DNS

DNS 
DNS 资源记录
• DNS 区域采用资源记录的形式存储信息。每条资源记录均具有一个类型 , 表明其保留的数据类型
– A : 名称至 IPv4 地址
– AAAA : 名称至 IPv6 地址
– CNAME : 名称至 ” 规范名称 “ ( 包含 A/AAAA 记录的另一个名称 )
– PTR : IPv4/IPv6 地址至名称
– MX : 用于名称的邮件交换器 ( 向何处发送其电子邮件 )
– NS : 域名的名称服务器
– SOA :” 授权起始 “ , DNS 区域的信息 ( 管理信息 )




DNS 排错
• 它显示来自 DNS 查找的详细信息 , 其中包括为什么查询失败 :
– NOERROR : 查询成功
– NXDOMAIN : DNS 服务器提示不存在这样的名称
– SERVFAIL : DNS 服务器停机或 DNSSEC 响应验证失败
– REFUSED : DNS 服务器拒绝回答 ( 也许是出于访问控制原因 )




dig 输出的部分内容
• 标题指出关于查询和答案的信息 , 其中包括响应状态和设置的任何特殊标记 ( aa 表示权威答案 , 等等 )
– QUESTION : 提出实际的 DNS 查询
– ANSWER : 响应 ( 如果有 )
– AUTHORITY : 负责域 / 区域的名称服务器
– ADDITIONAL : 提供的其他信息 , 通常是关于名称服务器
– 底部的注释指出发送查询的递归名称服务器以及获得响应所花费的时间






缓存 DNS 服务器
•BIND 是最广泛使用的开源名称服务器
•在 RHEL 中 , 通过 bind 软件包提供
•防火墙开启端口 53/TCP 和 53/UDP
•BIND 的主配置文件是 /etc/named.conf
•/var/named 目录包含名称服务器所使用的其他数据文件








/etc/named.conf 的语法
• // 或 # 至行末尾是注释 ; /* 与 */ 之间的文本也
是注释 ( 可以跨越多行 )
• 指令以分号结束 (;)
• 许多指令认为地址匹配列表放在大括号中、以
CIDR 表示法表示的 IP 地址或子网列表中 , 或者
命名的 ACL 中 ( 例如 any; [ 所有主机 ] 和
none; [ 无主机 ] )
• 文件以 options 块开始 , 其中包含控制 named
如何运作的指令
• zone 块控制 named 如何查对于其具有权威性的
根名称服务器和区域








一些重要的 options 指令
•listen-on 控制 named 侦听的 IPv4 地址
•listen-on-v6 控制 named 侦听的 IPv6 地址
•allow-query 控制哪些客户端可以向 DNS 服务器询问信息
•forwarders 包含 DNS 查询将转发至的名称服务器的列表( 而不是直接联系外部名称服务器 ; 在设有防火 墙的情况中很有用 )
• 所有这些指令会将打括号中以分号分隔的元素视为地址匹配
列表 . 如
– listen-on { any; };
– allow-query { 127.0.0.1; 10.0.0.0/8 };






配置名称服务器
• 安装 bind 软件包
– yum install -y bind
• 编辑 /etc/named.conf
–listen-on port 53 { any; };
–listen-on-v6 port 53 { any; };
–allow-query { any; };
–forwarders { 172.25.254.254; };
• 启动并启用 DNS 服务器
• systemctl start named
• systemctl enable named
• 从 desktopX 进行测试
– dig classroom.example.com






准备工作:重置两个虚拟机;配置网络和yum源;
ping www.baidu.com ##显示这是一个不知道的host
服务端(高速缓存)的设定:权威服务器:172.25.254.250
    1  ifconfig
    2  hostname server
    3  yum install bind.x86_64 -y
    4  systemctl stop firewalld.service 
    5  ll /etc/rndc.key
    6  systemctl start named
    7  ll /etc/rndc.key
    8  cat /dev/random ##在服务端敲东西这里内容会增多ctrl c 退出
    9  cat /etc/rndc.key 
   10  netstat -antlpe |grep named
   11  ifconfig
   12  vim /etc/named.conf 
   12  vim /etc/host ##会看到本机下能解释的域名
   13  systemctl restart named
   14  netstat -antlpe |grep named
   15  history 


----------------------------------------------------------------------------------------
[root@server ~]# yum install bind.x86_64 -y
Loaded plugins: langpacks
rhel_dvd                                                 | 4.1 kB     00:00     
(1/2): rhel_dvd/group_gz                                   | 134 kB   00:00     
(2/2): rhel_dvd/primary_db                                 | 3.4 MB   00:00     
Resolving Dependencies
--> Running transaction check
---> Package bind.x86_64 32:9.9.4-14.el7 will be installed
--> Finished Dependency Resolution


Dependencies Resolved


================================================================================
 Package       Arch            Version                  Repository         Size
================================================================================
Installing:
 bind          x86_64          32:9.9.4-14.el7          rhel_dvd          1.8 M


Transaction Summary
================================================================================
Install  1 Package


Total download size: 1.8 M
Installed size: 4.3 M
Downloading packages:
bind-9.9.4-14.el7.x86_64.rpm                               | 1.8 MB   00:00     
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
  Installing : 32:bind-9.9.4-14.el7.x86_64                                  1/1 
  Verifying  : 32:bind-9.9.4-14.el7.x86_64                                  1/1 


Installed:
  bind.x86_64 32:9.9.4-14.el7                                                   


Complete!
[root@server ~]# systemctl stop firewalld.service 
[root@server ~]# ll /etc/rndc.key
ls: cannot access /etc/rndc.key: No such file or directory
[root@server ~]# systemctl start named
[root@server ~]# ll /etc/rndc.key
-rw-r-----. 1 root named 77 May  5 22:12 /etc/rndc.key
[root@server ~]# cat /dev/random 
�ez<,_�b�u~����/iD��
                    x�8����5��x�6g


���ا�3��[d~zjw��ۚ^C
[root@server ~]# cat /etc/rndc.key 
key "rndc-key" {
algorithm hmac-md5;
secret "cwAT9eheIAnYZ3wcZOLGBQ==";
};
[root@server ~]# netstat -antlpe |grep named
tcp        0      0 127.0.0.1:953           0.0.0.0:*               LISTEN      25         101696     5123/named          
tcp        0      0 127.0.0.1:53            0.0.0.0:*               LISTEN      25         101637     5123/named          
tcp6       0      0 ::1:953                 :::*                    LISTEN      25         101697     5123/named          
tcp6       0      0 ::1:53                  :::*                    LISTEN      25         101639     5123/named          
[root@server ~]# ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 172.25.254.205  netmask 255.255.255.0  broadcast 172.25.254.255
        inet6 fe80::5054:ff:fe00:50b  prefixlen 64  scopeid 0x20<link>
        ether 52:54:00:00:05:0b  txqueuelen 1000  (Ethernet)
        RX packets 88217  bytes 645729783 (615.8 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 60467  bytes 4149051 (3.9 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0


lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10<host>
        loop  txqueuelen 0  (Local Loopback)
        RX packets 280  bytes 23836 (23.2 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 280  bytes 23836 (23.2 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0


