5 DNS(域名解析)
1 概念
域名——》IP ARP解析
IP——》域名 RARP解析
域名组成、分类
常见格式: www.kernel.com
完整格式: www.kernel.com.
镜像根域
域名分类:
. 根域(可省略)
com 顶级域
kernel 二级域(可有个人或组织申请)
www 三级域
主机名 sl.www.kernel.com sl:主机名
注意:com.cn cn:顶级域
com:顶级域下的子域
2 域名解析过程
注意:缓存中的表示临时,hosts文件、解析库保存的是合法的解析
3 DNS软件
软件名:bind
服务名:named
软件端口:
UDP 53 数据通信(域名解析)
TCP 53 数据同步(主从同步,两DNS服务器之间的通信)
DNS配置文件:
1) 主配置文件 /etc/named.conf
控制着DNS软件进行的参数、监听端口、IP
2) 区域配置 /etc/named.rfc1912.zones
规划需要解析的域或IP
3) 数据解析文件 /var/named/....
具体的解析记录,包括正向反向解析
正向文件模板: named.localhost
反向文件模板:named.loopback
记录类型:
A 指定域名的ipv4记录(域名到IP即产生)
CANME 域名指向另一个域名,另一个域名再提供IP,产生的记录
NS 域名服务器记录,如果需要把子域名交给其他DNS服务商解析,就需要添加NS记录。
AAAA 指定域名的ipv6记录(域名到IP即产生)
MX3 邮件交换记录
#/etc/named配置文件
options {
listen-on port 53 { 127.0.0.1; }; #设置服务器监听的网卡(可写一个IP、所有any)
listen-on-v6 port 53 { ::1; };
directory "/var/named"; #若出现相对路径的文件,从此目录开始找相对路径的文件
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
recursing-file "/var/named/data/named.recursing";
secroots-file "/var/named/data/named.secroots";
allow-query { localhost; }; #可设置访问服务器IP、也可以any
zone "." IN { #若根域无法解析,找到下面文件的进行解析
type hint;
file "named.ca";
};
include "/etc/named.rfc1912.zones"; #包含文件的规则
include "/etc/named.root.key";
#/etc/named.rfc1912.zones 区域配置文件
zone "localhost.localdomain" IN { #正向区域配置文件标签,修改为要解析的域
type master; #DNS服务器类型(主master/从slave)
file "named.localhost"; #正向数据配置文件名称(默认在/var/name/下)
allow-update { none; }; #允许数据更新的列表
};
zone "1.0.0.127.in-addr.arpa" IN { #反向区域配置文件,仅修改IP,例如:0.168.192.in-addr.arpa
type master;
file "named.loopback";
allow-update { none; };
};
#/etc/named/.... 先复制模板,改名后再修改(cp -a)
#正向文件
$TTL 1D #域名有效期(一般指缓存时间)
@ IN SOA hongfu.com. rname.invalid. ( # @ 改为需要解析的域名(别忘了最后有点)
0 ; serial #版本号
1D ; refresh #更新频率
1H ; retry #失败重试时间
1W ; expire #无法更新失效周期
3H ) ; minimum #缓存服务器无法更新失效时间
NS hongfu.com. # @改为需要解析域名(别忘了最后有点)
dns A 192.168.18.201 #ipv4解析,三级域名 A IP
www A 192.168.18.202
#反向文件
$TTL 1D
@ IN SOA hongfu.com. rname.invalid. ( # @改为需要解析的域名
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS hongfu.com.
