先搭建dns主服务器192.168.0.112 ,安装bind服务
修改主配置文件/etc/named.conf中文件
options {
//listen-on port 53 { 127.0.0.1; }; #注释该行,让本服务器ip监听53端口
allow-query { 192.168.0.0/24; }; # 修改改行,允许该网段的ip使用dns服务器
allow-transfer { 192.168.0.113; }; #新增改行,只允许从dns服务器拉取数据
};
修改zone文件/etc/named.rfc1912.zones,新增一个zone,用于解析dcrfan.com域
zone "dcrfan.com" IN {
type master;#定义类型为主dns服务器
file "dcrfan.com.zone";#定义该域数据文件位置
};
新增dns数据记录文件dcrfan.com.zone,注意权限,让named账户能读取该文件,文件在/var/named 目录下
-rw-r-----. 1 root named 152 Jun 21 2007 dcrfan.com.zone
@ IN SOA dns1.dcrfan.com. admin.dcrfan.com. (
0
1D
1H
1W
3H )
NS dns1
NS dns2
dns1 A 192.168.0.112
dns2 A 192.168.0.113
srv A 192.168.0.116
srv A 192.168.0.117
www CNAME srv
启动服务,在远程客户端使用dig 命令测试
[root@centos6 ~]# dig www.dcrfan.com @192.168.0.112
; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.62.rc1.el6 <<>> www.dcrfan.com @192.168.0.112
;; global options: +cmd
;; Got answer:
;; ->>HEADER<
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 2, ADDITIONAL: 2
;; QUESTION SECTION:
;www.dcrfan.com. IN A
;; ANSWER SECTION:
www.dcrfan.com. 86400 IN CNAME srv.dcrfan.com.
srv.dcrfan.com. 86400 IN A 192.168.0.117
srv.dcrfan.com. 86400 IN A 192.168.0.116
;; AUTHORITY SECTION:
dcrfan.com. 86400 IN NS dns2.dcrfan.com.
dcrfan.com. 86400 IN NS dns1.dcrfan.com.
;; ADDITIONAL SECTION:
dns1.dcrfan.com. 86400 IN A 192.168.0.112
dns2.dcrfan.com. 86400 IN A 192.168.0.113
;; Query time: 1 msec
;; SERVER: 192.168.0.112#53(192.168.0.112)
;; WHEN: Thu Jan 10 16:09:29 2019
;; MSG SIZE rcvd: 152
搭建从dns服务器192.168.0.113 ,安装dns服务
修改主配置文件/etc/named.conf中文件
options {
//listen-on port 53 { 127.0.0.1; }; #注释该行,让本服务器ip监听53端口
allow-query { 192.168.0.0/24; }; # 修改改行,允许该网段的ip使用dns服务器
allow-transfer { none; }; #新增改行,不允许任何dns服务器拉取数据
};
修改zone文件/etc/named.rfc1912.zones,新增一个zone,用于解析dcrfan.com域
zone "dcrfan.com" IN {
type slave;#定义类型是从dns服务器
masters { 192.168.0.112; }; #指定主dns服务器
file "slaves/dcrfan.com.slave.zone"; #dns记录数据存放位置
};
启动dns服务,查看dns数据文件已经同步到slaves文件夹下
[root@localhost ~]# ll /var/named/slaves/dcrfan.com.slave.zone
-rw-r--r--. 1 named named 371 Jan 10 16:38 /var/named/slaves/dcrfan.com.slave.zone
在远程客户端使用dig 命令测试
[root@centos6 ~]# dig www.dcrfan.com @192.168.0.113
; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.62.rc1.el6 <<>> www.dcrfan.com @192.168.0.113
;; global options: +cmd
;; Got answer:
;; ->>HEADER<
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 2, ADDITIONAL: 2
;; QUESTION SECTION:
;www.dcrfan.com. IN A
;; ANSWER SECTION:
www.dcrfan.com. 86400 IN CNAME srv.dcrfan.com.
srv.dcrfan.com. 86400 IN A 192.168.0.117
srv.dcrfan.com. 86400 IN A 192.168.0.116
;; AUTHORITY SECTION:
dcrfan.com. 86400 IN NS dns2.dcrfan.com.
dcrfan.com. 86400 IN NS dns1.dcrfan.com.
