bind实现DNS主从同步1/3

案例实现主从同步

   例：如图所示，NS1与NS2互为主辅，域名为sunlinux.com。

NS1配置清单及说明

vim /etc/named.conf

vim /etc/named.rfc1912.zones

vim /var/named/sunlinux.com.zone

   检查配置文件有无语法错误

[root@localhost ~]# named-checkzone "sunlinux.com" /var/named/sunlinux.com.zone
zone sunlinux.com/IN: loaded serial 20140312
OK
[root@localhost ~]# named-checkconf
[root@localhost ~]# service named configtest
zone localhost.localdomain/IN: loaded serial 0
zone localhost/IN: loaded serial 0
zone 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/I
zone 1.0.0.127.in-addr.arpa/IN: loaded serial 0
zone 0.in-addr.arpa/IN: loaded serial 0
zone sunlinux.com/IN: loaded serial 20140312
[root@localhost ~]#

   启动并查看

[root@localhost ~]# service named start
Starting named:                                            [  OK  ]
[root@localhost ~]# ss -tnul | grep ":53"
udp    UNCONN     0      0          172.16.251.58:53                    *:*
udp    UNCONN     0      0              127.0.0.1:53                    *:*
tcp    LISTEN     0      3          172.16.251.58:53                    *:*
tcp    LISTEN     0      3              127.0.0.1:53                    *:*
[root@localhost ~]# tail /var/log/messages
Mar 12 14:31:40 localhost named[6516]: zone 16.172.in-addr.arpa/IN: loaded serial 20140312
Mar 12 14:31:40 localhost named[6516]: zone 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN: loaded serial 0
Mar 12 14:31:40 localhost named[6516]: zone sunlinux.com/IN: loaded serial 20140312
Mar 12 14:31:40 localhost named[6516]: zone localhost.localdomain/IN: loaded serial 0
Mar 12 14:31:40 localhost named[6516]: zone localhost/IN: loaded serial 0
Mar 12 14:31:40 localhost named[6516]: managed-keys-zone ./IN: loaded serial 4
Mar 12 14:31:40 localhost named[6516]: zone 16.172.in-addr.arpa/IN: sending notifies (serial 20140312)
Mar 12 14:31:40 localhost named[6516]: zone sunlinux.com/IN: sending notifies (serial 20140312)
Mar 12 14:31:40 localhost named[6516]: running
[root@localhost ~]#

NS2配置清单及说明

vim /etc/named.conf
options {
//      listen-on port 53 { 127.0.0.1; };
//      listen-on-v6 port 53 { ::1; };
        directory       "/var/named";
        dump-file       "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
//        memstatistics-file "/var/named/data/named_mem_stats.txt";
//      allow-query     { localhost; };
        recursion yes;
        allow-transfer {172.16.251.58; }; # NS1 IP
        ...
}; # 其他与NS1相同

vim /etc/named.rfc1912.zones

vim /var/named/16.172.in-addr.arpa.zone # 编辑反解数据库文件

   检查配置文件有无语法错误

[root@localhost named]# service named configtest
zone localhost.localdomain/IN: loaded serial 0
zone localhost/IN: loaded serial 0
zone 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN: loaded serial 0
zone 1.0.0.127.in-addr.arpa/IN: loaded serial 0
zone 0.in-addr.arpa/IN: loaded serial 0
zone 16.172.in-addr.arpa/IN: loaded serial 20140312
[root@localhost named]#

   启动并查看

[root@localhost slaves]# service named start
Starting named:                                            [  OK  ]
[root@localhost slaves]# tail /var/log/messages
Mar 12 17:38:10 localhost named[3467]: zone sunlinux.com/IN: Transfer started.
Mar 12 17:38:10 localhost named[3467]: transfer of 'sunlinux.com/IN' from 172.16.251.58#53: connected using 172.16.251.61#46650
Mar 12 17:38:10 localhost named[3467]: zone sunlinux.com/IN: transferred serial 20140312
Mar 12 17:38:10 localhost named[3467]: transfer of 'sunlinux.com/IN' from 172.16.251.58#53: Transfer completed: 1 messages, 11 records, 276 bytes, 0.002 secs (138000 bytes/sec)
Mar 12 17:38:10 localhost named[3467]: zone sunlinux.com/IN: sending notifies (serial 20140312)
Mar 12 17:38:10 localhost named[3467]: client 172.16.251.58#39799: transfer of '16.172.in-addr.arpa/IN': AXFR started
Mar 12 17:38:10 localhost named[3467]: client 172.16.251.58#39799: transfer of '16.172.in-addr.arpa/IN': AXFR ended
Mar 12 17:38:10 localhost named[3467]: client 172.16.251.58#17420: received notify for zone '16.172.in-addr.arpa'
Mar 12 17:38:25 localhost named[3467]: client 172.16.251.58#17420: received notify for zone 'sunlinux.com'
Mar 12 17:38:25 localhost named[3467]: zone sunlinux.com/IN: notify from 172.16.251.58#17420: zone is up to date

