配置dns的正反向解析
一.配置正向解析
1.安装软件
[root@server ~]# yum install bind -y
2.服务端设置静态
[root@server ~]# setenforce 0所 setenforce: SELinux is disabled
[root@server ~]# systemctl stop firewalld
[root@server ~]# nmcli connection modify ens160 ipv4.method manual ipv4.addresses 192.16
8.37.148/24 ipv4.gateway 192.168.37.2 ipv4.dns 114.114.114.114
[root@server ~]# nmcli connection reload[root@server ~]# nmcli connection up ensl60
连接已成功激活(D-Bus 活动路径:/org/freedesktop/NetworkManager/ActiveConnection/3)
3.客户端设置静态,dns设置为服务端的ip地址
[root@node1 ~]# nmcli connection modify ens160 ipv4.method manual ipv4.addresses 192.168.37.149/24 ipv4.gateway 192.168.37.2 ipv4.dns 192.168.37.149
[root@node1 ~]# nmcli connection reload[root@nodel ~]# nmcli connection up ens160
连接已成功激活(D-Bus 活动路径:/org/freedesktop/NetworkManager/ActiveCo nnection/4)
4.vim /etc/named.conf
options {
listen-on port 53 { any; }; listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache dump.db";
statistics-file "/var/named/data/named stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
secroots-file "/var/named/data/named.secroots" ;
recursing-file "/var/named/data/named.recursing";
allow-query {any;};
5.vim /etc/named.rfc1912.zones 修改配置文件
zone "openlab.com" IN{
type master;
file "openlab.com.zone";
allow-update { none;};
};
zone "localhost.localdomain" IN{
type master;
file "named.localhost";
allow-update { none;};
};
6.服务端操作,编辑数据配置文件,使用拷贝命令将正向解析模版文件(named.localhost)
复制一份,打开后修改局部即可。并重启服务
[root@server ~]# cd /var/named/
[rootdserver named]# ls
data dynamic named.ca named.empty named.localhost named.loopback slaves
[root@server named]# cp -a named.localhost openlab.com.zone
[root@server named]# vim openlab.com.zone
[root@server named]#
$TTL 1D
openlab.com. IN SOA ns.openlab.com. admin.openlab.com.(
0 ;serial
10 ;refresh
1H ;retry
1w ;expire
3H ) ;minimum
openlab.com. IN NS ns.openlab.com.
ns.openlab.com. IN A 192.168.37.148
www.openlab.com. IN A 192.168.37.148
ftp.openlab.com. IN A 192.168.37.148
bbs.openlab.com. IN A 192.168.37.148
wwwl.openlab.com. IN CNAME www.openlab.com.
7.测试
[root@node1 ~]# nslookup
> www.openlab.com
Server: 192.168.37.148
Address: 192.168.37.148#53
Name: www.openlab.com
Address:192,168.37.148> wwwl.openlab.com
Server: 192.168.37.148
Address: 192.168.37.148#53
wwwl.openlab.com canonical name = www.openlab.com.
Name: www.openlab.com
Address: 192.168.37.148
>
[root@node1 ~]# host www.openlab.com
www.openlab.com has address 192.168.37.148
2.配置反向解析
1.直接配置区域配置文件,主配置文件不变
type master;
file "named.loopback";
allow-update { none;};
};
zone "0.in-addr.arpa" IN{
type master;
file "named.empty" ;
allow-update { none; };
};
zone "231.168.192.in-addr.arpa" IN{
type master;
file "192.168.37.arpa";
allow-update { none; };
};
2.服务端操作,编辑方向解析的数据配置文件,根据模版(named.loopback)复制一份,
修改文件名,在修改局部数据,主要是要注意最后要加上点
$TTL 1D
@ IN SOA ns.openlab.com. admin.openlab.com.(
0 ;serial
1D ;refresh
1H ;retry
1W ;expire
3H ) ;minimum
132 IN NS ns.openlab.com.
132 IN PTR ns.openlab.com.
132 IN PTR www.openlab.com.
132 IN PTR ftp.openlab.com.
132 IN PTR bbs.openlab.com.
3.重启服务并测试
[root@server named]# vim 192.168.37.arpa
[root@server named]# systemctl restart named.
[rootdserver named]# nslookup 192.168.37.148
4.测试
[root@server named]# systemctl restart named
[root@server named]# nslookup 192,168.37.148
**server can't find 148.37.168.192.in-addr.arpa: NXDOMAIN
[root@server named]#