[root@server ~]# vim /etc/named.conf 
[root@server ~]# systemctl restart named
[root@server ~]# netstat -antlpe |grep named
tcp        0      0 127.0.0.1:953           0.0.0.0:*               LISTEN      25         110181     5318/named          
tcp        0      0 172.25.254.205:53       0.0.0.0:*               LISTEN      25         110176     5318/named          
tcp        0      0 127.0.0.1:53            0.0.0.0:*               LISTEN      25         110174     5318/named          
tcp6       0      0 ::1:953                 :::*                    LISTEN      25         110182     5318/named          
tcp6       0      0 ::1:53                  :::*                    LISTEN      25         110178     5318/named          
--------------------------------------------------------------------------------------- 










客户端:
    3  vim /etc/resolv.conf 
    4  dig www.baidu.com
----------------------------------------------------------------------------------------
[root@desktop ~]# vim /etc/resolv.conf 
[root@desktop ~]# dig www.baidu.com


; <<>> DiG 9.9.4-RedHat-9.9.4-14.el7 <<>> www.baidu.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 8036
;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 13, ADDITIONAL: 1


;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;www.baidu.com. IN A


;; ANSWER SECTION:
www.baidu.com. 12 IN CNAME www.a.shifen.com.
www.a.shifen.com. 243 IN A 183.232.231.173
www.a.shifen.com. 243 IN A 183.232.231.172


;; AUTHORITY SECTION:
. 512855 IN NS l.root-servers.net.
. 512855 IN NS e.root-servers.net.
. 512855 IN NS i.root-servers.net.
. 512855 IN NS k.root-servers.net.
. 512855 IN NS j.root-servers.net.
. 512855 IN NS b.root-servers.net.
. 512855 IN NS g.root-servers.net.
. 512855 IN NS m.root-servers.net.
. 512855 IN NS c.root-servers.net.
. 512855 IN NS d.root-servers.net.
. 512855 IN NS h.root-servers.net.
. 512855 IN NS a.root-servers.net.
. 512855 IN NS f.root-servers.net.


;; Query time: 12 msec
;; SERVER: 172.25.254.205#53(172.25.254.205)
;; WHEN: Fri May 05 22:23:08 EDT 2017
;; MSG SIZE  rcvd: 312
-----------------------------------------------------------------------------------------









正向解析
服务端:
    1  vim /etc/named.conf ##更改配置
    2  vim /etc/named.rfc1912.zones ##/etc/named.conf包含这个文件,写在这里使主文件简洁
    3  cd /var/named
    4  ls
    5  ll
    6  cp -p named.localhost westos.com.zone ##此类文件权限特殊,所以要-p复制
    7  vim westos.com.zone ##建立这个不存在的文件。否则重启服务会报错
    8  systemctl restart named
    9  history
[root@server named]# vim /etc/named.conf 
[root@server named]# vim /etc/named.rfc1912.zones 
[root@server named]# vim westos.com.zone 







---------------------------------------------------------------------------------------
[root@server ~]# vim /etc/named.conf 
[root@server ~]# vim /etc/named.rfc1912.zones 
[root@server ~]# cd /var/named
[root@server named]# ls
data  dynamic  named.ca  named.empty  named.localhost  named.loopback  slaves
[root@server named]# ll
total 16
drwxrwx---. 2 named named   22 May  5 22:12 data
drwxrwx---. 2 named named   30 May  5 22:21 dynamic
-rw-r-----. 1 root  named 2076 Jan 28  2013 named.ca
-rw-r-----. 1 root  named  152 Dec 15  2009 named.empty
-rw-r-----. 1 root  named  152 Jun 21  2007 named.localhost
-rw-r-----. 1 root  named  168 Dec 15  2009 named.loopback
drwxrwx---. 2 named named    6 Jan 29  2014 slaves
[root@server named]# cp -p named.localhost westos.com.zone
[root@server named]# vim westos.com.zone 
[root@server named]# systemctl restart named
--------------------------------------------------------------------------------


客户端:


或下面

-------------------------------------------------------------------------------
[root@desktop ~]# dig www.westos.com


; <<>> DiG 9.9.4-RedHat-9.9.4-14.el7 <<>> www.westos.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 3309
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2


;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;www.westos.com. IN A


;; ANSWER SECTION:
www.westos.com. 86400 IN A 172.25.254.105


;; AUTHORITY SECTION:
westos.com. 86400 IN NS dns.westos.com.


;; ADDITIONAL SECTION:
dns.westos.com. 86400 IN A 172.25.254.205


;; Query time: 1 msec
;; SERVER: 172.25.254.205#53(172.25.254.205)
;; WHEN: Fri May 05 22:56:36 EDT 2017
;; MSG SIZE  rcvd: 93
-----------------------------------------------------------------------------






cname,邮件
服务端:
[root@server named]# vim westos.com.zone 
[root@server named]# systemctl restart named
[root@server named]# cat westos.com.zone 
$TTL 1D
@ IN SOA dns.westos.com. root.westos.com. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS dns.westos.com.
dns A 172.25.254.205
www A 172.25.254.105
music CNAME music.a.westos.com.
music.a A 172.25.254.111
music.a A 172.25.254.222
westos.com. MX 1 172.25.254.205.












客户端:
    7  dig music.westos.com
    8  dig -t mx westos.com
    9  mail root@westos.com
    10 mailq
-----------------------------------------------------------------------------
[root@desktop ~]# dig music.westos.com


; <<>> DiG 9.9.4-RedHat-9.9.4-14.el7 <<>> music.westos.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 54552
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 1, ADDITIONAL: 2


;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;music.westos.com. IN A


;; ANSWER SECTION:
music.westos.com. 86400 IN CNAME music.a.westos.com.
music.a.westos.com. 86400 IN A 172.25.254.222
music.a.westos.com. 86400 IN A 172.25.254.111


;; AUTHORITY SECTION:
westos.com. 86400 IN NS dns.westos.com.


;; ADDITIONAL SECTION:
dns.westos.com. 86400 IN A 172.25.254.205


;; Query time: 1 msec
;; SERVER: 172.25.254.205#53(172.25.254.205)
;; WHEN: Fri May 05 23:29:16 EDT 2017
;; MSG SIZE  rcvd: 133


[root@desktop ~]# dig -t mx westos.com


; <<>> DiG 9.9.4-RedHat-9.9.4-14.el7 <<>> -t mx westos.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 20531
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2


;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;westos.com. IN MX


;; ANSWER SECTION:
westos.com. 86400 IN MX 1 172.25.254.205.


;; AUTHORITY SECTION:
westos.com. 86400 IN NS dns.westos.com.


