• 特码诗_特码诗唯一授权官网

  • 发布时间:2016-01-19 07:27 | 作者:yc | 来源:互联网 | 浏览:1200 次
  • 特码诗_特码诗唯一授权官网

    1、架构拓扑图

    650) this.width=650;" src="/html/uploads/allimg/160119/0HG93225-0.jpg" title=".png" alt="wKioL1Yozm6w-ELcAAF2EYBjyck409.jpg" />

    2、情况描画

    效劳器名称

    IP地址

    主DNS效劳器

    192.168.1.107

    辅佐DNS效劳器

    192.168.1.108把稳:这儿Linux版本是centos5.8

    3、主辅DNS效劳器bind装配

    [root@dns-S ~]# yum -y install bind bind-chroot ypbind bind-utils caching-nameserver

    把稳:这儿主DNS效劳器咱们前面现已部署了!

    4、设置设备摆设辅佐DNS效劳器

    A.将主DNS效劳器的named.conf同步到辅佐DNS效劳器

    [root@dns-M ~]# scp /var/named/chroot/etc/* 192.168.1.108:/var/named/chroot/etc/

    's password:

    localtime100%4050.4KB/s00:00

    named.caching-nameserver.conf100% 12301.2KB/s00:00

    named.conf100% 14801.5KB/s00:00

    named.rfc1912.zones100% 11381.1KB/s00:00

    named.rfc1912.zones.bak100%9550.9KB/s00:00

    B.修正主DNS效劳器的设置设备摆设文件,准许辅佐DNS效劳器同步数据

    [root@dns-M ~]# cat /etc/named.rfc1912.zones

    特码诗_特码诗唯一授权官网

    // named.rfc1912.zones:

    //

    // Provided by Red Hat caching-nameserver package

    //

    // ISC BIND named zone configuration for zones recommended by

    // RFC 1912 section 4.1 : localhost TLDs and address zones

    //

    // See /usr/share/doc/bind*/sample/ for example named configuration files.

    //

    zone "." IN {

    type hint;

    file "named.ca";

    };

    zone "localdomain" IN {

    type master;

    file "localdomain.zone";

    allow-update { none; };

    };

    zone "localhost" IN {

    type master;

    file "localhost.zone";

    allow-update { none; };

    };

    zone "0.0.127.in-addr.arpa" IN {

    type master;

    file "named.local";

    allow-update { none; };

    };

    zone "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN {

    type master;

    file "named.ip6.local";

    allow-update { none; };

    };

    zone "255.in-addr.arpa" IN {

    type master;

    file "named.broadcast";

    allow-update { none; };

    };

    zone "0.in-addr.arpa" IN {

    type master;

    file "named.zero";

    allow-update { none; };

    };

    zone "pp.org" IN {

    type master;

    file "pp.org.zone";

    allow-update { none; };

    allow-transfer { 192.168.1.108; };

    also-notify { 192.168.1.108; };

    };

    zone "1.bodog官网hg622.com168.192.in-addr.arpa" IN {

    type master;

    file "pp.org.local";

    allow-update { none; };

    allow-transfer { 192.168.1.108; };

    also-notify { 192.168.1.108; };

    };

    C.修正辅佐域名效劳器的设置设备摆设文件

    [root@dns-S etc]# cat /var/named/chroot/etc/named.rfc1912.zones

    // named.rfc1912.zones:

    //

    // Provided by Red Hat caching-nameserver package

    //

    // ISC BIND named zone configuration for zones recommended by

    // RFC 1912 section 4.1 : localhost TLDs and address zones

    //

    // See /usr/share/doc/bind*/sample/ for example named configuration files.

