• N46期第九周作业

    实验环境:

    • VMware NAT 网络: 10.0.0.0/24, GW: 10.0.0.2
    • CentOS 8.2.2004 - DNS主服务器&DNS反域名解析主服务器&父域主服务器 - 10.0.0.81
    • CentOS 8.2.2004 - DNS从服务器 - 10.0.0.82
    • CentOS 6.0 - DNS客户端 - 10.0.0.61
    • CentOS 7.2003 - DNS子域 - 10.0.0.71
    • CentOS 7.2003 - www.magedu.org - 10.0.0.72
    • 服务器软件: Bind DNS
    • 客户端程序: bind-utils

    1、配置 bind 服务,实现 www.magedu.org 域名解析

    服务器下载bind dns程序

    dnf -y install bind

    客户端下载bind-utilis

    yum -y install bind-utils

    编辑网卡文件修改客户端DNS服务器地址

    DNS1=10.0.0.81

    服务端开启DNS服务并设置开启自启

    systemctl enable --now named

    修改DNS服务端监听地址,使其工作在服务端所有网卡上

    vim /etc/named.conf
    options {
        listen-on port 53 { localhost; };

    修改DNS服务器查询权限

    allow-query { localhost;10.0.0.0/24; } 允许本机和10网段主机查询DNS

    检查DNS配置文件语法格式

    named-checkconf

    重新加载服务器DNS配置文件

    rndc reload

    为magedu.org创建区域数据库文件

    cd /var/named

    vim magedu.org.zone
    $TTL 86400
@               IN      SOA     master admin ( 20200723 1D 1H 3D 1H )
                        NS      master
master                  A       10.0.0.81
www                     A       10.0.0.72

    修改数据库文件权限

    chgrp named magedu.org.zone 
    chmod o-r magedu.org.zone

    关联区域数据库文件与DNS服务器

    vim /etc/named.rfc1912.zones 
zone "magedu.org" IN {
        type master;
        file "magedu.org.zone";
}

    检查区域数据库文件语法格式

    named-checkzone magedu.org /var/named/magedu.org.zone

    重新加载DNS服务

    rndc reload

    验证客户端可以通过10.0.0.81DNS主服务器对www.magedu.org实现域名解析

    [13:07:29 root@centos6-1 ~]#dig www.magedu.org

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.68.rc1.el6_10.7 <<>> www.magedu.org
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 34909
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1

;; QUESTION SECTION:
;www.magedu.org.      IN  A

;; ANSWER SECTION:
www.magedu.org.   86400   IN  A   10.0.0.72

;; AUTHORITY SECTION:
magedu.org.   86400   IN  NS  master.magedu.org.

;; ADDITIONAL SECTION:
master.magedu.org. 86400  IN  A   10.0.0.81

;; Query time: 2 msec
;; SERVER: 10.0.0.81#53(10.0.0.81)
;; WHEN: Mon Jul 27 13:16:20 2020
;; MSG SIZE  rcvd: 91

    2、配置 bind 服务,实现域名反向解析

    主服务器DNS配置文件和上一步一致, ip=10.0.0.81

    反向域名为:"0.0.10.in-addr.arpa"

    关联反向区域数据库文件与反向DNS主服务器

    vim /etc/named.rfc1912.zones 
zone "0.0.10.in-addr.arpa" IN {
        type master;
        file "10.0.0.zone";
};

    编辑反向解析库文件

    cd /var/named
    cp -p named.loopback 10.0.0.zone
    vim 10.0.0.zone 
    $TTL 1D
@       IN SOA  ns1 admin.magedu.org. (
                                        0       ; serial
                                        1D      ; refresh
                                        1H      ; retry
                                        1W      ; expire
                                        3H )    ; minimum
        NS      ns1.magedu.org.
100     PTR     www.magedu.org.
200     PTR     app.wange.org.

    检查反向解析库语法格式

    named-checkzone 10.0.0.100 10.0.0.zone

    验证结果,从Centos 6客户端

     

    [23:49:44 root@centos6-1 ~]#dig -t ptr 100.0.0.10.in-addr.arpa. @10.0.0.81

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.68.rc1.el6_10.7 <<>> -t ptr 100.0.0.10.in-addr.arpa. @10
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 10962
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;100.0.0.10.in-addr.arpa.   IN  PTR

;; ANSWER SECTION:
100.0.0.10.in-addr.arpa. 86400  IN  PTR www.magedu.org.