;; ADDITIONAL SECTION:
dns.westos.com. 86400 IN A 172.25.254.205


;; Query time: 0 msec
;; SERVER: 172.25.254.205#53(172.25.254.205)
;; WHEN: Fri May 05 23:29:32 EDT 2017
;; MSG SIZE  rcvd: 103
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
[root@desktop ~]# mail root@westos.com
Subject: wgir
rwgtethy
sa
EOT ##ctrl+d 退出cd 
[root@desktop ~]# mailq
-Queue ID- --Size-- ----Arrival Time---- -Sender/Recipient-------
31EED17E845      443 Fri May  5 23:33:48  root@desktop.localdomain
            (connect to 172.25.254.205[172.25.254.205]:25: Connection refused)
                                         root@westos.com


-- 0 Kbytes in 1 Request.
[root@desktop ~]# 原因是没有mail服务,但是此配置没有问题
--------------------------------------------------------------------------------------




















给服务端添加一块网卡

主机中






    1  ifconfig
    2  cd /etc/sysconfig/network-scripts/
    3  ls
    4  cp ifcfg-eth0 ifcfg-eth1
    5  vim ifcfg-eth1
    6  systemctl restart network
    7  systemctl restart named
   12  netstat -antlpe |grep named
   13  history 

[root@server named]# ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 172.25.254.205  netmask 255.255.255.0  broadcast 172.25.254.255
        inet6 fe80::5054:ff:fe00:50b  prefixlen 64  scopeid 0x20<link>
        ether 52:54:00:00:05:0b  txqueuelen 1000  (Ethernet)
        RX packets 94808  bytes 646550334 (616.5 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 62138  bytes 4387281 (4.1 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0


eth1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        ether 52:54:00:46:7c:fa  txqueuelen 1000  (Ethernet)
        RX packets 403  bytes 55265 (53.9 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 0  bytes 0 (0.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0


lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10<host>
        loop  txqueuelen 0  (Local Loopback)
        RX packets 444  bytes 36872 (36.0 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 444  bytes 36872 (36.0 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0


[root@server named]# cd /etc/sysconfig/network-scripts/
[root@server network-scripts]# ls
ifcfg-eth0   ifdown-ppp       ifup-eth     ifup-sit
ifcfg-lo     ifdown-routes    ifup-ippp    ifup-Team
ifdown       ifdown-sit       ifup-ipv6    ifup-TeamPort
ifdown-bnep  ifdown-Team      ifup-isdn    ifup-tunnel
ifdown-eth   ifdown-TeamPort  ifup-plip    ifup-wireless
ifdown-ippp  ifdown-tunnel    ifup-plusb   init.ipv6-global
ifdown-ipv6  ifup             ifup-post    network-functions
ifdown-isdn  ifup-aliases     ifup-ppp     network-functions-ipv6
ifdown-post  ifup-bnep        ifup-routes
[root@server network-scripts]# cp ifcfg-eth0 ifcfg-eth1
[root@server network-scripts]# vim ifcfg-eth1
[root@server network-scripts]# systemctl restart network
[root@server network-scripts]# systemctl restart named
[root@server network-scripts]# netstat -antlpe |grep named
tcp        0      0 127.0.0.1:953           0.0.0.0:*               LISTEN      25         163343     2236/named          
tcp        0      0 172.25.254.205:53       0.0.0.0:*               LISTEN      25         163338     2236/named          
tcp        0      0 127.0.0.1:53            0.0.0.0:*               LISTEN      25         163336     2236/named          
tcp6       0      0 ::1:953                 :::*                    LISTEN      25         163344     2236/named          
tcp6       0      0 ::1:53                  :::*                    LISTEN      25         163340     2236/named          
[root@server network-scripts]# 
[root@server network-scripts]# vim ifcfg-eth1
[root@server network-scripts]# systemctl restart network
[root@server network-scripts]# systemctl restart named
[root@server network-scripts]# netstat -antlpe |grep named
tcp        0      0 127.0.0.1:953           0.0.0.0:*               LISTEN      25         166163     2815/named          
tcp        0      0 172.25.0.205:53         0.0.0.0:*               LISTEN      25         166158     2815/named          
tcp        0      0 172.25.254.205:53       0.0.0.0:*               LISTEN      25         166156     2815/named          
tcp        0      0 127.0.0.1:53            0.0.0.0:*               LISTEN      25         166154     2815/named          
tcp6       0      0 ::1:953                 :::*                    LISTEN      25         166164     2815/named          
tcp6       0      0 ::1:53                  :::*                    LISTEN      25         166160     2815/named          
[root@server network-scripts]# 








不同网段的(
服务端:
[root@server named]# cd /var/named/
[root@server named]# ls
data     named.ca     named.localhost  slaves
dynamic  named.empty  named.loopback   westos.com.zone
[root@server named]# cp -p westos.com.zone  westos.com.inter
[root@server named]# ls
data     named.ca     named.localhost  slaves            westos.com.zone
dynamic  named.empty  named.loopback   westos.com.inter

[root@server named]# vim westos.com.inter 


[root@server named]# cp -p /etc/named.rfc1912.zones /etc/named.rfc1912.inter

[root@server named]# vim /etc/named.rfc1912.inter 


[root@server named]# vim /etc/named.conf 


[root@server named]# systemctl restart named
Job for named.service failed. See 'systemctl status named.service' and 'journalctl -xn' for details.
[root@server named]# vim /etc/named.conf 
[root@server named]# systemctl restart named
[root@server named]# ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 172.25.254.205  netmask 255.255.255.0  broadcast 172.25.254.255
        inet6 fe80::5054:ff:fe00:50b  prefixlen 64  scopeid 0x20<link>
        ether 52:54:00:00:05:0b  txqueuelen 1000  (Ethernet)
        RX packets 107163  bytes 647928390 (617.9 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 64381  bytes 4686463 (4.4 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0


eth1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 172.25.0.205  netmask 255.255.255.0  broadcast 172.25.0.255
        inet6 fe80::5054:ff:fe46:7cfa  prefixlen 64  scopeid 0x20<link>
        ether 52:54:00:46:7c:fa  txqueuelen 1000  (Ethernet)
        RX packets 9611  bytes 1108107 (1.0 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 32  bytes 4352 (4.2 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0


lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10<host>
        loop  txqueuelen 0  (Local Loopback)
        RX packets 822  bytes 68468 (66.8 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 822  bytes 68468 (66.8 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0


[root@server named]# vim /etc/sysconfig/network-scripts/ifcfg-eth1
[root@server named]# systemctl restart network
[root@server named]# systemctl restart named
[root@server named]# 


客户端:
一开始ip为172.25.254.105
[root@desktop ~]# dig www.westos.com


; <<>> DiG 9.9.4-RedHat-9.9.4-14.el7 <<>> www.westos.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 24055
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2


;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;www.westos.com. IN A


;; ANSWER SECTION:
www.westos.com. 86400 IN A 172.25.254.105


;; AUTHORITY SECTION:
westos.com. 86400 IN NS dns.westos.com.


