1、准备
例:两台192.168.11.10(主),192.168.11.11(从),域名www.test1.com
# 主从DNS服务器均需要安装bind、bind-chroot、bind-utils
yum -y install bind bind-utils bind-chroot
# 如果防火墙开启,配置防火墙,添加服务(防火墙已禁用则忽略)
firewall-cmd --permanent --add-service=dns
firewall-cmd --reload
2、主DNS服务器(192.168.11.10)配置
# 编辑配置文件
vim /etc/named.conf
# 找到其中两行
listen-on port 53 { 127.0.0.1; };
allow-query { localhost; };
# 修改为
listen-on port 53 { any; };
allow-query { any; };
3、配置正向解析
# 编辑文件/etc/named.rfc1912.zones,在末尾添加需要解析的域
zone "test1.com" IN {
type master;
file "data/test1.com.zone";
};
# 创建test1.com.zone解析域
vim /var/named/data/test1.com.zone
$TTL 3H
@ IN SOA test1.com. root (
20180928 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
IN NS @
IN A 192.168.11.10
www IN A 192.168.11.10
ftp IN A 192.168.11.10
# 编辑/etc/resolv.conf,添加
search localdomain
nameserver 192.168.11.10
4、重启DNS服务器
# 重启named
systemctl restart named
# 查看状态
systemctl status named
5、检查解析是否成功
# ping命令验证
ping -c 4 www.test1.com
# 输出如下即解析成功
PING www.test1.com (192.168.11.10) 56(84) bytes of data.
64 bytes from ftp.test1.com (192.168.11.10): icmp_seq=1 ttl=64 time=0.033 ms
64 bytes from ftp.test1.com (192.168.11.10): icmp_seq=2 ttl=64 time=0.058 ms
64 bytes from ftp.test1.com (192.168.11.10): icmp_seq=3 ttl=64 time=0.066 ms
64 bytes from ftp.test1.com (192.168.11.10): icmp_seq=4 ttl=64 time=0.057 ms
--- www.test1.com ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3000ms
rtt min/avg/max/mdev = 0.033/0.053/0.066/0.014 ms
# nslookup命令验证
nslookup
>www.test1.com
# 输出如下即解析成功
Server: 192.168.11.10
Address: 192.168.11.10#53
Name: www.test1.com
Address: 192.168.11.10
6、配置反向解析
# 编辑文件/etc/named.rfc1912.zones,在末尾添加
vim etc/named.rfc1912.zones
zone "11.168.192.in-addr.arpa" IN {
type master;
file "data/11.168.192.zone";
};
# 创建11.168.192.zone解析域
vim /var/named/data/11.168.192.zone
$TTL 3H
@ IN SOA web3.com. root (
20180928; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
@ IN NS www.test1.com.
10 IN PTR www.test1.com.
10 IN PTR ftp.test1.com.
7、重启DNS服务器
# 重启named
systemctl restart named
# 查看状态
systemctl status named
8、检查解析是否成功
# ping命令验证
ping -c 4 192.168.11.10
# 输出如下即解析成功
PING 192.168.11.10 (192.168.11.10) 56(84) bytes of data.
64 bytes from 192.168.11.10: icmp_seq=1 ttl=64 time=0.061 ms
64 bytes from 192.168.11.10: icmp_seq=2 ttl=64 time=0.058 ms
64 bytes from 192.168.11.10: icmp_seq=3 ttl=64 time=0.081 ms
64 bytes from 192.168.11.10: icmp_seq=4 ttl=64 time=0.060 ms
--- 192.168.11.10 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3000ms
rtt min/avg/max/mdev = 0.058/0.065/0.081/0.009 ms
# nslookup命令验证
nslookup 192.168.11.10
# 输出如下即解析成功
Server: 192.168.11.10
Address: 192.168.11.10#53
10.11.168.192.in-addr.arpa name = ftp.test1.com.
10.11.168.192.in-addr.arpa name = www.test1.com.
