当前位置：首页 > news >正文

DNS练习

news 2025/11/16 5:25:26

练习内容：配置dns主从服务，要求从服务器能够定时从主服务器同步数据。

主服务器： 192.168.92.132

从服务器： 192.168.92.133

基础配置软件安装以及网卡设置，以下为从服务器代码。

[root@localhost ~]# setenforce 0
[root@localhost ~]# systemctl stop firewalld.service 
[root@localhost ~]# mount /dev/sr0 /mnt
mount: /mnt: WARNING: source write-protected, mounted read-only.
[root@localhost ~]# dnf install -y bind
Updating Subscription Management repositories.
Unable to read consumer identityThis system is not registered with an entitlement server. You can use "rhc" or "subscription-manager" to register.BaseOS                                                                          2.7 MB/s | 2.7 kB     00:00    
App                                                                             3.1 MB/s | 3.2 kB     00:00    
Dependencies resolved.
================================================================================================================Package                       Architecture       Version                           Repository             Size
================================================================================================================
Installing:bind                          x86_64             32:9.16.23-24.el9_5               AppStream             509 k
Installing dependencies:bind-dnssec-doc               noarch             32:9.16.23-24.el9_5               AppStream              49 kpython3-bind                  noarch             32:9.16.23-24.el9_5               AppStream              72 kpython3-ply                   noarch             3.11-14.el9                       BaseOS                111 k
Installing weak dependencies:bind-dnssec-utils             x86_64             32:9.16.23-24.el9_5               AppStream             122 kTransaction Summary
================================================================================================================
Install  5 PackagesTotal size: 862 k
Installed size: 2.5 M
Downloading Packages:
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transactionPreparing        :                                                                                        1/1 Installing       : bind-dnssec-doc-32:9.16.23-24.el9_5.noarch                                             1/5 Installing       : python3-ply-3.11-14.el9.noarch                                                         2/5 Installing       : python3-bind-32:9.16.23-24.el9_5.noarch                                                3/5 Installing       : bind-dnssec-utils-32:9.16.23-24.el9_5.x86_64                                           4/5 Running scriptlet: bind-32:9.16.23-24.el9_5.x86_64                                                        5/5 Installing       : bind-32:9.16.23-24.el9_5.x86_64                                                        5/5 Running scriptlet: bind-32:9.16.23-24.el9_5.x86_64                                                        5/5 Verifying        : python3-ply-3.11-14.el9.noarch                                                         1/5 Verifying        : bind-32:9.16.23-24.el9_5.x86_64                                                        2/5 Verifying        : bind-dnssec-doc-32:9.16.23-24.el9_5.noarch                                             3/5 Verifying        : bind-dnssec-utils-32:9.16.23-24.el9_5.x86_64                                           4/5 Verifying        : python3-bind-32:9.16.23-24.el9_5.noarch                                                5/5 
Installed products updated.Installed:bind-32:9.16.23-24.el9_5.x86_64                         bind-dnssec-doc-32:9.16.23-24.el9_5.noarch           bind-dnssec-utils-32:9.16.23-24.el9_5.x86_64            python3-bind-32:9.16.23-24.el9_5.noarch              python3-ply-3.11-14.el9.noarch                         Complete!
[root@localhost ~]# nmcli connection modify ens160 ipv4.method manual ipv4.addresses 192.168.92.133/24 ipv4.gateway 192.168.92.2 ipv4.dns 192.168.92.133
[root@localhost ~]# nmcli c reload 
[root@localhost ~]# nmcli c up ens160 
Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/3)

编辑主服务器配置，从服务器同理

[root@alpha ~]# vim /etc/named.conf options {listen-on port 53 { any; };listen-on-v6 port 53 { ::1; };directory       "/var/named";dump-file       "/var/named/data/cache_dump.db";statistics-file "/var/named/data/named_stats.txt";memstatistics-file "/var/named/data/named_mem_stats.txt";secroots-file   "/var/named/data/named.secroots";recursing-file  "/var/named/data/named.recursing";allow-query     { any; };

[root@alpha ~]# vim /etc/named.rfc1912.zoneszone "openlab.com" IN {type master;file "openlab.com.zone";allow-transfer { 192.168.92.133; };
};
zone "92.168.192.in-addr.arpa" IN {type master;file "192.168.92.arpa";allow-transfer { 192.168.92.133; };
};

主服务端正反向解析

[root@alpha ~]# cd /var/named
[root@alpha named]# cp -a named.localhost openlab.com.zone
[root@alpha named]# vim openlab.com.zone 
$TTL 1D
@       IN SOA  ns.openlab.com. admin.openlab.com. (0       ; serial1D      ; refresh1H      ; retry1W      ; expire3H )    ; minimumNS      ns.openlab.com.NS      slave.openlab.com.
ns      IN      A       192.168.92.132
www     IN      A       192.168.92.132
bbs     IN      A       192.168.92.132
ftp     IN      CNAME   www
slave   IN      A       192.168.92.133

[root@alpha named]# cp -a named.loopback 192.168.92.arpa
[root@alpha named]# vim /var/named/192.168.92.arpa 
$TTL 1D
@       IN SOA  ns.openlab.com admin.openlab.com. (0       ; serial1D      ; refresh1H      ; retry1W      ; expire3H )    ; minimumNS      ns.openlab.com.NS      slave.openlab.com.
130     IN      PTR     ns.openlab.com.
130     IN      PTR     www.openlab.com.
130     IN      PTR     bbs.openlab.com.
130     IN      PTR     ftp.openlab.com.
131     IN      PTR     slave.openlab.com.

结果测试