;; ADDITIONAL SECTION:
dns.westos.com. 86400 IN A 172.25.254.205


;; Query time: 1 msec
;; SERVER: 172.25.254.205#53(172.25.254.205)
;; WHEN: Sat May 06 02:09:27 EDT 2017
;; MSG SIZE  rcvd: 93


[root@desktop ~]# vim ifcfg-eth0
[root@desktop ~]# vim /etc/sysconfig/network-scripts/ifcfg-eth0 
[root@desktop ~]# ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 172.25.254.105  netmask 255.255.255.0  broadcast 172.25.254.255
        inet6 fe80::5054:ff:fe00:50a  prefixlen 64  scopeid 0x20<link>
        ether 52:54:00:00:05:0a  txqueuelen 1000  (Ethernet)
        RX packets 83391  bytes 576392532 (549.6 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 50041  bytes 3471962 (3.3 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0


lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10<host>
        loop  txqueuelen 0  (Local Loopback)
        RX packets 408  bytes 34716 (33.9 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 408  bytes 34716 (33.9 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0


[root@desktop ~]# systemctl restart network
现在ip为172.254.5.105
把/etc/resolv.conf  里面的ip改掉






反向解析
服务端:
    1  vim /etc/named.rfc1912.zones 
    2  ls
    3  cp -p /var/named/named.loopback /var/named/westos.com.ptr
    4  vim /var/named/westos.com.ptr 

    5  systemctl restart named



[root@server named]# vim /etc/named.rfc1912.zones 

[root@server named]# vim /etc/named.rfc1912.zones 
[root@server named]# ls
data     named.ca     named.localhost  slaves            westos.com.zone
dynamic  named.empty  named.loopback   westos.com.inter
[root@server named]# cp -p /var/named/named.loopback /var/named/westos.com.ptr
[root@server named]# vim /var/named/westos.com.ptr 
[root@server named]# systemctl restart named
[root@server named]# cat /etc/named.rfc1912.zones
zone "254.25.172.in-addr.arpa" IN {
        type master;
        file "westos.com.ptr";
        allow-update { none; };
};
[root@server named]# cat /var/named/westos.com.ptr $TTL 1D
@ IN SOA dns.westos.com. root.westos.com. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS dns.westos.com.
dns A 172.25.254.205
111 PTR www.westos.com.
222 PTR bbs.westos.com.
[root@server named]# 


客户端:
  305  vim /etc/resolv.conf 
  306  dig -x 172.25.254.111
[root@foundation5 Desktop]# vim /etc/resolv.conf 
[root@foundation5 Desktop]# dig -x 172.25.254.111


; <<>> DiG 9.9.4-RedHat-9.9.4-29.el7 <<>> -x 172.25.254.111
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 52361
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2


;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;111.254.25.172.in-addr.arpa. IN PTR


;; ANSWER SECTION:
111.254.25.172.in-addr.arpa. 86400 IN PTR www.westos.com.


;; AUTHORITY SECTION:
254.25.172.in-addr.arpa. 86400 IN NS dns.westos.com.


;; ADDITIONAL SECTION:
dns.westos.com. 86400 IN A 172.25.254.205


;; Query time: 0 msec
;; SERVER: 172.25.254.205#53(172.25.254.205)
;; WHEN: Sat May 06 15:29:30 CST 2017
;; MSG SIZE  rcvd: 118












dns更新
服务端:
[root@server named]# cp -p /var/named/westos.com.zone /mnt

[root@server named]# vim /etc/named.rfc1912.zones

 

[root@server named]# chmod 770 /var/named/
[root@server named]# setsebool -P named_write_master_zones 1
[root@server named]# systemctl restart named
[root@server named]# vim /etc/named.rfc1912.zones 

[root@server named]# dig hello.westos.com

; <<>> DiG 9.9.4-RedHat-9.9.4-14.el7 <<>> hello.westos.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 43862
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 1, ADDITIONAL: 2


;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;hello.westos.com. IN A


;; ANSWER SECTION:
hello.westos.com. 86400 IN A 172.25.254.137
hello.westos.com. 86400 IN A 172.25.254.222


;; AUTHORITY SECTION:
westos.com. 86400 IN NS dns.westos.com.


;; ADDITIONAL SECTION:
dns.westos.com. 86400 IN A 172.25.254.205


;; Query time: 0 msec
;; SERVER: 172.25.254.205#53(172.25.254.205)
;; WHEN: Sat May 06 04:15:05 EDT 2017
;; MSG SIZE  rcvd: 111


[root@server named]# 



客户端:
[root@desktop ~]# nsupdate 
> server 172.25.254.205
> update add hello.westos.com 86400 A 172.25.254.137
> send







还原:(否则对下个实验有影响)
[root@server named]# systemctl restart named
[root@server named]# rm -fr westos.com.zone westos.com.zone.jnl 
[root@server named]# cp -p /mnt/westos.com.zone /var/named
[root@server named]# systemctl restart named
[root@server named]# cat /var/named/westos.com.zone 
$TTL 1D
@ IN SOA dns.westos.com. root.westos.com. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS dns.westos.com.
dns A 172.25.254.205
www A 172.25.254.105
music CNAME music.a.westos.com.
music.a A 172.25.254.111
music.a A 172.25.254.222
westos.com. MX 1 172.25.254.205.
[root@server named]# 


密钥更新
服务端:
    1  cd /mnt
    2  dnssec-keygen -a HMAC-MD5 -b 128 -n HOST westoskey
    3  ls
    4  cp -p /etc/rndc.key /etc/westos.key
    5  vim /etc/westos.key 
    6  cat Kwestoskey.+157+05765.key 
    7  vim /etc/westos.key 
    8  vim /etc/named.conf 
    9  vim /etc/named.rfc1912.zones 
   10  scp Kwestoskey.+157+05765.* root@172.25.254.44:/mnt/
   11  systemctl restart named
   12  vim /etc/westos.key 
   13  date
   14  scp Kwestoskey.+157+05765.* root@172.25.254.144:/mnt/

   15  history

 



