dns的正向解析,反向解析,多项解析,主从配置
目录
Dns的解析过程
dns的安装和启用
搭建高速缓存
正向解析
CNAME 记录
MX邮件
反向解析
主从dns服务器
解决主从同步问题
多项解析方案
Dns的解析过程
当用户在浏览器输入一个域名时,浏览器首先会本地解析文件是否有该域名对应的IP地址。如果没有,就会在本地的dns服务器里面进行查找,然后它首先是询问根域名服务器.com是谁,然后再去询问com域名服务器,然后com域名服务器会返回它的服务器的地址,然后它再去询问负责该域名的权威DNS服务器返回它的IP,然后DNS就得到了它的地址,就将它的响应报文发给客户端了。
nslookup 用来做域名解析
dns的安装和启用
查询dns的安装包
[root@server100 ~]# dnf search dns安装dns
[root@server100 ~]# yum install bind.x86_64 -y查看启动文件
[root@server100 ~]# rpm -ql bind启动
[root@server100 ~]# systemctl enable --now named.service
Created symlink /etc/systemd/system/multi-user.target.wants/named.service → /usr/lib/systemd/system/named.service.查看端口
[root@server100 ~]# netstat -natlupe | grep named更改配置文件,开启端口,设定对外提供服务
[root@server100 ~]# vim /etc/named.conf
listen-on port 53 { any; };
allow-query { any; };
[root@server100 ~]# systemctl restart named搭建高速缓存
编辑vim /etc/named.conf
添加
allow-query { any; };forwarders {114.114.114.114; };
正向解析
[root@server100 ~]# vim /etc/resolv.conf
# Generated by NetworkManager
search timinglee.org
nameserver 172.25.254.100
[root@server100 ~]# vim /etc/named.rfc1912.zones
zone "timinglee.org" IN {type master;file "timinglee.org.zone";allow-update { none; };
};
zone "1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN
[root@server100 ~]# cp -p /var/named/named.localhost /var/named/timinglee.org.zone
[root@server100 ~]# vim /var/named/timinglee.org.zone
$TTL 1D
@ IN SOA dns.timinglee.org. admin.timinglee.org. (0 ; serial1D ; refresh1H ; retry1W ; expire3H ) ; minimumNS dns.timinglee.org.
dns A 172.25.254.100
www A 172.25.254.200
~
[root@server100 ~]# dig www.timinglee.org
; <<>> DiG 9.16.23-RH <<>> www.timinglee.org
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 60355
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
; COOKIE: 87834bc533fa46fe01000000683d5a5f3862458a99750e86 (good)
;; QUESTION SECTION:
;www.timinglee.org. IN A
;; ANSWER SECTION:
www.timinglee.org. 86400 IN A 172.25.254.200
;; Query time: 0 msec
;; SERVER: 172.25.254.100#53(172.25.254.100)
;; WHEN: Mon Jun 02 16:01:35 CST 2025
;; MSG SIZE rcvd: 90CNAME 记录
[root@server100 ~]# vim /var/named/timinglee.org.zone
$TTL 1D
@ IN SOA dns.timinglee.org. admin.timinglee.org. (0 ; serial1D ; refresh1H ; retry1W ; expire3H ) ; minimumNS dns.timinglee.org.
dns A 172.25.254.100
www CNAME lee.a.timinglee.org.
lee.a A 172.25.254.100
lee.a A 172.25.254.200
[root@server100 ~]# systemctl restart named
[root@server100 ~]# dig www.timinglee.org
; <<>> DiG 9.16.23-RH <<>> www.timinglee.org
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 1766
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
; COOKIE: b64cabc34910ef5501000000683d5b65ef336c09be70f6c7 (good)
;; QUESTION SECTION:
;www.timinglee.org. IN A
;; ANSWER SECTION:
www.timinglee.org. 86400 IN CNAME lee.a.timinglee.org.
lee.a.timinglee.org. 86400 IN A 172.25.254.200
lee.a.timinglee.org. 86400 IN A 172.25.254.100
;; Query time: 1 msec
;; SERVER: 172.25.254.100#53(172.25.254.100)
;; WHEN: Mon Jun 02 16:05:57 CST 2025
;; MSG SIZE rcvd: 139
MX邮件
[root@server100 ~]# vim /var/named/timinglee.org.zone
$TTL 1D
@ IN SOA dns.timinglee.org. admin.timinglee.org. (0 ; serial1D ; refresh1H ; retry1W ; expire3H ) ; minimumNS dns.timinglee.org.
dns A 172.25.254.100
www CNAME lee.a.timinglee.org.
lee.a A 172.25.254.100
lee.a A 172.25.254.200
timinglee.org. MX 3 172.25.254.100.
