DNS----Domain Name System域名系统
工作原理:
作用:
1)将域名, 主机名解析成对应的IP地址 正向解析
2)将IP地址解析成对应的主机名,域名 反向解析
DNS解析方式:
递归
客户端只需要向DNS服务器发送一次请求
迭代
客户端需要发送多次DNS请求
区域zone
正向区域xxx.com
反向区域X.X.X.in-addr.arpa
记录Record
A记录主机记录
www.uplooking.comA192.168.1.1
NS记录标识DNS服务器自身的名称
NSdns1.uplooking.com.
dns1.uplooking.comA192.168.1.2
MX记录标识邮件服务器的名称
MX 10mail.uplooking.com.
mail.uplooking.com.A192.168.1.3
CNAME记录别名记录
m.mail.com.CNAMEmail.uplooking.com.
PTR记录反向指针记录
192.168.1.1PTRwww.uplooking.com.
部署DNS服务器
软件: bind, bind-chroot
伪根/var/named/chroot
/etc/named.conf ------> /var/named/chroot/etc/named.conf
配置文件:
主配置文件/var/named/chroot/etc/named.conf建立区域
记录文件/var/named/chroot/var/named/*
服务: named, named-chroot
端口:
53/udp负责接收客户端DNS请求
53/tcp负责主从服务器数据同步
示例:搭建DNS服务器
web.uplooking.com192.168.1.1网站服务器
ftp.uplooking.com192.168.1.2FTP服务器
mail.uplooking.com192.168.1.3 邮件服务器
准备工作:
关闭SELinux, 防火墙
配置YUM源
1安装软件
[root@localhost ~]# yum install -y bind bind-chroot
2编辑DNS的主配置文件,创建区域uplooking.com
[root@localhost ~]# vim /var/named/chroot/etc/named.conf
options {
directory "/var/named";
};
zone "uplooking.com" {
type master;
file "uplooking.com.zone";
};
区域类型:
hint根域
master 主区域
slave从区域
3复制记录文件的模板,并编辑
[root@localhost ~]# cp /usr/share/doc/bind-9.8.2/sample/var/named/named.localhost /var/named/chroot/var/named/uplooking.com.zone
[root@localhost ~]# vim /var/named/chroot/var/named/uplooking.com.zone
$TTL 1D
@ IN SOA uplooking.com. 454452000.qq.com. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS dns1.uplooking.com.
dns1 A 192.168.122.105
web A 192.168.1.1
ftp A 192.168.1.2
MX 5 mail.uplooking.com.
mail A 192.168.1.3
4启动named服务
[root@dns ~]# systemctl start named-chroot
[root@dns ~]# systemctl start named
[root@dns ~]# systemctl enable named
Created symlink from /etc/systemd/system/multi-user.target.wants/named.service to /usr/lib/systemd/system/named.service.
[root@dns ~]# systemctl enable named-chroot
Created symlink from /etc/systemd/system/multi-user.target.wants/named-chroot.service to /usr/lib/systemd/system/named-chroot.service.
[root@dns ~]#
[root@dns ~]# ss -antp | grep named
LISTEN 0 10 192.168.122.105:53 *:* users:(("named",pid=2249,fd=21))
[root@dns ~]# ss -anup | grep named
UNCONN 0 0 192.168.122.105:53 *:* users:(("named",pid=2249,fd=513))
5测试
注意:
配置方法如下:
[root@localhost ~]# cat /etc/sysconfig/network-scripts/ifcfg-eth0
# Generated by dracut initrd
NAME="eth0"
ONBOOT=yes
BOOTPROTO=none
TYPE=Ethernet
IPADDR=192.168.122.121
NETMASK=255.255.255.0
GATEWAY=192.168.122.1
DNS1=192.168.122.105
[root@localhost ~]# cat /etc/resolv.conf
# Generated by NetworkManager
nameserver 192.168.122.105
[root@localhost ~]#
测试工具:
1) nslookup
[root@localhost ~]# nslookup
> server
Default server: 192.168.122.105
Address: 192.168.122.105#53
>
> web.uplooking.com
Server:192.168.122.105
Address:192.168.122.105#53
Name:web.uplooking.com
Address: 192.168.1.1
>
> ftp.uplooking.com
Server:192.168.122.105
Address:192.168.122.105#53
Name:ftp.uplooking.com
Address: 192.168.1.2
>
> mail.uplooking.com
Server:192.168.122.105
Address:192.168.122.105#53
Name:mail.uplooking.com
Address: 192.168.1.3
> exit
2) dig
# dig -t <TYPE> <host>
[root@localhost ~]# dig -t A web.uplooking.com
; <<>> DiG 9.9.4-RedHat-9.9.4-29.el7 <<>> -t A web.uplooking.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 39100
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;web.uplooking.com.INA
;; ANSWER SECTION:
web.uplooking.com.86400INA192.168.1.1
;; AUTHORITY SECTION:
uplooking.com.86400INNSdns1.uplooking.com.
;; ADDITIONAL SECTION:
dns1.uplooking.com.86400INA192.168.122.105
;; Query time: 1 msec
;; SERVER: 192.168.122.105#53(192.168.122.105)
;; WHEN: 三 2月 22 11:45:42 CST 2017
;; MSG SIZE rcvd: 97
利用DNS记录实现负载均衡效果:
webA192.168.1.1
webA192.168.1.4
泛域名记录
uplooking.com. A 192.168.1.1
*.uplooking.com.A192.168.1.1
