首页 > 代码库 > DNS服务配置及拓展(2)

DNS服务配置及拓展(2)

  1. 辅助DNS:

    1. 主dns操作:

      vim /etc/named.rfc1912.zones

      技术分享

      systemctl restart named 

    2. 辅助dns操作:

    3. yum install bind -y            安装服务

    4.  vim /etc/named.conf            修改配置文件

    5. options {

    6.         listen-on port 53 { any; };

    7.         listen-on-v6 port 53 { ::1; };

    8.         directory       "/var/named";

    9.         dump-file       "/var/named/data/cache_dump.db";

    10.         statistics-file "/var/named/data/named_stats.txt";

    11.         memstatistics-file "/var/named/data/named_mem_stats.txt";

    12.         allow-query     { any; };

    13. dnssec-validation no;            同主机一致

      vim /etc/named.rfc1912.zones

      技术分享

      systemctl restart named

2.DNS修改同步:

    主dns操作:

        vim /etc/named.rfc1912.zones

    

                    zone "asd.com" IN {

                        type master;

                        file "westos.com.zone";

                        allow-update { none; };

                        allow-transfer { 172.25.254.100; };

                        also-notify { 172.25.254.100; }

                };

           vim /var/named/westos.com.zone

        

$TTL 1D

@       IN SOA  dns.westos.com. root.westos.com. (

                                 01      ;serial 

                                 1D      ; refresh

                                 1H      ; retry

                                 1W      ; expire

                                 3H )    ; minimum

          NS      dns.westos.com.

dns         A       172.25.254.100

www         A         172.25.254.101                         

 

systemctl restart named

    辅助dns操作:

        systemctl stop firewalld.service





3.DNS远程更新

    服务器端操作:

     setenforce 0

     chmod 770 /var/named/

     vim /etc/named.rfc1912.zones 

          zone "asd.com" IN {

              type master;

              file "westos.com.zone";

              allow-update { 172.25.254.200; };                    

            };

     

发送端操作:

技术分享

 

    注:当完成> server 172.25.254.100                          

    > update delete www.asd.com                             

    > send

    后主机端的/var/named/会出一个westos.com.zone.jnl

    systemctl retsart named 后 该文件会覆盖原本的westos.com.zone,所以建议提前备份

     




4.DNS远程更新(密钥登录)

    主机:

     dnssec-keygen -a HMAC-MD5 -b 100 -n HOST westos  (-a 加密类型 -b加密字节 -n 加密用途)

获得公钥和私钥

 

 cp -p /etc/rndc.key /etc/westos.key        复制模版

 vim /etc/westos.key                  编写内容

key "westos" {                            加密名称

        algorithm hmac-md5;               格式

        secret "/pLHdCuATXkKuZNjGQ==";         密码

};

 

 vim /etc/named.conf

技术分享

 vim /etc/named.rfc1912.zones                     修改配置文件

技术分享

 

 scp Kwestos.+157+64442.* root@172.25.254.200:/mnt       远程发送密码给用户以更新dnsderen

 

systemctl restart named                        重启服务

 

发送端:

技术分享




 

5.DDNS(花生壳)动态DNS获取

 yum install dhcp  -y                       安装dhcp

 cp /usr/share/doc/dhcp-4.2.5/dhcpd.conf.example  /etc/dhcp/dhcpd.conf        复制模版

 vim /etc/dhcp/dhcpd.conf                  配置文件

 6 # option definitions common to all supported networks...

 7 option domain-name "westos.com";                                域名

 8 option domain-name-servers 172.25.254.100;    dns ip

技术分享

技术分享

 

 vim /var/named/westos.com.zone               复原该文件

 

 systemctl restart named

 systemctl restart dhcpd                 重启服务

 

客户端:

更改ip获取方式为dhcp

hostnamectl set-hostname  slave.westos.com     更改主机名(必须属于asd域)

systemctl restart network                                          







本文出自 “12110289” 博客,谢绝转载!

DNS服务配置及拓展(2)