EED17E845 443 Fri May 5 23:33:48 root@desktop.localdomain
(connect to 172.25.254.205[172.25.254.205]:25: Connection refused)
root@westos.com
-- 0 Kbytes in 1 Request.
[root@desktop ~]# 原因是没有mail服务,但是此配置没有问题
--------------------------------------------------------------------------------------
给服务端添加一块网卡
主机中
2 cd /etc/sysconfig/network-scripts/
3 ls
4 cp ifcfg-eth0 ifcfg-eth1
5 vim ifcfg-eth1
6 systemctl restart network
7 systemctl restart named
12 netstat -antlpe |grep named
13 history
[root@server named]# ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.25.254.205 netmask 255.255.255.0 broadcast 172.25.254.255
inet6 fe80::5054:ff:fe00:50b prefixlen 64 scopeid 0x20<link>
ether 52:54:00:00:05:0b txqueuelen 1000 (Ethernet)
RX packets 94808 bytes 646550334 (616.5 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 62138 bytes 4387281 (4.1 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
eth1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
ether 52:54:00:46:7c:fa txqueuelen 1000 (Ethernet)
RX packets 403 bytes 55265 (53.9 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 0 (Local Loopback)
RX packets 444 bytes 36872 (36.0 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 444 bytes 36872 (36.0 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
[root@server named]# cd /etc/sysconfig/network-scripts/
[root@server network-scripts]# ls
ifcfg-eth0 ifdown-ppp ifup-eth ifup-sit
ifcfg-lo ifdown-routes ifup-ippp ifup-Team
ifdown ifdown-sit ifup-ipv6 ifup-TeamPort
ifdown-bnep ifdown-Team ifup-isdn ifup-tunnel
ifdown-eth ifdown-TeamPort ifup-plip ifup-wireless
ifdown-ippp ifdown-tunnel ifup-plusb init.ipv6-global
ifdown-ipv6 ifup ifup-post network-functions
ifdown-isdn ifup-aliases ifup-ppp network-functions-ipv6
ifdown-post ifup-bnep ifup-routes
[root@server network-scripts]# cp ifcfg-eth0 ifcfg-eth1
[root@server network-scripts]# vim ifcfg-eth1
[root@server network-scripts]# systemctl restart network
[root@server network-scripts]# systemctl restart named
[root@server network-scripts]# netstat -antlpe |grep named
tcp 0 0 127.0.0.1:953 0.0.0.0:* LISTEN 25 163343 2236/named
tcp 0 0 172.25.254.205:53 0.0.0.0:* LISTEN 25 163338 2236/named
tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN 25 163336 2236/named
tcp6 0 0 ::1:953 :::* LISTEN 25 163344 2236/named
tcp6 0 0 ::1:53 :::* LISTEN 25 163340 2236/named
[root@server network-scripts]#
[root@server network-scripts]# vim ifcfg-eth1
[root@server network-scripts]# systemctl restart network
[root@server network-scripts]# systemctl restart named
[root@server network-scripts]# netstat -antlpe |grep named
tcp 0 0 127.0.0.1:953 0.0.0.0:* LISTEN 25 166163 2815/named
tcp 0 0 172.25.0.205:53 0.0.0.0:* LISTEN 25 166158 2815/named
tcp 0 0 172.25.254.205:53 0.0.0.0:* LISTEN 25 166156 2815/named
tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN 25 166154 2815/named
tcp6 0 0 ::1:953 :::* LISTEN 25 166164 2815/named
tcp6 0 0 ::1:53 :::* LISTEN 25 166160 2815/named
[root@server network-scripts]#
不同网段的(
服务端:
[root@server named]# cd /var/named/
[root@server named]# ls
data named.ca named.localhost slaves
dynamic named.empty named.loopback westos.com.zone
[root@server named]# cp -p westos.com.zone westos.com.inter
[root@server named]# ls
data named.ca named.localhost slaves westos.com.zone
dynamic named.empty named.loopback westos.com.inter
[root@server named]# vim westos.com.inter
[root@server named]# vim /etc/named.rfc1912.inter
[root@server named]# vim /etc/named.conf
Job for named.service failed. See 'systemctl status named.service' and 'journalctl -xn' for details.