201 PTR dns.hongfu.com. #IP最后一位 PTR 完整域名
202 PTR www.hongfu.com.
4 实验
实验1 搭建DNS
步骤:
安装软件
修改主配置文件、区域配置文件、数据配置文件
重启服务
测试
[root@localhost ~]# yum -y install bind #安装bind
[root@localhost ~]# vim /etc/named.conf #修改DNS主配置文件
[root@localhost ~]# egrep -a1 "192.168.18.201|any" /etc/named.conf #检查
options {
listen-on port 53 { 192.168.18.201; };
listen-on-v6 port 53 { ::1; };
--
secroots-file "/var/named/data/named.secroots";
allow-query { any; };
[root@localhost ~]# cp -a /etc/named.rfc1912.zones /etc/named.rfc1912.zones.bak #复制区域配置文件备份
[root@localhost ~]# vim /etc/named.rfc1912.zones
[root@localhost ~]# egrep -a2 "yq.localhost|yq.loopback" /etc/named.rfc1912.zones #检查修改
zone "yq.com" IN {
type master;
file "yq.localhost";
allow-update { none; };
};
--
zone "18.168.192.in-addr.arpa" IN {
type master;
file "yq.loopback";
allow-update { none; };
};
[root@localhost ~]# cp -a /var/named/named.localhost /var/named/yq.localhost #复制数据解析文件
[root@localhost ~]# cp -a /var/named/named.loopback /var/named/yq.loopback
[root@localhost ~]# vim /var/named/yq.localhost #修改正向数据解析文件
[root@localhost ~]# cat /var/named/yq.localhost
$TTL 1D
@ IN SOA yq.com. rname.invalid. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS dns.yq.com.
dns A 192.168.18.201
www A 192.168.18.202
[root@localhost ~]# vim /var/named/yq.loopback #修改反向数据解析文件
[root@localhost ~]# cat /var/named/yq.loopback
$TTL 1D
@ IN SOA yq.com. rname.invalid. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS dns.yq.com.
201 PTR dns.yq.com.
202 PTR www.yq.com.
[root@localhost ~]# yum -y install httpd #安装httpd
[root@localhost ~]# echo "Welcome to YQ's html" >> /var/www/html/index.html
[root@localhost ~]# #此处有个报错,报错原因:数据解析文件有问题(详解请看报错文档中的1)
[root@localhost ~]# systemctl restart network
[root@localhost ~]# systemctl restart httpd
[root@localhost ~]# #此处有个报错,报错原因:网卡配置文件未指向DNS服务器(详细请看报错文档中的2)
[root@localhost ~]# nslookup dns.yq.com #DNS解析成功 域名——》IP
Server: 192.168.18.201
Address: 192.168.18.201#53
Name: dns.yq.com
Address: 192.168.18.201
[root@localhost ~]# nslookup 192.168.18.201 #DNS反向解析成功 IP——》域名
Server: 192.168.18.201
Address: 192.168.18.201#53
201.18.168.192.in-addr.arpa name = dns.yq.com.
[root@localhost ~]# nslookup www.yq.com
Server: 192.168.18.201
Address: 192.168.18.201#53
Name: www.yq.com
Address: 192.168.18.202
实验2 主从服务器
1) 可实现数据备份
2) 可实现压力均摊
elinks #字符界面的浏览器
curl 地址 #仅展示指定内容,网页源代码
准备:
一台主服务器、一台从服务器、一台测试机
步骤:(关防火墙、关selinux)
1) 搭建主服务器
a)安装bind软件
b) 主配置文件修改
区域配置文件修改: allow-transfer { IP; };
配置数据文件: 正向文件: 修改版本号(每次测试版本号+1)
添加解析记录
NS dns2.yq.com.
dns2 A 192.168.18.201
反向文件: 对应正向文件修改反向解析文件
c) 启动named服务
2) 搭建从服务器
a)安装bind软件
b)修改主配置文件
修改区域配置文件: 将配置文件类型改为slave
添加 mastes { IP; };
file “slaves/...” #添加文件保存位置
c) 重启服务
3) 在测试机上写从服务器IP、并使用nslookup测试
#主服务器 ip:201
[root@localhost ~]# yum -y install bind #安装bind
[root@localhost ~]# vim /etc/named.conf #修改主配置文件
[root@localhost ~]# egrep -a1 "192.168.18.201|any" /etc/named.conf
options {
listen-on port 53 { 192.168.18.201; };
listen-on-v6 port 53 { ::1; };
--
secroots-file "/var/named/data/named.secroots";
allow-query { any; };
[root@localhost ~]# cp -a /etc/named.rfc1912.zones /etc/named.rfc1912.zones.bak
[root@localhost ~]# vim /etc/named.rfc1912.zones #修改区域配置文件
[root@localhost ~]# vim /etc/named.rfc1912.zones
[root@localhost ~]# tail -n15 /etc/named.rfc1912.zones
zone "yq.com" IN {
type master;
file "yq.localhost";
allow-transfer { 192.168.18.202; };
};
zone "18.168.192.in-addr.arpa" IN {
type master;
file "yq.loopback";
allow-transfer { 192.168.18.202; };
};
[root@localhost ~]# cp -a /var/named/named.localhost /var/named/yq.localhost
[root@localhost ~]# cp -a /var/named/named.loopback /var/named/yq.loopback
[root@localhost ~]# vim /var/named/yq.localhost #修改数据配置文件(正向)
[root@localhost ~]# cat /var/named/yq.localhost
$TTL 1D
@ IN SOA yq.com. rname.invalid. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS dns.yq.com.
