DNS互联网架构的实现

栏目: 服务器 · 发布时间: 5年前

内容简介:客户端访问www.magedu.com时,本地DNS服务器向根DNS服务器转发,com域实现主从域的搭建。3.启动服务并设置开机启动

目标

客户端访问www.magedu.com时,本地DNS服务器向根DNS服务器转发,com域实现主从域的搭建。

架构图

DNS互联网架构的实现

主机IP 作用 版本
192.168.36.6 客户端 centos7
192.168.36.7 DNS服务器 centos6
192.168.36.17 根域 centos6
192.168.36.27 com域 centos6
192.168.36.37 主dns服务器 centos6
192.168.36.47 备用dns服务器 centos6
192.168.36.67 www服务器 centos6

基本环境搭建

  1. 每个主机清空防火墙规则、关闭防火墙、关闭selinux
[root@centos ~]# iptables -F
[root@centos ~]# setenforce 0       # 此为临时关闭,若想永久关闭还需要更改配置文件/etc/selinux/conf
[root@centos ~]# service iptables stop
iptables:将链设置为政策 ACCEPT:filter                    [确定]
iptables:清除防火墙规则:                                 [确定]
iptables:正在卸载模块:                                   [确定]
  1. 客户端dns指定为DNS服务器的IP
[root@CentOS6 ~]# cat /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=eth0
ONBOOT=yes
BOOTPROTO=static
IPADDR=192.168.36.6
NETMASK=255.255.255.0
DNS1=192.168.36.7
NAME="System eth0"

[root@CentOS6 ~]# cat /etc/resolv.conf
# Generated by NetworkManager
search magedu36.com
nameserver 192.168.36.7

服务搭建

www服务器上搭建WEB服务

  1. 安装httpd软件包
[root@centos ~]#yum install -y httpd
  1. 搭建WEB页面
[root@centos ~]#echo "<h1>www.magedu.com</h1>" >> /var/www/html/index.html

3.启动服务并设置开机启动

[root@centos ~]#systemctl restart httpd
[root@centos ~]#systemctl enable httpd
Created symlink from /etc/systemd/system/multi-user.target.wants/httpd.service to /usr/lib/systemd/system/httpd.service.
  1. curl测试WEB网页
[root@centos ~]#curl 192.168.36.67
<h1>www.magedu.com</h1>

DNS主服务器配置

  1. 安装bind软件包
[root@master ~]# yum install -y bind
  1. 编辑配置文件
注释ipv监听端口、访问控制列表
[root@master ~]# vim /etc/named.conf
//      listen-on port 53 { 127.0.0.1; };
//      allow-query     { localhost; };
        allow-transfer {192.168.36.47;};  # 仅允许192.168.36.47主机获取该主机所有域的数据
[root@master ~]# vim /etc/named.rfc1912.zones
zone "magedu.com" IN {   # 解析magedu.com
        type master;    # 主
        file "magedu.com.zone";    # 自定义的域名到IP的正向解析的配置文件
};
[root@master ~]# cd /var/named/
[root@master named]# cp -p named.localhost magedu.com.zone
[root@master named]# vim magedu.com.zon
$TTL 1D
@       IN SOA  master admin.magedu.com. (
                                        0       ; serial   # 数据库序列号/版本号
                                        1D      ; refresh   # 主从服务器时间间隔
                                        1H      ; retry   # 同步间隔
                                        1W      ; expire   # 未同步过期时间
                                        3H )    ; minimum   # 不存在记录,默认缓存时间
        NS      master
        NS      slave
master  A       192.168.36.37    # 域名指定IP
slave   A       192.168.36.47
www     A       192.168.36.67
  1. 启动服务并设置开机启动
[root@master named]# service named restart
停止 named:                                               [确定]
Generating /etc/rndc.key:                                  [确定]
启动 named:                                               [确定]
[root@master named]# chkconfig named on
[root@master named]# chkconfig named --list
named           0:关闭    1:关闭    2:启用    3:启用    4:启用    5:启用    6:关闭
  1. dig测试
[root@master named]# dig www.magedu.com

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.68.rc1.el6 <<>> www.magedu.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 15433
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2

;; QUESTION SECTION:
;www.magedu.com.            IN  A

;; ANSWER SECTION:
www.magedu.com.     86400   IN  A   192.168.36.67

;; AUTHORITY SECTION:
magedu.com.     86400   IN  NS  slave.magedu.com.
magedu.com.     86400   IN  NS  master.magedu.com.

