DNS服务正向解析
服务端IP | 客户端IP | 网址 |
192.168.137.130 | 192.168.137.131 | www.openlab.com |
第一步:准备(关闭防火墙,配置静态IP)
服务端192.168.137.130配置:
[root@server ~]# setenforce 0
[root@server ~]# systemctl stop firewalld
[root@server ~]# yum install bind -y
[root@server ~]# nmcli c modify ens33 ipv4.method manual ipv4.addresses
192.168.137.130/24 ipv4.gateway 192.168.137.2 ipv4.dns 114.114.114.114
[root@server ~]# nmcli c reload
[root@server ~]# nmcli c up ens33
客户端192.168.137.131配置:
[root@server ~]# setenforce 0
[root@server ~]# systemctl stop firewalld
[root@server ~]# nmcli c modify ens33 ipv4.method manual ipv4.addresses
192.168.137.131/24 ipv4.gateway 192.168.137.2 ipv4.dns 114.114.114.114
[root@server ~]# nmcli c reload
[root@server ~]# nmcli c up ens33
第二步:DNS配置
1.服务端配置
[root@server ~]# vim /etc/named.conf
listen-on port 53 { any; }; # 修改为any
allow-query { any; };
[root@server ~]# vim /etc/named.rfc1912.zones
zone "openlab.com" IN {
type master;
file "openlab.com.zone";
allow-update { none; };
};
[root@server ~]# cd /var/named
[root@server named]# cp -a named.localhost openlab.com.zone # -a 完整拷贝
[root@server named]# vim openlab.com.zone
$TTL
1D
openlab.com.
IN SOA ns.openlab.com. admin.openlab.com. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
openlab.com. IN NS ns.openlab.com.
ns.openlab.com. IN A
192
.168.137.130
www.openlab.com. IN A
192
.168.137.130
ftp.openlab.com. IN A
192
.168.137.130
bbs.openlab.com. IN A
192
.168.137.130
www1.openlab.com. IN CNAME www.openlab.com.
[root@server named]# systemctl restart named #重启服务
第三步:测试
客户端:
[root@node1 ~]# vim /etc/sysconfig/network-scripts/ifcfg-ens33
dns=192.168.137.130; # dns改为服务端的IP地址
[root@node1 ~]# nmcli c reload
[root@node1 ~]# nmcli c up ens33
#客户端测试
[root@node1 ~]# nslookup www.openlab.com
![](https://img-blog.csdnimg.cn/direct/a77bf76d653f497797eae3048b7a2144.png)
DNS服务反向解析
服务端IP | 客户端IP | 网址 |
192.168.137.130 | 192.168.137.131 | www.openlab.com |
第一步:准备(关闭防火墙,配置静态IP)
与正向解析一致
配置静态IP时,客户端的DNS可以直接配置成服务端IP地址,后续不用再配置
第二步:DNS配置
1.服务端配置
[root@server ~]# vim /etc/named.conf
listen-on port 53 { any; }; # 修改为any
allow-query { 192.168.137.131; }; #可以写成any,也可以是IP地址
[root@server ~]# vim /etc/named.rfc1912.zones
zone "
137.168.192.in-addr.arpa
" IN {
type master;
file "
192.168.137.arpa
";
allow-update { none; };
};
[root@server ~]# cd /var/named
[root@server named]# cp -a named.localhost
192.168.137.arpa
# -a 完整拷贝
[root@server named]# vim
192.168.137.arpa
$TTL
1D
@ IN SOA ns.openlab.com.
jenny.qq.com.
(
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
IN NS ns.openlab.com.
ns
.openlab.com.
IN A 192.168.137.130
130 IN PRT ns.openlab.com.
130 IN PRT
www.openlab.com.
130 IN PRT
ftp.openlab.com.
[root@server named]# systemctl restart named #重启服务
第三步:客户端测试
[root@node1 ~]# nslookup 192.168.137.130
![](https://img-blog.csdnimg.cn/direct/4df9681945fe4e02a7094c2fed0ed7da.png)