   切换回NS1查看日志

[root@localhost slaves]# tail /var/log/messages
Mar 12 15:15:15 localhost named[6782]: zone sunlinux.com/IN: sending notifies (serial 20140312)
Mar 12 15:15:15 localhost named[6782]: running
Mar 12 15:15:15 localhost named[6782]: zone 16.172.in-addr.arpa/IN: Transfer started.
Mar 12 15:15:15 localhost named[6782]: transfer of '16.172.in-addr.arpa/IN' from 172.16.251.61#53: connected using 172.16.251.58#39799
Mar 12 15:15:15 localhost named[6782]: client 172.16.251.61#46650: transfer of 'sunlinux.com/IN': AXFR started
Mar 12 15:15:15 localhost named[6782]: client 172.16.251.61#46650: transfer of 'sunlinux.com/IN': AXFR ended
Mar 12 15:15:15 localhost named[6782]: zone 16.172.in-addr.arpa/IN: transferred serial 20140312
Mar 12 15:15:15 localhost named[6782]: transfer of '16.172.in-addr.arpa/IN' from 172.16.251.61#53: Transfer completed: 1 messages, 8 records, 253 bytes, 0.005 secs (50600 bytes/sec)
Mar 12 15:15:15 localhost named[6782]: zone 16.172.in-addr.arpa/IN: sending notifies (serial 20140312)
Mar 12 15:15:16 localhost named[6782]: client 172.16.251.61#8308: received notify for zone 'sunlinux.com'

  同步数据库成功！

测试

   NS1（172.16.251.58）上测试

[root@localhost slaves]# dig -t axfr sunlinux.com
; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.17.rc1.el6_4.6 <<>> -t axfr sunlinux.com
;; global options: +cmd
; Transfer failed.
[root@localhost slaves]# dig -t axfr sunlinux.com @172.16.251.61
; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.17.rc1.el6_4.6 <<>> -t axfr sunlinux.com @172.16.251.61
;; global options: +cmd
sunlinux.com.       600 IN  SOA dns.sunlinux.com. dnsadmin.sunlinux.com. 20140312 3600 300 259200 21600
sunlinux.com.       600 IN  MX  10 mail.sunlinux.com.
sunlinux.com.       600 IN  NS  ns1.sunlinux.com.
sunlinux.com.       600 IN  NS  ns2.sunlinux.com.
ftp.sunlinux.com.   600 IN  CNAME   www.sunlinux.com.
mail.sunlinux.com.  600 IN  A   172.16.200.8
ns1.sunlinux.com.   600 IN  A   172.16.251.58
ns2.sunlinux.com.   600 IN  A   172.16.251.61
pop.sunlinux.com.   600 IN  CNAME   mail.sunlinux.com.
www.sunlinux.com.   600 IN  A   172.16.200.6
sunlinux.com.       600 IN  SOA dns.sunlinux.com. dnsadmin.sunlinux.com. 20140312 3600 300 259200 21600
;; Query time: 1 msec
;; SERVER: 172.16.251.61#53(172.16.251.61)
;; WHEN: Wed Mar 12 15:22:56 2014
;; XFR size: 11 records (messages 1, bytes 276)
[root@localhost slaves]#

   NS2（172.16.251.61）上测试

[root@localhost slaves]# dig -t axfr sunlinux.com
; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.17.rc1.el6_4.6 <<>> -t axfr sunlinux.com
;; global options: +cmd
; Transfer failed.
[root@localhost slaves]# dig -t axfr sunlinux.com @172.16.251.58
; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.17.rc1.el6_4.6 <<>> -t axfr sunlinux.com @172.16.251.58
;; global options: +cmd
sunlinux.com.       600 IN  SOA dns.sunlinux.com. dnsadmin.sunlinux.com. 20140312 3600 300 259200 21600
sunlinux.com.       600 IN  NS  ns1.sunlinux.com.
sunlinux.com.       600 IN  NS  ns2.sunlinux.com.
sunlinux.com.       600 IN  MX  10 mail.sunlinux.com.
ftp.sunlinux.com.   600 IN  CNAME   www.sunlinux.com.
mail.sunlinux.com.  600 IN  A   172.16.200.8
ns1.sunlinux.com.   600 IN  A   172.16.251.58
ns2.sunlinux.com.   600 IN  A   172.16.251.61
pop.sunlinux.com.   600 IN  CNAME   mail.sunlinux.com.
www.sunlinux.com.   600 IN  A   172.16.200.6
sunlinux.com.       600 IN  SOA dns.sunlinux.com. dnsadmin.sunlinux.com. 20140312 3600 300 259200 21600
;; Query time: 1 msec
;; SERVER: 172.16.251.58#53(172.16.251.58)
;; WHEN: Wed Mar 12 17:48:20 2014
;; XFR size: 11 records (messages 1, bytes 276)
[root@localhost slaves]#