1.
(问答题)
1.配置2台服务器要求如下:
a)服务器1:
主机名:dns-master.timinglee.org
[root@server100 ~]# hostnamectl hostname dns-master.timinglee.org
[root@server100 ~]# hostname
dns-master.timinglee.org
ip地址: 172.25.254.100
[root@server100 ~]# nmcli connection modify eth0 ipv4.addresses 172.25.254.100/24 autoconnect yes
[root@server100 ~]# nmcli connection up eth0
连接已成功激活(D-Bus 活动路径:/org/freedesktop/NetworkManager/ActiveConnection/4)
[root@server100 ~]# ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.25.254.100 netmask 255.255.255.0 broadcast 172.25.254.255
inet6 fe80::e768:955e:3485:4e1e prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:59:df:9d txqueuelen 1000 (Ethernet)
RX packets 4805 bytes 6657834 (6.3 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 2283 bytes 139800 (136.5 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Local Loopback)
RX packets 34 bytes 3496 (3.4 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 34 bytes 3496 (3.4 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
配置好软件仓库
b)服务器2:
主机名:dns-slave.timinglee.org
[root@server200 ~]# hostnamectl hostname dns-slave.timinglee.org
[root@server200 ~]# hostname
dns-slave.timinglee.org
ip地址:172.25.254.200
[root@server200 ~]# nmcli connection modify eth0 ipv4.addresses 172.25.254.200/24 autoconnect yes
[root@server200 ~]# nmcli connection up eth0
连接已成功激活(D-Bus 活动路径:/org/freedesktop/NetworkManager/ActiveConnection/4)
[root@server200 ~]# ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.25.254.200 netmask 255.255.255.0 broadcast 172.25.254.255
inet6 fe80::e1bf:6c40:f9c2:8d98 prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:64:0e:06 txqueuelen 1000 (Ethernet)
RX packets 7000 bytes 9964465 (9.5 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 2781 bytes 167378 (163.4 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Local Loopback)
RX packets 50 bytes 4856 (4.7 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 50 bytes 4856 (4.7 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
配置好软件仓库
[root@dns-master ~]# vim /etc/yum.repos.d/rhel9.repo
[AppStream]
name=AppStream
baseurl=file:///rhel9/AppStream
gpgcheck=0
[BaseOS]
name=BaseOS
baseurl=file:///rhel9/BaseOS
gpgcheck=0
2.dns-master是一台权威dns,次dns要具备一下功能
a)可以解析timinglee.org域中的主机,此域中的主机列表为
172.25.254.100 bbs.timinglee.org
172.25.254.200 login.timinglee.org
[root@dns-master ~]# vim /etc/named.conf
10 options {
11 listen-on port 53 { any; };
12 listen-on-v6 port 53 { ::1; };
13 directory "/var/named";
14 dump-file "/var/named/data/cache_dump.db";
15 statistics-file "/var/named/data/named_stats.txt";
16 memstatistics-file "/var/named/data/named_mem_stats.txt";
17 secroots-file "/var/named/data/named.secroots";
18 recursing-file "/var/named/data/named.recursing";
19 allow-query { any; };
dnssec-validation no;
[root@dns-master ~]# vim /etc/named.rfc1912.zones
zone "timinglee.org" IN {
type master;
file "timinglee.org.zone";
allow-update { none; };
};
[root@dns-master ~]# cp -p /var/named/named.localhost /var/named/timinglee.org.zone
[root@dns-master ~]# vim /var/named/timinglee.org.zone
$TTL 1D
@ IN SOA dns.timinglee.org. admin.timinglee.org. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS dns.timinglee.org.
dns A 172.25.254.100
www CNAME timinglee.org.
bbs A 172.25.254.100
login A 172.25.254.200
[root@dns-master named]# systemctl restart named
测试:
[root@dns-slave ~]# vim /etc/resolv.conf
# Generated by NetworkManager
search timinglee.org
nameserver 172.25.254.100
[root@dns-slave ~]# dig -t A bbs.timinglee.org
; <<>> DiG 9.16.23-RH <<>> -t A bbs.timinglee.org
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 3774
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
; COOKIE: c8c505ddc7501e7801000000663a3a039d688edd2419b6bd (good)
;; QUESTION SECTION:
;bbs.timinglee.org. IN A
;; ANSWER SECTION:
bbs.timinglee.org. 86400 IN A 172.25.254.100
;; Query time: 0 msec
;; SERVER: 172.25.254.100#53(172.25.254.100)
;; WHEN: Tue May 07 22:26:11 CST 2024
;; MSG SIZE rcvd: 90
[root@dns-slave ~]# dig -t A login.timinglee.org
; <<>> DiG 9.16.23-RH <<>> -t A login.timinglee.org
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 28761
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
; COOKIE: b1eb387db0f9862401000000663a3a3b189a76020ff406c4 (good)
;; QUESTION SECTION:
;login.timinglee.org. IN A
;; ANSWER SECTION:
login.timinglee.org. 86400 IN A 172.25.254.200
;; Query time: 0 msec
;; SERVER: 172.25.254.100#53(172.25.254.100)
;; WHEN: Tue May 07 22:27:07 CST 2024
;; MSG SIZE rcvd: 92
b)可以为timinglee.org这个域提供邮件解析记录,邮件服务器的地址为172.25.254.10
[root@dns-master named]# vim /var/named/timinglee.org.zone
$TTL 1D
@ IN SOA dns.timinglee.org. admin.timinglee.org. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS dns.timinglee.org.
dns A 172.25.254.100
bbs A 172.25.254.100
login A 172.25.254.200
timinglee.org. MX 3 172.25.254.10.
