This blog will lead them to learn DNS DNS service a little experiment: DNS separate resolution.
structure:
- Generality
- Environmental Analysis
- Specific experiments
I. Introduction
DNS domain name service can be converted to the corresponding IP address, the machine easy to identify.
So what is it resolved DNS separation?
Isolated resolved domain name server is still actual primary domain name server, where the separation of said parsing (Split DNS), mainly refers to providing different DNS records according to different clients.
Second, environmental analysis
Total prepare a Linux virtual server, install two network cards (as a gateway). Responsible for connecting a LAN, a WAN connection is responsible for, respectively, client impersonation by using two WAN and LAN by parsing the same domain name. Simulation environment is as follows:
Third, the specific experiment
We want to complete the separation of analytical needs
1, set a static IP address for two network cards were used as a gateway
2, building a complete DNS service on the server
The first is to install the DNS service
1, input: "yum the install the bind -Y"
2, the server host mode is set only
practical operation is as follows:
Then there is the static IP settings
1, input: vim / etc / sysconfig / network -scripts / ifcfg-ens33 into the configuration of a card
2, the dhcp modify static
. 3, press enter G last line, the next line by inserting o
4, enter: "IPADDR = 192.168.100.1 "
. 5, enter input:" NETMASK = 255.255.255.0 "
. 6, enter": wq "to save and exit
the specific operation as shown below:
Followed by a second configuration of the network card
1、输入:
cp -p /etc/sysconfig/network-scripts/ifcfg-ens33 /etc/sysconfig/network-scripts/ifcfg-ens36
将第一块网卡的配置信息同目录复制并重命名ens36
2、输入:vim /etc/sysconfig/network-scripts/ifcfg-ens36 进行第二块网卡的配置
3、输入:“:% s/ens33/ens36/g”将配置文件中所有的ens33进行替换
4、将配置文件中的IPADDR替换成12.0.0.1
5、删除UUID,保存退出
具体操作如下图:
最后重启网络服务并验证结果
1、输入:“systemctl restart network”重启网络服务
2、输入:“ifconfig”进行验证
具体操作如下图:
完成了静态IP的配置,在Linux服务器上所需要进行的操作也进入尾声了。下面所需要做的就是把DNS域名解析服务建立起来。
首先是修改DNS的全局配置文件
1、输入:“vim /etc/named.conf”
2、将“listen-on port 53”后面的IP地址修改为“any”
3、修改“allow-query”后面括号的内容为“any”
4、输入:“:wq”保存退出
实例如下:
然后是区域配置文件的修改
1、输入:“vim /etc/named.rfc1912.zones”
2、手动输入:下图中所有内容
实例
最后是区域数据配置文件的修改
1、输入:“cp -p /var/named/named.localhost /var/named/named.kgc.lan”将模板文件复制到同目录下并重命名为“named.kgc.lan”——连接局域网的网卡
2、输入:“vim /var/named/named.kgc.lan”进行修改
3、将A记录后面的地址进行修改:“192.168.100.1”
4、添加两条解析:“www IN A 192.168.100.88”、“smtp IN A 192.168.100.99”
5、输入:“:wq”保存退出
实例如下:
接下来是对第二块连接广域网网卡的设置
1、输入:“cp -p /var/named/named.kgc.lan /var/named/named.kgc.wan”将配置文件进行复制并重命名为“named.kgc.wan”
2、输入:“vim /var/named/named.kgc.wan”对数据配置文件进行编辑
3、修改A记录:“A 12.0.0.1”
4、修改原有域名对应地址为“12.0.0.1”
实例如下:
最后在Linux上进行的操作就是服务的开启,并关闭防火墙。
1、输入:“systemctl start named”开启DNS服务
2、输入:“systemctl stop firewall”关闭防火墙
3、输入:“setenforce 0”关闭增强性安全功能
实例:
完成了Linux服务器上的全部设置,下面进入PC客户端,为其分别设置固定的IP。
首先,进入连接局域网的Win10客户端
1, the network provided the central opening
2, select the setting to change the adapter
3, the client specifies a fixed IP (192.168.100.100) and the gateway (192.168.100.1)
examples are as follows:
LAN users within the analog domain name resolved
1, type: "nslookup www.kgc.com" parsing
Example:
Secondly, Win7 client connects into the WAN
1, the network provided the central opening
2, select the setting to change the adapter
3, the client specifies a fixed IP (12.0.0.12) and a gateway (12.0.0.1)
examples are as follows:
Analog WAN users to resolve domain names (the same domain name will parse out the different IP address)
1, type: "nslookup www.kgc.com" parsing
Example:
