Use DNS master-slave for high availability to manage on-line host hosts

First, the demand

With the increase in the number of online machines, the management of/etc/hosts IP and hostname mapping, has become a bottle of strength, although, can also be used to maintain the bulk tools, but compared to DNS management, efficiency will be higher

Second, with the local experimental environment

IP Address:

10.1.2.214 Master Master DNS server-side 10.1.2.215 slave-one from DNS server side

2, I have set up a local DNS server, to achieve positive reverse resolution, then we only need to join one from the DNS server to complete, we start to configure the master-slave server

3, the primary DNS server above the additional configuration:

/var/named/abc.com.zone

$TTL  600@    IN   SOA  ns.abc.com. admin.abc.com.  (                   2016021803                   2H                   10m                   3D                   1D )           IN       NS       ns           IN      MX  10   mailns          in      a        10.1.2.214ns1        IN      A         10.1.2.215mail      IN       a        10.1.2.214mail      in       A        10.1.2.215www        IN      A         10.1.2.214www       in      a         10.1.2.215vm9       in       A        10.1.2.199vm1        in      a        10.1.2.191vm2        IN      A         10.1.2.192vm3       IN      A         10.1.2.193vm4       IN       A        10.1.2.194vm5        IN      A         10.1.2.195

III. configuration from the server

1. Primary DNS server master configuration file/etc/named.conf Copy to slave DNS server

[[email protected] named] #scp/etc/named.conf slave-one:/etc/

2. From the server Zone profile:/etc/named.rfc1912.zones

Zone "ABC.com" in {type slave;        File "Slaves/abc.com.zone";        Masters {10.1.2.214;}; Allow-transfer {none;};};        Zone "2.1.10.in-addr.arpa" in {type slave;        File "Slaves/10.1.2.zone";        Masters {10.1.2.214;}; Allow-transfer {none;};};

4. Check if the grammar is correct or not

#named-checkconf/etc/named.rfc1912.zones

5, restart named service, troubleshooting, according to the log/var/log/message

Iv. Matters of note

1, each change forward to the zone to resolve the library file, the serial number must be added 1

2, intends to put on the online environment, I made a regional transport security mechanism

<code>allow-transfer {IP;} </code>

V. Verification

1. Nslookup Verification

[email protected] named]# nslookup

> Mail.abc.comserver:10.1.2.214address:10.1.2.214#53name:mail.abc.comaddress:10.1.2.215name: mail.abc.comaddress:10.1.2.214

> 10.1.2.215 server:10.1.2.214address:10.1.2.214#53215.2.1.10.in-addr.arpaname = Mail.abc.com.215.2.1.10.in-addr.arpaname = Www.abc.com.215.2.1.10.in-addr.arpaname = ns1.abc.com.

> 10.1.2.214server:10.1.2.214address:10.1.2.214#53214.2.1.10.in-addr.arpaname = Ns.abc.com.214.2.1.10.in-addr.arpaname = Mail.abc.com.214.2.1.10.in-addr.arpaname = www.abc.com.

2, dig test,-t option to specify the type

[[email protected] named]# dig -t axfr abc.com @127.0.0.1; << >> DiG 9.8.2rc1-RedHat-9.8.2-0.37.rc1.el6_7.6 <<>> -t axfr  abc.com @127.0.0.1;;  global options: +cmdabc.com.600insoans.abc.com. admin.abc.com. 2016021803 7200  600 259200 86400abc.com.600INNSns.abc.com.abc.com.600INMX10  mail.abc.com.mail.abc.com.600ina10.1.2.214mail.abc.com.600ina10.1.2.215ns.abc.com.600ina10.1.2.214ns1.abc.com.600ina10.1 .2.215VM1.ABC.COM.600INA10.1.2.191VM2.ABC.COM.600INA10.1.2.192VM3.ABC.COM.600INA10.1.2.193VM4.ABC.COM.600INA10.1.2.194VM5 . abc.com.600ina10.1.2.195vm9.abc.com.600ina10.1.2.199www.abc.com.600ina10.1.2.214www.abc.com.600ina10.1.2.215abc.com.600i nsoans.abc.com. admin.abc.com. 2016021803 7200 600 259200 86400;;  Query time: 0 msec;;  server: 127.0.0.1#53 (127.0.0.1);  when: wed mar 16 20:19:22 2016;;  XFR size: 16 records  (messages 1, bytes 369)

3, to connect the intranet one of the machine vm3, must be. ABC.com end, connected, the original machine host name remains unchanged

[[email protected] named]# ssh vm3.abc.comThe authenticity of host ' vm2.abc.com (10.1.2.192) ' can ' t be established. RSA key fingerprint is 8f:b2:be:e9:06:55:47:87:ab:6b:d8:3e:42:a3:72:ed. Is you sure want to continue connecting (yes/no)? [email protected] ' s password:last login:fri Mar 04:05:07 from 10.1.2.209[[email protected] ~]# Ls[[email Protect Ed] ~]# hostnamevm3

This article is from the "Scattered People" blog, please be sure to keep this source http://zouqingyun.blog.51cto.com/782246/1751912

Use DNS master-slave for high availability to manage on-line host hosts