centos6.5 配置智能DNS域名解析服务器

作者: admin 分类: linux 发布时间: 2018-05-23 19:12

  配置智能DNS域名解析服务器

  智能DNS域名解析服务器概述

  智能DNS是域名服务在业界首创的智能解析服务。能自动判断访问者的IP地址并解析出对应的IP地址,使网通用户会访问到网通服务器,电信用户会访问到电信服务器。

  智能DNS就是根据用户的来路,自动智能化判断来路IP返回给用户,而不需要用户进行选择。

  配置智能DNS域名解析服务器的步骤及示例

  实验环境:

智能DNS服务器拓补图
智能DNS服务器拓补图

  DNS服务器配置

  确认本机的网络地址、保证网络连通性

  网关GateWay服务器ping DNS服务器IP:192.168.1.108可以ping通。

[root@localhost ~]# ping 192.168.1.108
PING 192.168.1.108 (192.168.1.108) 56(84) bytes of data.
64 bytes from 192.168.1.108: icmp_seq=1 ttl=64 time=2.01 ms
64 bytes from 192.168.1.108: icmp_seq=2 ttl=64 time=0.874 ms
64 bytes from 192.168.1.108: icmp_seq=3 ttl=64 time=0.836 ms
64 bytes from 192.168.1.108: icmp_seq=4 ttl=64 time=0.957 m

  DNS服务器IP配置

[root@localhost ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 1000
    link/ether 00:0c:29:c2:14:a8 brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.108/24 brd 192.168.1.255 scope global eth0
    inet6 fe80::20c:29ff:fec2:14a8/64 scope link
       valid_lft forever preferred_lft forever
3: pan0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN
    link/ether 2e:6c:45:d6:ba:2e brd ff:ff:ff:ff:ff:ff

  没有安装bind软件包需要安装

[root@localhost ~]# rpm -ivh /media/CentOS_6.5_Final/Packages/bind-9.8.2-0.17.rc1.el6_4.6.x86_64.rpm
warning: /media/CentOS_6.5_Final/Packages/bind-9.8.2-0.17.rc1.el6_4.6.x86_64.rpm: Header V3 RSA/SHA1 Signature, key ID c105b9de: NOKEY
Preparing...                ########################################### [100%]
   1:bind                   ########################################### [100%]

查看网卡设置

[root@localhost ~]# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
192.168.1.0     0.0.0.0         255.255.255.0   U     1      0        0 eth0
0.0.0.0         192.168.1.1     0.0.0.0         UG    0      0        0 eth0

修改配置文件/etc/named.conf

先备份配置文件

[root@localhost etc]# cp -p named.conf named.conf.$(date +%F)
[root@localhost etc]# vim named.conf
options {
        listen-on port 53 { 192.168.1.108; };
        directory       "/var/named";
        allow-query     { any; };
        recursion yes;
};

logging {
        channel default_debug {
                file "data/named.run";
                severity dynamic;
        };
};

acl lan {
192.168.1.0/24;
};
acl cnc {
203.18.17.0/24;
};
acl dx {
78.19.25.0/24;
};

view "LAW" IN {
match-clients {
loclhost;
lan;
};
recursion yes;
include "chroot/etc/lan.zone";
};
view "CNC" IN {
match-clients { cnc; };
include "chroot/etc/cnc.zone";
};
view "DX" IN {
match-clients { dx; };
include "chroot/etc/dx.zone";
};
view "other" IN {
match-clients { any; };
include "chroot/etc/other.zone";
};

建立各线路的配置文件

[root@localhost ~]# cd /var/named/chroot/etc/

注意:/chroot/etc/没有这个目录需要安装bind-chroot-9.8.2-0.17.rc1.el6_4.6.x86_64.rpm软件包

新建lan.zone文件

[root@localhost etc]# vim lan.zone

zone "amber.com" IN {
      type master;
      file "amber.com.zone.lan";
};
~                       

[root@localhost etc]# cp lan.zone cnc.zone

[root@localhost etc]# vim cnc.zone

zone "amber.com" IN {
      type master;
      file "amber.com.zone.cnc";
};

