实验准备
#关闭火墙
systemctl disable --now firewalld.service
#清空防火墙
iptables -vnL
iptables -F
#关闭selinux
[root@root ~]# vim /etc/selinux/config
SELINUX=disabled
[root@root ~]# reboot
客户机配置(10.0.0.151)
#DNS地址指向DNS服务器
[09:14:42 root@client~]# vim /etc/sysconfig/network-scripts/ifcfg-ens33
TYPE=Ethernet
BOOTPROTO=dhcp
DEFROUTE=yes
NAME=ens33
DEVICE=ens33
IPADDR=10.0.0.151
GATEWAY=10.0.0.2
DNS1=10.0.0.152
ONBOOT=yes
[09:19:23 root@client~]# nmcli connection reload
[09:19:27 root@client~]# nmcli connection down ens33;nmcli connection up ens33
Connection 'ens33' successfully deactivated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/1)
Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/3)
[09:21:08 root@client~]# cat /etc/resolv.conf
# Generated by NetworkManager
search localdomain
nameserver 10.0.0.152
WEB服务配置(10.0.0.158)
[root@www ~]# yum -y install httpd
[root@www ~]# systemctl start httpd
[root@www ~]# curl localhost
Hello M50
实现magedu.com域的主DNS服务器(10.0.0.156)
[root@magedu ~]# yum -y install bind
[root@magedu ~]# vim /etc/named.conf
#注释下面两行
// allow-query { localhost; };
// listen-on port 53 { 127.0.0.1; };
allow-transfer { 10.0.0.157;};
[root@magedu ~]# vim /etc/named.rfc1912.zones
zone "magedu.com" IN {
type master;
file "magedu.com.zone";
};
[root@magedu ~]# cd /var/named/
[root@magedu named]# ls
data dynamic named.ca named.empty named.localhost named.loopback slaves
[root@magedu named]# cp -p named.localhost magedu.com.zone
[root@magedu named]# ll
total 20
drwxrwx---. 2 named named 6 Apr 13 05:30 data
drwxrwx---. 2 named named 6 Apr 13 05:30 dynamic
-rw-r-----. 1 root named 152 Apr 13 05:31 magedu.com.zone
-rw-r-----. 1 root named 2253 Apr 13 05:31 named.ca
-rw-r-----. 1 root named 152 Apr 13 05:31 named.empty
-rw-r-----. 1 root named 152 Apr 13 05:31 named.localhost
-rw-r-----. 1 root named 168 Apr 13 05:31 named.loopback
drwxrwx---. 2 named named 6 Apr 13 05:30 slaves
[root@magedu named]# vim magedu.com.zone
$TTL 1D
@ IN SOA master admin.magedu.org. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS master
NS slave
master A 10.0.0.156
slave A 10.0.0.157
www A 10.0.0.158
[root@magedu named]# systemctl start named
实现magedu.com域的从DNS服务器配置(10.0.0.157)
[root@slave ~]# yum -y install bind
[root@slave ~]# vim /etc/named.conf
// allow-query { localhost; };
// listen-on port 53 { 127.0.0.1; };
[root@slave ~]# vim /etc/named.rfc1912.zones
zone "magedu.com" IN {
type slave;
masters { 10.0.0.156; };
file "slave/magedu.com.slave";
};
[root@slave ~]# systemctl start named
实现com域的主DNS服务器(10.0.0.155)
[root@com ~]# yum -y install bind
[root@com ~]# vim /etc/named.conf
// allow-query { localhost; };
// listen-on port 53 { 127.0.0.1; };
[root@com ~]# vim /etc/named.rfc1912.zones
zone "com" {
type master;
file "com.zone";
};
[root@com ~]# cd /var/named/
[root@com named]# cp -p named.localhost com.zone
[root@com named]# vim com.zone
$TTL 1D
@ IN SOA master admin.magedu.org. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS master
magedu NS mageduns1
magedu NS mageduns2
master A 10.0.0.155
mageduns1 A 10.0.0.156
mageduns2 A 10.0.0.157
