Shulou(Shulou.com)06/02 Report--

This blog will lead you to learn a small experiment in DNS domain name resolution service: DNS separation and resolution. Structure: introduction to environmental analysis specific experiments I. introduction

The DNS service can convert the domain name into the corresponding IP address, which is convenient for machine recognition.

So what is DNS separation and parsing?

In fact, the domain name server for separation and resolution is also the main domain name server. The separation resolution (Split DNS) here mainly refers to providing different domain name resolution records according to different clients.

II. Environmental analysis

Prepare a total of one Linux virtual server and install two network cards (as gateways). One is responsible for connecting the local area network and the other is responsible for connecting the wide area network, using two clients to simulate the resolution of the same domain name through the wide area network and through the local area network. The simulation of the environment is as follows:

III. Specific experiments

If you want to complete the separation analysis, you need

1. Set static IP addresses as gateways for two network cards respectively.

2. Build a complete DNS service on the server

The first is the installation of the DNS service

1. Enter: "yum install bind-y"

2. Set the server to host-only mode

The practice is as follows:

Next is the setting of the static IP

1. Enter: vim / etc/sysconfig/network-scripts/ifcfg-ens33 to enter the configuration of the first network card

2. Change dhcp to static

3. Press G to enter the last line and o to insert on the next line.

4. Enter: "IPADDR=192.168.100.1"

5. Enter "NETMASK=255.255.255.0"

6. Enter ": wq" to save exit

The specific operation is as follows:

Then comes the configuration of the second network card.

1. Enter:

Cp-p / etc/sysconfig/network-scripts/ifcfg-ens33 / etc/sysconfig/network-scripts/ifcfg-ens36

Copy the configuration information of the first network card with the directory and rename ens36

2. Enter vim / etc/sysconfig/network-scripts/ifcfg-ens36 to configure the second network card.

3. Enter ":% s/ens33/ens36/g" to replace all ens33 in the configuration file

4. Replace IPADDR in the configuration file with 12.0.0.1

5. Delete UUID and save exit

The specific operation is as follows:

Finally, restart the network service and verify the result

1. Enter "systemctl restart network" to restart the network service.

2. Enter "ifconfig" for verification

The specific operation is as follows:

The configuration of the static IP is complete, and what needs to be done on the Linux server is coming to an end. What needs to be done next is to set up the DNS domain name resolution service.

The first is to modify the global configuration file of DNS

1. Enter: "vim / etc/named.conf"

2. Change the IP address after "listen-on port 53" to "any"

3. Change the parentheses after "allow-query" to "any"

4. Enter ": wq" to save exit

Examples are as follows:

Then there is the modification of the zone profile.

1. Enter: "vim / etc/named.rfc1912.zones"

2. Enter manually: all the contents in the following figure

Example

Finally, there is the modification of the area data configuration file.

1. Enter: "cp-p / var/named/named.localhost / var/named/named.kgc.lan" copy the template file to the same directory and rename it to "named.kgc.lan"-- the network card connected to the local area network.

2. Enter "vim / var/named/named.kgc.lan" to modify

3. Modify the address after the A record: "192.168.100.1"

4. Add two parses: "www IN A 192.168.100.88" and "smtp IN A 192.168.100.99"

5. Enter ": wq" to save exit

Examples are as follows:

The next step is to set up the second connecting WAN card.

1. Enter: "cp-p / var/named/named.kgc.lan / var/named/named.kgc.wan" to copy the configuration file and rename it to "named.kgc.wan"

2. Enter "vim / var/named/named.kgc.wan" to edit the data configuration file.

3. Modify the A record: "A 12.0.0.1"

4. Modify the original domain name corresponding address to "12.0.0.1"

Examples are as follows:

The last thing to do on Linux is to turn the service on and turn off the firewall.

1. Enter "systemctl start named" to start the DNS service.

2. Enter "systemctl stop firewall" to turn off the firewall

3. Enter "setenforce 0" to disable the enhanced security function.

Example:

After completing all the settings on the Linux server, let's go to the PC client and set a fixed IP for it.

First, enter the Win10 client that connects to the local area network

1. Open the Network and Settings Center

2. Choose to change the adapter settings

3. Specify a fixed IP (192.168.100.100) and gateway (192.168.100.1) for the client

Examples are as follows:

Domain name resolution by users in simulated local area network

1. Enter "nslookup www.kgc.com" to parse

Example:

Second, enter the Win7 client that connects to the WAN

1. Open the Network and Settings Center

2. Choose to change the adapter settings

3. Specify a fixed IP (12.0.0.12) and gateway (12.0.0.1) for the client

Examples are as follows:

Simulate WAN users to resolve domain names (the same domain name will resolve different IP addresses)

1. Enter "nslookup www.kgc.com" to parse

Example:

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.