dns A 192.168.18.201
www A 192.168.18.202
[root@localhost ~]# vim /var/named/yq.loopback #修改数据配置文件(反向)
[root@localhost ~]# cat /var/named/yq.loopback
$TTL 1D
@ IN SOA yq.com. rname.invalid. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS dns.yq.com.
201 PTR dns.yq.com.
202 PTR www.yq.com.
[root@localhost ~]# yum -y install httpd #安装apache写网页
[root@localhost ~]# echo "Welcome to YQ's 201" >> /var/www/html/index.html
[root@localhost ~]# systemctl restart named httpd
[root@localhost ~]#
#从服务器 ip:202
[root@localhost ~]# yum -y install bind httpd #安装dns、apache并写网页
[root@localhost ~]# echo "Welcome to YQ's 202" >> /var/www/html/index.html
[root@localhost ~]# systemctl restart httpd
[root@localhost ~]# vim /etc/named.conf #修改主配置文件
[root@localhost ~]# egrep -a2 "192.168.18.202|any" /etc/named.conf
options {
listen-on port 53 { 192.168.18.202; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";
--
recursing-file "/var/named/data/named.recursing";
secroots-file "/var/named/data/named.secroots";
allow-query { any; };
/*
[root@localhost ~]# cp -a /etc/named.rfc1912.zones /etc/named.rfc1912.zones.bak
[root@localhost ~]# vim /etc/named.rfc1912.zones #修改区域配置文件
[root@localhost ~]# tail -n15 /etc/named.rfc1912.zones
zone "yq.com" IN {
type slave;
masters { 192.168.18.201; };
file "slaves/yq.localhost";
# allow-update { none; }; #取消不升级
};
zone "18.168.192.in-addr.arpa" IN {
type slave;
masters { 192.168.18.201; };
file "slaves/yq.loopback";
# allow-update { none; }; #取消不升级
};
[root@localhost ~]# #此处有个报错,注意masters格式、slaves格式(详解请看报错文档中的1、3)
[root@localhost ~]# ls /var/named/slaves/ #和主服务器同步后会自动生成
[root@localhost ~]# systemctl restart named
[root@localhost ~]#
#测试机 ip:203 #测试机改DNS指向202从服务器,nslookup查看
[root@localhost ~]# vim /etc/sysconfig/network-scripts/ifcfg-ens33
[root@localhost ~]#
[root@localhost ~]#
[root@localhost ~]#
[root@localhost ~]# grep "DNS" /etc/sysconfig/network-scripts/ifcfg-ens33
DNS1=192.168.18.202
DNS2=8.8.8.8
[root@localhost ~]# ifdown ens33 && ifup ens33
[root@localhost ~]# nslookup dns.yq.com
Server: 192.168.18.202
Address: 192.168.18.202#53
Name: dns.yq.com
Address: 192.168.18.201
[root@localhost ~]# curl dns.yq.com
Welcome to YQ's 201
[root@localhost ~]# curl www.yq.com
Welcome to YQ's 202
[root@localhost ~]# nslookup 192.168.18.201
Server: 192.168.18.202
Address: 192.168.18.202#53
** server can't find 201.18.168.192.in-addr.arpa.: NXDOMAIN
[root@localhost ~]# nslookup 192.168.18.202
Server: 192.168.18.202
Address: 192.168.18.202#53
** server can't find 202.18.168.192.in-addr.arpa.: NXDOMAIN
[root@localhost ~]# nslookup www.yq.com
Server: 192.168.18.202
Address: 192.168.18.202#53
Name: www.yq.com
Address: 192.168.18.202
[root@localhost ~]#
#测试
#201主服务器更新数据文件,并重启服务
[root@localhost ~]# vim /var/named/yq.loopback
[root@localhost ~]# vim /var/named/yq.loopback
[root@localhost ~]# cat /var/named/yq.localhost
$TTL 1D
@ IN SOA yq.com. rname.invalid. (
2022101603 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS dns.yq.com.
dns A 192.168.18.201
www A 192.168.18.202
qwe A 192.168.18.205
[root@localhost ~]# cat /var/named/yq.loopback
$TTL 1D
@ IN SOA yq.com. rname.invalid. (
2022101603 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS dns.yq.com.