~
[root@server100 ~]# systemctl restart named
[root@server100 ~]# dig -t MX timinglee.org
; <<>> DiG 9.16.23-RH <<>> -t MX timinglee.org
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 20793
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
; COOKIE: 381e8d185f0e642001000000683d5ce756fff8feb3a34157 (good)
;; QUESTION SECTION:
;timinglee.org. IN MX
;; ANSWER SECTION:
timinglee.org. 86400 IN MX 3 172.25.254.100.
;; Query time: 1 msec
;; SERVER: 172.25.254.100#53(172.25.254.100)
;; WHEN: Mon Jun 02 16:12:23 CST 2025
;; MSG SIZE rcvd: 100
反向解析
[root@server100 ~]# vim /etc/named.rfc1912.zones
zone "254.25.172.in-addr.arpa" IN {type master;file "172.25.254.ptr";allow-update { none; };
};
zone "0.in-addr.arpa" IN {type master;
[root@server100 ~]# cp -p /var/named/named.loopback /var/named/172.25.254.ptr
[root@server100 ~]# vim /var/named/172.25.254.ptr
$TTL 1D
@ IN SOA dns.timinglee.org. admin.timinglee.org. (0 ; serial1D ; refresh1H ; retry1W ; expire3H ) ; minimumNS dns.timinglee.org.
dns A 172.25.254.100
100 PTR mail.timinglee.org.
[root@server100 ~]# systemctl restart named
[root@server100 ~]# dig -x 172.25.254.100
; <<>> DiG 9.16.23-RH <<>> -x 172.25.254.100
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 18959
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
; COOKIE: 320e5fce9480815c01000000683d60eea586ffa7e086b847 (good)
;; QUESTION SECTION:
;100.254.25.172.in-addr.arpa. IN PTR
;; ANSWER SECTION:
100.254.25.172.in-addr.arpa. 86400 IN PTR mail.timinglee.org.
;; Query time: 0 msec
;; SERVER: 172.25.254.100#53(172.25.254.100)
;; WHEN: Mon Jun 02 16:29:34 CST 2025
;; MSG SIZE rcvd: 116主从dns服务器
主dns在上面已经配置完成了,现在只需要配置从dns
主:172.25.254.100
从:172.25.254.200
下载dns
[root@server200 ~]# yum install bind -y修改配置文件
[root@server200 ~]# vim /etc/named.conf
listen-on port 53 { any; };
allow-query { any; };
dnssec-validation no;
[root@server200 ~]# vim /etc/named.rfc1912.zones
zone "timinglee.org" IN {type slave;masters {172.25.254.100;};file "slaves/timinglee.org.zone";
};
zone "1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN
[root@server200 ~]# systemctl restart named
[root@server200 ~]# ll /var/named/slaves/
总用量 4
-rw-r--r-- 1 named named 392 6月 2 16:42 timinglee.org.zone
[root@server200 ~]# dig www.timinglee.org @172.25.254.200
; <<>> DiG 9.16.23-RH <<>> www.timinglee.org @172.25.254.200
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 58628
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
; COOKIE: 863d6ff42fc260f201000000683d643d434ec6c3e695af9f (good)
;; QUESTION SECTION:
;www.timinglee.org. IN A
;; ANSWER SECTION:
www.timinglee.org. 86400 IN CNAME lee.a.timinglee.org.
lee.a.timinglee.org. 86400 IN A 172.25.254.100
lee.a.timinglee.org. 86400 IN A 172.25.254.200
;; Query time: 2 msec
;; SERVER: 172.25.254.200#53(172.25.254.200)
;; WHEN: Mon Jun 02 16:43:41 CST 2025
;; MSG SIZE rcvd: 139主从中的数据要保持一致
解决主从同步问题
首先在主的里面修改
[root@server100 ~]# vim /etc/named.rfc1912.zones
zone "timinglee.org" IN {type master;file "timinglee.org.zone";allow-update { none; };also-notify { 172.25.254.200; };
};
[root@server100 ~]# vim /var/named/timinglee.org.zone
修改
20250501 ; serial
[root@server100 ~]# systemctl restart named测试
主里面修改
[root@server100 ~]# vim /var/named/timinglee.org.zone
lee.a A 172.25.254.10
lee.a A 172.25.254.20
[root@server100 ~]# vim /var/named/timinglee.org.zone
修改
20250502 ; serial
[root@server100 ~]# systemctl restart named从
[root@server200 ~]# dig -t A www.timinglee.org @172.25.254.200
; <<>> DiG 9.16.23-RH <<>> -t A www.timinglee.org @172.25.254.200
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 58459
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
; COOKIE: 407f17baba57391901000000683d68d0f2c8e380458abc66 (good)
;; QUESTION SECTION:
;www.timinglee.org. IN A
;; ANSWER SECTION:
www.timinglee.org. 86400 IN CNAME lee.a.timinglee.org.