[root@localhost etc]# cp lan.zone dx.zone

[root@localhost etc]# vim dx.zone

zone "amber.com" IN {
      type master;
      file "amber.com.zone.dx";
};
~       

[root@localhost etc]# cp dx.zone other.zone

other.zone无需修改

建立区域数据文件

[root@localhost etc]# cd /var/named/

[root@localhost named]# cp -p named.empty amber.com.zone.lan

[root@localhost named]# vim amber.com.zone.lan

$TTL 86400
@       IN SOA  amber.com. root.ns1.amber.com. (
                                        2018052401      ; serial
                                        1D      ; refresh
                                        1H      ; retry
                                        1W      ; expire
                                        3H )    ; minimum
        NS      ns1.amber.com.
ns1     A       192.168.1.108
ftp     A       78.19.25.6
ftp     A       203.18.17.6
~                          

[root@ns1 named]# cp -p amber.com.zone.lan amber.com.zone.cnc
[root@ns1 named]# vim amber.com.zone.cnc
$TTL 86400
@       IN SOA  amber.com. root.ns1.amber.com. (
                                        2018052401      ; serial
                                        1D      ; refresh
                                        1H      ; retry
                                        1W      ; expire
                                        3H )    ; minimum
        NS      ns1.amber.com.
ns1     A       203.18.17.2
ftp     A       203.18.17.6
~                       

[root@ns1 named]# cp -p amber.com.zone.lan amber.com.zone.dx
[root@ns1 named]# vim amber.com.zone.dx
$TTL 86400
@       IN SOA  amber.com. root.ns1.amber.com. (
                                        2018052401      ; serial
                                        1D      ; refresh
                                        1H      ; retry
                                        1W      ; expire
                                        3H )    ; minimum
        NS      ns1.amber.com.
ns1     A       78.19.25.2
ftp     A       78.19.25.6

重启named服务

[root@ns1 named]# named-checkconf /etc/named.conf
[root@ns1 named]# named-checkzone amber.com amber.com.zone.lan
zone amber.com/IN: loaded serial 2018052401
OK
[root@ns1 named]# named-checkzone amber.com amber.com.zone.cnc
zone amber.com/IN: loaded serial 2018052401
OK
[root@ns1 named]# named-checkzone amber.com amber.com.zone.dx
zone amber.com/IN: loaded serial 2018052401
OK


[root@ns1 named]# service named restart
停止 named:                                               [确定]
Generating /etc/rndc.key:                                  [确定]
启动 named:                                               [确定]

配置网关服务器

[root@localhost ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:0c:29:ce:53:25 brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.1/24 brd 192.168.1.255 scope global eth0
    inet6 fe80::20c:29ff:fece:5325/64 scope link
       valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:0c:29:ce:53:2f brd ff:ff:ff:ff:ff:ff
    inet 203.18.17.2/24 brd 203.18.17.255 scope global eth1
    inet6 fe80::20c:29ff:fece:532f/64 scope link
       valid_lft forever preferred_lft forever
4: eth2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:0c:29:ce:53:39 brd ff:ff:ff:ff:ff:ff
    inet 78.19.25.2/24 brd 78.19.25.255 scope global eth2
    inet6 fe80::20c:29ff:fece:5339/64 scope link
       valid_lft forever preferred_lft forever
5: pan0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN
    link/ether 36:6e:75:68:0f:b1 brd ff:ff:ff:ff:ff:ff

[root@localhost ~]# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
192.168.1.0     0.0.0.0         255.255.255.0   U     1      0        0 eth0
78.19.25.0      0.0.0.0         255.255.255.0   U     0      0        0 eth2
203.18.17.0     0.0.0.0         255.255.255.0   U     0      0        0 eth1
169.254.0.0     0.0.0.0         255.255.0.0     U     1003   0        0 eth1
169.254.0.0     0.0.0.0         255.255.0.0     U     1004   0        0 eth2
0.0.0.0         78.19.25.1      0.0.0.0         UG    0      0        0 eth2

开启路由转发功能

[root@localhost ~]# vim /etc/sysctl.conf
 net.ipv4.ip_forward = 0 改为1

[root@localhost ~]# sysctl -p
net.ipv4.ip_forward = 1

客户机测试

网卡连接方式vmnet-1模拟内网测试,使用windows7系统测试机配置DNS服务器IP。


 

测试机配置IP
测试机配置IP

 



 

Linux 命令大全

更多

如果觉得我的文章对您有用,请随意打赏。您的支持将鼓励我继续创作!