-名称解析服务:即域名和服务器IP地址相对应,用户在访问域名的时候,会启动正向解析在互联网找到该域名对应的服务器IP地址,从而进行访问。
-DNS服务实现原理:主机A需要访问某个网站B,首先(递归查询)向局域网的DNS服务发出请求,局域网DNS查看缓存,如果DNS找到目标IP则返回结果给主机A,如果没找到则访问互联网根DNS(迭代查询)服务器、顶级DNS服务器、二级DNS服务器等一级一级往下查询,直到找到目标IP地址并返回给主机A。
-DNS实现工作方式:分布式
DNS服务工作原理.png
第一步:安装DNS工具包、测试工具包
yum install -y bind bind-utils
查看文件列表、找到关键配置文件/etc/named.conf
rpm -ql bind
/etc/logrotate.d/named
/etc/named
/etc/named.conf
/etc/named.iscdlv.key
/etc/named.rfc1912.zones
/etc/named.root.key
/etc/rndc.conf
/etc/rndc.key
/etc/rwtab.d/named
/etc/sysconfig/named
/run/named
/usr/bin/arpaname
/usr/bin/named-rrchecker
/usr/lib/python2.7/site-packages/isc
/usr/lib/python2.7/site-packages/isc-2.0-py2.7.egg-info
第二步:修改配置文件、DNS修改为本机地址
vim ifcfg-ens33
IPV6INIT="yes"
IPV6_AUTOCONF="yes"
BOOTPROTO="static"
DEVICE="ens33"
ONBOOT="yes"
UUID="3a3bad16-9456-4863-8ebf-70b2d3033539"
IPADDR=192.168.1.29
GATEWAY=192.168.1.2
NETMASK=255.255.255.0
PREFIX=24
DNS=192.168.1.29
第三步:启动服务
systemctl start named
systemctl status named
● named.service - Berkeley Internet Name Domain (DNS)
Loaded: loaded (/usr/lib/systemd/system/named.service; disabled; vendor preset: disabled)
Active: active (running) since Sat 2022-01-22 02:16:20 CST; 2s ago
Process: 2408 ExecStart=/usr/sbin/named -u named -c ${NAMEDCONF} $OPTIONS (code=exited, status=0/SUCCESS)
Process: 2405 ExecStartPre=/bin/bash -c if [ ! "$DISABLE_ZONE_CHECKING" == "yes" ]; then /usr/sbin/named-checkconf -z "$NAMEDCONF"; else echo "Checking of zone files is disabled"; fi (code=exited, status=0/SUCCESS)
Main PID: 2410 (named)
CGroup: /system.slice/named.service
└─2410 /usr/sbin/named -u named -c /etc/named.conf
Jan 22 02:16:20 centos_7.9 named[2410]: network unreachable resolving './DNSKEY/IN': 2001:7fd::1#53
Jan 22 02:16:20 centos_7.9 named[2410]: network unreachable resolving './NS/IN': 2001:7fd::1#53
Jan 22 02:16:20 centos_7.9 named[2410]: network unreachable resolving './DNSKEY/IN': 2001:7fe::53#53
Jan 22 02:16:20 centos_7.9 named[2410]: network unreachable resolving './NS/IN': 2001:7fe::53#53
Jan 22 02:16:20 centos_7.9 named[2410]: network unreachable resolving './DNSKEY/IN': 2001:503:ba3e::2:30#53
Jan 22 02:16:20 centos_7.9 named[2410]: network unreachable resolving './NS/IN': 2001:503:ba3e::2:30#53
Jan 22 02:16:20 centos_7.9 named[2410]: network unreachable resolving './DNSKEY/IN': 2001:500:12::d0d#53
Jan 22 02:16:20 centos_7.9 named[2410]: network unreachable resolving './NS/IN': 2001:500:12::d0d#53
Jan 22 02:16:20 centos_7.9 named[2410]: managed-keys-zone: Key 20326 for zone . acceptance timer complete: key now trusted
Jan 22 02:16:20 centos_7.9 named[2410]: resolver priming query complete
第四步:重启网络服务并测试
systemctl restart network
ping www.baidu.com
PING www.a.shifen.com (14.215.177.38) 56(84) bytes of data.
64 bytes from 14.215.177.38 (14.215.177.38): icmp_seq=1 ttl=128 time=10.6 ms
64 bytes from 14.215.177.38 (14.215.177.38): icmp_seq=2 ttl=128 time=12.2 ms
64 bytes from 14.215.177.38 (14.215.177.38): icmp_seq=3 ttl=128 time=10.2 ms
64 bytes from 14.215.177.38 (14.215.177.38): icmp_seq=4 ttl=128 time=9.85 ms
64 bytes from 14.215.177.38 (14.215.177.38): icmp_seq=5 ttl=128 time=25.9 ms
^C
--- www.a.shifen.com ping statistics ---
5 packets transmitted, 5 received, 0% packet loss, time 5946ms
rtt min/avg/max/mdev = 9.855/13.803/25.941/6.125 ms