;; AUTHORITY SECTION:
0.0.10.in-addr.arpa.    86400   IN  NS  ns1.magedu.org.

;; Query time: 2 msec
;; SERVER: 10.0.0.81#53(10.0.0.81)
;; WHEN: Mon Jul 27 23:50:08 2020
;; MSG SIZE  rcvd: 87

     

    3、配置 bind 服务,实现主从 DNS 服务配置:

    从节点服务器安装软件, 服务设置开机启动

    dny -y install bind;systemctl enable --now named

    修改从节点DNS配置文件/etc/named.conf

    //      listen-on port 53 { 127.0.0.1; }; # 直接注释掉
        listen-on-v6 port 53 { ::1; };
        directory       "/var/named";
        dump-file       "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
        memstatistics-file "/var/named/data/named_mem_stats.txt";
        secroots-file   "/var/named/data/named.secroots";
        recursing-file  "/var/named/data/named.recursing";
//      allow-query     { localhost; }; # 直接注释掉

    关联从节点区域数据库文件,配置/etc/named.rfc1912.zones

    vim /etc/named.rfc1912.zones 
zone "magedu.org" {  
        type slave;                   
        masters { 10.0.0.81; }; 
        file "slaves/magedu.org.zone.slave";

    检查DNS配置文件格式语法, 重新加载DNS配置文件

    named-checkconf
    rndc reload

    验证主服务器区域数据库已经同步到从服务器

    [17:07:17 root@centos-8-2-2004-2 ~]#ll /var/named/slaves/
magedu.org.zone.slave

    验证从节点和主节点冗余成功

    在客户端Centos 6, 10.0.0.61配置两个DNS地址,一个指向主节点,一个指向从节点

    [16:37:23 root@centos6-1 ~]#vim /etc/sysconfig/network-scripts/ifcfg-eth0 
DNS1=10.0.0.81
DNS2=10.0.0.82

    重启网络服务,验证DNS地址修改成功

    [17:25:42 root@centos6-1 ~]#cat /etc/resolv.conf
; generated by /sbin/dhclient-script
search localdomain linux
nameserver 10.0.0.81
nameserver 10.0.0.82

    将主节点10.0.0.81停止DNS服务,验证客户端Centos6 10.0.0.61依然能从从节点解析域名

     

    [13:50:37 root@centos-8-2-2004-1 ~]#rndc stop
[17:28:23 root@centos-8-2-2004-1 ~]#ss -ntl
State      Recv-Q      Send-Q           Local Address:Port           Peer Address:Port     
LISTEN     0           128                    0.0.0.0:22                  0.0.0.0:*        
LISTEN     0           128                       [::]:22                     [::]:* 

[17:26:31 root@centos6-1 ~]#host magedu.org
www.magedu.org has address 10.0.0.72
[17:29:33 root@centos6-1 ~]#nslookup www.magedu.org
Server:     10.0.0.82
Address:    10.0.0.82#53

Name:   magedu.org
Address: 10.0.0.72

[17:29:40 root@centos6-1 ~]#dig www.magedu.org

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.68.rc1.el6_10.7 <<>> www.magedu.org
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 63158
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1

;; QUESTION SECTION:
;www.magedu.org.      IN  A

;; ANSWER SECTION:
www.magedu.org.   86400   IN  A   10.0.0.72

;; AUTHORITY SECTION:
magedu.org.   86400   IN  NS  master.magedu.org.

;; ADDITIONAL SECTION:
master.magedu.org. 86400  IN  A   10.0.0.81

;; Query time: 6 msec
;; SERVER: 10.0.0.82#53(10.0.0.82)
;; WHEN: Mon Jul 27 17:30:10 2020
;; MSG SIZE  rcvd: 91