;; ADDITIONAL SECTION:
master.magedu.com.  86400   IN  A   192.168.36.37
slave.magedu.com.   86400   IN  A   192.168.36.47

;; Query time: 1 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Tue Apr 23 17:47:26 2019
;; MSG SIZE  rcvd: 121

DNS备用服务器配置

  1. 安装bind软件包
[root@slave ~]# yum install -y bind
  1. 编辑配置文件
注释ipv监听端口、访问控制列表
[root@slave ~]# vim /etc/named.conf
//      listen-on port 53 { 127.0.0.1; };
//      allow-query     { localhost; };
        allow-transfer {none;}; # 不允许任何主机获取该主机所有域的数据
[root@slave ~]# vim /etc/named.rfc1912.zones
zone "magedu.com" IN {
        type slave;
        masters { 192.168.36.37; };
        file "slaves/magedu.com.slave";
};
  1. 启动服务并设置开机启动
[root@slave named]# service named restart
停止 named:                                               [确定]
Generating /etc/rndc.key:                                  [确定]
启动 named:                                               [确定]
[root@slave named]# chkconfig named on
[root@slave named]# chkconfig named --list
named           0:关闭    1:关闭    2:启用    3:启用    4:启用    5:启用    6:关闭
  1. 检查是否从主服务器上获取数据库文件
[root@slave ~]# ll /var/named/slaves/
总用量 4
-rw-r--r--. 1 named named 387 4月  23 18:56 magedu.com.slave
  1. dig测试
[root@slave ~]# dig www.magedu.com

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.68.rc1.el6 <<>> www.magedu.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 6099
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2

;; QUESTION SECTION:
;www.magedu.com.            IN  A

;; ANSWER SECTION:
www.magedu.com.     86400   IN  A   192.168.36.67

;; AUTHORITY SECTION:
magedu.com.     86400   IN  NS  master.magedu.com.
magedu.com.     86400   IN  NS  slave.magedu.com.

;; ADDITIONAL SECTION:
master.magedu.com.  86400   IN  A   192.168.36.37
slave.magedu.com.   86400   IN  A   192.168.36.47

;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Tue Apr 23 20:02:31 2019
;; MSG SIZE  rcvd: 121

com域配置

  1. 安装bind软件包
[root@com ~]# yum install -y bind
  1. 编辑配置文件
注释ipv监听端口、访问控制列表
[root@com ~]# vim /etc/named.conf
//      listen-on port 53 { 127.0.0.1; };
//      allow-query     { localhost; };
[root@com ~]# vim /etc/named.rfc1912.zones
zone "com" IN {
        type master;
        file "come.zone";
};
[root@com ~]# cd /var/named/
[root@com named]# cp -p named.localhost come.zone
[root@com named]# vim come.zone
$TTL 1D
@       IN SOA  com admin.magedu.com. (
                                        0       ; serial
                                        1D      ; refresh
                                        1H      ; retry
                                        1W      ; expire
                                        3H )    ; minimum
                NS      com
magedu          NS      masterns
magedu          NS      slavens
com             A       192.168.36.27
masterns        A       192.168.36.37
slavens         A       192.168.36.47
  1. 启动服务并设置开机启动
[root@com named]# service named restart
停止 named:                                               [确定]
Generating /etc/rndc.key:                                  [确定]
启动 named:                                               [确定]
[root@com named]# chkconfig named on
[root@com named]# chkconfig named --list
named           0:关闭    1:关闭    2:启用    3:启用    4:启用    5:启用    6:关闭
  1. dig测试
[root@com named]# dig www.magedu.com @192.168.36.37

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.68.rc1.el6 <<>> www.magedu.com @192.168.36.37
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 64848
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2

;; QUESTION SECTION:
;www.magedu.com.            IN  A

;; ANSWER SECTION:
www.magedu.com.     86400   IN  A   192.168.36.67

;; AUTHORITY SECTION:
magedu.com.     86400   IN  NS  slave.magedu.com.
magedu.com.     86400   IN  NS  master.magedu.com.

