DNS2-阿里云开发者社区

DNS2

2017-11-15 1001

版权

本文内容由阿里云实名注册用户自发贡献，版权归原作者所有，阿里云开发者社区不拥有其著作权，亦不承担相应法律责任。具体规则请查看《阿里云开发者社区用户服务协议》和《阿里云开发者社区知识产权保护指引》。如果您发现本社区中有涉嫌抄袭的内容，填写侵权投诉表单进行举报，一经查实，本社区将立刻删除涉嫌侵权内容。

简介：

访问主机用户过多，开启分机减轻负担
主机
zone "taxing.com" IN {
        type master;
        file "taxing.com.zone";
        allow-update { none; };
        allow-transfer {172.25.254.224;};
从机
zone "taxing.com" IN {
        type slave;
        masters {172.25.254.124;};
        file "slaves/taxing.com.zone";
        allow-update { none; };
时时同步
主机
vim /var/namedtaxing.com.zone
$TTL 1D
@       IN SOA dns.taxing.com. root.taxing.com. (
                                        201611261       ; serial        # 最大为十位文件在更新时查看比较的值，不同则更新（rm -rf /var/name/slaves/taxing.com.zone; systemctl restart named）
                                        1D      ; refresh
                                        1H      ; retry
                                        1W      ; expire
                                        3H )    ; minimum
        NS      dns
dns     A       172.25.254.124
www     A       172.25.254.138
~
每次修改ip的时候都要修改serial值

vim /etc/name.rfc1912.zones
zone "taxing.com" IN {
        type master;
        file "taxing.com.zone";
        allow-update { none; };
        allow-transfer {172.25.254.224;};
        also-notify {172.25.254.224;};     ## 修改完通知从机
};
远程控制修改
客户端
setenforce 0
[root@localhost slaves]# nsupdate
> server 172.25.254.124
> update delete www.taxing.com
> update add www.taxing.com 86400 A 172.25.254.138   #86400s 缓存时间
> send
> quit
主机
setenforc 0
vim /etc/named.rfc1912.zones
zone "taxing.com" IN {
        type master;
        file "taxing.com.zone";
        allow-update { 172.25.254.224; };
};
chmod 770 /var/name/
reboot 后会同步更新后的内容，先备份cp -p taxing.com.zone /mnt 重起后再删除taxing.com.zone.jnl 和已经同步了的taxing.com.zone 把备份了的taxing.com.zone 复制回来 cp -p /mnt/taxing.com.zone .
密钥匙认证
主机
dnssec-keygen -a HMAC-MD5 -b 128 -n HOST taxing
cat Ktaxing.+157+22634.key
cat Ktaxing.+157+22634.private
cp -p /etc/rndc.key /etc/taxing.key
vim /etc/taxing.key
key "taxing" {
        algorithm hmac-md5;
        secret "YtJ6Y7kyfL5moClanMIS6Q==";
};

vim /etc/named.rfc1912.zones
zone "taxing.com" IN {
        type master;
        file "taxing.com.zone";
        allow-update { key taxing; };
};

systemctl restart named
scp Ktaxing.+157+22634.* root@172.25.254.224:/mnt/

客户机
[root@localhost mnt]# nsupdate -k Ktaxing.+157+22634.private
> server 172.25.254.124
> update delete www.taxing.com
> send
> quit

花生壳动态dhcp DNS获取
主机
vim /etc/dhcp/dhcpd.conf
# Use this to enble / disable dynamic dns updates globally.
ddns-update-style interim;
subnet 172.25.254.0 netmask 255.255.255.0 {
range 172.25.254.224 172.25.254.242;
option routers 172.25.254.124;
}
key taxing {
        algorithm hmac-md5;
        secret YtJ6Y7kyfL5moClanMIS6Q==;
        };
zone taxing.com.{
        primary 127.0.0.1;
    key taxing;
    }
vim /var/name/taxing.com.zone
                                                            41,1-8        90%
客户端
打开动态获取 dhcp

hostnamectl set-hostname timo.taxing.com

dig timo.taxing.com

gnome-screenshot -a #截图

本文转自 Taxing祥 51CTO博客，原文链接:http://blog.51cto.com/12118369/1878385

DNS2

DNS软件服务

热门文章

最新文章

相关电子书

相关实验场景