lee.a.timinglee.org. 86400 IN A 172.25.254.10
lee.a.timinglee.org. 86400 IN A 172.25.254.20
;; Query time: 1 msec
;; SERVER: 172.25.254.200#53(172.25.254.200)
;; WHEN: Mon Jun 02 17:03:12 CST 2025
;; MSG SIZE rcvd: 139多项解析方案
配置环境
[root@server100 ~]# vim /etc/NetworkManager/system-connections/eth0.nmconnection
[ipv4]
address1=172.25.254.100/24,172.25.254.2
address2=192.168.0.100/24
[root@server100 ~]# nmcli connection reload
[root@server100 ~]# nmcli connection show
NAME UUID TYPE DEVICE
eth0 7ba00b1d-8cdd-30da-91ad-bb83ed4f7474 ethernet eth0
[root@server100 ~]# nmcli connection up eth0
连接已成功激活(D-Bus 活动路径:/org/freedesktop/NetworkManager/ActiveConnection/2)
[root@server100 ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00inet 127.0.0.1/8 scope host lovalid_lft forever preferred_lft foreverinet6 ::1/128 scope hostvalid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000link/ether 00:0c:29:6e:46:19 brd ff:ff:ff:ff:ff:ffaltname enp3s0altname ens160inet 172.25.254.100/24 brd 172.25.254.255 scope global noprefixroute eth0valid_lft forever preferred_lft foreverinet 192.168.0.100/24 brd 192.168.0.255 scope global noprefixroute eth0valid_lft forever preferred_lft foreverinet6 fe80::b057:3e6a:806f:f0e7/64 scope link noprefixroutevalid_lft forever preferred_lft forever
[root@server100 ~]# cp -p /var/named/timinglee.org.zone /var/named/timinglee.org.inter
[root@server100 ~]# vim /var/named/timinglee.org.inter
$TTL 1D
@ IN SOA dns.timinglee.org. admin.timinglee.org. (20250502 ; serial1D ; refresh1H ; retry1W ; expire3H ) ; minimumNS dns.timinglee.org.
dns A 192.168.0.100
www CNAME lee.a.timinglee.org.
lee.a A 192.168.0.10
lee.a A 192.168.0.20
timinglee.org. MX 3 192.168.0.100.
[root@server100 ~]# cp -p /etc/named.rfc1912.zones /etc/named.rfc1912.inter
[root@server100 ~]# vim /etc/named.rfc1912.inter
zone "timinglee.org" IN {type master;file "timinglee.org.inter";allow-update { none; };also-notify { 172.25.254.200; };
};
[root@server200 ~]# vim /etc/named.conf
/*
zone "." IN {type hint;file "named.ca";
};
include "/etc/named.rfc1912.zones";
*/
view localnet {match-clients { 172.25.254.0/24; };zone "." IN {type hint;file "named.ca";};include "/etc/named.rfc1912.zones";
};
view inter {match-clients { any; };zone "." IN {type hint;file "named.ca";};include "/etc/named.rfc1912.inter";
};
[root@server100 ~]# systemctl restart named测试
[root@server100 ~]# dig -t A www.timinglee.org @172.25.254.100
; <<>> DiG 9.16.23-RH <<>> -t A www.timinglee.org @172.25.254.100
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 35579
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
; COOKIE: b3b3772fc58159c501000000683d72c03e0c124f4d58cd11 (good)
;; QUESTION SECTION:
;www.timinglee.org. IN A
;; ANSWER SECTION:
www.timinglee.org. 86400 IN CNAME lee.a.timinglee.org.
lee.a.timinglee.org. 86400 IN A 172.25.254.10
lee.a.timinglee.org. 86400 IN A 172.25.254.20
;; Query time: 1 msec
;; SERVER: 172.25.254.100#53(172.25.254.100)
;; WHEN: Mon Jun 02 17:45:36 CST 2025
;; MSG SIZE rcvd: 139
[root@server100 ~]# dig -t A www.timinglee.org @192.168.0.100
; <<>> DiG 9.16.23-RH <<>> -t A www.timinglee.org @192.168.0.100
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 15931
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
; COOKIE: bfe87bf5daa0619c01000000683d72c8e87368676e102796 (good)
;; QUESTION SECTION:
;www.timinglee.org. IN A
;; ANSWER SECTION:
www.timinglee.org. 86400 IN CNAME lee.a.timinglee.org.
lee.a.timinglee.org. 86400 IN A 192.168.0.20
lee.a.timinglee.org. 86400 IN A 192.168.0.10
;; Query time: 1 msec
;; SERVER: 192.168.0.100#53(192.168.0.100)
;; WHEN: Mon Jun 02 17:45:44 CST 2025
;; MSG SIZE rcvd: 139