1.搭建dns服务器能够对自定义的正向或者反向域完成数据解析查询。
2.配置从DNS服务器,对主dns服务器进行数据备份。
options {listen-on port 53 { 192.168.111.130; };directory "/var/named";allow-query { any;};zone "openlab.com" IN {type master;file "named.openlab.com";
};zone "111.168.192.in-addr.arpa" IN {type master;file "named.192";allow-update { none; };
};
[root@localhost ~]# vim /var/named/named.openlab.com ------正向资源记录文件
$TTL 1D
@ IN SOA @ zym.qq.com.(202410311D1H3H1D
)
@ IN NS ns.openlab.com.
ns IN A 192.168.111.130www IN A 192.168.111.128
ftp IN A 192.168.111.131
mail IN A 192.168.111.130
wwww IN CNAME www
[root@localhost ~]# vim /var/named/named.192 ------反向资源记录文件
$TTL 1D
@ IN SOA @ rname.invalid. (0 ; serial1D ; refresh1H ; retry1W ; expire3H ) ; minimumNS ns.openlab.com.
130 PTR ns.openlab.com
128 PTR www.openlab.com
131 PTR ftp.openlab.com[root@localhost ~]# systemctl stop firewalld
[root@localhost ~]# setenforce 0
[root@localhost ~]# systemctl restart named
server 192.168.111.130 ----------指定要查询的结果是通过那个DNS服务器去查询
主从DNS服务器
1.完全区域传送
主服务器配置:添加 allow-transfer { 192.168.111.128; };,其他不变。
主
options {listen-on port 53 { 192.168.111.130; };directory "/var/named";allow-query { any;};allow-transfer { 192.168.111.128; }; ----------------添加
};
zone "openlab.com" IN {type master;file "named.openlab.com";
};zone "111.168.192.in-addr.arpa" IN {type master;file "named.192";allow-update { none; };
};
[root@localhost ~]# vim /var/named/named.openlab.com ------正向
$TTL 1D
@ IN SOA @ zym.qq.com.(202410311D1H3H1D
)
@ IN NS ns.openlab.com.
ns IN A 192.168.111.130www IN A 192.168.111.128
ftp IN A 192.168.111.131
mail IN A 192.168.111.130
wwww IN CNAME www
[root@localhost ~]# vim /var/named/named.192 ------反向
$TTL 1D
@ IN SOA @ rname.invalid. (0 ; serial1D ; refresh1H ; retry1W ; expire3H ) ; minimumNS ns.openlab.com.
130 PTR ns.openlab.com
128 PTR www.openlab.com
131 PTR ftp.openlab.com[root@localhost ~]# systemctl stop firewalld
[root@localhost ~]# setenforce 0
[root@localhost ~]# systemctl restart named
注:如果资源记录文件是通过/var/named/named.localhost模版拷贝修改
方法一:cp -a /var/named/named.localhost /var/named/named.xxxx
方法二:cp /var/named/named.localhost /var/named/named.xxxx
chmod o+r /var/named/named.xxxx
或者 chown .named /var/named/named.xxxx
从
[root@localhost ~]# mount /dev/sr0 /mnt
mount: /mnt: /dev/sr0 already mounted on /mnt.
[root@localhost ~]# systemctl disable firewalld
[root@localhost ~]# setenforce 0
[root@localhost ~]# dnf install bind
[root@localhost ~]# vim /etc/named.conf
[root@localhost ~]# cat /etc/named.conf
options {listen-on port 53 { 192.168.111.128; };directory "/var/named/slaves"; ------可以修改为/var/named/slavesallow-query { any;};
};
zone "openlab.com" IN {type slave; ----------------------------修改file "named.openlab.com";masters { 192.168.111.130; }; ----------------添加
};zone "111.168.192.in-addr.arpa" IN {type slave; ---------------------------修改file "named.192";masters { 192.168.111.130; }; ----------------添加};
测试结果,重启从服务器主机后,在/var/named/slaves目录下可以看到正反向的资源记录文件
[root@localhost ~]# ls -l /var/named/slaves/ -----此时从服务器下没有文件
total 0[root@localhost ~]# systemctl restart named -----从服务器重启后,在这个目录下可以看到正反向的资源记录文件
[root@localhost ~]# ls -l /var/named/slaves/
total 8
-rw-r--r--. 1 named named 523 Nov 2 05:26 named.192
-rw-r--r--. 1 named named 396 Nov 2 05:26 named.openlab.com
增量区域传送
主服务器修改四个部分
主服务器
[root@localhost ~]# vim /var/named/named.openlab.com
$TTL 1D
@ IN SOA @ zym.qq.com (20241030001D -------------------------全部修改为11H1H1D )IN NS ns.openlab.com.IN NS slave.openlab.com. ---------------------------添加一个域名
ns IN A 192.168.111.130
slave IN A 192.168.111.128 ---------------------------添加www IN A 192.168.111.128
ftp IN A 192.168.111.131
mail IN A 192.168.111.130
http IN A 192.168.111.128 ------------------------------追加
wwww IN CNAME www
[root@localhost ~]# systemctl restart named --------------主服务器重启服务(在监听日志之后操作)
从服务器中监听日志信息,在尾部追加信息
[root@bogon ~]# tail -f /var/log/messages
验证
server 192.168.111.130 ------------------------在从服务器上登主服务器DNS
Default server: 192.168.111.130
Address: 192.168.111.130#53http.openlab.com -----------------------------------http为新添加的
Server: 192.168.111.130
Address: 192.168.111.130#53Name: http.openlab.com
Address: 192.168.111.130
![[vulnhub]DC: 1](https://i-blog.csdnimg.cn/direct/453b3b8ca80a4105ace131a99f02f70f.png)
