搭建互联网DNS构架

时间:2023-12-10 21:32:20

author:JevonWei

版权声明:原创作品


构建"." DNS、"com" DNS及"danran.com",用户通过"电信运营商"DNS服务器转发到. DNS,然后分派到danran.com DNS上查询www.danran.com,130为120从DNS

拓扑图如下

搭建互联网DNS构架

192.168.198.120主DNS

  1. 安装程序包

    yum -y install named

    systemctl start named

    systemctl enable named

    iptables -F

    setenforce 0

  2. vim /etc/named.conf

    options {

    listen-on port 53 { localhost; };

    allow-query { any; };

  3. vim /etc/named.rfc1912.zones

    zone "danran.com" IN {

    type master;

    file "danran.zone";

    };

  4. vim /var/named/danran.zone

    $TTL 1D

    @ IN SOA ns1.danran.com. dnsadmin.danran.cam. (

    0 ; serial

    1D ; refresh

    1H ; retry

    1W ; expire

    3H ) ; minimum

    NS ns1.danran.com.

    ns1 A 192.168.198.120

    www A 192.168.198.150

  5. chgrp named /var/named/danran.zone

  6. 修改DNS指向的根DNS

    vim /var/named/named.ca \ \将DNS的根DNS指向自定义的192.168.198.100

     .            3600000      NS    A.ROOT-SERVERS.NET.
    A.ROOT-SERVERS.NET. 3600000 A 192.168.198.100
  7. systemctl restart named

192.168.198.130 从DNS

  1. 安装程序包

    yum -y install bind

    systemctl start named

    systemctl enable named

    iptables -F

    setenforce 0

  2. vim /etc/named.conf

    options {

    listen-on port 53 { localhost; };

    allow-query { any; };;

    }

  3. vim /etc/named.rfc1912.zones

    从DNS的正向解析文件记录

    zone "danran.com" IN {

    type slave; \DNS类型为从属DNS

    master { 192.168.198.120;}; \主DNS为192.168.198.134

    file "slaves/danran.slave"; \从DNS的数据库文件为slaves/danran.slave

    };

  4. 修改DNS指向的根DNS

    vim /var/named/named.ca \ \将DNS的根DNS指向自定义的192.168.198.100

     .            3600000      NS    A.ROOT-SERVERS.NET.
    A.ROOT-SERVERS.NET. 3600000 A 192.168.198.100
  5. systemctl restart named

  6. rndc reload

192.168.198.110 com DNS

  1. 安装程序包

    yum -y install bind

    systemctl start named

    systemctl enable named

    iptables -F

    setenforce 0

  2. vim /etc/named.conf

    options {

    listen-on port 53 { localhost; };

    allow-query { any; };

    dnssec-enable no;

    dnssec-validation no;

    }

  3. vim /etc/named.rfc1912.zones

    zone "com" IN {

    type master;

    file "com.zone";

    };

  4. vim /var/named/com.zone

    $TTL 1D

    @ IN SOA ns1.com. dnsadmin.cam. (

    0 ; serial

    1D ; refresh

    1H ; retry

    1W ; expire

    3H ) ; minimum

    NS ns1.com.

    ns1 A 192.168.198.110

     danran  NS      ns2
    ns2 A 192.168.198.120 \\子域委派
    danran NS ns3
    ns3 A 192.168.198.130
  5. chgrp named /var/named/com.zone

  6. 修改DNS指向的根DNS

    vim /var/named/named.ca \ \将DNS的根DNS指向自定义的192.168.198.100

     .            3600000      NS    A.ROOT-SERVERS.NET.
    A.ROOT-SERVERS.NET. 3600000 A 192.168.198.100
  7. systemctl restart named

192.168.198.100 .根 DNS

  1. 安装程序包

    yum -y install bind

    systemctl start named

    systemctl enable named

    iptables -F

    setenforce 0

  2. vim /etc/named.conf

    options {

    listen-on port 53 { localhost; };

    allow-query { any; };

    dnssec-enable no;

    dnssec-validation no;

    }

  3. 将vim /etc/named.conf配置文件中的.DNS的zone类型修改为master

    zone "." IN {

    type master;

    file "root.zone"; \. 根文件名修改为root.zone

    };

  4. 修改.根文件对应的zone文件

    vim /etc/named.rfc1912.zones

    zone "." IN {

    type master;

    file "root.zone"; \. 根文件名修改为root.zone

    };

3.4 二选一
  1. vim /var/named/root.zone

    $TTL 1D

    @ IN SOA ns1. dnsadmin (

    0 ; serial

    1D ; refresh

    1H ; retry

    1W ; expire

    3H ) ; minimum

    NS ns1

    ns1 A 192.168.198.100

     com     NS      ns2
    ns2 A 192.168.198.110 \\子域委派为com域
  2. chgrp named /var/named/com.zone

  3. systemctl restart named

192.168.198.200 电信 DNS

  1. 安装程序包

    yum -y install bind

    systemctl start named

    systemctl enable named

    iptables -F

    setenforce 0

  2. vim /etc/named.conf

    options {

    listen-on port 53 { localhost; };

    allow-query { any; };

    dnssec-enable no;

    dnssec-validation no;

    }

  3. 修改DNS指向的根DNS

    vim /var/named/named.ca \ \将DNS的根DNS指向自定义的192.168.198.100

     .            3600000      NS    A.ROOT-SERVERS.NET.
    A.ROOT-SERVERS.NET. 3600000 A 192.168.198.100
  4. systemctl restart named

192.168.198.10 访问测试

dig www.danran.com @192.168.198.200

DNS的相关内容点击链接

http://119.23.52.191/dns服务/

创建子域及view

http://119.23.52.191/创建dns子域及view/

搭建转发及从DNS

http://119.23.52.191/主从及转发dns搭建/