[root@server named]# vim /etc/named.conf
[root@server named]# systemctl restart named
[root@server named]# ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.25.254.205 netmask 255.255.255.0 broadcast 172.25.254.255
inet6 fe80::5054:ff:fe00:50b prefixlen 64 scopeid 0x20<link>
ether 52:54:00:00:05:0b txqueuelen 1000 (Ethernet)
RX packets 107163 bytes 647928390 (617.9 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 64381 bytes 4686463 (4.4 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
eth1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.25.0.205 netmask 255.255.255.0 broadcast 172.25.0.255
inet6 fe80::5054:ff:fe46:7cfa prefixlen 64 scopeid 0x20<link>
ether 52:54:00:46:7c:fa txqueuelen 1000 (Ethernet)
RX packets 9611 bytes 1108107 (1.0 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 32 bytes 4352 (4.2 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 0 (Local Loopback)
RX packets 822 bytes 68468 (66.8 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 822 bytes 68468 (66.8 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
[root@server named]# vim /etc/sysconfig/network-scripts/ifcfg-eth1
[root@server named]# systemctl restart network
[root@server named]# systemctl restart named
[root@server named]#
客户端:
一开始ip为172.25.254.105
[root@desktop ~]# dig www.westos.com
; <<>> DiG 9.9.4-RedHat-9.9.4-14.el7 <<>> www.westos.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 24055
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;www.westos.com. IN A
;; ANSWER SECTION:
www.westos.com. 86400 IN A 172.25.254.105
;; AUTHORITY SECTION:
westos.com. 86400 IN NS dns.westos.com.
;; ADDITIONAL SECTION:
dns.westos.com. 86400 IN A 172.25.254.205
;; Query time: 1 msec
;; SERVER: 172.25.254.205#53(172.25.254.205)
;; WHEN: Sat May 06 02:09:27 EDT 2017
;; MSG SIZE rcvd: 93
[root@desktop ~]# vim ifcfg-eth0
[root@desktop ~]# vim /etc/sysconfig/network-scripts/ifcfg-eth0
[root@desktop ~]# ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.25.254.105 netmask 255.255.255.0 broadcast 172.25.254.255
inet6 fe80::5054:ff:fe00:50a prefixlen 64 scopeid 0x20<link>
ether 52:54:00:00:05:0a txqueuelen 1000 (Ethernet)
RX packets 83391 bytes 576392532 (549.6 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 50041 bytes 3471962 (3.3 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 0 (Local Loopback)
RX packets 408 bytes 34716 (33.9 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 408 bytes 34716 (33.9 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
[root@desktop ~]# systemctl restart network
现在ip为172.254.5.105
把/etc/resolv.conf 里面的ip改掉
反向解析
服务端:
1 vim /etc/named.rfc1912.zones
2 ls
3 cp -p /var/named/named.loopback /var/named/westos.com.ptr
4 vim /var/named/westos.com.ptr
5 systemctl restart named
[root@server named]# vim /etc/named.rfc1912.zones
[root@server named]# ls
data named.ca named.localhost slaves westos.com.zone
dynamic named.empty named.loopback westos.com.inter
[root@server named]# cp -p /var/named/named.loopback /var/named/westos.com.ptr
[root@server named]# vim /var/named/westos.com.ptr
[root@server named]# systemctl restart named
[root@server named]# cat /etc/named.rfc1912.zones
zone "254.25.172.in-addr.arpa" IN {
type master;
file "westos.com.ptr";
allow-update { none; };
};
[root@server named]# cat /var/named/westos.com.ptr $TTL 1D
@ IN SOA dns.westos.com. root.westos.com. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS dns.westos.com.
dns A 172.25.254.205
111 PTR www.westos.com.
222 PTR bbs.westos.com.
[root@server named]#
客户端:
305 vim /etc/resolv.conf
306 dig -x 172.25.254.111
[root@foundation5 Desktop]# vim /etc/resolv.conf
[root@foundation5 Desktop]# dig -x 172.25.254.111
; <<>> DiG 9.9.4-RedHat-9.9.4-29.el7 <<>> -x 172.25.254.111
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 52361
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;111.254.25.172.in-addr.arpa. IN PTR
;; ANSWER SECTION:
111.254.25.172.in-addr.arpa. 86400 IN PTR www.westos.com.
;; AUTHORITY SECTION:
254.25.172.in-addr.arpa. 86400 IN NS dns.westos.com.
;; ADDITIONAL SECTION:
dns.westos.com. 86400 IN A 172.25.254.205
;; Query time: 0 msec
;; SERVER: 172.25.254.205#53(172.25.254.205)
;; WHEN: Sat May 06 15:29:30 CST 2017
;; MSG SIZE rcvd: 118
dns更新
服务端:
[root@server named]# cp -p /var/named/westos.com.zone /mnt
[root@server named]# vim /etc/named.rfc1912.zones
[root@server named]# setsebool -P named_write_master_zones 1
[root@server named]# systemctl restart named
[root@server named]# vim /etc/named.rfc1912.zones
[root@server named]# dig hello.westos.com
; <<>> DiG 9.9.4-RedHat-9.9.4-14.el7 <<>> hello.westos.com;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 43862
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 1, ADDITIONAL: 2
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;hello.westos.com. IN A
;; ANSWER SECTION:
hello.westos.com. 86400 IN A 172.25.254.137
hello.westos.com. 86400 IN A 172.25.254.222
;; AUTHORITY SECTION:
westos.com. 86400 IN NS dns.westos.com.
