DNS用来做主机名和IP地址的解析
DHCP用来动态分配IP
这里要做的是,使DHCP在分配IP时,动态更新DNS的解析记录
服务器IP:192.168.0.202
客户端测试IP:192.168.0.240-250
1、DHCP
[root@dd ~]# yum install dhcp.x86_64 -y
[root@dd ~]# vim /etc/dhcp/dhcpd.conf
参考/usr/share/doc/dhcp*/dhcpd.conf.sample
option domain-name "example.com";
option domain-name-servers 192.168.0.202;
default-lease-time 600;
max-lease-time 7200;
log-facility local7;
subnet 192.168.0.0 netmask 255.255.255.0 {
range 192.168.0.240 192.168.0.250;
option routers 192.168.0.1;
}
最后需加入
ddns-update-style interim;
update-conflict-detection false;
key ddns {
algorithm hmac-md5;
secret MARnLjY0Har0LMmn8R/Biw==;
};
zone example.com. {
primary 192.168.0.202;
key ddns;
}
测试DHCP,使用另外一台虚拟机test,ip为自动获取,OK
2、DNS
[root@dd mnt]# yum install bind.x86_64 bind-chroot.x86_64 -y
[root@dd mnt]# dnssec-keygen -a HMAC-MD5 -b 128 -n HOST ddns
[root@dd named]# /etc/init.d/named start
在/var/named/chroot/etc下cp -p rndc.key ddns.key
更改ddns为
key "ddns" {
algorithm hmac-md5;
secret "MARnLjY0Har0LMmn8R/Biw==";
};
更改named.conf
添加include "/etc/ddns.key";
options {
listen-on port 53 { any; }; 监听所有
// listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { any; }; 允许任何用户访问
recursion yes;
dnssec-enable yes;
dnssec-validation yes;
dnssec-lookaside auto;
/* Path to ISC DLV key */
bindkeys-file "/etc/named.iscdlv.key";
managed-keys-directory "/var/named/dynamic";
};
向named.rfc1912.zones添加
zone "example.com" IN {
type master;
file "example.com.zone";
allow-update { key ddns; };
};
/var/named/复制cp -p named.localhost example.com.zone,写入如下内容:
$TTL 1D
@ IN SOA dd.example.com. root.example.com. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS dd.example.com.
dd A 192.168.0.202
ThinkPad A 192.168.0.1
正向解析和动态更新到此就做完了,剩下可以做做反向解析和主从DNS
3、反向PTR记录
[root@dd named]# vim chroot/etc/named.rfc1912.zones
zone "0.168.192.in-addr.arpa" IN {
type master;
file "example.com.ptr";
allow-update { none; };
};
[root@dd named]# cp -p named.loopback example.com.ptr
$TTL 1D
@ IN SOA dd.example.com. root.example.com. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS dd.example.com.
202 PTR dd.example.com.
1 PTR ThinkPad.example.com.
[root@dd named]# dig -x 192.168.0.202
4、主从DNS
(1)辅助DNS配置IP=192.168.0.210
另外一台主机安装DNS yum install bind bind-chroot
修改配置文件name.conf (同上)
编辑域文件:
vim named.rfc1912.zones
zone "example.com" IN {
type slave;
masters { 192.168.0.202; }; (指定主DNS的IP)
file "slaves/example.com.zone"; (同步的A纪录文件)
allow-update { none; };
};
重启DNS后
/var/named/chroot/var/named/slaves目录下会生成example.com.zone(同步而来)
(2)主DNS配置(master)IP=192.168.0.202
vim named.rfc1912.zones
zone "example.com" IN {
type master;
file "example.com.zone";
allow-transfer { 192.168.0.210; }; (允许210上的DNS同步,【any,192.168.0.0./24】)
allow-update { none; };
};
重启DNS
(3)测试
任一台机子指定为辅助DNS做解析
vim /etc/resolv.conf
nameserver 192.168.0.210(辅助DNS)
dig dd.example.com