DNS配置_modify the primary and secondary dns addresses to -CSDN博客

本文链接：https://blog.csdn.net/m0_53211602/article/details/113528551

前期准备

centos7.2
关闭seliunx与firewalld
节点规划

ip 主机名节点
172.16.1.27 mail Mail 服务器、DNS 主服务器
172.16.1.28 dns DNS从服务器

ip	主机名	节点
172.16.1.27	mail	Mail 服务器、DNS 主服务器
172.16.1.28	dns	DNS从服务器

删除网卡dns行

vi /etc/sysconfig/network-scripts/ifcfg-eno16777736
#DNS1=114.114.114.114

部署主服务器

安装Bind服务程序

安装

 [root@mail ~]# yum -y install bind-chroot

配置参数

[root@mail ~]# vim /etc/named.conf
listen-on port 53 { any; }; //监听所有的ip ，此处可以根据需要设置需要监听的 IP
also-notify { any;}; // 允许所有的查询

检查

[root@mail ~]# named-checkconf /etc/named.conf

正向解析实验

创建转发域

[root@mail ~]# cp -af /var/named/named.localhost /var/named/testmail.com.zone

[root@mail ~]# vi /var/named/testmail.com.zone
$TTL 1D
@       IN SOA testmail.com. dns.testmail.com. (
                                        0       ; serial
                                        1D      ; refresh
                                        1H      ; retry
                                        1W      ; expire
                                        3H )    ; minimum
        IN NS dns.testmail.com.
        IN MX 10 mail
dns  IN A 172.16.1.27
mail IN A 172.16.1.27
www  IN A 172.16.1.27
smtp IN A 172.16.1.27

修改区域配置文件


[root@mail ~]# vi /etc/named.rfc1912.zones
在最后追加
zone "testmail.com" IN {
type master;
file "testmail.com.zone";
};

检查

[root@mail ~]# named-checkzone testmailcom /var/named/testmail.com.zone
zone testmailcom/IN: loaded serial 0
OK

启动named服务
```
[root@mail ~]# systemctl start named
```

添加域名服务器 IP

[root@mail ~]# vi /etc/resolv.conf
server 172.16.1.27

测试

[root@mail ~]# nslookup dns.testmail.com
Server:         172.16.1.27
Address:        172.16.1.27#53

Name:   dns.testmail.com
Address: 172.16.1.27

反向解析实验

修改区域配置文件

[root@mail ~]# vi /etc/named.rfc1912.zones
在最后追加
zone "100.168.192.in-addr.arpa" IN {
type master;
file "30.100.168.192.in-addr.local";
};

[root@mail ~]# cp -a /var/named/testmail.com.zone /var/named/27.1.16.172.in-addr.local

[root@mail ~]# vi /var/named/27.1.16.172.in-addr.local
$TTL 1D
@       IN SOA ns.testmail.com. admin.testmail.com. (
                                        0       ; serial
                                        1D      ; refresh
                                        1H      ; retry
                                        1W      ; expire
                                        3H )    ; minimum
        IN NS dns.testmail.com.
27      IN PTR mail.testmail.com.
27      IN PTR www.testmail.com.

检查

[root@mail named]# cd /var/named
[root@mail named]# named-checkzone 1.16.172.in-addr.arpa /var/named/27.1.16.172.in-addr.local
zone 1.16.172.in-addr.arpa/IN: loaded serial 0
OK

重启检验

[root@mail named]# systemctl restart named
[root@mail named]# nslookup
> 172.16.1.27
27.1.16.172.in-addr.arpa        name = mail.testmail.com.
27.1.16.172.in-addr.arpa        name = www.testmail.com.
> exit

部署从服务器

安装

 [root@dns ~]# yum -y install bind-chroot

配置参数

[root@dns ~]# vim /etc/named.conf
listen-on port 53 { any; }; //监听所有的ip ，此处可以根据需要设置需要监听的 IP
also-notify { any;}; // 允许所有的查询

修改区配置文件

[root@dns ~]# vi /etc/named.rfc1912.zones
zone "testmail.com" IN {
type slave;
file "slaves/slavertestmail.com.zone";
masters {172.16.1.27;};   
};

zone "1.16.172.in-addr.arpa" IN {
type slave;
file "slaves/27.1.16.172.in-addr.local";
masters {172.16.1.27;};
};

检查

[root@dns ~]# named-checkconf /etc/named.rfc1912.zones

添加域名服务器 IP并重启

[root@dns ~]# vi /etc/resolv.conf
server 172.16.1.27
server 172.16.1.28
[root@dns ~]# systemctl restart named

在主服务器上模拟故障

[root@mail named]# systemctl stop named

测试

[root@dns ~]# nslookup dns.testmail.com
Server:         127.0.0.1
Address:        127.0.0.1#53

Name:   dns.testmail.com
Address: 172.16.1.27
[root@dns ~]# nslookup 172.16.1.27
27.1.16.172.in-addr.arpa        name = www.testmail.com.
27.1.16.172.in-addr.arpa        name = mail.testmail.com.