;; ADDITIONAL SECTION:
dns.westos.com. 86400 IN A 172.25.254.205
;; Query time: 0 msec
;; SERVER: 172.25.254.205#53(172.25.254.205)
;; WHEN: Sat May 06 04:15:05 EDT 2017
;; MSG SIZE rcvd: 111
[root@server named]#
客户端:
[root@desktop ~]# nsupdate
> server 172.25.254.205
> update add hello.westos.com 86400 A 172.25.254.137
> send
还原:(否则对下个实验有影响)
[root@server named]# systemctl restart named
[root@server named]# rm -fr westos.com.zone westos.com.zone.jnl
[root@server named]# cp -p /mnt/westos.com.zone /var/named
[root@server named]# systemctl restart named
[root@server named]# cat /var/named/westos.com.zone
$TTL 1D
@ IN SOA dns.westos.com. root.westos.com. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS dns.westos.com.
dns A 172.25.254.205
www A 172.25.254.105
music CNAME music.a.westos.com.
music.a A 172.25.254.111
music.a A 172.25.254.222
westos.com. MX 1 172.25.254.205.
[root@server named]#
密钥更新
服务端:
1 cd /mnt
2 dnssec-keygen -a HMAC-MD5 -b 128 -n HOST westoskey
3 ls
4 cp -p /etc/rndc.key /etc/westos.key
5 vim /etc/westos.key
6 cat Kwestoskey.+157+05765.key
7 vim /etc/westos.key
8 vim /etc/named.conf
9 vim /etc/named.rfc1912.zones
10 scp Kwestoskey.+157+05765.* root@172.25.254.44:/mnt/
11 systemctl restart named
12 vim /etc/westos.key
13 date
14 scp Kwestoskey.+157+05765.* root@172.25.254.144:/mnt/
15 history
------------------------------------------------------------------------
[root@localhost mnt]# dnssec-keygen -a HMAC-MD5 -b 128 -n HOST westoskey
Kwestoskey.+157+05765
[root@localhost mnt]# ls
Kwestoskey.+157+05765.key Kwestoskey.+157+05765.private westos.com.zone
[root@localhost mnt]# cp -p /etc/rndc.key /etc/westos.key
[root@localhost mnt]# vim /etc/westos.key
[root@localhost mnt]# cat Kwestoskey.+157+05765.key
westoskey. IN KEY 512 3 157 zwAQ+XhQRR687A2xlNQUDQ==
[root@localhost mnt]# vim /etc/westos.key
[root@localhost mnt]# vim /etc/westos.key
[root@localhost mnt]# vim /etc/named.conf
[root@localhost mnt]# vim /etc/named.rfc1912.zones
[root@localhost mnt]# scp Kwestoskey.+157+05765.* root@172.25.254.44:/mnt/
root@172.25.254.44's password:
Kwestoskey.+157+05765.key 100% 53 0.1KB/s 00:00
Kwestoskey.+157+05765.private 100% 165 0.2KB/s 00:00
[root@localhost mnt]# systemctl restart named
[root@localhost mnt]# vim /etc/westos.key
[root@localhost mnt]# date
Wed May 10 10:18:20 EDT 2017
[root@localhost mnt]# scp Kwestoskey.+157+05765.* root@172.25.254.144:/mnt/
The authenticity of host '172.25.254.144 (172.25.254.144)' can't be established.
ECDSA key fingerprint is eb:24:0e:07:96:26:b1:04:c2:37:0c:78:2d:bc:b0:08.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '172.25.254.144' (ECDSA) to the list of known hosts.
