1.准备环境bind bind-utils
yum info bind
yum info bind-utils
2.清华大学源地址
https://mirrors.tuna.tsinghua.edu.cn/centos-stream/9-stream/
3.准备两台机器的环境
1.cd /etc/yum.repos.d/
2.mkdir bak
3mv -v * bak/
4ls -lhrt
5vim base.repo
1.填入如下内容
[root@localhost yum.repos.d]# cat centos.repo
[baseos]
name=CentOS Stream $releasever - BaseOS
#mirrorlist=http://mirrorlist.centos.org/?release=$stream&arch=$basearch&repo=BaseOS&infra=$infra
baseurl=https://mirrors.ustc.edu.cn/centos-stream/9-stream/BaseOS/$basearch/os/
gpgcheck=1
enabled=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial
[appstream]
name=CentOS Stream $releasever - AppStream
#mirrorlist=http://mirrorlist.centos.org/?release=$stream&arch=$basearch&repo=AppStream&infra=$infra
baseurl=https://mirrors.ustc.edu.cn/centos-stream/9-stream/AppStream/$basearch/os/
gpgcheck=1
enabled=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial
4.清理yum缓存使用
yum clean all
5.缓存yum源的yum信息
yum makecache
6.安装bind-utils
yum -y install bind bind-utils
7.对named进行语法检查
[root@dns-master190 ~]#
[root@dns-master190 ~]# which named-checkconf
/usr/sbin/named-checkconf
[root@dns-master190 ~]# rpm -qf `which named-checkconf`
bind-9.16.23-14.el9.x86_64
8.启动named
Systemctl start named
9.cd /var/named
10.进入配置/etc/named.conf文件在最后加入
zone "wxg.com" IN {
type master;
file "wxg.com.zone";
also-notify { 192.168.8.61; 192.168.8.58; };
allow-transfer { 192.168.8.61; 192.168.8.58;};
allow-update {none;};
notify yes;
};
11.进去/var/named文件
cd /var/named/
12.配置自己域名的.zone文件
touch wxg.com.zone
13.为wxg.com.zone赋予权限
chown -R named. hanyw.com.zone
13.查看权限
14.检查wxg.com wxg.com.zone的语法问题
[root@dns-master61 named]# named-checkzone wxg.com wxg.com.zone
zone wxg.com/IN: loaded serial 2024012312
OK
[root@dns-master190 named]# cat wxg.com.zone
$TTL 7200
hanyw.com. IN SOA wzg.com. admin.wxg.com. (
2024012312
1H
10M
1W
1D )
wxg.com. IN NS ns1.wxg.com.
wxg.com. IN NS ns2.wxg.com.
ns1.wxg.com. IN A 192.168.8.58
ns2.wxg.com. IN A 192.168.8.61
www.wxg.com. IN A 192.168.8.58
www.wxg.com. IN A 192.168.8.61
15.再次检查wxg.com wxg.com zone
[root@dns-master58 named]# named-checkzone wxg.com wxg.com.zone
zone hanyw.com/IN: loaded serial 2024012312
OK
[root@dns-master58 named]# systemctl restart named
[root@dns-master58 named]# dig www.wxg.com @127.0.0.1
; <<>> DiG 9.16.23-RH <<>www.wxg.com @127.0.0.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 51371
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
; COOKIE: 66e369078e8f18e80100000065af1f36aa6b16116bfdc54a (good)
;; QUESTION SECTION:
;www.hanyw.com. IN A
;; ANSWER SECTION:
www.hanyw.com. 7200 IN A 192.168.8.58
www.hanyw.com. 7200 IN A 192.168.8.61
;; Query time: 1 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Tue Jan 23 10:06:46 CST 2024
;; MSG SIZE rcvd: 102
16.重新启动主的named
systemctl restart named
- 编辑从服务器58为从增加配置
zone "wxg.com" IN {
type slave;
file "slaves/wxg.com.zone";
masters { 192.168.8.61; };
masterfile-format text;
- 查看从服务器58的状态
slaves/wxg.com.zone
$ORIGIN .
