DNS域名解析服务的部署及优化方案

本文主要是介绍DNS域名解析服务的部署及优化方案，希望对大家解决编程问题提供一定的参考价值，需要的开发者们随着小编来一起学习吧！

实验要求:

1.配置2台服务器要求如下：
a）服务器1：
主机名：dns-master.timinglee.org
ip地址： 172.25.254.100
配置好软件仓库
b）服务器2：
主机名：dns-slave.timinglee.org
ip地址：172.25.254.200
配置好软件仓库

2.dns-master是一台权威dns，次dns要具备一下功能
a）可以解析timinglee.org域中的主机，此域中的主机列表为
172.25.254.100 bbs.timinglee.org
172.25.254.200 login.timinglee.org
b）可以为timinglee.org这个域提供邮件解析记录，邮件服务器的地址为172.25.254.10
c）可以为172.25.254.0/24网段提供反向解析记录，反向解析记录为：
172.25.254.100 bbs.timinglee.org
172.25.254.200 login.timinglee.org

3.dns-slave主机是dns-master主机的辅助dns，当master主机中的数据发生变化后其内容自动发生改

1.配置2台服务器要求如下：

a）服务器1：主机名：dns-master.timinglee.org ip地址： 172.25.254.100 配置好软件仓库

[root@server100 ~]# hostnamectl  set-hostname  dns-master.timinglee.org

[easylee@dns-master ~]$ ifconfig

eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500

        inet 172.25.254.100  netmask 255.255.255.0  broadcast 172.25.254.255

dnf install bind -y

systemctl enable --now named

options {

        listen-on port 53 { any; };

allow-query     { any; };

dnssec-validation no;

b）服务器2：主机名：dns-slave.timinglee.org  ip地址：172.25.254.200 配置好软件仓库

[root@client ~]# hostnamectl  set-hostname dns-slave.timinglee.org

[root@client ~]# reboot

[root@dns-slave ~]# ifconfig

eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500

        inet 172.25.254.200  netmask 255.255.255.0  broadcast 172.25.254.255

dnf install bind -y

systemctl enable --now named

options {

        listen-on port 53 { any; };

allow-query     { any; };

 dnssec-validation no;

2.dns-master是一台权威dns，次dns要具备一下功能

a）可以解析timinglee.org域中的主机，此域中的主机列表为

172.25.254.100 bbs.timinglee.org

172.25.254.200 login.timinglee.org

                  NS        dns.jinlianglee.org.

dns               A         172.25.254.100

bbs               A         172.25.254.100

login              A         172.25.254.200

配置文件:

zone "jinlianglee.org" IN {

        type master;

        file "jinlianglee.org.inter";

        allow-update { none; };

测试结果:

b）可以timinglee.org这个域提供邮件解析记录，邮件服务器的地址为172.25.254.10

[root@dns-master ~]# vim /var/named/jinlianglee.org.zone

$TTL 1D

@       IN SOA dns.jinlianglee.org. admin.jinlianglee.org. (

                                        2024050602      ; serial

                                        1D      ; refresh

                                        1H      ; retry

                                        1W      ; expire

                                        3H )    ; minimum

                  NS      dns.jinlianglee.org.

dns               A       172.25.254.100

bbs               A       172.25.254.100

login              A       172.25.254.200

jinlianglee.org      MX 3     172.25.254.10.

c）可以为172.25.254.0/24网段提供反向解析记录，反向解析记录为：

172.25.254.100 bbs.timinglee.org

172.25.254.200 login.timinglee.org

编写反向解析文件

 [root@dns-master ~]# vim /etc/named.rfc1912.zones

zone "254.25.172.in-addr.arpa" IN {

        type master;

        file "172.25.254.ptr";

        allow-update { none; };

};

重启服务

[root@dns-master ~]# systemctl restart named

复制文件

[root@dns-master ~]# cp -p /var/named/named.loopback /var/named/172.25.254.ptr

编写域下主机解析文件

[root@dns-master ~]# vim /var/named/172.25.254.ptr

1  $TTL 1D

  2 @       IN SOA  dns.jinliannglee.org. admin.jinlianglee.org. (

  3                                         0       ; serial

  4                                         1D      ; refresh

  5                                         1H      ; retry

  6                                         1W      ; expire

  7                                         3H )    ; minimum

  8         NS      dnsjinlianglee.org.

  9 dns     A       172.25.254.100

 10 100    PTR      bbs.jinlianglee.org.

 11 200    PTR      login.jinlianglee.org.

重启服务

[root@dns-master ~]# systemctl restart named

测试：

[root@dns-master ~]# dig -x 172.25.254.100

[root@dns-master ~]# dig -x 172.25.254.200

3.dns-slave主机是dns-master主机的辅助dns，当master主机中的数据发生变化后其内容自动发生改变

安装服务

88  dnf install nfs-utils -y

主配置文件编写：

[root@dns-slave ~]#  vim /etc/named.conf

options {

        listen-on port 53 { any; };

        listen-on-v6 port 53 { ::1; };

        directory       "/var/named";

        dump-file       "/var/named/data/cache_dump.db";

        statistics-file "/var/named/data/named_stats.txt";

        memstatistics-file "/var/named/data/named_mem_stats.txt";

        secroots-file   "/var/named/data/named.secroots";

        recursing-file  "/var/named/data/named.recursing";

        allow-query     { any; };

dnssec-validation no;

辅助配置文件编写：

[root@dns-slave ~]#  vim /etc/named.rfc1912.zones

zone "jinlianglee.org" IN {

        type slave;

        masters {172.25.254.100;};

        file "slaves/jinlianglee.org.zone";

};

重启服务：

[root@dns-slave ~]# systemctl restart named

在服务器主配置文件编写添加：

[root@dns-master ~]# vim /etc/named.rfc1912.zones

zone "jinlianglee.org" IN {

        type master;

        file "jinlianglee.org.inter";

        allow-update { none; };

        also-notify{ 172.25.254.200; };

[root@dns-master ~]# vim /var/named/jinlianglee.org.zone

$TTL 1D

@       IN SOA dns.jinlianglee.org. admin.jinlianglee.org. (

                                        2024050802      ; serial

                                        1D      ; refresh

                                        1H      ; retry

                                        1W      ; expire

                                        3H )    ; minimum

                  NS     dns.jinlianglee.org.

dns               A      172.25.254.100

bbs               A      172.25.254.100

login             A      172.25.254.200

jinlianglee.org  MX 3    172.25.254.10.

重启服务：

[root@dns-master ~]# systemctl restart named

测试：

[root@dns-slave ~]# dig bbs.jinlianglee.org

[root@dns-slave ~]# dig login.jinlianglee.org

这篇关于DNS域名解析服务的部署及优化方案的文章就介绍到这儿，希望我们推荐的文章对编程师们有所帮助！

---