centos7 部署 DNS 主从

centos7 部署 DNS 主从

  • 环境
名称 ip地址 cpu 内存
yz-dns-master 10.148.100.81 4c 8G
yz-dns-slave 10.148.100.82 4c 8G
  • yz-dns-master 主配置
#配置dns 监牢模式
yum install bind bind-chroot  -y

#主要文件说明
/var/named/chroot/etc/named.conf   #主配置文件
/var/named/chroot/var/named/       #区域数据库文件

#准备配置文件
cp -p  /etc/named.conf  /var/named/chroot/etc/ 
cp -p /var/named/named.*  /var/named/chroot/var/named/

#修改主配置文件,master 节点主动通知从节点要比从节点拉主节点配置文件要快,因此此处要配置 master 节点主动推配置文件至 从slave 节点。
vim /var/named/chroot/etc/named.conf

options {
        listen-on port 53 { 10.148.100.81; };
        directory       "/var/named";
        allow-query     { any; };
        recursion yes;
        pid-file "/run/named/named.pid";
        session-keyfile "/run/named/session.key";
        forwarders { 114.114.114.114; 219.141.140.10; };
};

//logging {
//        channel default_debug {
//               file "data/named.run";
//                severity dynamic;
//       };
//};


logging {
    channel query_log {
        file "query.log" versions 10 size 2G;
        severity info;
        print-time yes;
        print-severity yes;
        print-category yes;
    };
    category queries { query_log; };
};


zone "." IN {
        type hint;
        file "named.ca";
};

zone "moviebook.cn" IN {
        //hint master slave forward
        allow-update { none; };
        allow-transfer { 10.148.100.82; };
        also-notify { 10.148.100.82; };
        check-names ignore;
        type master;
        file "moviebook.cn.zone";
};

#修改本地解析文件
cat /etc/resolv.conf
nameserver 10.148.100.81

#增加区域数据库文件
cd  /var/named/chroot/var/named 
cp -p named.localhost  moviebook.cn.zone

#修改区域数据库文件
vim /var/named/chroot/var/named/moviebook.cn.zone

$TTL 1D
moviebook.cn.   IN SOA  ns1.moviebook.cn. rname.invalid. (
                                        21      ; serial
                                        30      ; refresh
                                        20      ; retry
                                        1W      ; expire
                                        300 )   ; minimum
        NS      ns1.moviebook.cn.
;A
;PTR
;MX
;CNAME
ns1             A       10.148.100.88
test-yingpu     A       10.148.100.88
sport           A       10.148.100.89
news            CNAME   test-yingpu
www             A       122.14.233.94
mytest01        A       10.148.100.99


#检测
named-checkconf  /var/named/chroot/etc/named.conf
named-checkzone moviebook.cn /var/named/chroot/var/named/moviebook.cn.zone

#启动
systemctl  start  named-chroot
systemctl  enable  named-chroot

#检测 udp
netstat  -anput  |grep  53  

#测试
dig
host
nslookup
  • yz-dns-slave 从配置
#注意
主配置文件不会同步
同步的是区域数据库文件

#配置dns 监牢模式
yum install bind bind-chroot  -y

#从named.conf 主配置文件修改,注意查看文件权限
vim /var/named/chroot/etc/named.conf 

options {
        listen-on port 53 { 10.148.100.82; };
        directory       "/var/named";
        allow-query     { any; };
        recursion yes;
        pid-file "/run/named/named.pid";
        session-keyfile "/run/named/session.key";
        masterfile-format text;
        forwarders { 114.114.114.114; 219.141.140.10; };
};

//logging {
//        channel default_debug {
//               file "data/named.run";
//                severity dynamic;
//       };
//};

logging {
    channel query_log {
        file "query.log" versions 10 size 2G;
        severity info;
        print-time yes;
        print-severity yes;
        print-category yes;
    };
    category queries { query_log; };
};

zone "." IN {
        type hint;
        file "named.ca";
};

zone "moviebook.cn" IN {
        //hint master slave forward
        type slave;
        file "moviebook.cn.zone";
        masters { 10.148.100.81; };
        check-names ignore;
};

#修改本地解析文件
cat /etc/resolv.conf
nameserver 10.148.100.82

#检测
named-checkconf  /var/named/chroot/etc/named.conf
named-checkzone moviebook.cn /var/named/chroot/var/named/moviebook.cn.zone

#启动
systemctl  start  named-chroot
systemctl  enable  named-chroot

#检测 udp
netstat  -anput  |grep  53  

#查看数据库配置文件均从master 节点同步至从节点
#cd  /var/named/chroot/var/named
# ll
drwxr-x--- 7 root  named   4096 Mar 20 06:32 chroot
drwxrwx--- 2 named named   4096 Feb 24 01:17 data
drwxrwx--- 2 named named   4096 Feb 24 01:17 dynamic
drwxr-xr-x 2 root  root    4096 Mar 21 14:58 logs
-rw-r--r-- 1 named named    479 Mar 22 11:28 moviebook.cn.zone
-rw-r----- 1 root  named   2253 Apr  5  2018 named.ca
-rw-r----- 1 root  named    152 Dec 15  2009 named.empty
-rw-r----- 1 root  named    152 Jun 21  2007 named.localhost
-rw-r----- 1 root  named    168 Dec 15  2009 named.loopback
-rw-r--r-- 1 named named 362555 Mar 22 11:31 query.log
drwxrwx--- 2 named named   4096 Feb 24 01:17 slaves

#测试
dig
host
nslookup

  • 主从测试
#登录主节点,修改  配置文件新增加A记录 desktop A  122.14.233.93
vim  /var/named/chroot/var/named/moviebook.cn.zone

#加载配置文件,使其生效
# rndc reload
server reload successful

#查看从节点
A记录已同步完成,序列号也同步完成

#测试解析
# nslookup   desktop.moviebook.cn
Server:         10.148.100.82
Address:        10.148.100.82#53

Name:   desktop.moviebook.cn
Address: 122.14.233.93

#查看均已解析成功。

posted @ 2022-03-21 17:21  lixinliang  阅读(314)  评论(0编辑  收藏  举报