------------------------------------------------------------------------

[root@localhost named]# cd /mnt
[root@localhost mnt]# dnssec-keygen -a HMAC-MD5 -b 128 -n HOST westoskey
Kwestoskey.+157+05765
[root@localhost mnt]# ls
Kwestoskey.+157+05765.key  Kwestoskey.+157+05765.private  westos.com.zone
[root@localhost mnt]# cp -p /etc/rndc.key /etc/westos.key
[root@localhost mnt]# vim /etc/westos.key 
[root@localhost mnt]# cat Kwestoskey.+157+05765.key 
westoskey. IN KEY 512 3 157 zwAQ+XhQRR687A2xlNQUDQ==
[root@localhost mnt]# vim /etc/westos.key 
[root@localhost mnt]# vim /etc/westos.key 
[root@localhost mnt]# vim /etc/named.conf 
[root@localhost mnt]# vim /etc/named.rfc1912.zones 
[root@localhost mnt]# scp Kwestoskey.+157+05765.* root@172.25.254.44:/mnt/
root@172.25.254.44's password: 
Kwestoskey.+157+05765.key                     100%   53     0.1KB/s   00:00    
Kwestoskey.+157+05765.private                 100%  165     0.2KB/s   00:00    
[root@localhost mnt]# systemctl restart named
[root@localhost mnt]# vim /etc/westos.key 
[root@localhost mnt]# date
Wed May 10 10:18:20 EDT 2017
[root@localhost mnt]# scp Kwestoskey.+157+05765.* root@172.25.254.144:/mnt/
The authenticity of host '172.25.254.144 (172.25.254.144)' can't be established.
ECDSA key fingerprint is eb:24:0e:07:96:26:b1:04:c2:37:0c:78:2d:bc:b0:08.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '172.25.254.144' (ECDSA) to the list of known hosts.
root@172.25.254.144's password: 
Kwestoskey.+157+05765.key                     100%   53     0.1KB/s   00:00    
Kwestoskey.+157+05765.private                 100%  165     0.2KB/s   00:00    
[root@localhost mnt]# 
------------------------------------------------------------------------
客户端:
[root@foundation44 mnt]# vim /etc/resolv.conf 
[root@foundation44 mnt]# nsupdate -k Kwestoskey.+157+05765.private 
> server 172.25.254.244
> update add www.westos.com 86400 A 172.25.254.189
> send
dns_request_getresponse: clocks are unsynchronized ##时钟不同步
[root@foundation44 mnt]# date
Wed May 10 22:19:37 EDT 2017 ##此时在服务端可以看到时间为Wed May 10 10:18:20 EDT 2017
进行时间同步或者换台机子测试就好了(我这里换了台机子)




dhcp更新自动检测:



首先关闭火墙,开启named服务
需要在服务端开启dhcpd
服务端:
   43  yum install dhcp -y
   44  systemctl stop firewalld.service 
   45  systemctl start named
   46  cp /usr/share/doc/dhcp-4.2.5/dhcpd.conf.example /etc/dhcp/dhcpd.conf 
   48  vim /etc/dhcp/dhcpd.conf ##27,28,36以后都删掉


   53  cd /mnt/
   54  ls
   55  cat Kwestoskey.+157+38119.key 
   56  vim /etc/dhcp/dhcpd.conf


   59  systemctl start dhcpd
   60  dig test.westos.com
   61  cd /var/named/
   62  ls
   63  vim westos.com.zone
   64  vim named.loopback 
   65  vim named.localhost 
   66  vim /etc/named.rfc1912.zones 

这张图,如果不更改下面那张图就要改成这样,否则不用


   67  vim /etc/named.conf 


   68  systemctl status named
   69  systemctl restart named
   70  systemctl restart dhcpd
   71  dig test.westos.com
   95  rm -fr /var/named/westos.com.z*
   96  cp -p /mnt/westos.com.zone /var/named/
   72  vim /etc/dhcp/dhcpd.conf 
       man 5 dhcpd.conf
   74  vim /etc/dhcp/dhcpd.conf 
   75  cd /etc/
   76  ls
   77  vim named.conf 
   78  setsebool -P named_write_master_zones 1
   79  chmod 770 /var/named/
   80  vim /etc/named.rfc1912.zones 
   81  dig test.westos.com
   82  systemctl restart dhcpd
   83  systemctl restart named
   84  dig test.westos.com
   85  systemctl stop dhcpd.service d
   86  systemctl stop dhcpd.service 
   87  systemctl stop network 
   88  vim /etc/named.conf 
   89  cd /etc
   90  vim named.conf 
   91  cd /var/named/
   92  ls
   93  cd /mnt/
   94  ls


   97  systemctl start dhcpd.service 
   98  dig test.westos.com
   99  systemctl restart named
  100  dig test.westos.com
  101  systemctl start dhcpd.service 
  102  dig test.westos.com
  103  systemctl status dhcpd.service 
  104  dig test.westos.com
  105  dig www.westos.com
  106  > /var/log/messages 
  107  dig test.westos.com
  108  vim /etc/dhcp/dhcpd.conf 
  109  systemctl status dhcpd.service 
  110  systemctl restart dhcpd.service 
  111  dig test.westos.com
  112  systemctl stop dhcpd.service 
  113  history 


[root@server ~]# yum install dhcp -y
Loaded plugins: langpacks
rhel_dvd                                                 | 4.1 kB     00:00     
Resolving Dependencies
--> Running transaction check
---> Package dhcp.x86_64 12:4.2.5-27.el7 will be installed
--> Finished Dependency Resolution


Dependencies Resolved


================================================================================
 Package       Arch            Version                  Repository         Size
================================================================================
Installing:
 dhcp          x86_64          12:4.2.5-27.el7          rhel_dvd          506 k


Transaction Summary
================================================================================
Install  1 Package


Total download size: 506 k
Installed size: 1.4 M
Downloading packages:
dhcp-4.2.5-27.el7.x86_64.rpm                               | 506 kB   00:00     
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
  Installing : 12:dhcp-4.2.5-27.el7.x86_64                                  1/1 
  Verifying  : 12:dhcp-4.2.5-27.el7.x86_64                                  1/1 


Installed:
  dhcp.x86_64 12:4.2.5-27.el7                                                   


Complete!
[root@server ~]# systemctl stop firewalld.service 
[root@server ~]# systemctl start named
[root@server ~]# cp /usr/share/doc/dhcp-4.2.5/dhcpd.conf.example /etc/dhcp/dhcpd.conf 
cp: overwrite ‘/etc/dhcp/dhcpd.conf’? y
[root@server ~]# vim /etc/dhcp/dhcp.conf
[root@server ~]# vim /etc/dhcp/dhcpd.conf
[root@server ~]# cd /etc/named/
[root@server named]# ls
[root@server named]# cd /var/named/
[root@server named]# ls
data      named.empty      slaves            westos.com.zone
dynamic   named.localhost  westos.com.inter  westos.com.zone.jnl
named.ca  named.loopback   westos.com.ptr
[root@server named]# cd /mnt/
[root@server mnt]# ls
Kwestoskey.+157+38119.key  Kwestoskey.+157+38119.private  westos.com.zone
[root@server mnt]# cat Kwestoskey.+157+38119.key 
westoskey. IN KEY 512 3 157 x52Z3nLK+ardHpqqOfoPlQ==
[root@server mnt]# vim /etc/dhcp/dhcpd.conf
[root@server mnt]# vim /etc/dhcp/dhcpd.conf
[root@server mnt]# systemctl status dhcp
dhcp.service
   Loaded: not-found (Reason: No such file or directory)
   Active: inactive (dead)


[root@server mnt]# systemctl start dhcp
Failed to issue method call: Unit dhcp.service failed to load: No such file or directory.
[root@server mnt]# systemctl start dhcpd
[root@server mnt]# dig test.westos.com


; <<>> DiG 9.9.4-RedHat-9.9.4-14.el7 <<>> test.westos.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 31805
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2


;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;test.westos.com. IN A


;; ANSWER SECTION:
test.westos.com. 86400 IN A 172.25.254.111


;; AUTHORITY SECTION:
westos.com. 86400 IN NS dns.westos.com.


