DNS master-slave configuration under Linux environment

Source: Internet
Author: User

1,dns Master-Slave principle

in order to resolve the primary server load is overloaded, to achieve load balancer configuration from the server, the master server after each modification will be sent to the slave server, the master server receives the slave request, the SOA record sent to the slave server, When the slave server receives the serial number in its own SOA and compares it to its own ,Slave will send a zone if the serial value is greater than the native Transfer zone transfer request. Master responds to zone transfer requests and transmits the results until the entire slave update is complete.

2,dns Master-Slave configuration

Lab Environment:

1,centos Release 6.4 (Final) 2 units

2,ip Address: 192.168.1.119 (master),192.168.1.126 (from)

Note the point:

1, to ensure the same time;

2, the master server bind version can be lower than the slave, from the service bind version cannot be lower than the master;

3, the master-slave server is not necessarily in the same network segment, but to be able to communicate with each other.

Primary server configuration:

Modify the Zone Profile---> Add an NS record and a corresponding A or PTR record in the zone data file for the slave server

This modification/var/named/conan.com.zone and/var/named/arpa.conan.zone

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M00/6B/65/wKiom1UsfLzRQQ_AAAEwVBsMh7M590.jpg "title=" 11.jpg "alt=" Wkiom1usflzrqq_aaaewvbsmh7m590.jpg "/>

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M00/6B/60/wKioL1UsftmD-BGPAAEr4P4J7KQ324.jpg "title=" 222. JPG "alt=" wkiol1usftmd-bgpaaer4p4j7kq324.jpg "/>

It is important to note that the zone transfer security control is added to the primary service profile, 192.168.1.126 is the slave server IP:

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M00/6B/65/wKiom1UsftLxNFCLAAFT3dq65Ik400.jpg "title=" 22222. JPG "alt=" wkiom1usftlxnfclaaft3dq65ik400.jpg "/>

From the server configuration (modify configuration file/etc/named.conf):

1, the specified type is slave

2, specify Masters address

3, specify the zone file save location: Because "/var/name" does not have write permission to the named process, there is a slave directory under/var/name, the named process has write access to it, so it is saved in the slaves directory for added security.

4, from the server should not allow other servers to synchronize, so zone transfer security control Allow-transfer should be set to none.

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M00/6B/65/wKiom1UsgceByrs8AAEfwRPq9pk281.jpg "title=" 222222.jpg "alt=" Wkiom1usgcebyrs8aaefwrpq9pk281.jpg "/>

Check the master-slave server syntax and start without errors:

To view the primary server log start transfer:

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M02/6B/61/wKioL1UshTjh4HiFAAF52l8KHOY705.jpg "title=" 121. JPG "alt=" wkiol1ushtjh4hifaaf52l8khoy705.jpg "/> test whether the address can be resolved from the server:

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M02/6B/66/wKiom1UshKnRj7SHAALW3udswZ8871.jpg "title=" 1.jpg " alt= "Wkiom1ushknrj7shaalw3udswz8871.jpg"/>

Simulate modifying the master service resolution record and modifying the serial number to see if the server is synchronized:

Before modifying from server Conan.com.zone:

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M01/6B/62/wKioL1Ushouw-zD4AAGKMG-bVMA217.jpg "title=" 1.jpg " alt= "Wkiol1ushouw-zd4aagkmg-bvma217.jpg"/>

Modify the primary service zone file configuration to add a record: This time, serial number is not modified.

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M02/6B/66/wKiom1UshkagJKxLAAFIyJLsv6w469.jpg "style=" float: none; "title=" 1.jpg "alt=" Wkiom1ushkagjkxlaafiyjlsv6w469.jpg "/>

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M00/6B/62/wKioL1Ush5fh-0b9AAEF58AnDHk630.jpg "style=" float: none; "title=" 12.jpg "alt=" Wkiol1ush5fh-0b9aaef58andhk630.jpg "/>

After modifying serial number

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M01/6B/66/wKiom1UshzHiEiONAACU4sqcCQQ953.jpg "style=" float: none; "title=" 1.jpg "alt=" Wkiom1ushzhieionaacu4sqccqq953.jpg "/>

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M02/6B/62/wKioL1UsiILBBx3sAACiZsu8esY981.jpg "style=" float: none; "title=" 12.jpg "alt=" Wkiol1usiilbbx3saacizsu8esy981.jpg "/>

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M02/6B/62/wKioL1UsiIKBgbfFAAHhjh0lUgE223.jpg "style=" float: none; "title=" 13.jpg "alt=" Wkiol1usiikbgbffaahhjh0luge223.jpg "/>




























DNS master-slave configuration under Linux environment

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.