一、演示环境
3台centos7 x86_64 最小化安装系统
pdnsserver 192.168.0.22 (DNS server服务器)
node01 192.168.0.11
node02 192.168.0.18
二、powerdns 安装
192.168.0.22 服务器上安装pdns_server
搜索软件安装包是否支持安装
yum search pdns-backend-mysql.x86_64
要是没搜索到可以使用的安装软件的话,更换下下yum原即可以
yum list | grep epel-release
yum install -y epel-release
cd /etc/yum.repos.d
比原来的安装源,多个2个文件epel.repo epel-testing.repo
使用阿里开源镜像提供的epel源
#下载阿里开源镜像的epel源文件
wget -O /etc/yum.repos.d/epel-7.repo http://mirrors.aliyun.com/repo/epel-7.repo
比原来的安装源,多个3个文件epel.repo epel-testing.repo epel-7.repo
清除系统yum缓存,并重新生成新的yum缓存
yum makecache
##查看系统可用的yum源和所有的yum源
yum repolist enabled
yum repolist all
重新安装
yum install pdns-backend-mysql.x86_64
安装成功
[root@pdnsserver yum.repos.d]# which pdns_server
/usr/sbin/pdns_server
下载powerdns MySQL数据库的表结构:
curl https://raw.githubusercontent.com/PowerDNS/pdns/rel/auth-4.1.x/modules/gmysqlbackend/schema.mysql.sql -o powerdns.sql
登录本机pdns_server MySQL然后创建pdns库,并且授权给192.168.0.22
grant all on pdns.* to dnsuser@'1192.168.0.22' identified by '654321';flush privileges;
create database pdns;use pdns;
source /root/powerdns.sql;
use pdns;
INSERT INTO domains (name, type) values ('testdns01.com', 'NATIVE');
INSERT INTO records (domain_id, name, content, type,ttl,prio) VALUES (1,'testdns01.com','localhost.dnstest.net 1','SOA',86400,NULL);
INSERT INTO records (domain_id, name, content, type,ttl,prio) VALUES (1,'@','f1g1ns1.dnspod.net','NS',86400,NULL);
INSERT INTO records (domain_id, name, content, type,ttl,prio) VALUES (1,'@','f1g1ns2.dnspod.net','NS',86400,NULL);
INSERT INTO records (domain_id, name, content, type,ttl,prio) VALUES (1,'r.testdns01.com','192.168.0.18','A',120,NULL);
INSERT INTO records (domain_id, name, content, type,ttl,prio) VALUES (1,'w.testdns01.com','192.168.0.11','A',120,NULL);
root@pdns_server [pdns]>select * from records;
+----+-----------+-----------------+------+-------------------------+-------+------+-------------+----------+-----------+------+
| id | domain_id | name | type | content | ttl | prio | change_date | disabled | ordername | auth |
+----+-----------+-----------------+------+-------------------------+-------+------+-------------+----------+-----------+------+
| 8 | 1 | testdns01.com | SOA | localhost.dnstest.net 1 | 86400 | NULL | NULL | 0 | NULL | 1 |
| 9 | 1 | @ | NS | f1g1ns1.dnspod.net | 86400 | NULL | NULL | 0 | NULL | 1 |
| 10 | 1 | @ | NS | f1g1ns2.dnspod.net | 86400 | NULL | NULL | 0 | NULL | 1 |
| 11 | 1 | r.testdns01.com | A | 192.168.0.18 | 120 | NULL | NULL | 0 | NULL | 1 |
| 12 | 1 | w.testdns01.com | A | 192.168.0.11 | 120 | NULL | NULL | 0 | NULL | 1 |
+----+-----------+-----------------+------+-------------------------+-------+------+-------------+----------+-----------+------+
在pdn_server的配置文件pdns.conf 开头添加刚才创建的链接pdns库的账户信息:
[root@pdnsserver ~]# head -10 /etc/pdns/pdns.conf
launch=gmysql
gmysql-host=192.168.0.22
gmysql-user=dnsuser
gmysql-dbname=pdns
gmysql-password=654321
提示要把默认的#launch=bind 参数注释掉,然后再添加launch=gmysql 否则启动pdns服务会报错
启动pdns_server:
[root@pdnsserver pdns]# /usr/sbin/pdns_server --daemon=no --guardian=no --loglevel=9
Jun 26 16:11:20 Reading random entropy from '/dev/urandom'
Jun 26 16:11:20 Loading '/usr/lib64/pdns/libgmysqlbackend.so'
Jun 26 16:11:20 [gmysqlbackend] This is the gmysql backend version 4.1.8 reporting
Jun 26 16:11:20 This is a standalone pdns
Jun 26 16:11:20 Listening on controlsocket in '/var/run/pdns.controlsocket'
Jun 26 16:11:20 UDP server bound to 0.0.0.0:53
Jun 26 16:11:20 UDPv6 server bound to [::]:53
Jun 26 16:11:20 TCP server bound to 0.0.0.0:53
Jun 26 16:11:20 TCPv6 server bound to [::]:53
Jun 26 16:11:20 PowerDNS Authoritative Server 4.1.8 (C) 2001-2018 PowerDNS.COM BV
Jun 26 16:11:20 Using 64-bits mode. Built using gcc 4.8.5 20150623 (Red Hat 4.8.5-36).
