dns服务搭建

2022-01-29 20:50:50 浏览数 (1)
环境

centos7

预计结果

dns服务器: 10.122.1.84

允许请求的范围: 10.122.0.0/16

搭建dns服务

安装服务

代码语言:shell复制
   yum -y install bind
   yum -y install bind-utils

编辑配置文件

代码语言:text复制
   vim /etc/named.conf

   options {

       listen-on port 53 { 10.122.1.84; };		
       //listen-on-v6 port 53 { 10.122.1.84; };
       directory       "/var/named";			# 地址文件位置
       dump-file       "/var/named/data/cache_dump.db";
       statistics-file "/var/named/data/named_stats.txt";
       memstatistics-file "/var/named/data/named_mem_stats.txt";
       recursing-file  "/var/named/data/named.recursing";
       secroots-file   "/var/named/data/named.secroots";
       allow-query     { 10.122.0.0/16; };
   .......

   .......

   include "/etc/named.rfc1912.zones";

   include "/etc/named.root.key";

named-checkconf 确认配置文件语法

要做某些网站指定的话, 新增配置文件并在/etc/named.rfc1912.zones 中导入,也可以不做

代码语言:shell复制
   vim /etc/named.rfc1912.zones 	# 由于主配置文件中对/etc/named.rfc1912.zones进行了include, 所以可以在这里进行额外配置, 也可以在新配置文件内进行编辑然后在主配置文件include

   zone "hello.com" IN{					# 正向配置
       type master;
       file "hello.com.zone";
       allow-update{none;};
   };

   zone "1.122.10.in-addr.arpa" IN {			# 反向配置
       type master;
       file "hello.com.local";
       allow-update{none;};
   };

   cd /var/named

   cp -p named.localhost  hello.com.zone

   vim hello.com.zone

   $TTL 1D

   @       IN SOA  @ rname.invalid. (
                                       0       ; serial
                                       1D      ; refresh
                                       1H      ; retry
                                       1W      ; expire
                                       3H )    ; minimum
       NS      @
       A       10.122.1.85
   www     IN A    10.122.1.85				# 将www.hello.com指向10.122.1.85
   ftp     IN A    10.122.1.85				# 将ftp.hello.com指向10.122.1.85
       AAAA    ::1

   cp -p hello.com.zone hello.com.local

   vim hello.com.local

   $TTL 1D

   @       IN SOA  @ rname.invalid. (
                                       0       ; serial
                                       1D      ; refresh
                                       1H      ; retry
                                       1W      ; expire
                                       3H )    ; minimum
       NS      @
       A       10.122.1.84
   85      IN PTR  www.hello.com						# 将10.122.1.85指向www.hello.com
       AAAA    ::1
   systemctl restart named
  1. 客户机测试
  2. 修改/etc/resolv.conf做临时测试
  3. 测试正向与反向dns
代码语言:shell复制
  root@ansible ~# nslookup  10.122.1.85

  85.1.122.10.in-addr.arpa	name = www.hello.com.1.122.10.in-addr.arpa.

  root@ansible ~# nslookup www.hello.com

  Server:		10.122.1.84

  Address:	10.122.1.84#53

  Name:	www.hello.com

  Address: 10.122.1.85

利用ansible批量修改网卡配置使dns完成生效

代码语言:shell复制
  ansible all -m lineinfile -a 'path=/etc/sysconfig/network-scripts/ifcfg-ens192 regexp=^DNS1 line="DNS1=10.122.1.84"'

  ansible all -m shell -a 'systemctl restart network'
dns 腾讯云测试服务

0 人点赞