201 PTR dns.yq.com.
202 PTR www.yq.com.
205 PTR qwe.yq.com.
[root@localhost ~]# systemctl restart named
#202从服务器检查/var/named/slaves目录为空、重启服务再检查
[root@localhost ~]# ls /var/named/slaves/
[root@localhost ~]# systemctl restart named
[root@localhost ~]# ls /var/named/slaves/
yq.localhost yq.loopback
#203测试机进行域名——》IP、IP——》域名解析
[root@localhost ~]# nslookup qwe.yq.com
Server: 192.168.18.202
Address: 192.168.18.202#53
Name: qwe.yq.com
Address: 192.168.18.205
[root@localhost ~]# nslookup 192.168.18.205
Server: 192.168.18.202
Address: 192.168.18.202#53
205.18.168.192.in-addr.arpa name = qwe.yq.com.
实验3 主缓服务器
1) 提高数据解析效率
2) 降低对主服务器的查询服务
注意:缓存服务器没有数据备份功能,需要单独设置备份策略
缓存服务器配置
配置文件 /etc/dnsmasq.conf
cache-size=150 #临时缓存条数
domain=域名 #默认域名
server=IP #指向主服务器IP
准备:
201 搭建DNS主服务器
202 搭建DNS从服务器
203 搭建DNS缓存服务器 dnsmasq
204 测试机 /etc/resolv.conf 中添加主DNS服务器IP
nameserver 主DNS服务器IP
#201主服务器
[root@localhost ~]# yum -y install httpd bind
[root@localhost ~]# vim /etc/named.conf
[root@localhost ~]# vim /etc/named.rfc1912.zones
[root@localhost ~]# cp -a /etc/named.rfc1912.zones /etc/named.rfc1912.zones.bak
[root@localhost ~]# vim /etc/named.rfc1912.zones
[root@localhost ~]# cd /var/named
[root@localhost named]# ls
data dynamic named.ca named.empty named.localhost named.loopback slaves
[root@localhost named]# cp -a ./named.localhost ./yq.localhost
[root@localhost named]# cp -a ./named.loopback ./yq.loopback
[root@localhost named]# vim ./yq.localhost
[root@localhost named]# vim ./yq.loopback
[root@localhost named]# systemctl restart named
[root@localhost named]# ls
data dynamic named.ca named.empty named.localhost named.loopback slaves yq.localhost yq.loopback
#202从服务器
[root@localhost ~]# yum -y install bind
[root@localhost ~]# vim /etc/named.conf
[root@localhost ~]# vim /etc/named.rfc1912.zones
[root@localhost ~]# cd /var/named
[root@localhost named]# ls
data dynamic named.ca named.empty named.localhost named.loopback slaves
[root@localhost named]#
[root@localhost named]# cd slaves/
[root@localhost slaves]# ls
[root@localhost slaves]#
[root@localhost slaves]# systemctl restart named
[root@localhost slaves]# ls
yq.localhost yq.loopback
#203缓存服务器
[root@localhost ~]# yum search dnsmasq
[root@localhost ~]# vim /etc/dnsmasq.conf #配置cache-size、server、domain
[root@localhost ~]# systemctl restart dnsmasq
[root@localhost ~]# systemctl enable dnsmasq
Created symlink from /etc/systemd/system/multi-user.target.wants/dnsmasq.service to /usr/lib/systemd/system/dnsmasq.service.