root@172.25.254.144's password:
Kwestoskey.+157+05765.key 100% 53 0.1KB/s 00:00
Kwestoskey.+157+05765.private 100% 165 0.2KB/s 00:00
[root@localhost mnt]#
------------------------------------------------------------------------
客户端:
[root@foundation44 mnt]# vim /etc/resolv.conf
[root@foundation44 mnt]# nsupdate -k Kwestoskey.+157+05765.private
> server 172.25.254.244
> update add www.westos.com 86400 A 172.25.254.189
> send
dns_request_getresponse: clocks are unsynchronized ##时钟不同步
[root@foundation44 mnt]# date
Wed May 10 22:19:37 EDT 2017 ##此时在服务端可以看到时间为Wed May 10 10:18:20 EDT 2017
进行时间同步或者换台机子测试就好了(我这里换了台机子)
dhcp更新自动检测:
首先关闭火墙,开启named服务
需要在服务端开启dhcpd
服务端:
43 yum install dhcp -y
44 systemctl stop firewalld.service
45 systemctl start named
46 cp /usr/share/doc/dhcp-4.2.5/dhcpd.conf.example /etc/dhcp/dhcpd.conf
48 vim /etc/dhcp/dhcpd.conf ##27,28,36以后都删掉
53 cd /mnt/
54 ls
55 cat Kwestoskey.+157+38119.key
56 vim /etc/dhcp/dhcpd.conf
59 systemctl start dhcpd
60 dig test.westos.com
61 cd /var/named/
62 ls
63 vim westos.com.zone
64 vim named.loopback
65 vim named.localhost
66 vim /etc/named.rfc1912.zones
这张图,如果不更改下面那张图就要改成这样,否则不用
67 vim /etc/named.conf
68 systemctl status named
69 systemctl restart named
70 systemctl restart dhcpd
71 dig test.westos.com
95 rm -fr /var/named/westos.com.z*
96 cp -p /mnt/westos.com.zone /var/named/
72 vim /etc/dhcp/dhcpd.conf
man 5 dhcpd.conf
74 vim /etc/dhcp/dhcpd.conf
75 cd /etc/
76 ls
77 vim named.conf
78 setsebool -P named_write_master_zones 1
79 chmod 770 /var/named/
80 vim /etc/named.rfc1912.zones
81 dig test.westos.com
82 systemctl restart dhcpd
83 systemctl restart named
84 dig test.westos.com
85 systemctl stop dhcpd.service d
86 systemctl stop dhcpd.service
87 systemctl stop network
88 vim /etc/named.conf
89 cd /etc
90 vim named.conf
91 cd /var/named/
92 ls
93 cd /mnt/
94 ls
97 systemctl start dhcpd.service
98 dig test.westos.com
99 systemctl restart named
100 dig test.westos.com
101 systemctl start dhcpd.service
102 dig test.westos.com
103 systemctl status dhcpd.service
104 dig test.westos.com
105 dig www.westos.com
106 > /var/log/messages
107 dig test.westos.com
108 vim /etc/dhcp/dhcpd.conf
109 systemctl status dhcpd.service
110 systemctl restart dhcpd.service
111 dig test.westos.com
112 systemctl stop dhcpd.service
113 history
[root@server ~]# yum install dhcp -y
Loaded plugins: langpacks
rhel_dvd | 4.1 kB 00:00
Resolving Dependencies
--> Running transaction check
---> Package dhcp.x86_64 12:4.2.5-27.el7 will be installed
--> Finished Dependency Resolution
Dependencies Resolved
================================================================================
Package Arch Version Repository Size
================================================================================
Installing:
dhcp x86_64 12:4.2.5-27.el7 rhel_dvd 506 k
Transaction Summary
================================================================================
Install 1 Package
Total download size: 506 k
Installed size: 1.4 M
Downloading packages:
dhcp-4.2.5-27.el7.x86_64.rpm | 506 kB 00:00
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing : 12:dhcp-4.2.5-27.el7.x86_64 1/1
Verifying : 12:dhcp-4.2.5-27.el7.x86_64 1/1
Installed:
dhcp.x86_64 12:4.2.5-27.el7
Complete!
[root@server ~]# systemctl stop firewalld.service
[root@server ~]# systemctl start named
[root@server ~]# cp /usr/share/doc/dhcp-4.2.5/dhcpd.conf.example /etc/dhcp/dhcpd.conf
cp: overwrite ‘/etc/dhcp/dhcpd.conf’? y
[root@server ~]# vim /etc/dhcp/dhcp.conf
[root@server ~]# vim /etc/dhcp/dhcpd.conf
[root@server ~]# cd /etc/named/
[root@server named]# ls
[root@server named]# cd /var/named/
[root@server named]# ls
data named.empty slaves westos.com.zone
dynamic named.localhost westos.com.inter westos.com.zone.jnl
named.ca named.loopback westos.com.ptr
[root@server named]# cd /mnt/
[root@server mnt]# ls
Kwestoskey.+157+38119.key Kwestoskey.+157+38119.private westos.com.zone
[root@server mnt]# cat Kwestoskey.+157+38119.key
westoskey. IN KEY 512 3 157 x52Z3nLK+ardHpqqOfoPlQ==
[root@server mnt]# vim /etc/dhcp/dhcpd.conf
[root@server mnt]# vim /etc/dhcp/dhcpd.conf
[root@server mnt]# systemctl status dhcp
dhcp.service
Loaded: not-found (Reason: No such file or directory)
Active: inactive (dead)
[root@server mnt]# systemctl start dhcp
Failed to issue method call: Unit dhcp.service failed to load: No such file or directory.
[root@server mnt]# systemctl start dhcpd
[root@server mnt]# dig test.westos.com
; <<>> DiG 9.9.4-RedHat-9.9.4-14.el7 <<>> test.westos.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 31805
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;test.westos.com. IN A
;; ANSWER SECTION:
test.westos.com. 86400 IN A 172.25.254.111
;; AUTHORITY SECTION:
westos.com. 86400 IN NS dns.westos.com.