[root@com named]# systemctl start named
实现根域的主DNS服务器(10.0.0.154)
[root@root ~]# yum -y install bind
[root@root ~]# vim /etc/named.conf
// allow-query { localhost; };
// listen-on port 53 { 127.0.0.1; };
zone "." IN {
type hint;
//file "named.ca";
file "root.zone";
};
[root@root ~]# vim /var/named/root.zone
$TTL 1D
@ IN SOA master admin.magedu.org. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS master
com NS coms
master A 10.0.0.154
coms A 10.0.0.155
[root@root named]# systemctl start named
实现转发目标的DNS服务器(10.0.0.153)
[root@Forward ~]# yum -y install bind
[root@Forward ~]# vim /etc/named.conf
// listen-on port 53 { 127.0.0.1; };
// allow-query { localhost; };
dnssec-enable no;
dnssec-validation no
[root@Forward ~]# vim /var/named/named.ca
; <<>> DiG 9.11.3-RedHat-9.11.3-3.fc27 <<>> +bufsize=1200 +norec @a.root-servers.net
; (2 servers found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 46900
;; flags: qr aa; QUERY: 1, ANSWER: 13, AUTHORITY: 0, ADDITIONAL: 27
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1472
;; QUESTION SECTION:
;. IN NS
;; ANSWER SECTION:
. 518400 IN NS a.root-servers.net.
;; ADDITIONAL SECTION:
a.root-servers.net. 518400 IN A 10.0.0.154
;; Query time: 24 msec
;; SERVER: 198.41.0.4#53(198.41.0.4)
;; WHEN: Thu Apr 05 15:57:34 CEST 2018
;; MSG SIZE rcvd: 811
[root@Forward ~]# systemctl start named
实现本地只缓存DNS服务器(10.0.0.152)
[root@DNS ~]# yum -y install bind
[root@DNS ~]# vim /etc/named.conf
// listen-on port 53 { 127.0.0.1; };
// allow-query { localhost; };
forward only;
forwarders { 10.0.0.18;};
dnssec-enable no;
dnssec-validation no;
[root@DNS ~]# systemctl start named
客户机访问WEB服务
[16:46:50 root@client~]# curl www.magedu.com
Hello M50
[19:35:42 root@client~]# dig www.magedu.com @10.0.0.157
; <<>> DiG 9.11.36-RedHat-9.11.36-3.el8 <<>> www.magedu.com @10.0.0.157
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 52131
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 3
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
; COOKIE: da80db3792349a773cbf9c2f62f4e994c042bd5f4236718e (good)
;; QUESTION SECTION:
;www.magedu.com. IN A
;; ANSWER SECTION:
www.magedu.com. 86400 IN A 10.0.0.158
;; AUTHORITY SECTION:
magedu.com. 86400 IN NS slave.magedu.com.
magedu.com. 86400 IN NS master.magedu.com.
;; ADDITIONAL SECTION:
master.magedu.com. 86400 IN A 10.0.0.156
slave.magedu.com. 86400 IN A 10.0.0.157
;; Query time: 0 msec
;; SERVER: 10.0.0.157#53(10.0.0.157)
;; WHEN: Thu Aug 11 19:35:48 CST 2022
;; MSG SIZE rcvd: 160
[19:35:48 root@client~]# dig www.magedu.com @10.0.0.156
; <<>> DiG 9.11.36-RedHat-9.11.36-3.el8 <<>> www.magedu.com @10.0.0.156
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 27778
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 3
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
; COOKIE: 979f7a7bfaf22c7e0870427d62f4e9a1be0a435c21e79335 (good)
;; QUESTION SECTION:
;www.magedu.com. IN A
;; ANSWER SECTION:
www.magedu.com. 86400 IN A 10.0.0.158
;; AUTHORITY SECTION:
magedu.com. 86400 IN NS master.magedu.com.
magedu.com. 86400 IN NS slave.magedu.com.
