版权声明:本文为博主原创文章,转载请标明出处。 https://blog.csdn.net/ctypyb2002/article/details/89512715
os: centos 7.4
在安装 oracle rac 时,使用 scan 需要使用 dns,所以搭建一个简单测试dns.
testcluster1-scan.peiyongbin.com
192.168.56.141
192.168.56.142
192.168.56.143
版本
# lsb_release -a
LSB Version: :core-4.1-amd64:core-4.1-noarch:cxx-4.1-amd64:cxx-4.1-noarch:desktop-4.1-amd64:desktop-4.1-noarch:languages-4.1-amd64:languages-4.1-noarch:printing-4.1-amd64:printing-4.1-noarch:trialuse-4.1-amd64:trialuse-4.1-noarch
Distributor ID: CentOS
Description: CentOS Linux release 7.4.1708 (Core)
Release: 7.4.1708
Codename: Core
# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: enp0s3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 08:00:27:7b:60:a0 brd ff:ff:ff:ff:ff:ff
inet 10.0.2.6/24 brd 10.0.2.255 scope global dynamic enp0s3
valid_lft 814sec preferred_lft 814sec
inet6 fe80::4314:f1b1:76f4:9949/64 scope link
valid_lft forever preferred_lft forever
3: enp0s8: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 08:00:27:b2:b4:5e brd ff:ff:ff:ff:ff:ff
inet 192.168.56.100/24 brd 192.168.56.255 scope global enp0s8
valid_lft forever preferred_lft forever
inet6 fe80::8d62:4987:9164:60e0/64 scope link
valid_lft forever preferred_lft forever
安装
# yum -y install bind*
# systemctl status named;
# systemctl enable named;
# which named
/usr/sbin/named
/etc/named.conf
# vi /etc/named.conf
//
// named.conf
//
// Provided by Red Hat bind package to configure the ISC BIND named(8) DNS
// server as a caching only nameserver (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
// See the BIND Administrator's Reference Manual (ARM) for details about the
// configuration located in /usr/share/doc/bind-{version}/Bv9ARM.html
options {
listen-on port 53 { 192.168.56.100; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
recursing-file "/var/named/data/named.recursing";
secroots-file "/var/named/data/named.secroots";
allow-query { any; };
/*
- If you are building an AUTHORITATIVE DNS server, do NOT enable recursion.
- If you are building a RECURSIVE (caching) DNS server, you need to enable
recursion.
- If your recursive DNS server has a public IP address, you MUST enable access
control to limit queries to your legitimate users. Failing to do so will
cause your server to become part of large scale DNS amplification
attacks. Implementing BCP38 within your network would greatly
reduce such attack surface
*/
recursion yes;
dnssec-enable yes;
dnssec-validation yes;
/* Path to ISC DLV key */
bindkeys-file "/etc/named.iscdlv.key";
managed-keys-directory "/var/named/dynamic";
pid-file "/run/named/named.pid";
session-keyfile "/run/named/session.key";
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
zone "." IN {
type hint;
file "named.ca";
};
zone "peiyongbin.com" IN {
type master;
file "named.peiyongbin.com";
};
zone "56.168.192.in-addr.arpa" IN {
type master;
file "named.192.168.56";
};
include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";
/var/named/named.peiyongbin.com
正解数据库文件中必须要有$TTL、SOA、NS、A记录。
# vi /var/named/named.peiyongbin.com
$TTL 1D
@ IN SOA dns1.peiyongbin.com. www.peiyongbin.com. (
2018042501 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
@ IN NS dns1.peiyongbin.com. ;
dns1.peiyongbin.com. IN A 192.168.56.100 ;
testcluster1-scan.peiyongbin.com. IN A 192.168.56.141 ;
testcluster1-scan.peiyongbin.com. IN A 192.168.56.142 ;
testcluster1-scan.peiyongbin.com. IN A 192.168.56.143 ;
testcluster2-scan.peiyongbin.com. IN A 192.168.56.241 ;
testcluster2-scan.peiyongbin.com. IN A 192.168.56.242 ;
testcluster2-scan.peiyongbin.com. IN A 192.168.56.243 ;
/var/named/named.192.168.56
反解数据库文件必须有$TTL、SOA、NS、PTR记录
# vi /var/named/named.192.168.56
$TTL 1D
@ IN SOA dns1.peiyongbin.com. www.peiyongbin.com. (
2018042501 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
@ IN NS dns1.peiyongbin.com. ;
100 IN PTR www.peiyongbin.com. ;
100 IN PTR testcluster1-scan.peiyongbin.com. ;
100 IN PTR testcluster2-scan.peiyongbin.com. ;
测试
dns 服务器上重启 named
# systemctl restart named
# systemctl status named
随便一台linux 机器上操作
# vi /etc/resolv.conf
options attempts: 2
options timeout: 1
search testcluster1-scan.peiyongbin.com peiyongbin.com
nameserver 192.168.56.100
# vi /etc/nsswitch.conf
hosts: files dns nis
# dig testcluster1-scan.peiyongbin.com
# dig -x 192.168.56.141
# nslookup testcluster1-scan.peiyongbin.com
Server: 192.168.56.100
Address: 192.168.56.100#53
Name: testcluster1-scan.peiyongbin.com
Address: 192.168.56.141
Name: testcluster1-scan.peiyongbin.com
Address: 192.168.56.143
Name: testcluster1-scan.peiyongbin.com
Address: 192.168.56.142
好了,一个能满足oracle rac scan 测试的dns服务器就搭建完成.
参考: