Linux Centos 6.5 DNS master-slave replication configuration (bind-9.8.2)

Source: Internet
Author: User
Tags dnssec yum repolist

Test environment:
Os:centos 6.5
bind:9.8.2
Software Installation method: Yum
Main Dns:realserver1 192.168.200.134
From Dns:realserver2 192.168.200.135
Test server: test01 192.168.200.136

First Step: Environment preparation
Mounting the ISO disc provides a local Yum source, and if your server can provide an external network, you may not need to configure the local Yum source to use the network Yum source directly.
Local Yum Source configuration:
1, ISO to upload the mirror to the server root directory, such as file name: Centos6.5_release.iso
[Email protected] ~]# Mount-o loop-t iso9660/centos6.5_release.iso/mnt/

2. Establishment of local Yum warehouse
[Email protected] ~]# Vim/etc/yum.repos.d/test.repo
[Base]
Name=test
baseurl=file:///mnt/
Gpgcheck=0
Enabled=1

3. Clear Yum Cache, List warehouse
[email protected] ~]# Yum Clean all
[email protected] ~]# Yum repolist

Note: CentOS comes with a network Yum source without using local yum, direct [[email protected] ~]yum-y install XXX #安装需要的软件. Yum verbose configuration (http://www.cnblogs.com/chuncn/archive/2010/10/17/1853915.html)

Step two: Primary DNS server Configuration
1. Install the package required for primary DNS
[Email protected] ~]# yum-y install bind bind-chroot bind-util bind-libs
[[Email protected] ~] #rpm-ql bind//View all RPM-installed files
/etc/named.conf//dns Master configuration file

2. master configuration configuration for Primary DNS
[[email protected] ~]ls-lh/etc/named.conf Master profile permissions are as follows (red font)
-rw-r-----1 root named 934 October 23:06/etc/named.conf

[Email protected] ~]# vim/etc/named.conf
Options {
Listen-on Port 53 {192.168.200.134;}; The port of the listener is the primary DNS address
Listen-on-v6 Port 53 {:: 1;}; IPV6 Listening Port Address
Directory "/var/named"; DNS root directory
Dump-file "/var/named/data/cache_dump.db"; Cache files
Statistics-file "/var/named/data/named_stats.txt"; Statistics file
Memstatistics-file "/var/named/data/named_mem_stats.txt"; Statistics for memory usage
allow-query {any;}; Allow those clients to request
recursion Yes; Supports recursion
Dnssec-enable Yes;
Dnssec-validation Yes;
Dnssec-lookaside Auto;

    /* Path to ISC DLV key */    bindkeys-file "/etc/named.iscdlv.key";    managed-keys-directory "/var/named/dynamic";

};

Logging {//log path/var/named/data/named.run
Channel Default_debug {
File "Data/named.run";
Severity dynamic;
};
};

Zone "." In {//record all root domain addresses
Type hint;
File "named.ca";
};

Zone "test.com" in {//forward adding a test area
Type master; DNS Type "master"
File "Test.com_zone"; Forward parsing zone filename test.com_zone, under/var/named directory
Allow-transfer {192.168.200.135;}; Allow from DNS, synchronize
};

Zone "200.168.192.in-addr.arpa" in {//reverse Zone
Type master; DNS Type "master"
File "192.168.200.zone"; Reverse parse zone filename 192.168.200.zone, under/var/named directory
Allow-transfer {192.168.200.135;}; Allow from DNS, synchronize
};

Include "/etc/named.rfc1912.zones";
Include "/etc/named.root.key";
3. Create positive and negative parsing zone files and configure DNS records.
[[email protected] ~]# Vim/var/named/test.com_zone//forward parsing area
$TTL 1D
@ in SOA ns1.test.com. Mail.test.com. (
2017071411; Serial
1D; Refresh
1H; Retry
1W; Expire
3H); Minimum
@ in NS ns1.test.com.
Ns1.test.com. In A 192.168.200.134
@ in NS ns2.test.com.
Ns2.test.com. In A 192.168.200.135
www.test.com. In A 192.168.200.136
Tt.test.com. In A 192.168.200.135
Test.test.com. In A 192.168.200.135

[[email protected] ~]# vim/var/named/192.168.200.zone//Reverse parsing area
$TTL 1D
@ in SOA ns1.test.com. Mail.test.com. (
2017071412; Serial//Synchronous coding
1D; Refresh
1H; Retry
1W; Expire
3H); Minimum
@ in NS ns1.test.com.
134 in PTR ns1.test.com.
@ in NS ns2.test.com.
135 in PTR ns2.test.com.
136 in PTR www.test.com.
135 in PTR tt.test.com.
135 in PTR test.test.com.