;; ADDITIONAL SECTION:
dns.westos.com. 86400 IN A 172.25.254.205
;; Query time: 0 msec
;; SERVER: 172.25.254.205#53(172.25.254.205)
;; WHEN: Sat May 06 22:39:49 EDT 2017
;; MSG SIZE rcvd: 94
[root@server mnt]# cd /var/named/
[root@server named]# ls
data named.empty slaves westos.com.zone
dynamic named.localhost westos.com.inter westos.com.zone.jnl
named.ca named.loopback westos.com.ptr
[root@server named]# vim westos.com.zone
[root@server named]# vim named.loopback
[root@server named]# vim named.localhost
[root@server named]# vim /etc/named.rfc1912.zones
[root@server named]# vim /etc/named.conf
[root@server named]# systemctl status n
named.service nfs-lock.service
named-setup-rndc.service nfs.target
netcf-transaction.service nss-lookup.target
netconsole.service nss-user-lookup.target
network-online.target ntpdate.service
network.service ntpd.service
network.target
[root@server named]# systemctl status named
named.service - Berkeley Internet Name Domain (DNS)
Loaded: loaded (/usr/lib/systemd/system/named.service; disabled)
Active: active (running) since Sat 2017-05-06 22:09:40 EDT; 41min ago
Process: 3102 ExecStart=/usr/sbin/named -u named $OPTIONS (code=exited, status=0/SUCCESS)
Process: 3101 ExecStartPre=/usr/sbin/named-checkconf -z /etc/named.conf (code=exited, status=0/SUCCESS)
Main PID: 3105 (named)
CGroup: /system.slice/named.service
└─3105 /usr/sbin/named -u named
May 06 22:40:20 server named[3105]: error (network unreachable) resolving '...53
May 06 22:40:20 server named[3105]: error (network unreachable) resolving '...53
May 06 22:40:20 server named[3105]: error (network unreachable) resolving '...53
May 06 22:40:20 server named[3105]: error (network unreachable) resolving '...53
May 06 22:40:20 server named[3105]: error (network unreachable) resolving '...53
May 06 22:40:20 server named[3105]: error (network unreachable) resolving '...53
May 06 22:40:20 server named[3105]: error (network unreachable) resolving '...53
May 06 22:40:20 server named[3105]: error (network unreachable) resolving '...53
May 06 22:40:20 server named[3105]: error (network unreachable) resolving '...53
May 06 22:40:20 server named[3105]: error (network unreachable) resolving '...53
Hint: Some lines were ellipsized, use -l to show in full.
[root@server named]# systemctl restart named
[root@server named]# systemctl restart dhcpd
[root@server named]# dig test.westos.com
; <<>> DiG 9.9.4-RedHat-9.9.4-14.el7 <<>> test.westos.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 21656
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;test.westos.com. IN A
;; ANSWER SECTION:
test.westos.com. 86400 IN A 172.25.254.111
;; AUTHORITY SECTION:
westos.com. 86400 IN NS dns.westos.com.
;; ADDITIONAL SECTION:
dns.westos.com. 86400 IN A 172.25.254.205
;; Query time: 0 msec
;; SERVER: 172.25.254.205#53(172.25.254.205)
;; WHEN: Sat May 06 22:51:52 EDT 2017
;; MSG SIZE rcvd: 94
[root@server named]# vim /etc/dhcp/dhcpd.conf
[root@server named]# vim /var/named/westos.com.zone
[root@server named]# vim /etc/dhcp/dhcpd.conf
[root@server named]# cd /etc/
[root@server etc]# ls
abrt hosts.deny profile.d
adjtime hp protocols
aliases idmapd.conf pulse
aliases.db init.d purple
alsa inittab qemu-ga
alternatives inputrc qemu-kvm
anacrontab iproute2 radvd.conf
asound.conf ipsec.conf rc0.d
at.deny ipsec.d rc1.d
at-spi2 ipsec.secrets rc2.d
audisp iscsi rc3.d
audit issue rc4.d
avahi issue.net rc5.d
bash_completion.d java rc6.d
bashrc jvm rc.d
binfmt.d jvm-commmon rc.local
bluetooth kdump.conf redhat-release
bonobo-activation kernel request-key.conf
brltty krb5.conf request-key.d
brltty.conf ksmtuned.conf resolv.conf
