DNS2
访问主机用户过多,开启分机减轻负担
主机
zone "taxing.com" IN {
type master;
file "taxing.com.zone";
allow-update { none; };
allow-transfer {172.25.254.224;};
从机
zone "taxing.com" IN {
type slave;
masters {172.25.254.124;};
file "slaves/taxing.com.zone";
allow-update { none; };
时时同步
主机
vim /var/namedtaxing.com.zone
$TTL 1D
@ IN SOA DNS.taxing.com. root.taxing.com. (
201611261 ; serial #最大为十位 文件在更新时查看比较的值,不同则更新 (rm -rf /var/name/slaves/taxing.com.zone; systemctl restart named)
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS dns
dns A 172.25.254.124
www A 172.25.254.138
~
每次修改ip的时候都要修改serial值
vim /etc/name.rfc1912.zones
zone "taxing.com" IN {
type master;
file "taxing.com.zone";
allow-update { none; };
allow-transfer {172.25.254.224;};
also-notify {172.25.254.224;}; ##修改完通知从机
};
远程控制修改
客户端
setenforce 0
[root@localhost slaves]# nsupdate
> server 172.25.254.124
> update delete www.taxing.com
> update add www.taxing.com 86400 A 172.25.254.138 #86400s缓存时间
> send
> quit
主机
setenforc 0
vim /etc/named.rfc1912.zones
zone "taxing.com" IN {
type master;
file "taxing.com.zone";
allow-update { 172.25.254.224; };
};
chmod 770 /var/name/
reboot后会同步更新后的内容,先备份cp -p taxing.com.zone /mnt 重起后再删除taxing.com.zone.jnl 和已经同步了的taxing.com.zone 把备份了的taxing.com.zone 复制回来 cp -p /mnt/taxing.com.zone .
密钥匙认证
主机
dnssec-keygen -a HMAC-MD5 -b 128 -n HOST taxing
cat Ktaxing.+157+22634.key
cat Ktaxing.+157+22634.private
cp -p /etc/rndc.key /etc/taxing.key
vim /etc/taxing.key
key "taxing" {
algorithm hmac-md5;
secret "YtJ6Y7kyfL5moClanMIS6Q==";
};
vim /etc/named.rfc1912.zones
zone "taxing.com" IN {
type master;
file "taxing.com.zone";
allow-update { key taxing; };
};
systemctl restart named
scp Ktaxing.+157+22634.* root@172.25.254.224:/mnt/
客户机
[root@localhost mnt]# nsupdate -k Ktaxing.+157+22634.private
> server 172.25.254.124
> update delete www.taxing.com
> send
> quit
花生壳动态dhcp DNS获取
主机
vim /etc/dhcp/dhcpd.conf
# Use this to enble / disable dynamic dns updates globally.
ddns-update-style interim;
subnet 172.25.254.0 netmask 255.255.255.0 {
range 172.25.254.224 172.25.254.242;
option routers 172.25.254.124;
}
key taxing {
algorithm hmac-md5;
secret YtJ6Y7kyfL5moClanMIS6Q==;
};
zone taxing.com.{
primary 127.0.0.1;
key taxing;
}
vim /var/name/taxing.com.zone
41,1-8 90%
客户端
打开动态获取dhcp
hostnamectl set-hostname timo.taxing.com
dig timo.taxing.com
gnome-screenshot -a #截图
为巴南等地区用户提供了全套网页设计制作服务,及巴南网站建设行业解决方案。主营业务为成都网站制作、网站建设、外贸网站建设、巴南网站设计,以传统方式定制建设网站,并提供域名空间备案等一条龙服务,秉承以专业、用心的态度为用户提供真诚的服务。我们深信只要达到每一位用户的要求,就会得到认可,从而选择与我们长期合作。这样,我们也可以走得更远!
分享文章:DNS2
标题网址:http://ybzwz.com/article/gisphs.html