;; ADDITIONAL SECTION:
dns1.dcrfan.com. 86400 IN A 192.168.0.112
dns2.dcrfan.com. 86400 IN A 192.168.0.113
;; Query time: 4 msec
;; SERVER: 192.168.0.113#53(192.168.0.113)
;; WHEN: Thu Jan 10 16:41:18 2019
;; MSG SIZE rcvd: 152
配置com dns服务器192.168.0.114 ,安装dns服务
修改主配置文件/etc/named.conf中文件
options {
//listen-on port 53 { 127.0.0.1; }; #注释该行,让本服务器ip监听53端口
//allow-query { 192.168.0.0/24; }; # 注释改行,允许所有ip使用dns服务器
dnssec-enable no;
dnssec-validation no; #都修改为no
};
修改zone文件/etc/named.rfc1912.zones,新增一个zone,用于解析com域和指派dcrfan.com域(使用dns转发)
zone "dcrfan.com" IN {
type forward;
forward first;
forwarders { 192.168.0.112; 192.168.0.113;};
};
启动服务,在远程客户端使用dig 命令测试
[root@centos6 ~]# dig www.dcrfan.com @192.168.0.114
; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.62.rc1.el6 <<>> www.dcrfan.com @192.168.0.114
;; global options: +cmd
;; Got answer:
;; ->>HEADER<
;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 2, ADDITIONAL: 2
;; QUESTION SECTION:
;www.dcrfan.com. IN A
;; ANSWER SECTION:
www.dcrfan.com. 86400 IN CNAME srv.dcrfan.com.
srv.dcrfan.com. 86400 IN A 192.168.0.117
srv.dcrfan.com. 86400 IN A 192.168.0.116
;; AUTHORITY SECTION:
dcrfan.com. 86400 IN NS dns2.dcrfan.com.
dcrfan.com. 86400 IN NS dns1.dcrfan.com.
;; ADDITIONAL SECTION:
dns1.dcrfan.com. 86400 IN A 192.168.0.112
dns2.dcrfan.com. 86400 IN A 192.168.0.113
;; Query time: 14 msec
;; SERVER: 192.168.0.114#53(192.168.0.114)
;; WHEN: Thu Jan 10 17:18:21 2019
;; MSG SIZE rcvd: 152
配置根 dns服务器192.168.0.115 ,安装dns服务
修改主配置文件/etc/named.conf中文件
options {
//listen-on port 53 { 127.0.0.1; }; #注释该行,让本服务器ip监听53端口
//allow-query { 192.168.0.0/24; }; # 注释改行,允许所有ip使用dns服务器
dnssec-enable no;
dnssec-validation no; #都修改为no
};
zone "." IN { #删除这个根zone
type hint;
file "named.ca";
};
修改zone文件/etc/named.rfc1912.zones,新增一个zone,用于解析根域
zone "." IN {
type master;#定义类型为主dns服务器
file "root.zone";#定义该域数据文件位置
};
新增dns数据记录文件root.zone,注意权限,让named账户能读取该文件
文件在新增dns数据记录文件dcrfan.com.zone,注意权限,让named账户能读取该文件,文件在/var/named下
$TTL 1D
@ IN SOA dns1. admin. (
0
1D
1H
1W
3H )
NS dns1
com NS dns2 #指派com域到192.168.0.114管理
dns1 A 192.168.0.115
dns2 A 192.168.0.114
启动服务,在远程客户端使用dig 命令测试
[root@centos6 ~]# dig www.dcrfan.com @192.168.0.115
; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.62.rc1.el6 <<>> www.dcrfan.com @192.168.0.115
;; global options: +cmd
;; Got answer:
;; ->>HEADER<
;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 2, ADDITIONAL: 2
;; QUESTION SECTION:
;www.dcrfan.com. IN A
;; ANSWER SECTION:
www.dcrfan.com. 84281 IN CNAME srv.dcrfan.com.
srv.dcrfan.com. 86400 IN A 192.168.0.117
srv.dcrfan.com. 86400 IN A 192.168.0.116
;; AUTHORITY SECTION:
dcrfan.com. 84281 IN NS dns2.dcrfan.com.
dcrfan.com. 84281 IN NS dns1.dcrfan.com.
;; ADDITIONAL SECTION:
dns1.dcrfan.com. 84281 IN A 192.168.0.112
dns2.dcrfan.com. 84281 IN A 192.168.0.113
;; Query time: 14 msec
;; SERVER: 192.168.0.115#53(192.168.0.115)
;; WHEN: Thu Jan 10 17:53:40 2019
;; MSG SIZE rcvd: 152
`
配置缓存服务器192.168.0.108 ,安装named服务
修改主配置文件/etc/named.conf中文件
options {
//listen-on port 53 { 127.0.0.1; }; #注释该行,让本服务器ip监听53端口
//allow-query { 192.168.0.0/24; }; # 注释改行,允许所有ip使用dns服务器
dnssec-enable no;
dnssec-validation no; #都修改为no
};
修改named.ca文件,让它的根指向我们搭建跟服务器192.168.0.115
. 518400 IN NS a.root-servers.net.
a.root-servers.net. 3600000 IN A 192.168.0.115
启动服务,在远程客户端使用dig 命令测试
[root@centos6 ~]# dig www.dcrfan.com @192.168.0.109
; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.62.rc1.el6 <<>> www.dcrfan.com @192.168.0.109
;; global options: +cmd
;; Got answer:
;; ->>HEADER<
;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 2, ADDITIONAL: 2
;; QUESTION SECTION:
;www.dcrfan.com. IN A
;; ANSWER SECTION:
www.dcrfan.com. 83143 IN CNAME srv.dcrfan.com.
srv.dcrfan.com. 86400 IN A 192.168.0.116
srv.dcrfan.com. 86400 IN A 192.168.0.117
;; AUTHORITY SECTION:
dcrfan.com. 83143 IN NS dns1.dcrfan.com.
dcrfan.com. 83143 IN NS dns2.dcrfan.com.
;; ADDITIONAL SECTION:
dns2.dcrfan.com. 83143 IN A 192.168.0.113
dns1.dcrfan.com. 83143 IN A 192.168.0.112
;; Query time: 16 msec
;; SERVER: 192.168.0.109#53(192.168.0.109)
;; WHEN: Thu Jan 10 18:12:37 2019
;; MSG SIZE rcvd: 152
然后搭建两个web服务器测试,分别安装httpd服务,并修改主页,启动服务测试
echo dcrfan1 > /var/www/html/index.html
echo dcrfan2 > /var/www/html/index.html
分别用ip正常访问
[root@centos6 ~]# curl 192.168.0.116
dcrfan1
[root@centos6 ~]# curl 192.168.0.117
dcrfan2
修改客服端的dns指向缓存dns服务器192.168.0.109
网卡中加入DNS1=192.168.0.109,重启网络服务测试
[root@centos6 ~]# curl www.dcrfan.com
dcrfan2
[root@centos6 ~]# curl www.dcrfan.com
dcrfan1
清理dns缓存,在各个dns服务器执行rndc flush命令
停掉主dns的服务,继续测试,从服务器可以使用
[root@centos6 ~]# curl www.dcrfan.com
dcrfan2
[root@centos6 ~]# curl www.dcrfan.com
dcrfan2
[root@centos6 ~]# curl www.dcrfan.com
dcrfan1