9、配置从DNS服务器(192.168.11.11)
# 先修改主DNS服务器(192.168.11.10)的配置/etc/named.rfc1912.zones
vim /etc/named.rfc1912.zones
zone "test1.com" IN {
type master;
file "data/test1.com.zone";
allow-transfer {192.168.11.11;};
notify yes;
also-notify {192.168.11.11;};
};
zone "11.168.192.in-addr.arpa" IN {
type master;
file "data/11.168.192.zone";
allow-transfer {192.168.11.11;};
notify yes;
also-notify {192.168.11.11;};
};
10、配置从DNS服务器(192.168.11.11)正向解析
# 编辑named.conf文件
vim /etc/named.conf
# 找到其中两行
listen-on port 53 { 127.0.0.1; };
allow-query { localhost; };
# 修改为
listen-on port 53 { any; };
allow-query { any; };
# 编辑文件/etc/named.rfc1912.zones,在末尾添加需要解析的域
vim /etc/named.rfc1912.zones
zone "test1.com" IN {
type slave;
file "data/test1.com.zone"; };
masters { 192.168.11.10; };
# 创建test1.com.zonek空文件
touch /var/named/data/test1.com.zone
# 设置所有者
chown named:named test1.com.zone
# 编辑/etc/resolv.conf,添加
vim /etc/resolv.conf
search localdomain
nameserver 192.168.11.11
11、重启DNS服务器
# 重启named
systemctl restart named
# 查看状态
systemctl status named
12、检测解析是否成功
# ping命令验证
ping -c 4 www.test1.com
# 输出如下即解析成功
PING www.test1.com (192.168.11.10) 56(84) bytes of data.
64 bytes from ftp.test1.com (192.168.11.10): icmp_seq=1 ttl=64 time=0.033 ms
64 bytes from ftp.test1.com (192.168.11.10): icmp_seq=2 ttl=64 time=0.058 ms
64 bytes from ftp.test1.com (192.168.11.10): icmp_seq=3 ttl=64 time=0.066 ms
64 bytes from ftp.test1.com (192.168.11.10): icmp_seq=4 ttl=64 time=0.057 ms
--- www.test1.com ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3000ms
rtt min/avg/max/mdev = 0.033/0.053/0.066/0.014 ms
# nslookup命令验证
nslookup
>www.test1.com
# 输出如下即解析成功
Server: 192.168.11.11
Address: 192.168.11.11#53
Name: www.test1.com
Address: 192.168.11.10
13、配置从DNS服务器(192.168.11.11)反向解析
# 在文件/etc/named.rfc1912.zones中添加
vim etc/named.rfc1912.zones
zone "11.168.192.in-addr.arpa" IN {
type master;
file "data/11.168.192.zone";
masters { 192.168.11.10; };
};
# 创建空文件11.168.192.zone
touch /var/named/data/11.168.192.zone
# 设置所有者
chown named:named 11.168.192.zone
14、重启DNS服务器
# 重启named
systemctl restart named
# 查看状态
systemctl status named
15、查看文件/var/named/data/test1.com.zone和/var/named/data/11.168.192.zone是否有二进制数据
cat /var/named/data/test1.com.zone
cat /var/named/data/11.168.192.zone
16、检查解析是否成功
# ping命令验证
ping -c 4 192.168.11.11
# 输出如下即解析成功
PING 192.168.11.11 (192.168.11.11) 56(84) bytes of data.
64 bytes from 192.168.11.11: icmp_seq=1 ttl=64 time=0.061 ms
64 bytes from 192.168.11.11: icmp_seq=2 ttl=64 time=0.058 ms
64 bytes from 192.168.11.11: icmp_seq=3 ttl=64 time=0.081 ms
64 bytes from 192.168.11.11: icmp_seq=4 ttl=64 time=0.060 ms
--- 192.168.11.11 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3000ms
rtt min/avg/max/mdev = 0.058/0.065/0.081/0.009 ms
# nslookup命令验证
nslookup 192.168.11.11
# 输出如下即解析成功
Server: 192.168.11.11
Address: 192.168.11.11#53
10.11.168.192.in-addr.arpa name = ftp.test1.com.
10.11.168.192.in-addr.arpa name = www.test1.com.
总结
以上所述是小编给大家介绍的Centos7搭建主从DNS服务器的教程,希望对大家有所帮助,如果大家有任何疑问请给我留言,小编会及时回复大家的。在此也非常感谢大家对脚本之家网站的支持!
如果你觉得本文对你有帮助,欢迎转载,烦请注明出处,谢谢!
咨 询 客 服