;; ADDITIONAL SECTION:
master.magedu.com. 86400 IN A 10.0.0.156
slave.magedu.com. 86400 IN A 10.0.0.157
;; Query time: 1 msec
;; SERVER: 10.0.0.156#53(10.0.0.156)
;; WHEN: Thu Aug 11 19:36:01 CST 2022
;; MSG SIZE rcvd: 160
[19:36:14 root@client~]# dig www.magedu.com @10.0.0.155
; <<>> DiG 9.11.36-RedHat-9.11.36-3.el8 <<>> www.magedu.com @10.0.0.155
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 15158
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 3
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
; COOKIE: 8f13fcd4a47d01427c94732662f4e9b188f60e9b087aea63 (good)
;; QUESTION SECTION:
;www.magedu.com. IN A
;; ANSWER SECTION:
www.magedu.com. 75188 IN A 10.0.0.158
;; AUTHORITY SECTION:
magedu.com. 86400 IN NS mageduns1.com.
magedu.com. 86400 IN NS mageduns2.com.
;; ADDITIONAL SECTION:
mageduns1.com. 86400 IN A 10.0.0.156
mageduns2.com. 86400 IN A 10.0.0.157
;; Query time: 2 msec
;; SERVER: 10.0.0.155#53(10.0.0.155)
;; WHEN: Thu Aug 11 19:36:17 CST 2022
;; MSG SIZE rcvd: 167
[19:36:17 root@client~]# dig www.magedu.com @10.0.0.154
; <<>> DiG 9.11.36-RedHat-9.11.36-3.el8 <<>> www.magedu.com @10.0.0.154
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 60849
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 3
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
; COOKIE: 005fc9f5cff2e329131aaf9f62f4e9c24f6aaf34c3729523 (good)
;; QUESTION SECTION:
;www.magedu.com. IN A
;; ANSWER SECTION:
www.magedu.com. 75812 IN A 10.0.0.158
;; AUTHORITY SECTION:
magedu.com. 75812 IN NS mageduns1.com.
magedu.com. 75812 IN NS mageduns2.com.
;; ADDITIONAL SECTION:
mageduns2.com. 75812 IN A 10.0.0.157
mageduns1.com. 75812 IN A 10.0.0.156
;; Query time: 1 msec
;; SERVER: 10.0.0.154#53(10.0.0.154)
;; WHEN: Thu Aug 11 19:36:34 CST 2022
;; MSG SIZE rcvd: 167
[19:36:50 root@client~]# dig www.magedu.com @10.0.0.153
; <<>> DiG 9.11.36-RedHat-9.11.36-3.el8 <<>> www.magedu.com @10.0.0.153
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 19308
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 3
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
; COOKIE: 7cbedfb1529f355ad7d8603d62f4e9d5c4162857b0d88e3a (good)
;; QUESTION SECTION:
;www.magedu.com. IN A
;; ANSWER SECTION:
www.magedu.com. 86400 IN A 10.0.0.158
;; AUTHORITY SECTION:
magedu.com. 86400 IN NS mageduns2.com.
magedu.com. 86400 IN NS mageduns1.com.
;; ADDITIONAL SECTION:
mageduns1.com. 86400 IN A 10.0.0.156
mageduns2.com. 86400 IN A 10.0.0.157
;; Query time: 5 msec
;; SERVER: 10.0.0.153#53(10.0.0.153)
;; WHEN: Thu Aug 11 19:36:53 CST 2022
;; MSG SIZE rcvd: 167
[19:36:53 root@client~]# dig www.magedu.com @10.0.0.152
; <<>> DiG 9.11.36-RedHat-9.11.36-3.el8 <<>> www.magedu.com @10.0.0.152
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 40879
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
; COOKIE: 830f371b94f60fb3283ddaae62f4e9e2638d1a66a4e2f2fd (good)
;; QUESTION SECTION:
;www.magedu.com. IN A
;; ANSWER SECTION:
www.magedu.com. 86387 IN A 10.0.0.158
;; Query time: 2 msec
;; SERVER: 10.0.0.152#53(10.0.0.152)
;; WHEN: Thu Aug 11 19:37:06 CST 2022
;; MSG SIZE rcvd: 87