;; ADDITIONAL SECTION:
master.magedu.com.  86400   IN  A   192.168.36.37
slave.magedu.com.   86400   IN  A   192.168.36.47

;; Query time: 0 msec
;; SERVER: 192.168.36.37#53(192.168.36.37)
;; WHEN: Tue Apr 23 20:06:17 2019
;; MSG SIZE  rcvd: 121

[root@com named]# dig www.magedu.com @192.168.36.47

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.68.rc1.el6 <<>> www.magedu.com @192.168.36.47
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 6321
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2

;; QUESTION SECTION:
;www.magedu.com.            IN  A

;; ANSWER SECTION:
www.magedu.com.     86400   IN  A   192.168.36.67

;; AUTHORITY SECTION:
magedu.com.     86400   IN  NS  master.magedu.com.
magedu.com.     86400   IN  NS  slave.magedu.com.

;; ADDITIONAL SECTION:
master.magedu.com.  86400   IN  A   192.168.36.37
slave.magedu.com.   86400   IN  A   192.168.36.47

;; Query time: 1 msec
;; SERVER: 192.168.36.47#53(192.168.36.47)
;; WHEN: Tue Apr 23 20:06:19 2019
;; MSG SIZE  rcvd: 121
  1. 因com域与根域配置类似,所以将com域的数据库文件scp至根域中
[root@com named]# scp come.zone 192.168.36.17:/var/named/
The authenticity of host '192.168.36.17 (192.168.36.17)' can't be established.
RSA key fingerprint is 6a:f4:58:5b:fc:8e:64:69:fd:b8:64:04:89:d3:dc:5d.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.36.17' (RSA) to the list of known hosts.
root@192.168.36.17's password:
come.zone

根域配置

  1. 安装bind软件包
[root@gen ~]# yum install -y bind
  1. 编辑配置文件
注释ipv监听端口、访问控制列表
[root@gen ~]# vim /etc/named.conf
//      listen-on port 53 { 127.0.0.1; };
//      allow-query     { localhost; };

....

zone "." IN {       # 修改根域,让其在本地文件查找
        type master;
        file "root.zone";
};
[root@gen named]# mv come.zone root.zone
[root@gen named]# vim root.zone
$TTL 1D
@       IN SOA  ns admin.magedu.com. (
                                        0       ; serial
                                        1D      ; refresh
                                        1H      ; retry
                                        1W      ; expire
                                        3H )    ; minimum
                NS      ns
com             NS      comns
ns              A       192.168.36.17
comns           A       192.168.36.27
[root@gen named]# chgrp named root.zone     # 修改组为named
[root@gen named]# ll root.zone
-rw-r-----. 1 root named 192 4月  23 18:22 root.zone
  1. 启动服务并设置开机启动
[root@gen named]# service named restart
停止 named:                                               [确定]
Generating /etc/rndc.key:                                  [确定]
启动 named:                                               [确定]
[root@gen named]# chkconfig named on
[root@gen named]# chkconfig named --list
named           0:关闭    1:关闭    2:启用    3:启用    4:启用    5:启用    6:关闭
  1. dig测试
[root@gen ~]# dig www.magedu.com @192.168.36.27

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.68.rc1.el6 <<>> www.magedu.com @192.168.36.27
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 20620
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2

;; QUESTION SECTION:
;www.magedu.com.            IN  A

;; ANSWER SECTION:
www.magedu.com.     71917   IN  A   192.168.36.67

;; AUTHORITY SECTION:
magedu.com.     86400   IN  NS  masterns.com.
magedu.com.     86400   IN  NS  slavens.com.