;; ADDITIONAL SECTION:
dns.westos.com. 86400 IN A 172.25.254.205


;; Query time: 0 msec
;; SERVER: 172.25.254.205#53(172.25.254.205)
;; WHEN: Sat May 06 22:39:49 EDT 2017
;; MSG SIZE  rcvd: 94


[root@server mnt]# cd /var/named/
[root@server named]# ls
data      named.empty      slaves            westos.com.zone
dynamic   named.localhost  westos.com.inter  westos.com.zone.jnl
named.ca  named.loopback   westos.com.ptr
[root@server named]# vim westos.com.zone
[root@server named]# vim named.loopback 
[root@server named]# vim named.localhost 
[root@server named]# vim /etc/named.rfc1912.zones 
[root@server named]# vim /etc/named.conf 
[root@server named]# systemctl status n
named.service              nfs-lock.service
named-setup-rndc.service   nfs.target
netcf-transaction.service  nss-lookup.target
netconsole.service         nss-user-lookup.target
network-online.target      ntpdate.service
network.service            ntpd.service
network.target             
[root@server named]# systemctl status named
named.service - Berkeley Internet Name Domain (DNS)
   Loaded: loaded (/usr/lib/systemd/system/named.service; disabled)
   Active: active (running) since Sat 2017-05-06 22:09:40 EDT; 41min ago
  Process: 3102 ExecStart=/usr/sbin/named -u named $OPTIONS (code=exited, status=0/SUCCESS)
  Process: 3101 ExecStartPre=/usr/sbin/named-checkconf -z /etc/named.conf (code=exited, status=0/SUCCESS)
 Main PID: 3105 (named)
   CGroup: /system.slice/named.service
           └─3105 /usr/sbin/named -u named


May 06 22:40:20 server named[3105]: error (network unreachable) resolving '...53
May 06 22:40:20 server named[3105]: error (network unreachable) resolving '...53
May 06 22:40:20 server named[3105]: error (network unreachable) resolving '...53
May 06 22:40:20 server named[3105]: error (network unreachable) resolving '...53
May 06 22:40:20 server named[3105]: error (network unreachable) resolving '...53
May 06 22:40:20 server named[3105]: error (network unreachable) resolving '...53
May 06 22:40:20 server named[3105]: error (network unreachable) resolving '...53
May 06 22:40:20 server named[3105]: error (network unreachable) resolving '...53
May 06 22:40:20 server named[3105]: error (network unreachable) resolving '...53
May 06 22:40:20 server named[3105]: error (network unreachable) resolving '...53
Hint: Some lines were ellipsized, use -l to show in full.
[root@server named]# systemctl restart named
[root@server named]# systemctl restart dhcpd
[root@server named]# dig test.westos.com


; <<>> DiG 9.9.4-RedHat-9.9.4-14.el7 <<>> test.westos.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 21656
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2


;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;test.westos.com. IN A


;; ANSWER SECTION:
test.westos.com. 86400 IN A 172.25.254.111


;; AUTHORITY SECTION:
westos.com. 86400 IN NS dns.westos.com.


;; ADDITIONAL SECTION:
dns.westos.com. 86400 IN A 172.25.254.205


;; Query time: 0 msec
;; SERVER: 172.25.254.205#53(172.25.254.205)
;; WHEN: Sat May 06 22:51:52 EDT 2017
;; MSG SIZE  rcvd: 94


[root@server named]# vim /etc/dhcp/dhcpd.conf 
[root@server named]# vim /var/named/westos.com.zone
[root@server named]# vim /etc/dhcp/dhcpd.conf 
[root@server named]# cd /etc/
[root@server etc]# ls
abrt                     hosts.deny                profile.d
adjtime                  hp                        protocols
aliases                  idmapd.conf               pulse
aliases.db               init.d                    purple
alsa                     inittab                   qemu-ga
alternatives             inputrc                   qemu-kvm
anacrontab               iproute2                  radvd.conf
asound.conf              ipsec.conf                rc0.d
at.deny                  ipsec.d                   rc1.d
at-spi2                  ipsec.secrets             rc2.d
audisp                   iscsi                     rc3.d
audit                    issue                     rc4.d
avahi                    issue.net                 rc5.d
bash_completion.d        java                      rc6.d
bashrc                   jvm                       rc.d
binfmt.d                 jvm-commmon               rc.local
bluetooth                kdump.conf                redhat-release
bonobo-activation        kernel                    request-key.conf
brltty                   krb5.conf                 request-key.d
brltty.conf              ksmtuned.conf             resolv.conf
chkconfig.d              ld.so.cache               rhsm
chrony.conf              ld.so.conf                rht
chrony.keys              ld.so.conf.d              rndc.key
cloud                    libaudit.conf             rpc
colord.conf              libibverbs.d              rpm
cron.d                   libnl                     rsyncd.conf
cron.daily               libreport                 rsyslog.conf
cron.deny                libuser.conf              rsyslog.d
cron.hourly              libvirt                   rwtab
cron.monthly             locale.conf               rwtab.d
crontab                  localtime                 samba
cron.weekly              login.defs                sane.d
crypttab                 logrotate.conf            sasl2
csh.cshrc                logrotate.d               scl
csh.login                lvm                       securetty
cups                     machine-id                security
cupshelpers              magic                     selinux
dbus-1                   mail.rc                   services
dconf                    makedumpfile.conf.sample  sestatus.conf
default                  man_db.conf               setroubleshoot
depmod.d                 maven                     setuptool.d
dhcp                     mke2fs.conf               sgml
DIR_COLORS               modprobe.d                shadow
DIR_COLORS.256color      modules-load.d            shadow-
DIR_COLORS.lightbgcolor  motd                      shells
dnsmasq.conf             mtab                      skel
dnsmasq.d                mtools.conf               smartmontools
dracut.conf              multipath                 sos.conf
dracut.conf.d            my.cnf                    sound
drirc                    my.cnf.d                  speech-dispatcher
e2fsck.conf              named                     ssh
enscript.cfg             named.conf                ssl
environment              named.iscdlv.key          statetab
ethertypes               named.rfc1912.inter       statetab.d
exports                  named.rfc1912.zones       sudo.conf
exports.d                named.root.key            sudoers
favicon.png              nanorc                    sudoers.d
fcoe                     netconfig                 sudo-ldap.conf
festival                 NetworkManager            sysconfig
filesystems              networks                  sysctl.conf
firewalld                nfsmount.conf             sysctl.d
fonts                    nsswitch.conf             systemd
fprintd.conf             nsswitch.conf.bak         system-release
fstab                    ntp                       system-release-cpe
fuse.conf                numad.conf                terminfo
gconf                    oddjob                    tmpfiles.d
gcrypt                   oddjobd.conf              trusted-key.key
gdbinit                  oddjobd.conf.d            tuned
gdbinit.d                openldap                  udev
gdm                      opt                       udisks2
ghostscript              os-release                unbound
gnome-settings-daemon    ovirt-guest-agent.conf    updatedb.conf
gnome-vfs-2.0            PackageKit                UPower
gnupg                    pam.d                     usb_modeswitch.conf
GREP_COLORS              passwd                    usb_modeswitch.d
groff                    passwd-                   vconsole.conf
group                    pbm2ppa.conf              vimrc
group-                   pinforc                   virc
grub2.cfg                pkcs11                    vmware-tools
grub.conf                pki                       westos.key
grub.d                   plymouth                  wgetrc
gshadow                  pm                        wpa_supplicant
gshadow-                 pnm2ppa.conf              wvdial.conf
gss                      polkit-1                  X11
gtk-2.0                  popt.d                    xdg
gtk-3.0                  postfix                   xinetd.d
hba.conf                 ppp                       xml
host.conf                prelink.conf.d            yum
hosts                    printcap                  yum.conf
hosts.allow              profile                   yum.repos.d
[root@server etc]# vim named
named/               named.iscdlv.key     named.rfc1912.zones
named.conf           named.rfc1912.inter  named.root.key
[root@server etc]# vim named.conf 
[root@server etc]# setsebool -P named_write_master_zones 1
[root@server etc]# chmod 770 /var/named/
[root@server etc]# vim /etc/named.rfc1912.zones 
[root@server etc]# dig test.westos.com


