实验环境:本实验环境基于上片的加密更新环境
网络服务端
1,修改主机名
[root@localhost ~]# hostnamectl set-hostname linux.westos.com
[root@localhost ~]# hostname
linux.westos.com
2,编辑ifcfg-eth0文件,设置为dhcp类型
[root@dns-server named]# vim /etc/sysconfig/network-scripts/ifcfg-eth0
3,重启网络
服务端
1,安装dhcpd软件
[root@dns-server named]# yum install dhcp -y
2,配置dhcp池
[root@dns-server named]# vim /etc/dhcp/dhcpd.conf
option domain-name "westos.com"; <<<<<<
option domain-name-servers 172.25.254.100; <<<<<<域名服务器 本机ip
27,28行删除
subnet 172.25.254.0 netmask 255.255.255.0 { <<<<<<<<网络位 子网掩码
range 172.25.254.91 172.25.254.99; <<<<<<<<dhcp池
option routers 172.25.254.100; <<<<<<<<网关 本机ip
}
34行之后的都删除
4,重启dhcp,测试网络服务端是否可以动态获取ip
[root@dns-server named]# systemctl restart dhcpd
可以看到ip是172.25.254.91,dhcp服务配置完成
5,ddns-update-style,key语句块和zone语句块
[root@dns-server named]# vim /etc/dhcp/dhcpd.conf
# Use this to enble / disable dynamic dns updates globally.
#ddns-update-style none;
ddns-update-style interim; <<<<<<<<ddns-update-style
subnet 172.25.254.0 netmask 255.255.255.0 {
range 172.25.254.91 172.25.254.99;
option routers 172.25.254.100;
}
key语句块和zone语句块是基于加密更新的
key westos { <<<<<<<<<< 钥匙名称westos
algorithm hmac-md5;
secret 8yKPqOobwPhLD6ZvQKQWOw==; <<<<<<<<<< cat /etc/westos.key
};
zone westos.com. { <<<<<<<<要维护的域
primary 127.0.0.1; <<<<<<<<本地回环接口
key westos; <<<<<<<<钥匙名称
}
6,重启服务
[root@dns-server named]# systemctl restart dhcpd
客户端
1,nameserver 172.25.254.100 >>>服务端ip 这个非常重要
2,dig测试
[root@dns-server named]# dig linux.westos.com
; <<>> DiG 9.9.4-RedHat-9.9.4-14.el7 <<>> linux.westos.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 62110
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;linux.westos.com. IN A
;; ANSWER SECTION:
linux.westos.com. 300 IN A 172.25.254.91 <<<这与网络服务器的ip相符
;; AUTHORITY SECTION:
westos.com. 86400 IN NS dns.westos.com.
;; ADDITIONAL SECTION:
dns.westos.com. 86400 IN A 172.25.254.100
;; Query time: 0 msec
;; SERVER: 172.25.254.100#53(172.25.254.100)
;; WHEN: Tue May 22 11:46:19 EDT 2018
;; MSG SIZE rcvd: 95
3,修改dhcp池,使网络服务端ip不为91,重启dhcp
[root@dns-server named]# vim /etc/dhcp/dhcpd.conf
range 172.25.254.92 172.25.254.99;
[root@dns-server named]# systemctl restart dhcpd
4,修改网络服务器主机名,重启网络服务,查看ip
注意:这里不修改主机名也行,这样dig同一个主机名,得到的ip有差别(修改dhcp池,使之动态获取),符合动态解析
5,客户端dig测试
[root@foundation156 mnt]# dig tiangou.westos.com
; <<>> DiG 9.9.4-RedHat-9.9.4-14.el7 <<>> tiangou.westos.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 52034
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;tiangou.westos.com. IN A
;; ANSWER SECTION:
tiangou.westos.com. 300 IN A 172.25.254.92 <<<<动态解析成功!!!
;; AUTHORITY SECTION:
westos.com. 86400 IN NS dns.westos.com.
;; ADDITIONAL SECTION:
dns.westos.com. 86400 IN A 172.25.254.100
;; Query time: 0 msec
;; SERVER: 172.25.254.100#53(172.25.254.100)
;; WHEN: Tue May 22 23:52:50 CST 2018
;; MSG SIZE rcvd: 97