Article Directory
A, dns cluster
1. Role
- In order to ease the pressure on the primary DNS server, whereby two or more secondary DNS servers, the DNS server on the formation of a DNS cluster.
- Custom: host name of the host dns_1 based dns servers, IP is 192.168.1.135; dns_2 host host name for the secondary dns servers, IP is 192.168.1.235.
Configuration procedure
2.1 secondary dns server
- Basic settings: Enable dns, and edit the master configuration file: vim the /etc/named.conf
- Configuration subfolders: vim /etc/named.rfc1912.zones
- Restart the service: systemctl restart named
2.2 primary dns server
- Sub-editing configuration files: vim /etc/named.rfc1912.zones
- Edit the zone fileChange the serial value:vim /var/named/jia.com.zone
- Restart the service: systemctl restart named
- note:
When you modify primary dns server ip and domain name, it is necessary to modify the value of "serial", andBecause in the two servers synchronize data, read the contents of the entire file system is not, but the comparison value "serial" whether there is a change (to save time), this number up to 10. and soOnly the primary dns server "serial" value, there is a change, will be considered the main secondary dns dns domain name resolution files change.
3. Test
- When not change the serial value and resolve IP on the primary dns server to resolve domain names will not be synchronized to the secondary dns server
- When IP and change the value on the primary dns server, restart services, dns auxiliary status sync changes
Two, dns update
1. Based on updated IP address
- On the dns server, edit the configuration file child, specify the IP: vim /etc/named.rfc1912.zones
After editing is complete, restart the service: systemctl restart named - In the specified client to perform the update command: the nsupdate
- Test: After the update is complete, check for updates at dns server
- Removing the Update command:
2. Based on the key update
-
生成key:dnssec-keygen -a HMAC-SHA256 -b 128 -n HOST jia
-
Copy the template to your key file, edit the key file:
cp -p /etc/rndc.key /etc/jia.key;vim/etc/jia.key
-
Edit the main configuration file, specify the encrypted file: vim the /etc/named.conf
-
Sub-editing the configuration file, change the update mode: vim /etc/named.rfc1912.zones
-
Restart the service: systemctl restart named
-
Transport public and private key to the remote host:
-
In a key way to update: the nsupdate -k /mnt/Kjia.+163+35061.private
Three, DDNS
- Defined: the DDNS (Dynamic Domain the Name Server)Dynamic Domain Name ServiceThe abbreviation is dhcp + dns. Our dynamic ip dhcp service provided by each dhcp ip changes are known, and we do not know the dns, ourddns simple to understand so that dhcp ip to change the information to tell dns.
- Configuring the DDNS:
(. 1) is mounted at the DHCP server dns: DNF the install DHCP-server.x86_64 -Y
(2) replicating the master configuration file templates: CP /usr/share/doc/dhcp-server/dhcpd.conf.example / etc /dhcp/dhcpd.conf
(3) edit the main configuration file: vim /etc/dhcp/dhcpd.conf
(4) to restart the dhcp service: systemctl restart dhcpd - Test:
(1) modify the client host name: hostnamectl SET-hostname test.jia.com
(2) is set as the host network DHCP mode : Vim / etc / sysconfig / Network-scripts / the ifcfg-ens33
(. 3) to restart the service: the restart Network systemctl
(. 4) analytical: dig test.jia.com