马哥博客作业第九周
1、配置 bind 服务,实现 www.magedu.org 域名解析
找一台主机作为主DNS服务器,然后运行以下脚本:
#!/bin/bash
yum -y install bind &> /dev/null
systemctl enable --now named &> /dev/null
sed -Ei -e 's@^.+listen-on port@//&@g' -e 's@^.+allow-query@//&@g' /etc/named.conf
rndc reload &> /dev/null
cat > /var/named/magedu.org.zone <<EOF
magedu.org. 86400 IN SOA master admin (20200726 1D 1H 3D 1H)
NS master
master 86400 IN A 10.0.0.202
@ 86400 IN A 10.0.0.208
www 86400 IN A 10.0.0.208
* 86400 IN A 10.0.0.208
EOF
rndc reload &> /dev/null
chgrp named /var/named/magedu.org.zone
chmod o-r /var/named/magedu.org.zone
cat >> /etc/named.rfc1912.zones <<EOF
zone "magedu.org" IN {
type master;
file "magedu.org.zone";
};
EOF
rndc reload &> /dev/null
2、配置 bind 服务,实现域名反向解析
vim /etc/named.conf
#注释掉下面两行
// listen-on port 53 { localhost; };
// allow-query { any; };
vim /etc/named.rfc1912.zones
#加上下面内容
zone "0.0.10.in-addr.arpa" IN {
type master;
file "10.0.0.zone";
};
cp -p /var/named/named.loopback /var/named/10.0.0.zone
cat /var/named/10.0.0.0.zone
$TTL 1D
0.0.10.in-addr.arpa. IN SOA ns admin.magedu.org. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
@ NS ns.magedu.org.
220 PTR docker.magedu.org.
230 PTR nginx.magedu.org.
named-checkconf
named-checkzone 0.0.10.in-addr.arpa 10.0.0.zone
rndc reload
3、配置 bind 服务,实现主从 DNS 服务配置:
找一台主机作为从DNS服务器,运行以下脚本:
#!/bin/bash
yum -y install bind &> /dev/null
systemctl enable --now named &> /dev/null
sed -Ei -e 's@^.+listen-on port@//&@g' -e 's@^.+allow-query@//&@g' /etc/named.conf
rndc reload &> /dev/null
cat >> /etc/named.rfc1912.zones <<EOF
zone "magedu.org" IN {
type slave;
masters {10.0.0.202;};
file "slaves/magedu.org.zone.slave";
};
EOF
rndc reload &> /dev/null
在上述主DNS服务器上修改区域数据库文件/var/named/magedu.org.zone,和从DNS服务器同步,内容如下:
magedu.org. 86400 IN SOA master admin (20200726 1D 1H 3D 1H)
NS master
NS slave
master 86400 IN A 10.0.0.202
slave 86400 IN A 10.0.0.207
@ 86400 IN A 10.0.0.208
www 86400 IN A 10.0.0.208
* 86400 IN A 10.0.0.208
修改完成后重新加载:rndc reload
为避免其他服务器都能够从主从DNS服务器拉取区域数据库文件,修改主从DNS服务器的bind配置文件/etc/named.conf,内容如下:
主DNS服务器添加:allow-transfer {10.0.0.207;};
从DNS服务器添加:allow-transfer {none;};
4、 配置 bind 服务,实现子域服务器:
在上述主DNS服务器上修改区域数据库文件/var/named/magedu.org.zone,添加子域DNS服务器,内容如下:
$TTL 86400
@ IN SOA master admin (20200727 1D 1H 3D 1H)
NS master
NS slave
shanghai NS shanghai-ns
master A 10.0.0.201
slave A 10.0.0.208
shanghai-ns A 10.0.0.202
@ A 10.0.0.202
www A 10.0.0.202
* A 10.0.0.202
k8s A 10.0.0.207
另外找一台主机作为子域的DNS服务器
下载bind软件并设置服务为开机启动
yum -y install bind;systemctl enable --now named
修改主配置文件/etc/named.conf
#注释掉下面两行
// listen-on port 53 { localhost; };
// allow-query { any; };
修改配置文件/etc/named.rfc1912.zones,添加下面的内容:
zone "shanghai.magedu.org" IN {
type master;
file "shanghai.magedu.org.zone";
};
创建子域区域数据库文件
cp -p /var/named/named.localhost /var/named/shanghai.magedu.org.zone
修改/var/named/shanghai.magedu.org.zone文件内容如下:
$TTL 1D
@ IN SOA master admin (20200727 1H 10M 1D 3H)
NS master
master IN A 10.0.0.202
www IN A 10.0.0.208
@ IN A 10.0.0.208
* IN A 10.0.0.208
配置文件和区域数据库文件语法检查:
named-checkconf
named-checkzone shanghai.magedu.org shanghai.magedu.org.zone
配置生效:
rndc reload