    //

    zone "." IN {

    type hint;

    file "named.ca";

    };

    zone "pp.org" IN {

    type slave;

    file "slaves/pp.org.zone";

    masters { 192.168.1.107; };

    };

    zone "1.168.192.in-addr.arpa" IN {

    type slave;

    file "slaves/pp.org.local";

    masters { 192.168.1.107; };

    };

    D.对文件付与权限

    [root@dns-S etc]#chown -R root.named /var/named/chroot/etc/

    E.对设置设备摆设文件做软链接

    [root@dns-S etc]# ln -s /var/named/chroot/etc/named.conf/etc/named.conf

    [root@dns-S etc]# ln -s /var/named/chroot/etc/named.rfc1912.zones/etc/named.rfc1912.zones

    F.出产named.ca文件

    [root@dns-S etc]# dig -t NS . >/var/named/chroot/var/named/named.ca

    4、发动效劳

    [root@dns-S etc]# service named start

    Starting named:[OK]

    5、反省辅佐DNS效劳器是不是同步了主DNS效劳器的区域文件

    [root@dns-S ~]# cd /var/named/chroot/var/named/slaves/

    [root@dns-S slaves]# ls

    pp.org.localpp.org.zone

    [root@dns-S slaves]# cat pp.org.zone

    $ORIGIN .

    $TTL 86400; 1 day

    pp.orgIN SOAdns.pp.org. root.pp.org. (

    201; serial

    10800; refresh (3 hours)

    900; retry (15 minutes)

    ; expire (1 week)

    86400; minimum (1 day)

    )

    NSdns.pp.org.

    MX10 mail.pp.org.

    $ORIGIN pp.org.

    dnsA192.168.1.107

    wwwA192.168.1.201

    A192.168.1.202

    A192.168.1.203

    [root@dns-S slaves]# cat pp.org.local

    $ORIGIN .

    $TTL 86400; 1 day

    1.168.192.in-addr.arpaIN SOAdns.pp.org. root.pp.org. (

    ; serial

    28800; refresh (8 hours)

    14400; retry (4 hours)

    ; expire (5 weeks 6 days 16 hours)

    86400; minimum (1 day)

    )

    NSdns.pp.org.

    $ORIG买马网站IN 1.168.192.in-addr.arpa.

    201PTRwww1.pp.org.

    202PTRwww2.pp.org.

    203PTRwww3.pp.org.

    6.纪录同步测验

    A.主DNS效劳器增添一条A纪录

    [root@dns-M ~]# cat /var/named/chroot/var/named/pp.org.zone

    $TTL86400

    @IN SOAdns.pp.org.root.pp.org. (

    202; serial (d. adams)

    3H; refresh

    15M; retry

    1W; expiry

    1D ); minimum

    IN NSdns.pp.org.

    IN MX10mail.pp.org.

    dns.pp.org.IN A192.168.1.107

    wwwIN A192.168.1.201

    wwwIN A192.168.1.202

    wwwIN A192.168.1.203

    web1IN A192.168.1.204

    运用rndc重载主DNS效劳(当然也能够重启named效劳,可是DNS效劳器在收集中异常紧张,因而最佳运用rndc进行解决)

    [root@dns-M ~]# rndc reload

    server reload successful

    B.验证辅佐DNS效劳器的同步状况

    [root@dns-S slaves]# cat pp.org.zone

    $ORIGIN .

    $TTL 86400; 1 day

    pp.orgIN SOAdns.pp.org. root.pp.org. (

    202; serial

    10800; refresh (3 hours)

    900; retry (15 minutes)

    ; expire (1 week)

    86400; minimum (1 day)

    )

    NSdns.pp.org.

    MX10 mail.pp.org.

    $ORIGIN pp.org.

    dnsA192.168.1.107

    web1A192.168.1.204

    wwwA192.168.1.201

    A192.168.1.202

    A192.168.1.203

    C.主辅不合步的疑问

    1)辅佐DNS不合步(修正主DNS的serial值)

    2)准许指定的辅佐DNS仿制数据allow-transfer句子,指定哪个client能够来仿制主的zone文件,这个参数也能够放在options中,放在options大年夜局有用

    3)主DNS效劳看重启效劳当即与辅佐DNS效劳器进行数据同步(zone中增添了also-notify { 辅佐DNSIP地址 };或许在大年夜局options中声明,能够运用notify yes;)

    这篇文章出自 “一点点” 博客,谢绝转发!

  • 相关内容

友情链接: