DNS配置

1.搭建dns服务器能够对自定义的正向或者反向域完成数据解析查询。
2.配置从DNS服务器，对主dns服务器进行数据备份。

正反向解析

[root@localhost ~]# vim /etc/named.conf

options {listen-on port 53 { 192.168.111.130; };directory       "/var/named";allow-query     { any;};zone "openlab.com" IN {type master;file "named.openlab.com";
};zone "111.168.192.in-addr.arpa" IN {type master;file "named.192";allow-update { none; };
};

[root@localhost ~]# vim /var/named/named.openlab.com ------正向资源记录文件

$TTL 1D
@       IN      SOA     @       zym.qq.com.(202410311D1H3H1D
)
@       IN      NS      ns.openlab.com.
ns      IN      A       192.168.111.130www     IN      A       192.168.111.128
ftp     IN      A       192.168.111.131
mail    IN      A       192.168.111.130
wwww    IN      CNAME   www

[root@localhost ~]# vim /var/named/named.192 ------反向资源记录文件

$TTL 1D
@       IN SOA  @ rname.invalid. (0       ; serial1D      ; refresh1H      ; retry1W      ; expire3H )    ; minimumNS      ns.openlab.com.
130     PTR     ns.openlab.com
128     PTR     www.openlab.com
131     PTR     ftp.openlab.com

[root@localhost ~]# systemctl stop firewalld
[root@localhost ~]# setenforce 0
[root@localhost ~]# systemctl restart named

验证

server 192.168.111.130 ----------指定要查询的结果是通过那个DNS服务器去查询

主从服务器

1.完全区域传送

主服务器配置：添加 allow-transfer { 192.168.111.128; };，其他不变。

主服务器

[root@localhost ~]# vim /etc/named.conf

options {listen-on port 53 { 192.168.111.130; };directory       "/var/named";allow-query     { any;};allow-transfer  { 192.168.111.128; };  ----------------添加
};
zone "openlab.com" IN {type master;file "named.openlab.com";
};zone "111.168.192.in-addr.arpa" IN {type master;file "named.192";allow-update { none; };
};

[root@localhost ~]# vim /var/named/named.openlab.com ------正向

$TTL 1D
@       IN      SOA     @       zym.qq.com.(202410311D1H3H1D
)
@       IN      NS      ns.openlab.com.
ns      IN      A       192.168.111.130www     IN      A       192.168.111.128
ftp     IN      A       192.168.111.131
mail    IN      A       192.168.111.130
wwww    IN      CNAME   www

[root@localhost ~]# vim /var/named/named.192 ------反向

$TTL 1D
@       IN SOA  @ rname.invalid. (0       ; serial1D      ; refresh1H      ; retry1W      ; expire3H )    ; minimumNS      ns.openlab.com.
130     PTR     ns.openlab.com
128     PTR     www.openlab.com
131     PTR     ftp.openlab.com

[root@localhost ~]# systemctl stop firewalld
[root@localhost ~]# setenforce 0
[root@localhost ~]# systemctl restart named

注：如果资源记录文件是通过/var/named/named.localhost模版拷贝修改

• 方法一：cp -a /var/named/named.localhost /var/named/named.xxxx
• 方法二：cp /var/named/named.localhost /var/named/named.xxxx
  chmod o+r /var/named/named.xxxx
  或者 chown .named /var/named/named.xxxx

从服务器

修改两处

[root@localhost ~]# mount /dev/sr0 /mnt
mount: /mnt: /dev/sr0 already mounted on /mnt.
[root@localhost ~]# systemctl disable firewalld
[root@localhost ~]# setenforce 0
[root@localhost ~]# dnf  install bind 

[root@localhost ~]# vim /etc/named.conf
[root@localhost ~]# cat /etc/named.conf
options {listen-on port 53 { 192.168.111.128; };directory       "/var/named/slaves"; ------可以修改为/var/named/slavesallow-query     { any;};
};
zone "openlab.com" IN {type slave;  ----------------------------修改file "named.openlab.com";masters { 192.168.111.130; };  ----------------添加
};zone "111.168.192.in-addr.arpa" IN {type slave;   ---------------------------修改file "named.192";masters { 192.168.111.130; };  ----------------添加};

测试结果，重启从服务器主机后，在/var/named/slaves目录下可以看到正反向的资源记录文件

[root@localhost ~]# ls -l /var/named/slaves/  -----此时从服务器下没有文件
total 0[root@localhost ~]# systemctl restart named -----从服务器重启后，在这个目录下可以看到正反向的资源记录文件
[root@localhost ~]# ls -l /var/named/slaves/
total 8
-rw-r--r--. 1 named named 523 Nov  2 05:26 named.192
-rw-r--r--. 1 named named 396 Nov  2 05:26 named.openlab.com

增量区域传送

主服务器修改四个部分

主服务器

[root@localhost ~]# vim /var/named/named.openlab.com

$TTL 1D
@       IN      SOA     @       zym.qq.com  (20241030001D -------------------------全部修改为11H1H1D )IN      NS      ns.openlab.com.IN      NS      slave.openlab.com.  ---------------------------添加一个域名
ns      IN      A       192.168.111.130
slave   IN      A       192.168.111.128    ---------------------------添加www     IN      A       192.168.111.128
ftp     IN      A       192.168.111.131
mail    IN      A       192.168.111.130
http    IN      A       192.168.111.128  ------------------------------追加
wwww    IN      CNAME   www

[root@localhost ~]# systemctl restart named --------------主服务器重启服务（在监听日志之后操作）

从服务器中监听日志信息，在尾部追加信息

[root@bogon ~]# tail -f /var/log/messages

验证

server 192.168.111.130 ------------------------在从服务器上登主服务器DNS
Default server: 192.168.111.130
Address: 192.168.111.130#53

http.openlab.com -----------------------------------http为新添加的
Server: 192.168.111.130
Address: 192.168.111.130#53

Name: http.openlab.com
Address: 192.168.111.130

转发服务器（扩展）

#vim /etc/named.conf

options {

​ listen-on port 53 { 192.168.111.132; }; ---------------再开一台132的主机，但不提供域名解析

​ forwarders { 192.168.111.130; }; ----------真正提供域名解析的是130

​ forward only;

};