安裝bind、caching-nameserver(RHEL6預設未自帶caching-nameserver,可忽略依賴關系直接安裝RHEL5中的軟體包)
1
2
3
4
5
6
7
<code>[root@rhel6 ~]</code><code># yum -y install bind</code>
<code>[root@rhel6 ~]</code><code># rpm -ivh --nodeps --force caching-nameserver-9.3.6-4.P1.el5_4.2.x86_64.rpm</code>
<code>warning: caching-nameserver-9.3.6-4.P1.el5_4.2.x86_64.rpm: Header V3 DSA</code><code>/SHA1</code> <code>Signature, key ID 37017186: NOKEY</code>
<code>Preparing... </code><code>########################################### [100%]</code>
<code> </code><code>1:caching-nameserver </code><code>########################################### [100%]</code>
<code>[root@rhel6 ~]</code><code># mv /etc/named* /var/named/chroot/etc/</code>
<code>[root@rhel6 ~]</code><code># mv /var/named/* /var/named/chroot/var/named/</code>
配置master DNS主配置檔案
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
<code>[root@rhel6 ~]</code><code># vim /var/named/chroot/etc/named.conf</code>
<code>options { </code><code>//</code><code>定義一些影響整個DNS伺服器的環境設定</code>
<code> </code><code>listen-on port 53{ 192.168.0.90; };</code>
<code> </code><code>listen-on-v6 port 53 { ::1; };</code>
<code> </code><code>directory </code><code>"/var/named"</code><code>; </code><code>//</code><code>定義伺服器的工作目錄</code>
<code> </code><code>dump-</code><code>file</code> <code>"/var/named/data/cache_dump.db"</code><code>;</code>
<code> </code><code>statistics-</code><code>file</code> <code>"</code><code>/var/named/data/named_stats</code><code>.txt;</code>
<code> </code><code>memstatistics-</code><code>file</code> <code>"/var/named/data/named_mem_stats.txt"</code><code>;</code>
<code> </code><code>allow-query { 192.168.0.0</code><code>/24</code><code>; };</code>
<code> </code><code>allow-transfer { 192.168.0.0</code><code>/24</code><code>; }; </code><code>//</code><code>定義允許傳輸的輔助DNS伺服器位址</code>
<code>};</code>
<code>logging {</code>
<code> </code><code>channel default_debug {</code>
<code> </code><code>file</code> <code>"data/named.run"</code><code>;</code>
<code> </code><code>severity dynamic;</code>
<code> </code><code>};</code>
<code>#include "/etc/named.rfc1912.zones";</code>
<code>zone </code><code>"."</code> <code>IN {</code>
<code> </code><code>type</code> <code>hint; </code><code>//</code><code>定義網際網路中的根域名伺服器</code>
<code> </code><code>file</code> <code>"named.ca"</code><code>;</code>
<code>zone </code><code>"xfcy.org"</code> <code>IN { </code><code>//</code><code>建立正向解析區域</code>
<code> </code><code>type</code> <code>master; </code><code>//</code><code>定義主域名伺服器</code>
<code> </code><code>file</code> <code>"xfcy.org.zone"</code><code>;</code>
<code>zone </code><code>"0.168.192.in-addr.arpa"</code> <code>IN { </code><code>//</code><code>建立反向解析區域</code>
<code> </code><code>type</code> <code>master;</code>
<code> </code><code>file</code> <code>"192.168.0.zone"</code><code>;</code>
建立正反向解析域:
<code>[root@rhel6 ~]</code><code># vim /var/named/chroot/var/named/xfcy.org.zone</code>
<code>$TTL 86400 </code><code>//</code><code>設定用戶端對DNS緩存1天的時間</code>
<code>@ IN SOA dns.xfcy.org. root.dns.xfcy.org.( </code><code>//</code><code>@指目前的區域(即xfcy.org.zone),DNS伺服器的域名、管理者郵箱</code>
<code> </code><code>2013051700 ;Serial </code><code>//</code><code>序列号(主要用于主從DNS的同步)</code>
<code> </code><code>28800 ;Refresh</code>
<code> </code><code>14400 ;Retry</code>
<code> </code><code>3600000 ;Expire</code>
<code> </code><code>86400 ) ;Minimum</code>
<code>@ IN NS dns.xfcy.org. </code><code>//</code><code>設定DNS伺服器的域名</code>
<code>dns.xfcy.org. IN A 192.168.0.90 </code><code>//</code><code>設定A(Address)記錄,用于設定主機名對應的IP位址</code>
<code>@ IN MX 5 mail.xfcy.org. </code><code>//</code><code>設定郵件交換器資源記錄,用于設定目前域中提供的Mail Server</code>
<code>mail IN CNAME dns.xfcy.org. </code><code>//</code><code>設定CNAME記錄,用于在區域檔案中主機的别名</code>
<code>www IN A 192.168.0.90</code>
<code>[root@rhel6 ~]</code><code># vim /var/named/chroot/var/named/192.168.0.zone</code>
<code>$TTL 86400</code>