Jun 26 16:11:20 PowerDNS comes with ABSOLUTELY NO WARRANTY. This is free software, and you are welcome to redistribute it according to the terms of the GPL version 2.
Jun 26 16:11:20 Set effective group id to 993
Jun 26 16:11:20 Set effective user id to 995
Jun 26 16:11:20 Creating backend connection for TCP
Jun 26 16:11:20 gmysql Connection successful. Connected to database 'pdns' on '192.168.0.11'.
Jun 26 16:11:20 About to create 3 backend threads for UDP
Jun 26 16:11:20 gmysql Connection successful. Connected to database 'pdns' on '192.168.0.11'.
Jun 26 16:11:20 gmysql Connection successful. Connected to database 'pdns' on '192.168.0.11'.
Jun 26 16:11:21 gmysql Connection successful. Connected to database 'pdns' on '192.168.0.11'.
Jun 26 16:11:21 Done launching threads, ready to distribute questions
查看pdnsserver的通信端口:
[root@pdnsserver ~]# ss -lntup|grep 53
udp UNCONN 0 0 *:53 *:* users:(("pdns_server",pid=16080,fd=6))
udp UNCONN 0 0 :::53 :::* users:(("pdns_server",pid=16080,fd=7))
tcp LISTEN 0 128 *:53 *:* users:(("pdns_server",pid=16080,fd=8))
tcp LISTEN 0 128 :::53 :::* users:(("pdns_server",pid=16080,fd=9))
提示pdns_server是采用tcp和udp协议的53端口进行通信的,要在防火墙iptables中放开53端口
[root@pdnsserver ~]# grep 53 /etc/sysconfig/iptables
-A INPUT -p tcp -m tcp --dport 53 -j ACCEPT
-A INPUT -p udp -m udp --dport 53 -j ACCEPT
[root@pdnsserver ~]# systemctl restart iptables
到此处pdn_server安装启动完成。
pdns_server相关的详细参数可以自行网上查找下,还是有很多说明介绍的,此处不再赘述
三、实例验证
在192.168.0.11机器添加dns 服务地址192.168.0.22
[root@node01 ~]# cat /etc/resolv.conf
nameserver 192.168.0.22
nameserver 221.228.255.1
ping测试:
[root@node01 ~]# ping w.testdns01.com
PING w.testdns01.com (192.168.0.11) 56(84) bytes of data.
64 bytes from 192.168.0.11: icmp_seq=1 ttl=64 time=0.239 ms
64 bytes from 192.168.0.11: icmp_seq=2 ttl=64 time=0.223 ms
^C
--- w.testdns01.com ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1000ms
rtt min/avg/max/mdev = 0.223/0.231/0.239/0.008 ms
[root@node01 ~]# ping r.testdns01.com
PING r.testdns01.com (192.168.0.18) 56(84) bytes of data.
