实验环境:RHEL7.0
服务端: server1.example.com 172.25.254.1 192.168.0.1
客户端 :desktop.example.com 172.25.254.2
实验内容:配置名称服务器
DNS正向A解析
DNS逆向PTR解析
添加CNAME和MX记录
DNS双向解析
1.配置名称服务器
1.1 安装 bind 软件包
– yum install -y bind
1.2 编辑 /etc/named.conf
–listen-on port 53 { any; };
–listen-on-v6 port 53 { any; }; ##IPV6监听端口,可不配置
–allow-query { any; };
dnssec-validation no;
1.3 启动并启用 DNS 服务器
systemctl start named
systemctl enable named
1.4 从 desktop 进行测试
[root@desktop ~]# vim /etc/resolv.conf 添加解析
nameserver 172.25.254.1
[root@desktop ~]# dig 172.25.254.1 测试
; <<>> DiG 9.9.4-RedHat-9.9.4-14.el7 <<>> 172.25.254.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 23765
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;172.25.254.1. IN A
;; Query time: 11 msec
;; SERVER: 172.25.254.1#53(172.25.254.1)
;; WHEN: Wed Sep 07 13:44:21 CST 2016
;; MSG SIZE rcvd: 41
2.添加DNS正向A解析
2.1服务器端
2.1.1.vim /etc/named.conf
–listen-on port 53 { any; };
2.1.2.vim /etc/named.rfc1912.zones
修改正向解析模版成
zone "willis.com" IN {
type master;
file "willis.com.zone";
allow-update { none; };
};
2.1.3.cd /var/named/
cp -p named.localhost willis.com.zone
2.1.4. vim willis.com.zone
$TTL 1D
@ IN SOA dns.willis.com. root. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS hello.willis.com.
hello A 172.25.254.1
www A 172.25.254.1
2.1.5.systemctl restart named
2.2客户端
2.2.1.vim /etc/resolv.conf
nameserver 172.25.254.1 ###添加解析
2.2.2.测试
dig www.willis.com
dig willis.com
[root@desktop ~]# dig www.willis.com
; <<>> DiG 9.9.4-RedHat-9.9.4-14.el7 <<>> www.willis.com
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 40219
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2
;www.willis.com. IN A
;; ANSWER SECTION:
www.willis.com. 86400 IN A 172.25.254.1
;; AUTHORITY SECTION:
willis.com. 86400 IN NS hello.willis.com.
;; ADDITIONAL SECTION:
hello.willis.com. 86400 IN A 172.25.254.1
;; Query time: 10 msec
;; WHEN: Wed Sep 07 14:07:02 CST 2016
;; MSG SIZE rcvd: 95
3.DNS逆向PTR解析
服务器端配置:
3.1.vim /etc/named.rfc1912.zones
修改逆向解析模版成
zone "1.254.25.172.in-addr.arpa" IN {
type master;
file "willis.com.ptr";
allow-update { none; };
};
3.2.cd /var/named/
cp -p named.loopback willis.com.ptr
3.3. vim willis.com.ptr
$TTL 1D
@ IN SOA dns.willis.com. root. (
NS dns.willis.com.
dns A 172.25.254.1
101 PTR localhost.
3.4.systemctl restart named
客户端测试
dig -x 172.25.254.1
dig -x 172.25.254.101
[root@desktop ~]# dig -x 172.25.254.1
; <<>> DiG 9.9.4-RedHat-9.9.4-14.el7 <<>> -x 172.25.254.1
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 21692
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;1.254.25.172.in-addr.arpa. IN PTR
1.254.25.172.in-addr.arpa. 10800 IN SOA dns.willis.com. root. 0 86400 3600 604800 10800
;; Query time: 0 msec
;; WHEN: Wed Sep 07 14:26:16 CST 2016
;; MSG SIZE rcvd: 108
[root@desktop ~]# dig -x 172.25.254.101
; <<>> DiG 9.9.4-RedHat-9.9.4-14.el7 <<>> -x 172.25.254.101
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 19576
;101.254.25.172.in-addr.arpa. IN PTR
25.172.in-addr.arpa. 86400 IN SOA 25.172.in-addr.arpa. . 0 28800 7200 604800 86400
;; WHEN: Wed Sep 07 14:26:21 CST 2016
;; MSG SIZE rcvd: 91
4.添加CNAME和MX
vim /var/named/willis.com.zone
$TTL 1D
@ IN SOA dns.willis.com. root. (
NS hello.willis.com.
www CNAME host.a.willis.com.
willis.com. MX 1 172.25.254.1
hello A 172.25.254.1
[root@desktop ~]# dig -t mx willis.com
; <<>> DiG 9.9.4-RedHat-9.9.4-14.el7 <<>> -t mx willis.com
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 5530
;willis.com. IN MX
willis.com. 86400 IN MX 1 172.25.254.1.
;; WHEN: Wed Sep 07 14:32:20 CST 2016
;; MSG SIZE rcvd: 103
5.DNS双向解析
实验前先给服务器端虚拟机添加网卡,保证有两块网卡,设置不同网段IP用于测试
eth0 172.25.254.1
eth1 192.168.0.1
[root@server1 ~]# ip addr show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
2: ens7: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 52:54:00:95:46:0a brd ff:ff:ff:ff:ff:ff
inet 192.168.0.1/24 brd 192.168.0.255 scope global ens7
3: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 52:54:00:ce:65:ca brd ff:ff:ff:ff:ff:ff
inet 172.25.254.1/16 brd 172.25.255.255 scope global eth0
inet6 fe80::5054:ff:fece:65ca/64 scope link
1.cd /var/named/
2 cp -p willis.com.zone willis.com.inter
3 vim willis.com.inter
host.a A 192.168.0.1
willis.com. MX 1 172.25.254.1.
2.cp -p /etc/named.rfc1912.zones /etc/named.inter.zones
vim /etc/named.inter.zones
修改为
zone "willis.com" IN {
type master;
file "willis.com.inter";
allow-update { none; };
};
3. vim /etc/named.conf
/*zone "." IN {
type hint;
file "named.ca";
};*/
view localnet {
match-clients { 172.25.254.0/24; };
zone "." IN {
type hint;
file "named.ca";
};
include "/etc/named.rfc1912.zones";
view internet {
match-clients { any; };
include "/etc/named.inter.zones";
4.systemctl restart named
客户端测试:
1.设置IP为192.128.0.2
[root@server2 ~]# ip addr show eth0
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 52:54:00:70:0d:1a brd ff:ff:ff:ff:ff:ff
inet 192.168.0.2/24 brd 192.168.0.255 scope global eth0
inet6 fe80::5054:ff:fe70:d1a/64 scope link
2. vim /etc/resolv.conf
nameserver 192.168.0.106
3.dig willis.com
[root@server2 ~]# dig willis.com
; <<>> DiG 9.9.4-RedHat-9.9.4-14.el7 <<>> willis.com
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 31985
;willis.com. IN A
willis.com. 10800 IN SOA dns.willis.com. root. 0 86400 3600 604800 10800
;; Query time: 1 msec
;; SERVER: 192.168.0.1#53(192.168.0.1)
;; WHEN: Wed Sep 07 15:12:28 CST 2016
;; MSG SIZE rcvd: 83
本文转自willis_sun 51CTO博客,原文链接:http://blog.51cto.com/willis/1847312,如需转载请自行联系原作者
![终端环境之tmux[图]](data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=)