文章目录
前言
分离解析的域名服务器实际上还是主域名服务器,这里所说哦的分离解析,主要是根据不同的客户端提供不同的域名解析记录。
实验拓扑图:
一:实验目的
利用DNS的分离解析来达到针对不同的客户端访问网站时,分别解析到不同的主机,以达到负载均衡的目的
二:实验环境
准备一台机器为主机1.操作系统是cenots 7 两张网卡 地址分别为192.168.100.100和12.0.0.1
第二台机器为主机2,操作系统是win 10,地址是192.168.100.100
第三台机器为主机3,操作系统是win 7,地址是12.0.0.1
2.1:Linux安装bind
首先下载bind ##我们这边已经安装过了
[root@localhost ~]# yum -y install bind
已加载插件:fastestmirror, langpacks
Loading mirror speeds from cached hostfile
* base: mirrors.bfsu.edu.cn
* extras: mirrors.bfsu.edu.cn
* updates: mirrors.bfsu.edu.cn
软件包 32:bind-9.11.4-16.P2.el7_8.6.x86_64 已安装并且是最新版本
无须任何处理
[root@localhost ~]# rpm -q bind
bind-9.11.4-16.P2.el7_8.6.x86_64
2.2:网络设置仅主机模式,机器设置两块网卡(主机1)
[root@localhost ~]# ifconfig ##查看网卡信息 里面有两块网卡
ens33: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 12.0.0.1 netmask 255.255.255.0 broadcast 12.0.0.255
inet6 fe80::fce1:77f:7a9:b103 prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:84:c1:e3 txqueuelen 1000 (Ethernet)
RX packets 2723 bytes 3163431 (3.0 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 1063 bytes 84843 (82.8 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
ens36: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.100.2 netmask 255.255.255.0 broadcast 192.168.100.255
inet6 fe80::45d1:cf4f:e061:4ff1 prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:84:c1:ed txqueuelen 1000 (Ethernet)
RX packets 212 bytes 24777 (24.1 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 206 bytes 20546 (20.0 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Local Loopback)
RX packets 147 bytes 13332 (13.0 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 147 bytes 13332 (13.0 KiB)
TX errors 0 dropped 0 overruns:2.3: 0 carrier 0 collisions
2.3:编辑第一块网卡ens33
2.4:编辑第二块网卡ens36
[root@localhost named]# cd
[root@localhost ~]# cd /etc/sysconfig
[root@localhost sysconfig]# cd
[root@localhost ~]# cd /etc/sysconfig/network-scripts/
[root@localhost network-scripts]# cp -p ifcfg-ens33 ifcfg-ens36
2.5:设置内网的windows 10的IP地址
2.6: 配置广域网win 7 IP地址
2.7:修改主机1的主配置文件
[root@localhost ~]# vim /etc/named.conf
options {
13 listen-on port 53 { any; }; ##监听所有地址//修改为any
14 listen-on-v6 port 53 { ::1; };
15 directory "/var/named";
16 dump-file "/var/named/data/cache_dump.db";
17 statistics-file "/var/named/data/named_stats.txt";
18 memstatistics-file "/var/named/data/named_mem_stats.txt";
19 recursing-file "/var/named/data/named.recursing";
20 secroots-file "/var/named/data/named.secroots";
21 allow-query { any; }; ##所有网卡都可以解析地址//改为any
:wq ###保存退出
2.8:修改区域配置文件
[root@localhost ~]# vim /etc/named.rfc1912.zones
// named.rfc1912.zones:
//
// Provided by Red Hat caching-nameserver package
//
// ISC BIND named zone configuration for zones recommended by
// RFC 1912 section 4.1 : localhost TLDs and address zones
// and http://www.ietf.org/internet-drafts/draft-ietf-dnsop-default-local-zones-02.txt
// (c)2007 R W Franks
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
view "lan" {
match-clients { 192.168.100.0/24; };
zone "kgc.com" IN {
type master;
file "kgc.com.lan";
};
zone "." IN {
type hint;
file "named.ca";
};
};
view "wan" {
match-clients { 12.0.0.0/24; };
zone "kgc.com" IN {
type master;
file "kgc.com.wan";
};
};
:wq 保存退出
2.9:编辑区域数据配置文件
[root@localhost ~]# cd /var/named/
[root@localhost named]# cp -p named.localhost kgc.com.lan
[root@localhost named]# vim kgc.com.lan
1D
@ IN SOA kgc.com. admin.kgc.com. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS kgc.com.
A 192.168.100.1 ##win10解析地址修改网关
www IN A 192.168.100.88 ##wind 10解析www.kgc.com为192.168.100.88
smtp IN A 192.168.100.99
:wq 保存退出
[root@localhost named]# cp -p kgc.com.lan kgc.com.wan
[root@localhost named]# vim kgc.com.wan
$TTL 1D
@ IN SOA kgc.com. admin.kgc.com. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS kgc.com.
A 12.0.0.1
www IN A 12.0.0.1
smtp IN A 12.0.0.1
三:验证
[root@localhost named]# systemctl start named ##重启服务
[root@localhost named]# systemctl stop firewalld.service ##关闭防火墙
[root@localhost named]# setenforce 0 ##关闭增强安全功能
3.1:局域网win 10测试
3.2:广域网win7 测试
本次实验结束,感谢观看