    到此,已经完成DNS冗余的实现,当主节点DNS服务宕机,客户端依旧可通过从节点进行DNS解析

    接下来要实现主从数据保持同步

    先将上一步关闭的DNS服务启动, Centos 8 10.0.0.81

    systemctl start named

    在主服务器区域数据库文件:添加新的DNS记录,添加从节点记录,修改主节点区域数据库版本号, 只要比从节点大就行

    [17:40:28 root@centos-8-2-2004-1 ~]#vim /var/named/magedu.org.zone 
$TTL 86400
@               IN      SOA     master admin ( 20200727 1D 1H 3D 1H )
                        NS      master
master                  A       10.0.0.81
www                     A       10.0.0.72
db                      A       10.0.0.62
k8s                     A       10.0.0.1  #新增局域网服务器信息
    slave1                  A       10.0.0.82  #添加从服务器信息

    加载主DNS服务器配置文件

    rndc reload

    在从服务器验证信息是否同步

    [18:08:44 root@centos-8-2-2004-2 ~]#ll /var/named/slaves/magedu.org.zone.slave 
-rw-r--r-- 1 named named 344 Jul 27 17:06 /var/named/slaves/magedu.org.zone.slave
[18:08:46 root@centos-8-2-2004-2 ~]#ll /var/named/slaves/magedu.org.zone.slave 
-rw-r--r-- 1 named named 470 Jul 27 18:09 /var/named/slaves/magedu.org.zone.slave
#可以看出从服务器区域数据库文件大小发生变化
#验证客户端可以从slave服务器获取新增的k8s.magedu.org.域名地址
[18:41:50 root@centos6-1 ~]#dig dig k8s.magedu.org @10.0.0.82

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.68.rc1.el6_10.7 <<>> dig k8s.magedu.org @10.0.0.82
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 27294
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;dig.               IN  A

;; AUTHORITY SECTION:
.           10800   IN  SOA a.root-servers.net. nstld.verisign-grs.com. 2020072700 1800 900 604800 86400

;; Query time: 552 msec
;; SERVER: 10.0.0.81#53(10.0.0.81)
;; WHEN: Mon Jul 27 19:09:24 2020
;; MSG SIZE  rcvd: 96

;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 14013
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2

;; QUESTION SECTION:
;k8s.magedu.org.      IN  A

;; ANSWER SECTION:
k8s.magedu.org.   86400   IN  A   10.0.0.1

;; AUTHORITY SECTION:
magedu.org.   86400   IN  NS  master.magedu.org.
magedu.org.   86400   IN  NS  slave1.magedu.org.

;; ADDITIONAL SECTION:
master.magedu.org. 86400  IN  A   10.0.0.81
slave1.magedu.org. 86400  IN  A   10.0.0.82

;; Query time: 7 msec
;; SERVER: 10.0.0.82#53(10.0.0.82)
;; WHEN: Mon Jul 27 19:09:24 2020
;; MSG SIZE  rcvd: 128
#由结果可见, 客户端已经从slave服务器拿到了k8s.magedu.org.的域名ip地址

    4、 配置 bind 服务,实现子域服务器:

    10.0.0.71搭建子域DNS服务器

    yum -y install bind 

    修改DNS配置文件

    // listen-on port 53 { 127.0.0.1; };

    // allow-query         { localhost; };

    关联区域数据库文件

    vim /etc/named/rfc.1912.zones

    zone "sydney.magedu.org" {

      type master;

      file "sydney.magedu.org.zone";

    };

    创建区域数据库文件

    cp -p /var/named/named.localhost /var/named/sydney.magedu.org.zone

    vim /var/named/sydney.magedu.org.zone

    $TTL 1D

    @        IN     SOA  master  admin.magedu.org. (

                                            0       ; serial
                                        1D      ; refresh
                                        1H      ; retry
                                        1W      ; expire
                                        3H )    ; minimum
                       NS master
    master     A   10.0.0.71
    websrv     A   10.0.0.72 
    www      CNAME  websrv

    开启DNS服务

    systemctl start named

    客户端测试web服务器

    dig www.sydney.magedu.org
  • 相关阅读:
    hadoop2.2编程:MRUnit测试
    TestLinkConverter编程纪要
    Redisson的分布式锁的简单实现
    Jmeter工具使用
    JVM的学习(三)
    Mybatis需要注意的地方及知识点
    JVM学习二(JAVA的四种引用)
    mysql的引擎
    JVM学习一(JVM的内存结构和垃圾回收)
    JDk1.8HashMap的源码分析
  • 原文地址:https://www.cnblogs.com/davidwang1970/p/13403275.html
Copyright © 2020-2023  润新知