64 bytes from 192.168.0.18: icmp_seq=1 ttl=64 time=0.024 ms
64 bytes from 192.168.0.18: icmp_seq=2 ttl=64 time=0.030 ms
^C
--- r.testdns01.com ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1000ms
rtt min/avg/max/mdev = 0.024/0.027/0.030/0.003 ms
[root@node01 ~]#
dig测试:
安装dig命令
yum -y install bind-utils
[root@node01 ~]# dig +trace r.testdns01.com
; <<>> DiG 9.9.4-RedHat-9.9.4-74.el7_6.1 <<>> +trace r.testdns01.com
;; global options: +cmd
;; Received 28 bytes from 192.168.0.22#53(192.168.0.22) in 0 ms
[root@node01 ~]# dig +trace w.testdns01.com
; <<>> DiG 9.9.4-RedHat-9.9.4-74.el7_6.1 <<>> +trace w.testdns01.com
;; global options: +cmd
;; Received 28 bytes from 192.168.0.22#53(192.168.0.22) in 0 ms
[root@node01 ~]# dig w.testdns01.com SOA
; <<>> DiG 9.9.4-RedHat-9.9.4-74.el7_6.1 <<>> w.testdns01.com SOA
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 21294
;; flags: qr aa rd; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; WARNING: recursion requested but not available
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1680
;; QUESTION SECTION:
;w.testdns01.com. IN SOA
;; AUTHORITY SECTION:
testdns01.com. 3600 IN SOA node01.dnstest.net. 1. 0 10800 3600 604800 3600
;; Query time: 0 msec
;; SERVER: 192.168.0.22#53(192.168.0.22)
;; WHEN: 六 6月 29 14:41:00 CST 2019
;; MSG SIZE rcvd: 102
[root@node01 ~]# dig w.testdns01.com
; <<>> DiG 9.9.4-RedHat-9.9.4-74.el7_6.1 <<>> w.testdns01.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 44913
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; WARNING: recursion requested but not available
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1680
;; QUESTION SECTION:
;w.testdns01.com. IN A
;; ANSWER SECTION:
w.testdns01.com. 120 IN A 192.168.0.11
;; Query time: 3 msec
;; SERVER: 192.168.0.22#53(192.168.0.22)
;; WHEN: 六 6月 29 14:43:19 CST 2019
;; MSG SIZE rcvd: 60
[root@node01 ~]# dig r.testdns01.com
; <<>> DiG 9.9.4-RedHat-9.9.4-74.el7_6.1 <<>> r.testdns01.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 60953
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; WARNING: recursion requested but not available
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1680
;; QUESTION SECTION:
;r.testdns01.com. IN A
;; ANSWER SECTION:
r.testdns01.com. 120 IN A 192.168.0.18
;; Query time: 2 msec
;; SERVER: 192.168.0.22#53(192.168.0.22)
;; WHEN: 六 6月 29 14:43:24 CST 2019
;; MSG SIZE rcvd: 60
[root@node01 ~]#
192.168.0.18 机器上测试:
[root@node02 ~]# cat /etc/resolv.conf
#Generated by NetworkManager
nameserver 192.168.0.22
安装dig命令:
yum -y install bind-utils
[root@node02 ~]# dig r.testdns01.com|grep r.testdns01.com
; <<>> DiG 9.9.4-RedHat-9.9.4-74.el7_6.1 <<>> r.testdns01.com
;r.testdns01.com. IN A
r.testdns01.com. 120 IN A 192.168.0.18
[root@node02 ~]#
[root@node02 ~]# dig w.testdns01.com|grep w.testdns01.com
; <<>> DiG 9.9.4-RedHat-9.9.4-74.el7_6.1 <<>> w.testdns01.com
;w.testdns01.com. IN A
w.testdns01.com. 120 IN A 192.168.0.11
[root@node02 ~]# dig w.testdns01.com SOA|grep testdns01.com
; <<>> DiG 9.9.4-RedHat-9.9.4-74.el7_6.1 <<>> w.testdns01.com SOA
;w.testdns01.com. IN SOA
testdns01.com. 3600 IN SOA localhost.dnstest.net. 1. 0 10800 3600 604800 3600
[root@node02 ~]# dig r.testdns01.com SOA|grep testdns01.com
; <<>> DiG 9.9.4-RedHat-9.9.4-74.el7_6.1 <<>> r.testdns01.com SOA
;r.testdns01.com. IN SOA
testdns01.com. 3600 IN SOA localhost.dnstest.net. 1. 0 10800 3600 604800 3600