<code>@ IN SOA 0.168.192.</code><code>in</code><code>-addr.arpa. root.dns.xfcy.org.(</code>
<code> </code><code>2013051700 ;Serial</code>
<code> </code><code>3600000 ;Expire</code>
<code>@ IN NS dns.xfcy.org.</code>
<code>90 IN PTR dns.xfcy.org.</code>
<code>@ IN MX 5 mail.xfcy.org.</code>
<code>90 IN PTR mail.xfcy.org.</code>
<code>90 IN PTR www.xfcy.org.</code>
<code>[root@rhel6 ~]</code><code># ln -s /var/named/chroot/etc/named.conf /etc/</code>
<code>[root@rhel6 ~]</code><code># ln -s /var/named/chroot/var/named/xfcy.org.zone /var/named/</code>
<code>[root@rhel6 ~]</code><code># ln -s /var/named/chroot/etc/192.168.1.org.zone /var/named/</code>
<code>[root@rhel6 ~]</code><code># ln -s /var/named/chroot/var/named/named.ca /var/named/</code>
<code>[root@rhel6 ~]</code><code># chown -R root:named /var/named/chroot/</code>
<code>檢查區域檔案</code>
<code>[root@rhel6 ~]</code><code># named-checkconf /etc/named.conf</code>
<code>[root@rhel6 ~]</code><code># named-checkzone xfcy.org /var/named/xfcy.org.zone</code>
<code>zone xfcy.org</code><code>/IN</code><code>: xfcy.org</code><code>/MX</code> <code>'mail.xfcy.org'</code> <code>is a CNAME (illegal)</code>
<code>zone xfcy.org</code><code>/IN</code><code>: loaded serial 2013051700</code>
<code>OK</code>
<code>[root@rhel6 ~]</code><code># named-checkzone 192.168.0 /var/named/192.168.0.zone</code>
<code>zone 192.168.0</code><code>/IN</code><code>: 192.168.0</code><code>/MX</code> <code>'mail.xfcy.org'</code> <code>(out of zone) has no addresses records (A or AAAA)</code>
<code>zone 192.168.0</code><code>/IN</code><code>: loaded serial 2013051700</code>
<code>[root@rhel6 ~]</code><code># /etc/init.d/named start</code>
<code>[root@rhel6 ~]</code><code># netstat -lntp | grep named</code>
<code>tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN 10490</code><code>/named</code>
<code>tcp 0 0 ::1:53 :::* LISTEN 10490</code><code>/named</code>
<code>[root@rhel6 ~]</code><code># dig mail.xfcy.org @localhost</code>
<code>; <<>> DiG 9.7.3-P3-RedHat-9.7.3-8.P3.el6 <<>> mail.xfcy.org @localhost</code>
<code>;; global options: +cmd</code>
<code>;; Got answer:</code>
<code>;; ->>HEADER<<- opcode: QUERY, status: REFUSED, </code><code>id</code><code>: 3225</code>
<code>;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0</code>
<code>;; WARNING: recursion requested but not available</code>
<code>;; QUESTION SECTION:</code>
<code>;mail.xfcy.org. IN A</code>
<code>;; Query </code><code>time</code><code>: 1 msec</code>
<code>;; SERVER: 127.0.0.1</code><code>#53(127.0.0.1)</code>
<code>;; WHEN: Fri May 17 23:07:58 2013</code>
<code>;; MSG SIZE rcvd: 31</code>
配置輔助域名伺服器:
首先同樣安裝好bind和caching-nameserver
配置Slave DNS主配置檔案
<code>[root@rhel6-2 ~]</code><code># vi /var/named/chroot/etc/named.conf</code>
<code>options {</code>
<code> </code><code>listen-on port 53 { 192.168.0.91; };</code>
<code> </code><code>directory </code><code>"/var/named"</code><code>;</code>
<code> </code><code>dump-</code><code>file</code> <code>"/var/named/data/cache_dump.db"</code><code>;</code>
<code> </code><code>statistics-</code><code>file</code> <code>"/var/named/data/named_stats.txt"</code><code>;</code>
<code> </code><code>memstatistics-</code><code>file</code> <code>"/var/named/data/named_mem_stats.txt"</code><code>;</code>
<code> </code><code>allow-query { 192.168.0.0</code><code>/24</code><code>; };</code>
<code> </code><code>allow-query-cache { 192.168.0.0</code><code>/24</code><code>; };</code>
<code> </code><code>type</code> <code>hint;</code>
<code> </code><code>file</code> <code>"named.ca"</code><code>;</code>
<code>zone </code><code>"xfcy.org"</code> <code>IN {</code>
<code> </code><code>type</code> <code>slave;</code>
<code> </code><code>file</code> <code>"slaves/xfcy.org.zone"</code><code>;</code>
<code> </code><code>masters { 192.168.0.90; };</code>
<code>zone </code><code>"0.168.192.in-addr.arpa"</code> <code>IN {</code>
