二、辅助DNS备份(192.168.0.85)
1、安装软件和编辑配置文件
[root@desktop85 ~]# yum install bind bind-chroot -y
[root@desktop85 ~]# vim /etc/named.conf 加入以下备份区域文件,名字和主DNS服务器一样
zone "linuxidc.com" IN {
type slave; //类型:辅助DNS
masters { 192.168.0.54; }; //指定要备份的主DNS
file "slaves/linuxidc.zone_bak"; //备份过来的区域文件,/var/named/chroot/var/named/slaves/
};
zone "0.168.192.in-addr.arpa" IN {
type slave;
masters { 192.168.0.54; };
file "slaves/linuxidc.arpa_bak";
};
2、启动服务、查看结果
[root@desktop85 ~]# service named start
Starting named: [ OK ]
[root@desktop85 ~]# ls /var/named/chroot/var/named/slaves/
linuxidc.arpa_bak linuxidc.zone_bak
看,正向和反向区域文件备份过来了。
3、远程修改DNS条目(保证selinux的设置允许)
**在主DNS上设置selinux参数,允许写zone文件
[root@desktop54 ~]# getsebool -a |grep named
named_write_master_zones --> off
[root@desktop54 ~]# setsebool -P named_write_master_zones on
**在辅助DNS服务器上(因为在主DNS上设置了只有192.168.0.85这台辅助DNS可以修改条目)
[root@desktop85 ~]# nsupdate
> server 192.168.0.54
> zone linuxidc.com
> update add news.linuxidc.com 500 A 192.168.0.99
> send
update failed: SERVFAIL
(还是有错呀怎么办?查看了一下是文件夹权限问题)
[root@desktop54 ~]# chown named.named /var/named/chroot/var/named/ -R
再试试~
[root@desktop85 ~]# nsupdate
> server 192.168.0.54
> zone linuxidc.com
> update add news.linuxidc.com 500 A 192.168.0.99 (500为ttl值)
> send
> quit
[root@desktop85 ~]# dig news.linuxidc.com
;; ANSWER SECTION:
news.linuxidc.com. 500 IN A 192.168.0.99 (就是刚刚设置的ip 99)
[root@desktop54 ~]# ls /var/named/chroot/var/named/ | grep jnl
linuxidc.com.zone.jnl (就是同步过来产生的文件啦)
『nsupdate用法看man文档,可以加密传输的。下面有创建密钥的步骤』
三、DHCP
1、主DNS(192.168.0.54)上编辑DHCP的主配置文件
拷贝一份模板配置文件
[root@desktop54 ~]# cp /usr/share/doc/dhcp-4.1.1/dhcpd.conf.sample /etc/dhcp/dhcpd.conf
[root@desktop54 ~]# vim /etc/dhcp/dhcpd.conf
ddns-update-style interim;
ignore client-updates;
subnet 192.168.0.0 netmask 255.255.255.0 {
range 192.168.0.110 192.168.0.112;
option domain-name-servers 192.168.0.54;
option domain-name "linuxidc.com";
option routers 192.168.0.54;
option broadcast-address 192.168.0.54;
default-lease-time 600;
max-lease-time 7200;
}
2、启动服务
[root@desktop54 ~]# service dhcpd start
Starting dhcpd: [ OK ]
3、DHCP和DNS都配置好了,测试一下
**ip自动获取
将刚刚的 192.168.0.85 的网络配置文件 ip改为自动获取 『BOOTPROTO="dhcp"』
**DNS改为 192.168.0.54
[root@desktop85 ~]# vim /etc/resolv.conf
nameserver 192.168.0.54
**网络重启(为了不影响实验结果,将网线拔掉吧)
[root@desktop85 ~]# service network restart
[root@desktop85 ~]# ifconfig eth0 |grep 'inet addr'|awk '{print $2}'|cut -d: -f2
192.168.0.111
(获取到ip 192.186.0.111)
[root@desktop85 ~]# cat /etc/resolv.conf
; generated by /sbin/dhclient-script (有dhcp脚本生成)
search linuxidc.com (域名linuxidc.com)
nameserver 192.168.0.54 (DNS服务器)
再看看DHCP租约文件:
[root@desktop54 ~]# cat /var/lib/dhcpd/dhcpd.leases
lease 192.168.0.111 {
starts 1 2012/03/12 19:23:38;
ends 1 2012/03/12 19:33:38;
tstp 1 2012/03/12 19:33:38;
cltt 1 2012/03/12 19:23:38;
binding state free;
hardware ethernet 52:54:00:16:73:bb;
}
对比192.168.0.111主机的MAC:
[root@desktop85 ~]# grep 'ATTR' /etc/udev/rules.d/70-persistent-net.rules |awk -F\" '{print $8}'
52:54:00:16:73:bb (和上面的申请记录一样吧,说明DHCP成功了哦)
OK 这样就整合完成,DDNS也算配置好了。