chkconfig.d ld.so.cache rhsm
chrony.conf ld.so.conf rht
chrony.keys ld.so.conf.d rndc.key
cloud libaudit.conf rpc
colord.conf libibverbs.d rpm
cron.d libnl rsyncd.conf
cron.daily libreport rsyslog.conf
cron.deny libuser.conf rsyslog.d
cron.hourly libvirt rwtab
cron.monthly locale.conf rwtab.d
crontab localtime samba
cron.weekly login.defs sane.d
crypttab logrotate.conf sasl2
csh.cshrc logrotate.d scl
csh.login lvm securetty
cups machine-id security
cupshelpers magic selinux
dbus-1 mail.rc services
dconf makedumpfile.conf.sample sestatus.conf
default man_db.conf setroubleshoot
depmod.d maven setuptool.d
dhcp mke2fs.conf sgml
DIR_COLORS modprobe.d shadow
DIR_COLORS.256color modules-load.d shadow-
DIR_COLORS.lightbgcolor motd shells
dnsmasq.conf mtab skel
dnsmasq.d mtools.conf smartmontools
dracut.conf multipath sos.conf
dracut.conf.d my.cnf sound
drirc my.cnf.d speech-dispatcher
e2fsck.conf named ssh
enscript.cfg named.conf ssl
environment named.iscdlv.key statetab
ethertypes named.rfc1912.inter statetab.d
exports named.rfc1912.zones sudo.conf
exports.d named.root.key sudoers
favicon.png nanorc sudoers.d
fcoe netconfig sudo-ldap.conf
festival NetworkManager sysconfig
filesystems networks sysctl.conf
firewalld nfsmount.conf sysctl.d
fonts nsswitch.conf systemd
fprintd.conf nsswitch.conf.bak system-release
fstab ntp system-release-cpe
fuse.conf numad.conf terminfo
gconf oddjob tmpfiles.d
gcrypt oddjobd.conf trusted-key.key
gdbinit oddjobd.conf.d tuned
gdbinit.d openldap udev
gdm opt udisks2
ghostscript os-release unbound
gnome-settings-daemon ovirt-guest-agent.conf updatedb.conf
gnome-vfs-2.0 PackageKit UPower
gnupg pam.d usb_modeswitch.conf
GREP_COLORS passwd usb_modeswitch.d
groff passwd- vconsole.conf
group pbm2ppa.conf vimrc
group- pinforc virc
grub2.cfg pkcs11 vmware-tools
grub.conf pki westos.key
grub.d plymouth wgetrc
gshadow pm wpa_supplicant
gshadow- pnm2ppa.conf wvdial.conf
gss polkit-1 X11
gtk-2.0 popt.d xdg
gtk-3.0 postfix xinetd.d
hba.conf ppp xml
host.conf prelink.conf.d yum
hosts printcap yum.conf
hosts.allow profile yum.repos.d
[root@server etc]# vim named
named/ named.iscdlv.key named.rfc1912.zones
named.conf named.rfc1912.inter named.root.key
[root@server etc]# vim named.conf
[root@server etc]# setsebool -P named_write_master_zones 1
[root@server etc]# chmod 770 /var/named/
[root@server etc]# vim /etc/named.rfc1912.zones
[root@server etc]# dig test.westos.com
; <<>> DiG 9.9.4-RedHat-9.9.4-14.el7 <<>> test.westos.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 42152
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;test.westos.com. IN A
;; ANSWER SECTION:
test.westos.com. 86400 IN A 172.25.254.111
;; AUTHORITY SECTION:
westos.com. 86400 IN NS dns.westos.com.
;; ADDITIONAL SECTION:
dns.westos.com. 86400 IN A 172.25.254.205
;; Query time: 2 msec
;; SERVER: 172.25.254.205#53(172.25.254.205)
;; WHEN: Sat May 06 23:07:03 EDT 2017
;; MSG SIZE rcvd: 94
[root@server etc]# systemctl restart dhcpd
[root@server etc]# systemctl restart named
[root@server etc]# dig test.westos.com
; <<>> DiG 9.9.4-RedHat-9.9.4-14.el7 <<>> test.westos.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 8018
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;test.westos.com. IN A
;; ANSWER SECTION:
test.westos.com. 86400 IN A 172.25.254.111
;; AUTHORITY SECTION:
westos.com. 86400 IN NS dns.westos.com.
;; ADDITIONAL SECTION:
dns.westos.com. 86400 IN A 172.25.254.205
;; Query time: 0 msec
;; SERVER: 172.25.254.205#53(172.25.254.205)
;; WHEN: Sat May 06 23:07:29 EDT 2017
;; MSG SIZE rcvd: 94
[root@server etc]# systemctl stop dhcpd.service d
Failed to issue method call: Unit d.service not loaded.
