一、简述DNS服务器原理,并搭建主-辅服务器
1、DNS解析过程:
(1)首先,浏览器会检查浏览器缓存中有没有这个域名所对应的IP 地址,如果有的话,则地址解析结束;如果没有,则会查找操作系统缓存中是否有这个域名对应的IP 地址,如果有,地址解析到这儿也结束;如果没有,则继续进行下一步。
(2)操作系统把你请求的域名发送到本地域名服务器(LDNS)进行解析,如果命中了,则解析结束;如果没有命中,则本地域名服务器直接向 根域名服务器(Root Sever)发送域名解析请求。这时,根域名服务器会返回来一个所查询域的通用顶级域名服务器(gTLD)的IP 地址。
(3)本地域名服务器 会再向刚才返回来的 gTLD 服务器发送请求,gTLD 服务器进行查找并且返回一个该域名对应的Name Sever域名服务器的地址。注:该Name Sever 服务器通常是你注册的域名服务器,它会查找域名和IP 的映射表,并且返回对应的IP 地址和生存时间 TTL。
(4)本地域名服务器 得到这个域名对应的IP 地址后,会在本地缓存这个域名和IP 的映射关系,缓存时间由TTL 决定;并同时把解析结果返回给用户端。用户主机也会在本地缓存这个映射表,便于后续使用。
2、搭建主-辅服务器
(1)环境描述
主:NS1 IP:172.16.23.1
备:NS2 IP:172.16.31.1
根域:test.com
www 172.16.31.2
ftp 172.16.23.2
(2)搭建主DNS服务器
yum -y install bind bind-utils bind-chroot #安装bind服务
> /etc/named.conf #清空初始配置
vi /etc/named.conf #编写配置文件
options {
listen-on port 53 { any; }; #全局监听53端口
directory "/var/named"; #zone数据库目录
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
};
logging { #开启日志
channel default_log {
file "data/named.run";
severity dynamic;
};
};
zone "." IN {
type hint;
file "named.ca";
};
zone "test.com" IN { #设定域zone
type master; #主为master
file "test.com"; #zone文件名称
allow-transfer { 172.16.31.1; }; #允许同步至辅域IP
};
zone "31.16.172.in-addr.arpa" IN { #创建反向解析
type master;
file "named.172.16.31";
allow-transfer { 172.16.31.1; };
};
zone "23.16.172.in-addr.arpa" IN {
type master;
file "named.172.16.23";
allow-transfer { 172.16.31.1; };
};
include "/etc/named.root.key";
vi /var/named/test.com #创建正向test.com域数据库文件
$TTL 1D #记录存活1天
@ IN SOA ns1 admin ( 2 1H 1H 1D 3H ) #版本2比辅域大,1H刷新 1H重试 1D过期
NS ns1 #NS 记录
NS ns2
ns1 IN A 172.16.23.1
ns2 IN A 172.16.31.1
www IN A 172.16.31.2
ftp IN A 172.16.23.2
crm IN A 172.16.31.77
vi /var/named/named.172.16.23 #创建23段反向记录
$TTL 1D
@ IN SOA ns1 admin ( 1 1H 1H 1D 3H )
NS ns1
NS ns2
ns1 A 172.16.23.1
ns2 A 172.16.31.1
1 IN PTR ns1.test.com. #反向PTR记录
2 IN PTR ftp.test.com.
vi /var/named/named.172.16.31 #创建31段反向记录
$TTL 1D
@ IN SOA ns1 admin ( 1 1H 1H 1D 3H )
NS ns1
NS ns2
ns1 A 172.16.23.1
ns2 A 172.16.31.1
1 IN PTR ns2.test.com.
2 IN PTR www.test.com.
(3)搭建辅助DNS服务器
yum -y install bind bind-utils bind-chroot #安装bind服务
> /etc/named.conf #清空初始配置
vi /etc/named.conf #编写配置文件
options {
listen-on port 53 { any; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
};
logging {
channel default_log {
file "data/named.run";
severity dynamic;
};
};
zone "." IN {
type hint;
file "named.ca";
};
zone "test.com" IN {
type slave; #区域类型为slave
masters {172.16.23.1;}; #从主域172.16.23.1同步
file "slaves/test.com.slave"; #数据库存放路径及名字
};
zone "31.16.172.in-addr.arpa" IN {
type slave;
masters {172.16.23.1;};
file "slaves/named.172.16.31.slave";
};
zone "23.16.172.in-addr.arpa" IN {
type slave;
masters {172.16.23.1;};
file "slaves/named.172.16.23.slave";
};
include "/etc/named.root.key";
测试
主域测试
辅域测试
二、搭建并实现智能DNS
创建3个模板分别对应上海、北京、其他
cp -pr /etc/named.rfc1912.zones{,.sh}
cp -pr /etc/named.rfc1912.zones{,.bj}
cp -pr /etc/named.rfc1912.zones{,.other}
vi /etc/named.conf #编辑配置文件
options {
listen-on port 53 { any; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
};
logging {
channel default_log {
file "data/named.run";
severity dynamic;
};
};
view beijing {
match-clients { 172.16.23.0/24;}; #对应VLAN23
include "/etc/named.rfc1912.zones.bj"; #对应相应的域配置文件,对应下述配置文件
};
view shanghai {
match-clients { 172.16.31.0/24;};
include "/etc/named.rfc1912.zones.sh";
};
view other {
match-clients { 172.16.2.0/24;};
include "/etc/named.rfc1912.zones.other";