[root@localhost ~]# systemctl restart dnsmasq #启动服务
[root@localhost ~]# systemctl status dnsmasq #检查服务运行状态
#204测试机
[root@localhost ~]# vim ./ifcfg-ens33 #编辑DNS为主服务器DNS
[root@localhost ~]# ifdown ens33 && ifup ens33
[root@localhost ~]# nslookup www.yq.com #能解析
Server: 192.168.18.201
Address: 192.168.18.201#53
Name: www.yq.com
Address: 192.168.18.202
[root@localhost ~]# nslookup dns2.yq.com
Server: 192.168.18.201
Address: 192.168.18.201#53
Name: dns2.yq.com
Address: 192.168.18.210
[root@localhost ~]# vim ./ifcfg-ens33 #更改DNS为从服务器DNS、更新主服务数据配置文件后,解析成功
[root@localhost ~]# nslookup www.yq.com
Server: 192.168.18.202 #来自从服务器202
Address: 192.168.18.202#53
Name: www.yq.com
Address: 192.168.18.202
[root@localhost ~]# nslookup asd.yq.com
Server: 192.168.18.202 #来自从服务器202
Address: 192.168.18.202#53
Name: asd.yq.com
Address: 192.168.18.211
[root@localhost ~]# nslookup dns2.yq.com
Server: 192.168.18.202 #来自从服务器202
Address: 192.168.18.202#53
Name: dns2.yq.com
Address: 192.168.18.210
[root@localhost ~]# vim ./ifcfg-ens33 #关闭主服务、从服务器服务后,DNS设置为缓存服务器,超时访问
[root@localhost ~]# ifdown ens33 && ifup ens33
[root@localhost ~]# nslookup www.yq.com
;; connection timed out; no servers could be reached
[root@localhost ~]# nslookup www.yq.com #开启主服务器DNS服务、缓存服务器dnsmasq
Server: 192.168.18.203 #来自缓存服务器203
Address: 192.168.18.203#53
Name: www.yq.com
Address: 192.168.18.202
[root@localhost ~]# nslookup dns.yq.com
Server: 192.168.18.203 #来自缓存服务器203
Address: 192.168.18.203#53
Name: dns.yq.com
Address: 192.168.18.201
[root@localhost ~]# nslookup dns.yq.com #关闭主服务器DNS服务,客户端仍能通过缓存服务器解析
Server: 192.168.18.203 #来自缓存服务器203
Address: 192.168.18.203#53
Non-authoritative answer:
Name: dns.yq.com
Address: 192.168.18.201
[root@localhost ~]# nslookup www.yq.com
Server: 192.168.18.203 #来自缓存服务器203
Address: 192.168.18.203#53
Non-authoritative answer:
Name: www.yq.com
Address: 192.168.18.202
实验4 DNS分离解析
1) 概念
作用:将相同域名解析为不同的IP地址
DNS+路由:
内:192.168.10.30
外:100.100.100.30
内外网选择网络模式:
内:vmnat 10 192.168.10.0/24
外:vmnat 11 100.100.100.0/24
在虚拟网络编辑器中改 取消dhcp功能
在路由器+DNS:
开启路由转发功能
+
内外网测试机需要指定路由器的两个IP作为网关地址
2) 环境
关防火墙、关selinux
一台内网测试机(单网卡)
一台网关+DNS(双网卡)
一台外网测试机(单网卡)
一台web服务器(双网卡)
3) 步骤:
服务器和IP地址规划
7-1 内网测试机
vmnat 10:192.168.10.10 网关、DNS:192.168.10.30
7-4 web服务器
vmnat 11:100.100.100.40 网关、DNS:100.100.100.30
7-2 外网测试机(apache)
vmnat10 ens33 192.168.10.20
vmnat11 ens36 100.100.100.20
安装apache,并写入网页、启动服务
7-3 网关+DNS
vmnat10 ens33 192.168.10.30
vmnat11 ens36 100.100.100.30
开启路由转发,启用
安装bind
修改主配置文件
(optins:any、any)
注释区域配置文件,再新增
配置view lan 、view wan
match-clents { 192.168.10.0/24; };
zones "."