#同步编码, each primary DNS modification requires that the encoding be changed from DNS to be synchronized

4. Restart the DNS service to verify that DNS is in effect
[Email protected] ~]# service named Configtest
[[email protected] ~]# named-checkconf//Check configuration file syntax
[[Email protected] ~]# service named restart//Restart DNS services

5, test Server (192.168.200.136) for testing
[Email protected] ~]# echo nameserver 192.168.200.134 >>/etc/resolv.conf
[[email protected] ~]# ping www.test.com//can parse normally
Note: The test machine sets its own DNS to primary DNS and tests DNS for A records

Step three: From DNS configuration
Mounting the ISO disc provides a local Yum source, and if your server can provide an external network, you may not need to configure the local Yum source to use the network Yum source directly.
Local Yum Source configuration:
1, ISO to upload the mirror to the server root directory, such as file name: Centos6.5_release.iso
[Email protected] ~]# Mount-o loop-t iso9660/centos6.5_release.iso/mnt/

2. Establishment of local Yum warehouse
[Email protected] ~]# Vim/etc/yum.repos.d/test.repo
[Base]
Name=test
baseurl=file:///mnt/
Gpgcheck=0
Enabled=1

3. Clear Yum Cache, List warehouse
[email protected] ~]# Yum Clean all
[email protected] ~]# Yum repolist

Note: CentOS comes with a network Yum source without using local yum, direct [[email protected] ~]yum-y install XXX #安装需要的软件. Yum verbose configuration (http://www.cnblogs.com/chuncn/archive/2010/10/17/1853915.html)

1. Install the required packages from DNS
[Email protected] ~]# yum-y install bind bind-chroot bind-util bind-libs
[[Email protected] ~] #rpm-ql bind//View all RPM-installed files
/etc/named.conf//dns Master configuration file

2. master configuration configuration from DNS
[[email protected] ~]ls-lh/etc/named.conf Master profile permissions are as follows (red font)
-rw-r-----1 root named 934 October 23:06/etc/named.conf

[Email protected] ~]# vim/etc/named.conf
Options {
Listen-on Port 53 {192.168.200.135;};
Listen-on-v6 Port 53 {:: 1;};
Directory "/var/named";
Dump-file "/var/named/data/cache_dump.db";
Statistics-file "/var/named/data/named_stats.txt";
Memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query {any;};
recursion Yes;

    dnssec-enable yes;    dnssec-validation yes;    dnssec-lookaside auto;    /* Path to ISC DLV key */    bindkeys-file "/etc/named.iscdlv.key";    managed-keys-directory "/var/named/dynamic";

};

Logging {
Channel Default_debug {
File "Data/named.run";
Severity dynamic;
};
};

Logging {
Channel Default_debug {
File "Data/named.run";
Severity dynamic;
};
};

Zone "." in {
Type hint;
File "named.ca";
};

Zone "test.com" in {
Type slave;
File "Test.com_zone";
Masters {192.168.200.134;};

};

Zone "200.168.192.in-addr.arpa" in {
Type slave;
File "192.168.200.zone";
Masters {192.168.200.134;};
};

Include "/etc/named.rfc1912.zones";
Include "/etc/named.root.key";
3, edit the permissions to file the resolution, synchronization time has permissions
[Email protected] ~]# chmod 770/var/named/
[Email protected] ~]# ll/var/named/-D
DRWXRWX---6 root named 4096 Oct 10:49/var/named/

4. Check the configuration from DNS and start the service
[Email protected] ~]# service named Configtest
[[email protected] ~]# named-checkconf//Check configuration file syntax
[[Email protected] ~]# service named restart//Restart DNS services
Note: After the restart is complete, the configuration file from DNS is synchronized to the primary DNS
[[email protected] ~]# Cat/var/named/test.com_zone//Can see a record of sync

5, test server for testing, from the DNS can also be resolved
[Email protected] ~]# dig @192.168.200.135 www.test.com
Note: Domain name resolution can also be provided from DNS

Fourth step: test whether Master and slave can synchronize
1. Add a record to the primary DNS forward parsing file
[Email protected] ~]# Vim/var/named/test.com_zone
$TTL 1D
@ in SOA ns1.test.com. Mail.test.com. (
2017071412; Serial//Be sure to modify the sync encoding
1D; Refresh
1H; Retry
1W; Expire
3H); Minimum
@ in NS ns1.test.com.
Ns1.test.com. In A 192.168.200.134
@ in NS ns2.test.com.
Ns2.test.com. In A 192.168.200.135
www.test.com. In A 192.168.200.136
Tt.test.com. In A 192.168.200.135
Test.test.com. In A 192.168.200.135
Nihao.test.com. In a 192.168.200.136//added a record

#同步码一定要修改, from being able to sync to

2. Reload the primary DNS configuration file
[Email protected] ~]#/etc/init.d/named Reload

3. The DNS configuration file has been synchronized
[Email protected] ~]# Cat/var/named/test.com_zone

Not to be continued .... Next section Lvs+dns+keepalived

Linux Centos 6.5 DNS master-slave replication configuration (bind-9.8.2)

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.