0.架构图
1.本节架构
| 本机 |
IP |
角色 |
| hdss7-11.host.com |
10.4.7.11 |
DNS服务器 |
2.安装bind(在hdss7-11上执行)
yum -y install bind-utils
3.配置/etc/named.conf
13 listen-on port 53 { 10.4.7.11; };
14 listen-on-v6 port 53 { ::1; };
21 allow-query { any; };
22 forwarders { 10.4.7.254; };
36 dnssec-enable no;
37 dnssec-validation no;
4.配置区域配置文件 /etc/named.rfc1912.zones
cat >> /etc/named.rfc1912.zones <<'eof'
zone "host.com" IN {
type master;
file "host.com.zone";
allow-update { 10.4.7.11; };
};
zone "od.com" IN {
type master;
file "od.com.zone";
allow-update { 10.4.7.11; };
};
> eof
5.配置主配置文件
cat > /var/named/host.com.zone << 'EOF'
$ORIGIN host.com.
$TTL 600 ; 10 minutes
@ IN SOA dns.host.com dnsadmin.host.com. (
2020092701 ; serial
10800 ; refresh (3 hours)
900 ; retry (15 minutes)
604800 ; expire (1 week)
86400 ; minimum (1 day)
)
NS dns.host.com.
$TTL 60 ; 1 minute
dns A 10.4.7.11
HDSS7-11 A 10.4.7.11
HDSS7-12 A 10.4.7.12
HDSS7-21 A 10.4.7.21
HDSS7-22 A 10.4.7.22
HDSS7-200 A 10.4.7.200
EOF
6.配置区域数据配置文件
cat > /var/named/od.com.zone <<'eof'
$ORIGIN od.com.
$TTL 600 ; 10 minutes
@ IN SOA dns.od.com dnsadmin.od.com. (
2020092701 ; serial
10800 ; refresh (3 hours)
900 ; retry (15 minutes)
604800 ; expire (1 week)
86400 ; minimum (1 day)
)
NS dns.od.com.
$TTL 60 ; 1 minute
dns A 10.4.7.11
harbor A 10.4.7.200
eof
7.添加权限
chown -R named: /var/named/
8.启动检查bind
named-checkconf
named-checkzone host.com /var/named/host.com.zone
named-checkzone od.com /var/named/od.com.zone
systemctl start named
systemctl enable named
netstat -tulnp | grep 53
dig -t A hdss7-21.host.com @10.4.7.11 +short
9.所有服务器配置指向dns
cat > /etc/resolv.conf <<'eof'
search host.com
nameserver 10.4.7.11
eof
10.验证dns
ping hdss7-11
ping hdss7-11.host.com
11.windows dns指向配置