[root@server etc]# systemctl stop dhcpd.service
[root@server etc]# systemctl stop network
Write failed: Broken pipe
[kiosk@foundation5 Desktop]$ ssh root@172.25.254.205
root@172.25.254.205's password:
Last login: Sat May 6 20:59:23 2017 from 172.25.254.5
[root@server ~]# vim named.conf
[root@server ~]# cd /etc
[root@server etc]# vim named.conf
[root@server etc]# cd /var/named/
[root@server named]# ls
data named.empty slaves westos.com.zone
dynamic named.localhost westos.com.inter westos.com.zone.jnl
named.ca named.loopback westos.com.ptr
[root@server named]# cd /mnt/
[root@server mnt]# ls
Kwestoskey.+157+38119.key Kwestoskey.+157+38119.private westos.com.zone
[root@server mnt]# rm -fr /var/named/westos.com.z*
[root@server mnt]# cp -p /mnt/westos.com.zone /var/named/
[root@server mnt]# systemctl start dhcpd.service
[root@server mnt]# dig test.westos.com
; <<>> DiG 9.9.4-RedHat-9.9.4-14.el7 <<>> test.westos.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 36760
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;test.westos.com. IN A
;; ANSWER SECTION:
test.westos.com. 86400 IN A 172.25.254.111
;; AUTHORITY SECTION:
westos.com. 86400 IN NS dns.westos.com.
;; ADDITIONAL SECTION:
dns.westos.com. 86400 IN A 172.25.254.205
;; Query time: 0 msec
;; SERVER: 172.25.254.205#53(172.25.254.205)
;; WHEN: Sat May 06 23:49:53 EDT 2017
;; MSG SIZE rcvd: 94
[root@server mnt]# systemctl restart named
[root@server mnt]# dig test.westos.com
; <<>> DiG 9.9.4-RedHat-9.9.4-14.el7 <<>> test.westos.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 62307
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;test.westos.com. IN A
;; AUTHORITY SECTION:
westos.com. 10800 IN SOA dns.westos.com. root.westos.com. 0 86400 3600 604800 10800
;; Query time: 0 msec
;; SERVER: 172.25.254.205#53(172.25.254.205)
;; WHEN: Sat May 06 23:50:18 EDT 2017
;; MSG SIZE rcvd: 89
[root@server mnt]# systemctl start dhcpd.service
[root@server mnt]# dig test.westos.com
; <<>> DiG 9.9.4-RedHat-9.9.4-14.el7 <<>> test.westos.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 31325
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;test.westos.com. IN A
;; AUTHORITY SECTION:
westos.com. 10800 IN SOA dns.westos.com. root.westos.com. 0 86400 3600 604800 10800
;; Query time: 0 msec
;; SERVER: 172.25.254.205#53(172.25.254.205)
;; WHEN: Sat May 06 23:51:09 EDT 2017
;; MSG SIZE rcvd: 89
[root@server mnt]# systemctl status dhcpd.service
dhcpd.service - DHCPv4 Server Daemon
Loaded: loaded (/usr/lib/systemd/system/dhcpd.service; disabled)
Active: active (running) since Sat 2017-05-06 23:49:32 EDT; 2min 39s ago
Docs: man:dhcpd(8)
man:dhcpd.conf(5)
Main PID: 5041 (dhcpd)
CGroup: /system.slice/dhcpd.service
└─5041 /usr/sbin/dhcpd -f -cf /etc/dhcp/dhcpd.conf -user dhcpd -gr...
May 06 23:49:32 server dhcpd[5041]: May 06 23:49:32 server dhcpd[5041]: Listening on LPF/eth0/52:54:00:00:05:0b...24
May 06 23:49:32 server dhcpd[5041]: Sending on LPF/eth0/52:54:00:00:05:0b...24
May 06 23:49:32 server dhcpd[5041]: Sending on Socket/fallback/fallback-net
May 06 23:49:34 server dhcpd[5041]: DHCPDISCOVER from 52:54:00:00:05:0a via eth0
May 06 23:49:35 server dhcpd[5041]: DHCPOFFER on 172.25.254.150 to 52:54:00...h0
May 06 23:49:35 server dhcpd[5041]: DHCPREQUEST for 172.25.254.150 (172.25....h0
May 06 23:49:35 server dhcpd[5041]: DHCPACK on 172.25.254.150 to 52:54:00:0...h0
May 06 23:49:35 server dhcpd[5041]: Forward map from test.westos.com to 172...e.
May 06 23:51:03 server systemd[1]: Started DHCPv4 Server Daemon.
Hint: Some lines were ellipsized, use -l to show in full.
[root@server mnt]# dig test.westos.com
; <<>> DiG 9.9.4-RedHat-9.9.4-14.el7 <<>> test.westos.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 17266
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;test.westos.com. IN A
;; AUTHORITY SECTION:
westos.com. 10800 IN SOA dns.westos.com. root.westos.com. 0 86400 3600 604800 10800
;; Query time: 0 msec
;; SERVER: 172.25.254.205#53(172.25.254.205)
;; WHEN: Sat May 06 23:53:06 EDT 2017
;; MSG SIZE rcvd: 89
[root@server mnt]# dig www.westos.com
; <<>> DiG 9.9.4-RedHat-9.9.4-14.el7 <<>> www.westos.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 23662
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;www.westos.com. IN A
;; ANSWER SECTION:
www.westos.com. 86400 IN A 172.25.254.105
;; AUTHORITY SECTION:
westos.com. 86400 IN NS dns.westos.com.