};
include "/etc/named.root.key";
vi /etc/named.rfc1912.zones.bj
zone "test.com" { #添加test域
type master;
file "test.com.bj"; #对应test.com.bj的数据库文件
};
vi /etc/named.rfc1912.zones.sh
zone "test.com" { #添加test域
type master;
file "test.com.sh"; #对应test.com.sh的数据库文件
};
vi /etc/named.rfc1912.zones.other
zone "test.com" { #添加test域
type master;
file "test.com.other"; #对应test.com.other的数据库文件
};
复制3个数据库文件分别对应上海、北京、其他
cp -pr test.com{,.sh}
cp -pr test.com{,.bj}
cp -pr test.com{,.other}
vi /var/named/test.com.bj
$TTL 1D
@ IN SOA ns1 admin ( 2 1H 1H 1D 3H )
NS ns1
ns1 IN A 172.16.23.1
www IN A 172.16.23.100 #北京地区对应的www域名 172.16.23.100
vi /var/named/test.com.sh
$TTL 1D
@ IN SOA ns1 admin ( 2 1H 1H 1D 3H )
NS ns1
ns1 IN A 172.16.23.1
www IN A 172.16.31.100 #上海地区对应的www域名 172.16.31.100
vi /var/named/test.com.other
$TTL 1D
@ IN SOA ns1 admin ( 2 1H 1H 1D 3H )
NS ns1
ns1 IN A 172.16.23.1
www IN A 172.16.2.100 #其他地区对应的www域名 172.16.2.100
测试
23段用户解析
31段用户解析
其他用户解析
三、编译安装Mariadb,并启动后可以正常登录
以mysql5.6源码安装为例
启动命令:service mysqld start
停止命令:service mysqld stop
重启命令:service mysqld restart
数据文件:/data/mysql-data
二进制日志:/data/mysql-log
PID目录:/data/mysql-pid
安装步骤
以Centos为例,适用大部分linux系统
- 基础环境安装
yum install -y cmake gcc-c++ gcc bison libmcrypt openssl openssl-devel ncurses ncurses-devel perl-DBD-MySQL perl-Config-Tiny perl-Log-Dispatch perl-Parallel-ForkManager perl-GD - 创建用户
groupadd -g 401 mysql
useradd -g mysql -u 400 mysql
passwd mysql
Init1234 - 编译安装
cd /installcd
安装包mysql-5.6.39.tar.gz
tar -zxvf mysql-5.6.39.tar.gz
cd mysql-5.6.39
cmake -DCMAKE_INSTALL_PREFIX=/usr/local/mysql -DMYSQL_UNIX_ADDR=/var/mysql/mysql.sock -DDEFAULT_CHARSET=utf8 -DDEFAULT_COLLATION=utf8_general_ci -DEXTRA_CHARSETS=all -DWITH_MYISAM_STORAGE_ENGINE=1 -DWITH_INNOBASE_STORAGE_ENGINE=1 -DWITH_ARCHIVE_STORAGE_ENGINE=1 -DWITH_BLACKHOLE_STORAGE_ENGINE=1 -DWITH_READLINE=1 -DENABLED_LOCAL_INFILE=1 -DSYSCONFDIR=/usr/local/mysql -DMYSQL_USER=mysql
注意:5.7需加入-DWITH_BOOST=boost
-DDEFAULT_CHARSET=utf8mb4
-DDEFAULT_COLLATION=utf8mb4_general_ci
make && make install
chown -R mysql:mysql /usr/local/mysql
- 初始化数据库:
/usr/local/mysql/scripts/mysql_install_db --user=mysql --basedir=/usr/local/mysql --datadir=/data/mysql-data
cp /usr/local/mysql/support-files/mysql.server /etc/init.d/mysqld
cd /usr/local/mysql && chown mysql:mysql my.cnf && mv /etc/my.cnf /etc/my.cnf.bak
- 修改配置文件:
lower_case_table_names=1
character-set-server=utf8
datadir=/data/mysql-data
socket=/var/mysql/mysql.sock
symbolic-links=0
innodb_data_home_dir=/data/mysql-data
innodb_data_file_path=ibdata1:16M:autoextend:max:10G
innodb_log_group_home_dir=/data/mysql-log
innodb_buffer_pool_size=512M
innodb_file_per_table = 1
max_allowed_packet = 100M
max_connections = 1500
log-error=/var/log/mysqld.log
pid-file=/data/mysql-pid/mysqld.pid
log-bin=mysql-bin
server-id=1
log_bin=ON
expire-logs-days = 14
max-binlog-size = 500M
sync_binlog=1
sql_mode=NO_ENGINE_SUBSTITUTION,STRICT_TRANS_TABLES
- 启动服务:
cd /data/mysql-data
rm -rf ibdata1 ib_logfile0 ib_logfile1
chown mysql:root /var/mysql
mkdir -p /var/run/mysqld/
chown -R mysql.mysql /var/run/mysqld/
service mysqld start
ln -s /usr/local/mysql/bin/mysql* /bin/
create user 'root'@'%' identified by 'root';
update mysql.user set password = password(‘123’) where host =’%’ and user = ‘root’;
grant all privileges on . to root@'%' identified by "123" WITH GRANT OPTION;
flush privileges; - 登录数据库:
mysql -uroot -proot
清理权限