include "/etc/lan.zones" #绝对路径
注意:不同解析放在各自的区域配置文件(便于区分)
修改新区域配置文件
分别复制/etc/named.rfc1912.zones 为/etc/lan.zones /etc/wan.zones
分别对lan.zones、wan.zones修改 域名:yq.com 文件名:yq.lan和yq.wan
修改数据配置文件,IP指向自己和外网IP
修改数据配置文件,IP指向自己和外网IP
#7-3 网关+DNS服务器
[root@localhost ~]# yum -y install bind
[root@localhost ~]# vim /etc/named.conf #注意后面新加的view.lan、view.wan格式
[root@localhost ~]# cat /etc/named.conf
options {
listen-on port 53 { any; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
recursing-file "/var/named/data/named.recursing";
secroots-file "/var/named/data/named.secroots";
allow-query { any; };
view lan {
match-clients { 192.168.10.0/24; };
zone "." IN {
type hint;
file "named.ca";
};
include "/etc/yq.lan.zones";
};
view wan {
match-clients { any; };
zone "." IN {
type hint;
file "named.ca";
};
include "/etc/yq.wan.zones";
};
#include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";
[root@localhost ~]# vim /etc/yq.lan.zones
[root@localhost ~]# cat /etc/yq.lan.zones
zone "yq.com" IN {
type master;
file "yq.lan.localhost";
allow-update { none; };
};
zone "10.168.192.in-addr.arpa" IN {
type master;
file "yq.lan.loopback";
allow-update { none; };
};
[root@localhost ~]# vim /etc/yq.wan.zones
[root@localhost ~]# cat /etc/yq.wan.zones
zone "yq.com" IN {
type master;
file "yq.wan.localhost";
allow-update { none; };
};
zone "100.100.100.in-addr.arpa" IN {
type master;
file "yq.wan.loopback";
allow-update { none; };
};
[root@localhost ~]# cd /var/named/
[root@localhost named]# ls
data dynamic named.ca named.empty named.localhost named.loopback slaves
[root@localhost named]# cp -a named.localhost yq.lan.localhost
[root@localhost named]# vim yq.lan.localhost
[root@localhost named]# cp -a ./yq.lan.localhost ./yq.lan.loopback
[root@localhost named]# vim ./yq.lan.loopback
[root@localhost named]# cp -a ./yq.lan.localhost ./yq.wan.loopback
[root@localhost named]# vim ./yq.wan.loopback
[root@localhost named]# cp -a ./yq.wan.localhost ./yq.wan.loopback
[root@localhost named]# vim ./yq.wan.loopback
[root@localhost named]# cat ./
data/ named.ca named.localhost slaves/ yq.lan.loopback yq.wan.loopback
dynamic/ named.empty named.loopback yq.lan.localhost yq.wan.localhost
[root@localhost named]# cat ./yq.lan.localhost ./yq.lan.loopback ./yq.wan.localhost ./yq.wan.loopback
$TTL 1D
@ IN SOA yq.com. rname.invalid. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS dns.yq.com.
dns A 192.168.18.30
www A 192.168.18.20
$TTL 1D
@ IN SOA yq.com. rname.invalid. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS dns.yq.com.
20 PTR www.yq.com.
30 PTR dns.yq.com.
$TTL 1D
@ IN SOA yq.com. rname.invalid. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS dns.yq.com.
dns A 100.100.100.30
www A 100.100.100.20
$TTL 1D
@ IN SOA yq.com. rname.invalid. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS dns.yq.com.
30 PTR dns.yq.com.
20 PTR www.yq.com.
[root@localhost named]#
[root@localhost named]# systemctl restart named
[root@localhost named]#
#7-2 外网测试机(apache)
[root@localhost ~]# yum -y install httpd #安装httpd
[root@localhost ~]# echo "Welcome to My home" >> /var/www/html/index.html #写入网页
[root@localhost ~]#
[root@localhost ~]# systemctl restart httpd #启动服务
#7-1 内网测试机
[root@localhost ~]# ping 100.100.100.40 #搭建好路由后进行的测试
PING 100.100.100.40 (100.100.100.40) 56(84) bytes of data.
64 bytes from 100.100.100.40: icmp_seq=1 ttl=63 time=0.773 ms
64 bytes from 100.100.100.40: icmp_seq=2 ttl=63 time=0.605 ms
64 bytes from 100.100.100.40: icmp_seq=3 ttl=63 time=0.714 ms
^C
--- 100.100.100.40 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2000ms
rtt min/avg/max/mdev = 0.605/0.697/0.773/0.072 ms
[root@localhost ~]# nslookup dns.yq.com #从内网解析
Server: 192.168.10.30
Address: 192.168.10.30#53
Name: dns.yq.com
Address: 192.168.18.30
#7-4 web服务器测试机
[root@localhost ~]# nslookup dns.yq.com #从外网解析
Server: 100.100.100.30
Address: 100.100.100.30#53
Name: dns.yq.com
Address: 100.100.100.30