;; ADDITIONAL SECTION:
masterns.com.       86400   IN  A   192.168.36.37
slavens.com.        86400   IN  A   192.168.36.47

;; Query time: 1 msec
;; SERVER: 192.168.36.27#53(192.168.36.27)
;; WHEN: Tue Apr 23 22:16:22 2019
;; MSG SIZE  rcvd: 125

DNS服务器配置

  1. 安装bind软件包
[root@main ~]# yum install -y bind
  1. 编辑配置文件
注释ipv监听端口、访问控制列表
[root@main ~]# vim /etc/named.conf
//      listen-on port 53 { 127.0.0.1; };
//      allow-query     { localhost; };
        dnssec-enable no;       # 将安全相关的转发设置改为no
        dnssec-validation no;
修改本地域指向根域的库文件
[root@main ~]# vim /var/named/named.ca
.                        3600000      NS    A.ROOT-SERVERS.NET.
A.ROOT-SERVERS.NET.      3600000      A     192.168.36.17
  1. 启动服务并设置开机启动
[root@main named]# service named restart
停止 named:                                               [确定]
Generating /etc/rndc.key:                                  [确定]
启动 named:                                               [确定]
[root@main named]# chkconfig named on
[root@main named]# chkconfig named --list
named           0:关闭    1:关闭    2:启用    3:启用    4:启用    5:启用    6:关闭
  1. dig测试
[root@main ~]# dig www.magedu.com

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.68.rc1.el6 <<>> www.magedu.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 58392
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2

;; QUESTION SECTION:
;www.magedu.com.            IN  A

;; ANSWER SECTION:
www.magedu.com.     72483   IN  A   192.168.36.67

;; AUTHORITY SECTION:
magedu.com.     72493   IN  NS  master.magedu.com.
magedu.com.     72493   IN  NS  slave.magedu.com.

;; ADDITIONAL SECTION:
slave.magedu.com.   72493   IN  A   192.168.36.47
master.magedu.com.  72493   IN  A   192.168.36.37

;; Query time: 8 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Tue Apr 23 22:23:43 2019
;; MSG SIZE  rcvd: 121

DNS客户端测试

最终测试

[root@CentOS6 ~]# dig www.magedu.com

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.68.rc1.el6 <<>> www.magedu.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 52502
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2

;; QUESTION SECTION:
;www.magedu.com.            IN  A

;; ANSWER SECTION:
www.magedu.com.     72434   IN  A   192.168.36.67

;; AUTHORITY SECTION:
magedu.com.     72444   IN  NS  slave.magedu.com.
magedu.com.     72444   IN  NS  master.magedu.com.

;; ADDITIONAL SECTION:
slave.magedu.com.   72444   IN  A   192.168.36.47
master.magedu.com.  72444   IN  A   192.168.36.37

;; Query time: 0 msec
;; SERVER: 192.168.36.7#53(192.168.36.7)
;; WHEN: Tue Apr 23 14:24:33 2019
;; MSG SIZE  rcvd: 121
[root@CentOS6 ~]# curl www.magedu.com
<h1>www.magedu.com</h1>

至此,已完成DNS互联网的架构功能。


以上就是本文的全部内容,希望本文的内容对大家的学习或者工作能带来一定的帮助,也希望大家多多支持 码农网

查看所有标签

猜你喜欢:

本站部分资源来源于网络,本站转载出于传递更多信息之目的,版权归原作者或者来源机构所有,如转载稿涉及版权问题,请联系我们

解决网页设计一定会遇到的210个问题

解决网页设计一定会遇到的210个问题

2006-4 / 42.00元

如何选择适合、简单、方便、快速的方法来解决您的网页设计问题?不会HTML、JavaScript、CSS也可轻易完成许多网页功能与特效。本书包含上百种HTML、JavaScript、CSS使用应用技巧与盲点解说,包含10个常用表单资料判断函数与特殊技巧,不必修改就可用于任何网页。本书现有的多数网页设计书籍相辅相成,让您事半功倍地完成工作。   许多计算机书籍都是从某个语言或者某个软件的......一起来看看 《解决网页设计一定会遇到的210个问题》 这本书的介绍吧!

RGB转16进制工具
RGB转16进制工具

RGB HEX 互转工具

Base64 编码/解码
Base64 编码/解码

Base64 编码/解码

RGB CMYK 转换工具
RGB CMYK 转换工具

RGB CMYK 互转工具