; <<>> DiG 9.9.4-RedHat-9.9.4-14.el7 <<>> test.westos.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 42152
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2


;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;test.westos.com. IN A


;; ANSWER SECTION:
test.westos.com. 86400 IN A 172.25.254.111


;; AUTHORITY SECTION:
westos.com. 86400 IN NS dns.westos.com.


;; ADDITIONAL SECTION:
dns.westos.com. 86400 IN A 172.25.254.205


;; Query time: 2 msec
;; SERVER: 172.25.254.205#53(172.25.254.205)
;; WHEN: Sat May 06 23:07:03 EDT 2017
;; MSG SIZE  rcvd: 94


[root@server etc]# systemctl restart dhcpd
[root@server etc]# systemctl restart named
[root@server etc]# dig test.westos.com


; <<>> DiG 9.9.4-RedHat-9.9.4-14.el7 <<>> test.westos.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 8018
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2


;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;test.westos.com. IN A


;; ANSWER SECTION:
test.westos.com. 86400 IN A 172.25.254.111


;; AUTHORITY SECTION:
westos.com. 86400 IN NS dns.westos.com.


;; ADDITIONAL SECTION:
dns.westos.com. 86400 IN A 172.25.254.205


;; Query time: 0 msec
;; SERVER: 172.25.254.205#53(172.25.254.205)
;; WHEN: Sat May 06 23:07:29 EDT 2017
;; MSG SIZE  rcvd: 94


[root@server etc]# systemctl stop dhcpd.service d
Failed to issue method call: Unit d.service not loaded.
[root@server etc]# systemctl stop dhcpd.service 
[root@server etc]# systemctl stop network 
Write failed: Broken pipe
[kiosk@foundation5 Desktop]$ ssh root@172.25.254.205
root@172.25.254.205's password: 
Last login: Sat May  6 20:59:23 2017 from 172.25.254.5
[root@server ~]# vim named.conf 
[root@server ~]# cd /etc
[root@server etc]# vim named.conf 
[root@server etc]# cd /var/named/
[root@server named]# ls
data      named.empty      slaves            westos.com.zone
dynamic   named.localhost  westos.com.inter  westos.com.zone.jnl
named.ca  named.loopback   westos.com.ptr
[root@server named]# cd /mnt/
[root@server mnt]# ls
Kwestoskey.+157+38119.key  Kwestoskey.+157+38119.private  westos.com.zone
[root@server mnt]# rm -fr /var/named/westos.com.z*
[root@server mnt]# cp -p /mnt/westos.com.zone /var/named/
[root@server mnt]# systemctl start dhcpd.service 
[root@server mnt]# dig test.westos.com


; <<>> DiG 9.9.4-RedHat-9.9.4-14.el7 <<>> test.westos.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 36760
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2


;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;test.westos.com. IN A


;; ANSWER SECTION:
test.westos.com. 86400 IN A 172.25.254.111


;; AUTHORITY SECTION:
westos.com. 86400 IN NS dns.westos.com.


;; ADDITIONAL SECTION:
dns.westos.com. 86400 IN A 172.25.254.205


;; Query time: 0 msec
;; SERVER: 172.25.254.205#53(172.25.254.205)
;; WHEN: Sat May 06 23:49:53 EDT 2017
;; MSG SIZE  rcvd: 94


[root@server mnt]# systemctl restart named
[root@server mnt]# dig test.westos.com


; <<>> DiG 9.9.4-RedHat-9.9.4-14.el7 <<>> test.westos.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 62307
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1


;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;test.westos.com. IN A


;; AUTHORITY SECTION:
westos.com. 10800 IN SOA dns.westos.com. root.westos.com. 0 86400 3600 604800 10800


;; Query time: 0 msec
;; SERVER: 172.25.254.205#53(172.25.254.205)
;; WHEN: Sat May 06 23:50:18 EDT 2017
;; MSG SIZE  rcvd: 89


[root@server mnt]# systemctl start dhcpd.service 
[root@server mnt]# dig test.westos.com


; <<>> DiG 9.9.4-RedHat-9.9.4-14.el7 <<>> test.westos.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 31325
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1


;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;test.westos.com. IN A


;; AUTHORITY SECTION:
westos.com. 10800 IN SOA dns.westos.com. root.westos.com. 0 86400 3600 604800 10800


;; Query time: 0 msec
;; SERVER: 172.25.254.205#53(172.25.254.205)
;; WHEN: Sat May 06 23:51:09 EDT 2017
;; MSG SIZE  rcvd: 89


[root@server mnt]# systemctl status dhcpd.service 
dhcpd.service - DHCPv4 Server Daemon
   Loaded: loaded (/usr/lib/systemd/system/dhcpd.service; disabled)
   Active: active (running) since Sat 2017-05-06 23:49:32 EDT; 2min 39s ago
     Docs: man:dhcpd(8)
           man:dhcpd.conf(5)
 Main PID: 5041 (dhcpd)
   CGroup: /system.slice/dhcpd.service
           └─5041 /usr/sbin/dhcpd -f -cf /etc/dhcp/dhcpd.conf -user dhcpd -gr...


May 06 23:49:32 server dhcpd[5041]: May 06 23:49:32 server dhcpd[5041]: Listening on LPF/eth0/52:54:00:00:05:0b...24
May 06 23:49:32 server dhcpd[5041]: Sending on   LPF/eth0/52:54:00:00:05:0b...24
May 06 23:49:32 server dhcpd[5041]: Sending on   Socket/fallback/fallback-net
May 06 23:49:34 server dhcpd[5041]: DHCPDISCOVER from 52:54:00:00:05:0a via eth0
May 06 23:49:35 server dhcpd[5041]: DHCPOFFER on 172.25.254.150 to 52:54:00...h0
May 06 23:49:35 server dhcpd[5041]: DHCPREQUEST for 172.25.254.150 (172.25....h0
May 06 23:49:35 server dhcpd[5041]: DHCPACK on 172.25.254.150 to 52:54:00:0...h0
May 06 23:49:35 server dhcpd[5041]: Forward map from test.westos.com to 172...e.
May 06 23:51:03 server systemd[1]: Started DHCPv4 Server Daemon.
Hint: Some lines were ellipsized, use -l to show in full.
[root@server mnt]# dig test.westos.com


; <<>> DiG 9.9.4-RedHat-9.9.4-14.el7 <<>> test.westos.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 17266
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1


;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;test.westos.com. IN A


;; AUTHORITY SECTION:
westos.com. 10800 IN SOA dns.westos.com. root.westos.com. 0 86400 3600 604800 10800


;; Query time: 0 msec
;; SERVER: 172.25.254.205#53(172.25.254.205)
;; WHEN: Sat May 06 23:53:06 EDT 2017
;; MSG SIZE  rcvd: 89


[root@server mnt]# dig www.westos.com


; <<>> DiG 9.9.4-RedHat-9.9.4-14.el7 <<>> www.westos.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 23662
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2


;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;www.westos.com. IN A


;; ANSWER SECTION:
www.westos.com. 86400 IN A 172.25.254.105


;; AUTHORITY SECTION:
westos.com. 86400 IN NS dns.westos.com.


;; ADDITIONAL SECTION:
dns.westos.com. 86400 IN A 172.25.254.205


;; Query time: 0 msec
;; SERVER: 172.25.254.205#53(172.25.254.205)
;; WHEN: Sat May 06 23:53:44 EDT 2017
;; MSG SIZE  rcvd: 93


[root@server mnt]# > /var/log/messages 
[root@server mnt]# dig test.westos.com


; <<>> DiG 9.9.4-RedHat-9.9.4-14.el7 <<>> test.westos.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 51898
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2


;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;test.westos.com. IN A


;; ANSWER SECTION:
test.westos.com. 300 IN A 172.25.254.150


;; AUTHORITY SECTION:
westos.com. 86400 IN NS dns.westos.com.


;; ADDITIONAL SECTION:
dns.westos.com. 86400 IN A 172.25.254.205


;; Query time: 0 msec
;; SERVER: 172.25.254.205#53(172.25.254.205)
;; WHEN: Sat May 06 23:55:07 EDT 2017
;; MSG SIZE  rcvd: 94


[root@server mnt]# vim /etc/dhcp/dhcpd.conf 
[root@server mnt]# systemctl status dhcpd.service 
dhcpd.service - DHCPv4 Server Daemon
   Loaded: loaded (/usr/lib/systemd/system/dhcpd.service; disabled)
   Active: active (running) since Sat 2017-05-06 23:49:32 EDT; 7min ago
     Docs: man:dhcpd(8)
           man:dhcpd.conf(5)
 Main PID: 5041 (dhcpd)
   CGroup: /system.slice/dhcpd.service
           └─5041 /usr/sbin/dhcpd -f -cf /etc/dhcp/dhcpd.conf -user dhcpd -grou...


May 06 23:49:34 server dhcpd[5041]: DHCPDISCOVER from 52:54:00:00:05:0a via eth0
May 06 23:49:35 server dhcpd[5041]: DHCPOFFER on 172.25.254.150 to 52:54:00:0...h0
May 06 23:49:35 server dhcpd[5041]: DHCPREQUEST for 172.25.254.150 (172.25.25...h0
May 06 23:49:35 server dhcpd[5041]: DHCPACK on 172.25.254.150 to 52:54:00:00:...h0
May 06 23:49:35 server dhcpd[5041]: Forward map from test.westos.com to 172.2...e.
May 06 23:51:03 server systemd[1]: Started DHCPv4 Server Daemon.
May 06 23:53:39 server dhcpd[5041]: DHCPREQUEST for 172.25.254.150 from 52:54...h0
May 06 23:53:39 server dhcpd[5041]: DHCPACK on 172.25.254.150 to 52:54:00:00:...h0
May 06 23:53:39 server dhcpd[5041]: Added new forward map from test.westos.co...50
May 06 23:53:39 server dhcpd[5041]: Unable to add reverse map from 150.254.25...nd
Hint: Some lines were ellipsized, use -l to show in full.
[root@server mnt]# systemctl restart dhcpd.service 
[root@server mnt]# dig test.westos.com


; <<>> DiG 9.9.4-RedHat-9.9.4-14.el7 <<>> test.westos.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 575
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2


;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;test.westos.com. IN A


;; ANSWER SECTION:
test.westos.com. 300 IN A 172.25.254.189


;; AUTHORITY SECTION:
westos.com. 86400 IN NS dns.westos.com.


;; ADDITIONAL SECTION:
dns.westos.com. 86400 IN A 172.25.254.205


;; Query time: 0 msec
;; SERVER: 172.25.254.205#53(172.25.254.205)
;; WHEN: Sat May 06 23:58:15 EDT 2017
;; MSG SIZE  rcvd: 94


[root@server mnt]# systemctl stop dhcpd.service 
[root@server mnt]# 


客户端:
[root@desktop ~]# ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 172.25.254.105  netmask 255.255.255.0  broadcast 172.25.254.255
        inet6 fe80::5054:ff:fe00:50a  prefixlen 64  scopeid 0x20<link>
        ether 52:54:00:00:05:0a  txqueuelen 1000  (Ethernet)
        RX packets 8643  bytes 961940 (939.3 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 111  bytes 16367 (15.9 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0


lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10<host>
        loop  txqueuelen 0  (Local Loopback)
        RX packets 8  bytes 556 (556.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 8  bytes 556 (556.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0


[root@desktop ~]# hostnamectl set-hostname test.westos.com
[root@desktop ~]# vim /etc/sysconfig/network-scripts/ifcfg-eth0 
[root@desktop ~]# systemctl restart network


  • 0
    点赞
  • 0
    收藏
    觉得还不错? 一键收藏
  • 0
    评论
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值