[root@node02 ~]#
后台运行pdns_server服务:
[root@pdnsserver ~]# /usr/sbin/pdns_server --daemon=yes --guardian=no --loglevel=9
Jun 29 15:24:13 Reading random entropy from '/dev/urandom'
Jun 29 15:24:13 Loading '/usr/lib64/pdns/libgmysqlbackend.so'
Jun 29 15:24:13 [gmysqlbackend] This is the gmysql backend version 4.1.8 reporting
暂停pdnsserver中的r.testdns01.com A记录解析:
root@pdnsserver [pdns]>select * from records;
+----+-----------+-----------------+------+-------------------------+-------+------+-------------+----------+-----------+------+
| id | domain_id | name | type | content | ttl | prio | change_date | disabled | ordername | auth |
+----+-----------+-----------------+------+-------------------------+-------+------+-------------+----------+-----------+------+
| 8 | 1 | testdns01.com | SOA | localhost.dnstest.net 1 | 86400 | NULL | NULL | 0 | NULL | 1 |
| 9 | 1 | @ | NS | f1g1ns1.dnspod.net | 86400 | NULL | NULL | 0 | NULL | 1 |
| 10 | 1 | @ | NS | f1g1ns2.dnspod.net | 86400 | NULL | NULL | 0 | NULL | 1 |
| 11 | 1 | r.testdns01.com | A | 192.168.0.18 | 120 | NULL | NULL | 0 | NULL | 1 |
| 12 | 1 | w.testdns01.com | A | 192.168.0.11 | 120 | NULL | NULL | 0 | NULL | 1 |
+----+-----------+-----------------+------+-------------------------+-------+------+-------------+----------+-----------+------+
5 rows in set (0.00 sec)
root@pdnsserver [pdns]>update records set disabled=1 where name='r.testdns01.com';
Query OK, 1 row affected (0.01 sec)
Rows matched: 1 Changed: 1 Warnings: 0
root@pdnsserver [pdns]>
root@pdnsserver [pdns]>select * from records;
+----+-----------+-----------------+------+-------------------------+-------+------+-------------+----------+-----------+------+
| id | domain_id | name | type | content | ttl | prio | change_date | disabled | ordername | auth |
+----+-----------+-----------------+------+-------------------------+-------+------+-------------+----------+-----------+------+
| 8 | 1 | testdns01.com | SOA | localhost.dnstest.net 1 | 86400 | NULL | NULL | 0 | NULL | 1 |
| 9 | 1 | @ | NS | f1g1ns1.dnspod.net | 86400 | NULL | NULL | 0 | NULL | 1 |
| 10 | 1 | @ | NS | f1g1ns2.dnspod.net | 86400 | NULL | NULL | 0 | NULL | 1 |
| 11 | 1 | r.testdns01.com | A | 192.168.0.18 | 120 | NULL | NULL | 1 | NULL | 1 |
| 12 | 1 | w.testdns01.com | A | 192.168.0.11 | 120 | NULL | NULL | 0 | NULL | 1 |
+----+-----------+-----------------+------+-------------------------+-------+------+-------------+----------+-----------+------+
5 rows in set (0.00 sec)
测试:
[root@node01 ~]# ping r.testdns01.com
ping: unknown host r.testdns01.com
[root@@node01 ~]# ping w.testdns01.com
PING w.testdns01.com (192.168.0.11) 56(84) bytes of data.
64 bytes from 192.168.0.11: icmp_seq=1 ttl=64 time=0.243 ms
64 bytes from 192.168.0.11: icmp_seq=2 ttl=64 time=0.232 ms
^C
--- w.testdns01.com ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 999ms
rtt min/avg/max/mdev = 0.232/0.237/0.243/0.016 ms
[root@node02 ~]# ping r.testdns01.com
ping: unknown host r.testdns01.com
[root@kusou-es11 ~]# ping w.testdns01.com
PING w.testdns01.com (192.168.0.11) 56(84) bytes of data.
64 bytes from 192.168.0.11: icmp_seq=1 ttl=64 time=0.024 ms
^C
--- w.testdns01.com ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 0.024/0.024/0.024/0.000 ms
[root@node02 ~]#
到此演示完成,说明此次试验Powerdns服务搭建是成功的
powerDNS优化,压测可以参考下面的链接地址:
https://www.cnblogs.com/anpengapple/p/5211557.html