<code> </code><code>file</code> <code>"slaves/192.168.0.zone"</code><code>;</code>
啟動Slave DNS,将自動從主DNS伺服器中傳輸區域配置檔案,并在每隔Refresh Time之後自動與主DNS進行更新,同時主DNS每修改一次區域配置檔案必須增加Series的值:
31
<code>[root@rhel6-2 ~]</code><code># ls /var/named/chroot/var/named/slaves</code>
<code>[root@rhel6-2 ~]</code><code># /etc/init.d/named start</code>
<code>[root@rhel6-2 ~]</code><code># tailf /var/log/messages</code>
<code>May 17 23:53:12 rhel6-2 named[2991]: zone 0.168.192.</code><code>in</code><code>-addr.arpa</code><code>/IN</code><code>: Transfer started.</code>
<code>May 17 23:53:12 rhel6-2 named[2991]: transfer of </code><code>'0.168.192.in-addr.arpa/IN'</code> <code>from 192.168.0.90</code><code>#53: connected using 192.168.0.91#58501</code>
<code>May 17 23:53:12 rhel6-2 named[2991]: zone 0.168.192.</code><code>in</code><code>-addr.arpa</code><code>/IN</code><code>: transferred serial 2013051701</code>
<code>May 17 23:53:12 rhel6-2 named[2991]: transfer of </code><code>'0.168.192.in-addr.arpa/IN'</code> <code>from 192.168.0.90</code><code>#53: Transfer completed: 1 messages, 7 records, 213 bytes, 0.001 secs (213000 bytes/sec)</code>
<code>May 17 23:53:12 rhel6-2 named[2991]: zone 0.168.192.</code><code>in</code><code>-addr.arpa</code><code>/IN</code><code>: sending notifies (serial 2013051701)</code>
<code>May 17 23:53:13 rhel6-2 named[2991]: zone xfcy.org</code><code>/IN</code><code>: Transfer started.</code>
<code>May 17 23:53:13 rhel6-2 named[2991]: transfer of </code><code>'xfcy.org/IN'</code> <code>from 192.168.0.90</code><code>#53: connected using 192.168.0.91#42265</code>
<code>May 17 23:53:13 rhel6-2 named[2991]: zone xfcy.org</code><code>/IN</code><code>: transferred serial 2013051701</code>
<code>May 17 23:53:13 rhel6-2 named[2991]: transfer of </code><code>'xfcy.org/IN'</code> <code>from 192.168.0.90</code><code>#53: Transfer completed: 1 messages, 7 records, 192 bytes, 0.001 secs (192000 bytes/sec)</code>
<code>xfcy.org.zone 192.168.0.zone</code>
<code>[root@rhel6-2 ~]</code><code># dig mail.xfcy.org @192.168.0.91</code>
<code>; <<>> DiG 9.7.3-P3-RedHat-9.7.3-8.P3.el6 <<>> mail.xfcy.org @192.168.0.91</code>
<code>;; ->>HEADER<<- opcode: QUERY, status: NOERROR, </code><code>id</code><code>: 9476</code>
<code>;; flags: qr aa rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 1, ADDITIONAL: 0</code>
<code>;; ANSWER SECTION:</code>
<code>mail.xfcy.org. 86400 IN CNAME dns.xfcy.org.</code>
<code>dns.xfcy.org. 86400 IN A 192.168.0.90</code>
<code>;; AUTHORITY SECTION:</code>
<code>xfcy.org. 86400 IN NS dns.xfcy.org.</code>
<code>;; Query </code><code>time</code><code>: 0 msec</code>
<code>;; SERVER: 192.168.0.91</code><code>#53(192.168.0.91)</code>
<code>;; WHEN: Fri May 17 23:51:32 2013</code>
<code>;; MSG SIZE rcvd: 79</code>
最後通過對同一個域名添加多條A記錄可作負載均衡:
<code>[root@rhel6 ~]</code><code># for i in $( seq 1 50) ; do echo "www 0 IN A 192.168.0.$i" ;done >> /var/named/xfcy.org.zone</code>
<code>[root@rhel6 ~]</code><code># for i in $(seq 1 10) ; do ping -c 1 -i 0.001 www | head -n 1 ;done</code>
<code>PING www.xfcy.org (192.168.0.46) 56(84) bytes of data.</code>
<code>PING www.xfcy.org (192.168.0.42) 56(84) bytes of data.</code>
<code>PING www.xfcy.org (192.168.0.38) 56(84) bytes of data.</code>
<code>PING www.xfcy.org (192.168.0.34) 56(84) bytes of data.</code>
<code>PING www.xfcy.org (192.168.0.30) 56(84) bytes of data.</code>
<code>PING www.xfcy.org (192.168.0.26) 56(84) bytes of data.</code>
<code>PING www.xfcy.org (192.168.0.22) 56(84) bytes of data.</code>
<code>PING www.xfcy.org (192.168.0.18) 56(84) bytes of data.</code>
<code>PING www.xfcy.org (192.168.0.14) 56(84) bytes of data.</code>
<code>PING www.xfcy.org (192.168.0.10) 56(84) bytes of data.</code>
<code>從以上結果可知每次解析www.xfcy.org的結果都是不一樣的</code>
本文轉自Vnimos51CTO部落格,原文連結:http://blog.51cto.com/vnimos/1203112,如需轉載請自行聯系原作者
![github 如何和 xcode 聯系起來[圖]](data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=)