首页 > 代码库 > DNS&BIND——动态更新的DNS主从复制
DNS&BIND——动态更新的DNS主从复制
本文配置的正向解析的主从服务,反向同理,不赘述了....
从服务器应该是一台独立的名称服务器(首先要成为缓存服务器)
主动通知的必要条件(i或ii,满足其一即可)
主服务器的区域解析库文件中,必须有一条NS记录是指向从服务器(主动通知)
master:
vim /etc/named.rfc1912.zones
also-notify {slave_ip;};
从服务器只需要定义区域.而无需提供解析库文件;
解析库文件自动同步至/var/named/slaves目录中
主服务器得允许从服务器作区域传送主从服务器时间应该同步,ntpbind程序版本应该保持一致(否则,slave高于master)
master&slave
缓存服务器的配置
vim /etc/named.conf
11 listen-on port 53 { any; };
17 allow-query { any; };
33 dnssec-validation no;
master(172.25.254.11)
vim /etc/named.rfc1912.zones
zone "lalala.com" IN {
type master;
file "lalala.com.zone";
allow-update { none; };
also-notify {172.25.254.10;}; #如果文件改变通知salve
};
slave(172.25.254.10)
vim /etc/named.rfc1912.zones
zone "lalala.com" IN {
type slave;
masters {172.25.254.11;};
file "slaves/lalala.com.zone";
};
dig -t axfr lalala.com @172.25.254.11
dig -t axfr 254.25.172.in-addr.arpa @172.25.254.11
检测是否可以全量同步
[root@desktop ~]# dig -t axfr lalala.com
; <<>> DiG 9.9.4-RedHat-9.9.4-14.el7 <<>> -t axfr lalala.com
;; global options: +cmd
lalala.com. 86400 IN SOA ns1.lalala.com. admin.lalala.com.lalala.com. 20160609 86400 3600 604800 10800
lalala.com. 86400 IN A 172.25.254.100
lalala.com. 86400 IN NS ns1.lalala.com.
lalala.com. 86400 IN NS ns2.lalala.com.
lalala.com. 86400 IN MX 10 mx1.lalala.com.
lalala.com. 86400 IN MX 20 mx2.lalala.com.
*.lalala.com. 86400 IN A 172.25.254.100
ftp.lalala.com. 86400 IN CNAME www.lalala.com.
mx1.lalala.com. 86400 IN A 172.25.254.13
mx2.lalala.com. 86400 IN A 172.25.254.14
ns1.lalala.com. 86400 IN A 172.25.254.11
ns2.lalala.com. 86400 IN A 172.25.254.10
www.lalala.com. 86400 IN A 172.25.254.11
www.lalala.com. 86400 IN A 172.25.254.12
lalala.com. 86400 IN SOA ns1.lalala.com. admin.lalala.com.lalala.com. 20160609 86400 3600 604800 10800
;; Query time: 1 msec
;; SERVER: 172.25.254.11#53(172.25.254.11)
;; WHEN: Sat Jun 10 05:26:06 EDT 2017
;; XFR size: 15 records (messages 1, bytes 345)
分析日志
1.全量传送
master
Jun 10 05:53:45 server named[1859]: client 172.25.254.10#53447 (lalala.com): transfer of ‘lalala.com/IN‘: AXFR started
Jun 10 05:53:45 server named[1859]: client 172.25.254.10#53447 (lalala.com): transfer of ‘lalala.com/IN‘: AXFR ended
slave
Jun 10 05:53:45 desktop systemd: Started Berkeley Internet Name Domain (DNS).
Jun 10 05:53:45 desktop named[3138]: zone lalala.com/IN: Transfer started.
Jun 10 05:53:45 desktop named[3138]: transfer of ‘lalala.com/IN‘ from 172.25.254.11#53: connected using 172.25.254.10#53447
Jun 10 05:53:45 desktop named[3138]: zone lalala.com/IN: transferred serial 2016060903
Jun 10 05:53:45 desktop named[3138]: transfer of ‘lalala.com/IN‘ from 172.25.254.11#53: Transfer completed: 1 messages, 16 records, 363 bytes, 0.001 secs (363000 bytes/sec)
Jun 10 05:53:45 desktop named[3138]: zone lalala.com/IN: sending notifies (serial 2016060903)
2.增量传送
master
Jun 10 06:08:56 server named[1859]: client 172.25.254.10#49088 (lalala.com): transfer of ‘lalala.com/IN‘: AXFR-style IXFR started
Jun 10 06:08:56 server named[1859]: client 172.25.254.10#49088 (lalala.com): transfer of ‘lalala.com/IN‘: AXFR-style IXFR ended
slave
Jun 10 06:08:56 desktop named[3138]: client 172.25.254.11#37149: received notify for zone ‘lalala.com‘
Jun 10 06:08:56 desktop named[3138]: zone lalala.com/IN: Transfer started.
Jun 10 06:08:56 desktop named[3138]: transfer of ‘lalala.com/IN‘ from 172.25.254.11#53: connected using 172.25.254.10#49088
Jun 10 06:08:56 desktop named[3138]: zone lalala.com/IN: transferred serial 2016060904
Jun 10 06:08:56 desktop named[3138]: transfer of ‘lalala.com/IN‘ from 172.25.254.11#53: Transfer completed: 1 messages, 16 records, 363 bytes, 0.003 secs (121000 bytes/sec)
Jun 10 06:08:56 desktop named[3138]: zone lalala.com/IN: sending notifies (serial 2016060904)
本文出自 “12049878” 博客,谢绝转载!
DNS&BIND——动态更新的DNS主从复制
声明:以上内容来自用户投稿及互联网公开渠道收集整理发布,本网站不拥有所有权,未作人工编辑处理,也不承担相关法律责任,若内容有误或涉及侵权可进行投诉: 投诉/举报 工作人员会在5个工作日内联系你,一经查实,本站将立刻删除涉嫌侵权内容。