In addition to Weibo, there is also WeChat
Please pay attention
WeChat public account
Shulou
2025-03-29 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Servers >
Share
Shulou(Shulou.com)06/03 Report--
1.基本配置
systemctl stop firewalld.service
systemctl disable firewalld.service
setenforce 0
nmcli connection add con-name in ifname ens33 ipv4.addresses 192.168.1.10/24 type ethernet ipv4.method manual(内网网卡)
nmcli connection add con-name out ifname ens38 ipv4.addresses 192.168.2.10/24 type ethernet ipv4.method manual(外网网卡)
2.配置简单dns服务器
yum install -y bind bind-utils
2.1修改主配置文件
vim /etc/named.conf(修改该文件)
listen-on port 53 { any; };
allow-query { any; };
zone "fengxiaoli41.com" IN {
type master;
file "fengxiaoli41.com.lan";
allow-update {none;};
};
zone "1.168.192.in-addr.arpa" IN {
type master;
file "1.168.192.lan";
allow-update {none;};
};
2.2编辑正解区域
cd /var/named/
cp named.localhost fengxiaoli41.com.lan
vim fengxiaoli41.com.lan
$TTL 665
@IN SOAfengxiaoli41.com. 123@qq.com (
2017062900; serial
3600; refresh
1800; retry
604800; expire
665 ); minimum
@IN NSfengxiaoli41.com.
fengxiaoli41.com. IN A 192.168.1.10
www.fengxiaoli41.com. IN CNAME fengxiaoli41.com.
client.fengxiaoli41.com. IN A 192.168.1.200
@ IN NS slave.fengxiaoli41.com.
slave.fengxiaoli41.com. IN A 192.168.1.100
2.3编辑反解区域
cp fengxiaoli41.com.lan 1.168.192.lan
vim 1.168.192.lan
$TTL 665
@IN SOAfengxiaoli41.com. 123@qq.com (
2017062900; serial
3600; refresh
1800; retry
604800; expire
665 ); minimum
@IN NSfengxiaoli41.com.
10 IN PTR fengxiaoli41.com.
200 IN PTR client.fengxiaoli.com.
100 IN PTR slave.fengxiaoli.com.
chown named:named fengxiaoli41.com.lan
chown named:named 1.168.192.lan
2.4重启服务并测试
systemctl restart named
systemctl status named
dig fengxiaoli41.com
3.配置chroot环境
yum install -y bind-chroot
/usr/libexec/setup-named-chroot.sh /var/named/chroot/ on
systemctl stop named.service
systemctl disabled named
systemctl enable named-chroot.service
systemctl start named-chroot
dig fengxiaoli41.com
如果dns只为内网提供解析到此可以结束。
4.配置分离解析的dns(与2,3步独立)
4.1修改主配置文件
vim /etc/named.conf
listen-on port 53 { any; };
allow-query { any; };
acl in {192.168.1.0/24;};
acl out { ! 192.168.1.0/24; any;};
view "internal"{
match-clients { in; localhost;};
zone "." IN {
type hint;
file "named.ca";
};
zone "fengxiaoli41.com" IN {
type master;
file "fengxiaoli41.com.lan";
allow-update {none;};
};
zone "1.168.192.in-addr.arpa" IN {
type master;
file "1.168.192.lan";
allow-update {none;};
};
include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";
};
注意所有区域都要包含在view里
view "external"{
match-clients {out;};
zone "." IN {
type hint;
file "named.ca";
};
zone "fengxiaoli41.com" IN {
type master;
file "fengxiaoli41.com.wan";
allow-update {none;};
};
zone "2.168.192.in-addr.arpa" IN {
type master;
file "2.168.192.wan";
allow-update {none;};
};
};
cd /var/named/chroot/var/named/
4.2编辑内网正解反解区域
vim fengxiaoli41.com.lan
$TTL 665
@IN SOAfengxiaoli41.com. 123@qq.com (
2017062900; serial
3600; refresh
1800; retry
604800; expire
665 ); minimum
@IN NSfengxiaoli41.com.
fengxiaoli41.com. IN A 192.168.1.10
www.fengxiaoli41.com. IN CNAME fengxiaoli41.com.
client.fengxiaoli41.com. IN A 192.168.1.200
@ IN NS slave.fengxiaoli41.com.
slave.fengxiaoli41.com. IN A 192.168.1.100
vim 1.168.192.lan
$TTL 665
@IN SOAfengxiaoli41.com. 123@qq.com (
2017062900; serial
3600; refresh
1800; retry
604800; expire
665 ); minimum
@IN NSfengxiaoli41.com.
10 IN PTR fengxiaoli41.com.
200 IN PTR client.fengxiaoli.com.
100 IN PTR slave.fengxiaoli.com.
4.3编辑外围正解反解区域
vim fengxiaoli41.com.wan
$TTL 665
@IN SOAfengxiaoli41.com. 123@qq.com (
2017062900; serial
3600; refresh
1800; retry
604800; expire
665 ); minimum
@IN NSfengxiaoli41.com.
fengxiaoli41.com. IN A 192.168.2.10
vim 2.168.192.wan
$TTL 665
@IN SOAfengxiaoli41.com. 123@qq.com (
2017062900; serial
3600; refresh
1800; retry
604800; expire
665 ); minimum
@IN NSfengxiaoli41.com.
10IN PTR fengxiaoli41.com.
4.4设置权限重启服务
chown named:named -R /var/named/chroot/var/named/*
systemctl restart named-chroot
5.主从服务器配置(在2或者4的基础上配置)
5.1主服务器配置
vim /etc/named.conf
allow-transfer { 192.168.1.0/24;};
cd /var/named/chroot/var/named/
vim fengxiaoli41.com.lan
@ IN NS slave.fengxiaoli41.com.
slave.fengxiaoli41.com. IN A 192.168.1.100
vim 1.168.192.lan
100 IN PTR slave.fengxiaoli.com.
5.2从服务器配置(注意firewalld和selinux)
nmcli connection add con-name in ifname ens33 ipv4.addresses 192.168.1.100/24 type ethernet ipv4.method manual
yum install -y bind-utils bind
vim /etc/named.conf
listen-on port 53 { any; };
allow-query { any; };
zone "fengxiaoli41.com" IN {
type slave;
masters { 192.168.1.10; };
file "slaves/fengxiaoli.com.lan";
};
zone "1.168.192.in-addr.arpa" IN {
type slave;
masters { 192.168.1.10; };
file "slaves/1.168.192.lan";
};
systemctl restart named
ll /var/named/slaves/
Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.
Views: 0
*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.
Continue with the installation of the previous hadoop.First, install zookooper1. Decompress zookoope
"Every 5-10 years, there's a rare product, a really special, very unusual product that's the most un
© 2024 shulou.com SLNews company. All rights reserved.
12
Report