;; ADDITIONAL SECTION:
dns.westos.com. 86400 IN A 172.25.254.205
;; Query time: 0 msec
;; SERVER: 172.25.254.205#53(172.25.254.205)
;; WHEN: Sat May 06 23:53:44 EDT 2017
;; MSG SIZE rcvd: 93
[root@server mnt]# > /var/log/messages
[root@server mnt]# dig test.westos.com
; <<>> DiG 9.9.4-RedHat-9.9.4-14.el7 <<>> test.westos.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 51898
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;test.westos.com. IN A
;; ANSWER SECTION:
test.westos.com. 300 IN A 172.25.254.150
;; AUTHORITY SECTION:
westos.com. 86400 IN NS dns.westos.com.
;; ADDITIONAL SECTION:
dns.westos.com. 86400 IN A 172.25.254.205
;; Query time: 0 msec
;; SERVER: 172.25.254.205#53(172.25.254.205)
;; WHEN: Sat May 06 23:55:07 EDT 2017
;; MSG SIZE rcvd: 94
[root@server mnt]# vim /etc/dhcp/dhcpd.conf
[root@server mnt]# systemctl status dhcpd.service
dhcpd.service - DHCPv4 Server Daemon
Loaded: loaded (/usr/lib/systemd/system/dhcpd.service; disabled)
Active: active (running) since Sat 2017-05-06 23:49:32 EDT; 7min ago
Docs: man:dhcpd(8)
man:dhcpd.conf(5)
Main PID: 5041 (dhcpd)
CGroup: /system.slice/dhcpd.service
└─5041 /usr/sbin/dhcpd -f -cf /etc/dhcp/dhcpd.conf -user dhcpd -grou...
May 06 23:49:34 server dhcpd[5041]: DHCPDISCOVER from 52:54:00:00:05:0a via eth0
May 06 23:49:35 server dhcpd[5041]: DHCPOFFER on 172.25.254.150 to 52:54:00:0...h0
May 06 23:49:35 server dhcpd[5041]: DHCPREQUEST for 172.25.254.150 (172.25.25...h0
May 06 23:49:35 server dhcpd[5041]: DHCPACK on 172.25.254.150 to 52:54:00:00:...h0
May 06 23:49:35 server dhcpd[5041]: Forward map from test.westos.com to 172.2...e.
May 06 23:51:03 server systemd[1]: Started DHCPv4 Server Daemon.
May 06 23:53:39 server dhcpd[5041]: DHCPREQUEST for 172.25.254.150 from 52:54...h0
May 06 23:53:39 server dhcpd[5041]: DHCPACK on 172.25.254.150 to 52:54:00:00:...h0
May 06 23:53:39 server dhcpd[5041]: Added new forward map from test.westos.co...50
May 06 23:53:39 server dhcpd[5041]: Unable to add reverse map from 150.254.25...nd
Hint: Some lines were ellipsized, use -l to show in full.
[root@server mnt]# systemctl restart dhcpd.service
[root@server mnt]# dig test.westos.com
; <<>> DiG 9.9.4-RedHat-9.9.4-14.el7 <<>> test.westos.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 575
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;test.westos.com. IN A
;; ANSWER SECTION:
test.westos.com. 300 IN A 172.25.254.189
;; AUTHORITY SECTION:
westos.com. 86400 IN NS dns.westos.com.
;; ADDITIONAL SECTION:
dns.westos.com. 86400 IN A 172.25.254.205
;; Query time: 0 msec
;; SERVER: 172.25.254.205#53(172.25.254.205)
;; WHEN: Sat May 06 23:58:15 EDT 2017
;; MSG SIZE rcvd: 94
[root@server mnt]# systemctl stop dhcpd.service
[root@server mnt]#
客户端:
[root@desktop ~]# ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.25.254.105 netmask 255.255.255.0 broadcast 172.25.254.255
inet6 fe80::5054:ff:fe00:50a prefixlen 64 scopeid 0x20<link>
ether 52:54:00:00:05:0a txqueuelen 1000 (Ethernet)
RX packets 8643 bytes 961940 (939.3 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 111 bytes 16367 (15.9 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 0 (Local Loopback)
RX packets 8 bytes 556 (556.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 8 bytes 556 (556.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
[root@desktop ~]# hostnamectl set-hostname test.westos.com
[root@desktop ~]# vim /etc/sysconfig/network-scripts/ifcfg-eth0
[root@desktop ~]# systemctl restart network