首页 > 代码库 > Linux中DDNS配置

Linux中DDNS配置

1、实验拓扑结构

 技术分享

图1 实验拓扑图

2、项目要求

通过系统的搭建,能够为Web Server动态更新DNS信息。

3、项目开展思路(思维导图)

技术分享

图2 DDNS实验思维导图

4、实验步骤

(1) 基础网络搭建

DHCP Server能Ping通DNS Server

技术分享

图3 网络连通测试

(2)在DNS Server上

1)安装DNS服务

[root@lyy 桌面]# yum install bind -y

2)生成密钥

[root@lyy 桌面]# mkdir key

[root@lyy 桌面]# cd key/

[root@lyy key]# dnssec-keygen -a HMAC-MD5 -b 512 -n HOST www

Kwww.+157+55680

[root@lyy key]# ls

Kwww.+157+55680.key  Kwww.+157+55680.private

[root@lyy key]# cat Kwww.+157+55680.key

www. IN KEY 512 3 157 7mThflorkZ+uJGSGK7XmKxYkDxm+nzP49CITZ+njEmQajyAWkk8lTtpw 8AnC+pMP8hXGu2QK5hf4zlaqf4DzSw==

3)配置主配置文件named.conf

将生成的公钥(空格去掉)复制到named.conf中,加入key字段


options {

                                            listen-on port 53 { any; };

                                            directory         "/var/named";

                                            dump-file        "/var/named/data/cache_dump.db";

                                    statistics-file "/var/named/data/named_stats.txt";

                                     memstatistics-file "/var/named/data/named_mem_stats.txt";

                                            allow-query     { any; };

                            };

key www {

                                            algorithm hmac-md5;

secret"7mThflorkZ+uJGSGK7XmKxYkDxm+nzP49CITZ+njEmQajyAWkk8lTtpw8AnC+pMP8hXGu2QK5hf4zlaqf4DzSw==";

};

zone "xh27.com"     IN {

                                            type master;

                                            file "named.xh27.com";

                                            allow-update {

                                            key www;

                                            };

};

zone "0.168.192.in-addr.arpa" IN {

                                            type master;

                                            file "named.192.168.0";

                                            allow-update {

                                            key www;

                                            };

};


4)添加正解文件

[root@lyy 桌面]# cd /var/named/

[root@lyy named]# touch named.xh27.com

[root@lyy named]# gedit named.xh27.com


$TTL 3H

@    IN SOA    master.xh27.com. admin.mail.xh27.com. (

                                      0    ; serial

                                      1D    ; refresh

                                      1H    ; retry

                                      1W    ; expire

                                      3H )    ; minimum

@                 IN     NS        master.xh27.com.

master.xh27.com.        IN    A        192.168.0.253


5)添加反解文件

[root@lyy named]# touch named.192.168.0

[root@lyy named]# gedit named.192.168.0


$TTL 3H

@    IN SOA    master. xh27.com. admin.mail. xh27.com. (

                                      0    ; serial

                                      1D    ; refresh

                                      1H    ; retry

                                      1W    ; expire

                                      3H )    ; minimum

@         IN     NS        master. xh27.com.

253        IN    PTR        master. xh27.com.


6)防火墙开放53端口

[root@lyy named]# iptables -I INPUT -i eth0 -p udp --dport 53 -j ACCEPT

[root@lyy named]# iptables -I INPUT -i eth0 -p tcp --dport 53 -j ACCEPT

7)设置Selinux

[root@lyy named]# setsebool -P named_write_master_zones=1

//允许动态更新文件的写入

8)设置文件夹权限

[root@lyy named]# chmod g+w /var/named

[root@lyy named]# chown named /var/named

9)启动DNS服务

[root@lyy named]# service named start

(3)在DHCP Server上

1)安装DHCP服务

[root@lyy yum.repos.d]# yum install dhcp -y

2)配置DHCP主配置文件

[root@lyy yum.repos.d]# gedit /etc/dhcp/dhcpd.conf


option domain-name "xh27.com";

option domain-name-servers master.xh27.com;

default-lease-time 600;

max-lease-time 7200;

ddns-update-style interim;

key www {

                          algorithm hmac-md5;              secret"7mThflorkZ+uJGSGK7XmKxYkDxm+nzP49CITZ+njEmQajyAWkk8lTtpw8AnC+pMP8hXGu2QK5hf4zlaqf4DzSw==";

}

zone xh27.com {

                          key www;

                          primary 192.168.0.253;

}

zone 0.168.192.in-addr.arpa {

                          key www;

                          primary 192.168.0.253;

}

subnet 192.168.0.0 netmask 255.255.255.0 {

                range 192.168.0.50 192.168.0.150;

               option routers 192.168.0.254;

}


3)设置DNS服务器

[root@lyy yum.repos.d]# gedit /etc/resolv.conf

nameserver 192.168.0.253

4)启动DHCP服务

[root@lyy yum.repos.d]# service dhcpd start

(4)在WEB server上

1)设置主机名

[root@lyy 桌面]# gedit /etc/sysconfig/network

HOSTNAME=www

2)重启网络服务

[root@www 桌面]# service network restart

[root@www 桌面]# ifconfig

技术分享

图4 WEB Server第一次获取IP

5、结果检测

(1)在DHCP Server上

将IP地址分配的范围从50-150,改为151-200,重启DHCP服务器

技术分享

图5 修改分配的IP范围

[root@lyy yum.repos.d]# service dhcpd restart

(2)在WEB Server上

1)重启网络服务

 技术分享

图6 WEB Server第二次获取IP

2)解析www.xh27.com和192.168.0.151

 技术分享

图7 WEB Server解析域名和IP

(3)在DNS Server上

1)查看获取的动态更新文件

[root@lyy 桌面]# ll /var/named/

 技术分享

图 8 DNS查看更新文件

2)查看日志文件

[root@lyy 桌面]# gedit /var/log/messages

 技术分享

图 9 DNS查看日志文件


 

【版权所有,转载请注明原文出处:http://www.cnblogs.com/liaoyuanyang/p/7029234.html 】

Linux中DDNS配置