$TTL 7200 ; 2 hours
wxg.com IN SOA wxg.com. admin.wxg.com. (
2024012312 ; serial
3600 ; refresh (1 hour)
600 ; retry (10 minutes)
604800 ; expire (1 week)
86400 ; minimum (1 day)
)
NS ns1.wxg.com.
NS ns2.wxg.com.
$ORIGIN wxg.com.
ftp A 192.168.8.3
A 192.168.8.4
ns1 A 192.168.8.61
ns2 A 192.168.8.58
www A 192.168.8.1
A 192.168.8.2
~
2.1部署OpenRestry
1.在必应搜索openrestry downlaod index
2.下载最新版本的OpenRestry源码包。
wget -c https://openresty.org/download/openresty-1.25.3.1.tar.gz
3.安装依赖包
yum -y install perl-devel openssl-devel pcre-devel gcc gcc-c++ autoconf make zlib-devel
4.主配置
[root@dns-master61 conf]# cat nginx.conf
#user nobody;
worker_processes 1;
#error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
#pid logs/nginx.pid;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
# log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
#access_log logs/access.log main;
#
#
#
sendfile on;
#tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 65;
#gzip on;
# another virtual host using mix of IP-, name-, and port-based configuration
#
#server {
# listen 8000;
# listen somename:8080;
# server_name somename alias another.alias;
# location / {
# root html;
# index index.html index.htm;
# }
#}
# HTTPS server
#
#server {
# listen 443 ssl;
# server_name localhost;
# ssl_certificate cert.pem;
# ssl_certificate_key cert.key;
# ssl_session_cache shared:SSL:1m;
# ssl_session_timeout 5m;
# ssl_ciphers HIGH:!aNULL:!MD5;
# ssl_prefer_server_ciphers on;
# location / {
# root html;
# index index.html index.htm;
# }
#}
}
stream {
upstream bind-ms {
server 192.168.8.58:53;
server 192.168.8.61:53;
# access_log logs/proxy-bind-access.log ;
# error_log logs/proxy-bind-error.log error;
}
server {
listen 53 udp;
proxy_pass bind-ms;
proxy_timeout 120s;
# access_log logs/proxy-bind-access.log ;
error_log logs/proxy-bind-error.log error;
}
}
2.从配置
[root@dns-slave61 conf]# cat nginx.conf
#user nobody;
worker_processes 1;
#error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
#pid logs/nginx.pid;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
# log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
#access_log logs/access.log main;
#
#
#
sendfile on;
#tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 65;
#gzip on;
# server {
# listen 80;
# server_name localhost;
#charset koi8-r;
#access_log logs/host.access.log main;
# location / {
# root html;
# index index.html index.htm;
# }
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
# error_page 500 502 503 504 /50x.html;
# location = /50x.html {
# root html;
# }
# proxy the PHP scripts to Apache listening on 127.0.0.1:80
#
#location ~ \.php$ {
# proxy_pass http://127.0.0.1;
#}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
#location ~ \.php$ {
# root html;
# fastcgi_pass 127.0.0.1:9000;
# fastcgi_index index.php;
# fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
# include fastcgi_params;
#}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
#}
# another virtual host using mix of IP-, name-, and port-based configuration
#
#server {
# listen 8000;
# listen somename:8080;
# server_name somename alias another.alias;
# location / {
# root html;
# index index.html index.htm;
# }
#}
# HTTPS server
#
#server {
# listen 443 ssl;
# server_name localhost;
# ssl_certificate cert.pem;
# ssl_certificate_key cert.key;
# ssl_session_cache shared:SSL:1m;
# ssl_session_timeout 5m;
# ssl_ciphers HIGH:!aNULL:!MD5;
# ssl_prefer_server_ciphers on;
# location / {
# root html;
# index index.html index.htm;
# }
#}
}
stream {
upstream bind-ms {
server 192.168.8.58:53;
server 192.168.8.61:53;
# access_log logs/proxy-bind-access.log ;
# error_log logs/proxy-bind-error.log error;
}
server {
listen 53 udp;
proxy_pass bind-ms;
proxy_timeout 120s;
# access_log logs/proxy-bind-access.log ;
error_log logs/proxy-bind-error.log error;
}
}
实验总结:注意配置文件格式
注意符号语言环境等因素可能会导致报错