[root@dns-master named]# systemctl restart named
测试:
[root@dns-master named]# dig -t MX timinglee.org
; <<>> DiG 9.16.23-RH <<>> -t MX timinglee.org
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 52149
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
; COOKIE: 1e8575ff14e5518401000000663a406f900d7e0718862394 (good)
;; QUESTION SECTION:
;timinglee.org. IN MX
;; ANSWER SECTION:
timinglee.org. 86400 IN MX 3 172.25.254.10.
;; Query time: 1 msec
;; SERVER: 172.25.254.100#53(172.25.254.100)
;; WHEN: Tue May 07 22:53:35 CST 2024
;; MSG SIZE rcvd: 99
c)可以为172.25.254.0/24网段提供反向解析记录,反向解析记录为:
172.25.254.100 bbs.timinglee.org
172.25.254.200 login.timinglee.org
[root@dns-master named]# vim /etc/named.rfc1912.zones
zone "254.25.172.in-addr.arpa" IN {
type master;
file "172.25.254.ptr";
allow-update { none; };
};
[root@dns-master named]# cp -p /var/named/named.loopback /var/named/172.25.254.ptr
[root@dns-master named]# vim /var/named/172.25.254.ptr
$TTL 1D
@ IN SOA dns.timinglee.org. admin.timinglee.org. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS dns.timinglee.org.
dns A 172.25.254.100
100 PTR bbs.timinglee.org
200 PTR login.timinglee.org
~
[root@dns-master named]# systemctl restart named
测试:
[root@dns-master named]# dig -x 172.25.254.100
; <<>> DiG 9.16.23-RH <<>> -x 172.25.254.100
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 22166
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
; COOKIE: 5752f4dc917e8a5701000000663a43c34a836ea81e41cb3f (good)
;; QUESTION SECTION:
;100.254.25.172.in-addr.arpa. IN PTR
;; ANSWER SECTION:
100.254.25.172.in-addr.arpa. 86400 IN PTR bbs.timinglee.org.254.25.172.in-addr.arpa.
;; Query time: 1 msec
;; SERVER: 172.25.254.100#53(172.25.254.100)
;; WHEN: Tue May 07 23:07:47 CST 2024
;; MSG SIZE rcvd: 139
[root@dns-master named]# dig -x 172.25.254.200
; <<>> DiG 9.16.23-RH <<>> -x 172.25.254.200
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 26757
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
; COOKIE: 16255a8c7bf30d9801000000663a43ec30088a4230aa7069 (good)
;; QUESTION SECTION:
;200.254.25.172.in-addr.arpa. IN PTR
;; ANSWER SECTION:
200.254.25.172.in-addr.arpa. 86400 IN PTR login.timinglee.org.254.25.172.in-addr.arpa.
;; Query time: 0 msec
;; SERVER: 172.25.254.100#53(172.25.254.100)
;; WHEN: Tue May 07 23:08:28 CST 2024
;; MSG SIZE rcvd: 141
3.dns-slave主机是dns-master主机的辅助dns,当master主机中的数据发生变化后其内容自动发生改变
[root@dns-slave ~]# vim /etc/named.conf
options {
listen-on port 53 { any; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
secroots-file "/var/named/data/named.secroots";
recursing-file "/var/named/data/named.recursing";
allow-query { any; };
dnssec-validation no;
[root@dns-slave ~]# vim /etc/named.rfc1912.zones
zone "timinglee.org" IN {
type slave;
master {172.25.254.100;};
file "slaves/timinglee.org.zone";
};
[root@dns-master named]# vim /etc/named.rfc1912.zones
zone "timinglee.org" IN {
type master;
file "timinglee.org.zone";
allow-update { none; };
also-notify {172.25.254.200;};
};
[root@dns-master named]# vim /var/named/timinglee.org.zone
$TTL 1D
@ IN SOA dns.timinglee.org. admin.timinglee.org. (
2024050701 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS dns.timinglee.org.
dns A 172.25.254.100
bbs A 172.25.254.100
login A 172.25.254.200
timinglee.org. MX 3 172.25.254.10.
[root@dns-master named]# systemctl restart named
测试:
[root@dns-slave ~]# dig -t A bbs.timinglee.org
; <<>> DiG 9.16.23-RH <<>> -t A bbs.timinglee.org
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 11560
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
; COOKIE: 42d15da3e399989401000000663a46a3a509131f709d68f5 (good)
;; QUESTION SECTION:
;bbs.timinglee.org. IN A
;; ANSWER SECTION:
bbs.timinglee.org. 86400 IN A 172.25.254.100
;; Query time: 1 msec
;; SERVER: 172.25.254.100#53(172.25.254.100)
;; WHEN: Tue May 07 23:20:03 CST 2024
;; MSG SIZE rcvd: 90
[root@dns-slave ~]#
修改:
[root@dns-master named]# vim /var/named/timinglee.org.zone
$TTL 1D
@ IN SOA dns.timinglee.org. admin.timinglee.org. (
2024050702 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS dns.timinglee.org.
dns A 172.25.254.100
bbs A 172.25.254.101
login A 172.25.254.200
timinglee.org. MX 3 172.25.254.10.
~
[root@dns-slave ~]# dig -t A bbs.timinglee.org
; <<>> DiG 9.16.23-RH <<>> -t A bbs.timinglee.org
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 28685
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
; COOKIE: 1de91e6e5123751001000000663a47567467b28208dc8006 (good)
;; QUESTION SECTION:
;bbs.timinglee.org. IN A
;; ANSWER SECTION:
bbs.timinglee.org. 86400 IN A 172.25.254.101
;; Query time: 1 msec
;; SERVER: 172.25.254.100#53(172.25.254.100)
;; WHEN: Tue May 07 23:23:02 CST 2024
;; MSG SIZE rcvd: 90
