Q1、简述DNS服务器原理,并搭建主-辅服务器
-
客户端发起请求(www.test.com)到本地DNS服务器
-
本地DNS服务器询问根服务器
-
根服务器告诉本地DNS顶级域(.com)的服务器地址
-
顶级域(.com)发现test是子域,告诉本地DNS地址(test.com)
-
test.com查询后得到IP地址,返回给本地DNS服务器
-
本地DNS把结果反馈给客户端
#DNS1-master [root@DNS1 ~]# yum install -y bind [root@DNS1 ~]# vim /etc/named.conf options { //listen-on port 53 { 127.0.0.1; }; ... //allow-query { localhost; }; allow-transfer { 192.168.37.27; }; ... } [root@DNS1 ~]# vim /etc/named.rfc1912.zones zone "magedu.site" IN { type master; file "magedu.site.zone"; }; zone "37.168.192.in-addr.arpa" IN { type master; file "192.168.37.zone"; }; [root@DNS1 ~]# vim /var/named/magedu.site.zone $TTL 1D @ IN SOA master.magedu.site admin.magedu.site ( 0 ;版本号(同步作用) 10M ;刷新时间 1H ;重试时间 1W ;过期时间 3H ) ;不存在记录的缓存的时间 NS ns1 NS ns2 ns1 A 192.168.37.17 ns2 A 192.168.37.27 www CNAME webs webs A 192.168.37.17 webs A 192.168.37.27 [root@DNS1 ~]# vim /var/named/192.168.37.zone $TTL 1D @ IN SOA ns1 admin ( 0 10M 1H 1W 3h ) NS ns1 NS ns2 ns1 A 192.168.37.17 ns2 A 192.168.37.27 17 PTR ns1.magedu.site 27 PTR ns2.magedu.site [root@DNS1 ~]# named-checkconf [root@DNS1 ~]# named-checkzone magedu.site /var/named/magedu.site.zone [root@DNS1 ~]# named-checkzone magedu.site /var/named/192.168.37.zone [root@DNS1 ~]# systemctl start named #DNS2-slave [root@DNS2 ~]# yum install -y bind [root@DNS2 ~]# vim /etc/named.conf options { //listen-on port 53 { 127.0.0.1; }; .... //allow-query { localhost; }; allow-transfer { none; }; } [root@DNS2 ~]# vim /etc/named.rfc1912.zones zone "magedu.site" IN { type slave; masters { 192.168.37.17; }; file "slaves/magedu.site.zone"; }; zone "37.168.192.in-addr.arpa" IN { type slave; masters { 192.168.37.17; }; file "slaves/192.168.37.zone"; }; [root@DNS2 ~]# systemctl start named [root@DNS2 ~]# ls -lh /var/named/slaves/ total 8.0K -rw-r--r-- 1 named named 416 May 14 21:11 192.168.37.zone -rw-r--r-- 1 named named 256 May 14 21:11 magedu.site.zone #client测试: [root@centos6 ~]$ vim /etc/resolv.conf nameserver 192.168.37.17 nameserver 192.168.37.27 [root@centos6 ~]$ dig www.magedu.site ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.68.rc1.el6 <<>> www.magedu.site ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 20481 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 2, ADDITIONAL: 2 ;; QUESTION SECTION: ;www.magedu.site. IN A ;; ANSWER SECTION: www.magedu.site. 86400 IN CNAME webs.magedu.site. webs.magedu.site. 86400 IN A 192.168.37.27 webs.magedu.site. 86400 IN A 192.168.37.17 ;; AUTHORITY SECTION: magedu.site. 86400 IN NS ns2.magedu.site. magedu.site. 86400 IN NS ns1.magedu.site. ;; ADDITIONAL SECTION: ns1.magedu.site. 86400 IN A 192.168.37.17 ns2.magedu.site. 86400 IN A 192.168.37.27 ;; Query time: 1 msec ;; SERVER: 192.168.37.17#53(192.168.37.17) ;; WHEN: Thu May 14 21:33:46 2020 ;; MSG SIZE rcvd: 152 [root@centos6 ~]$ dig -x 192.168.37.17 ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.68.rc1.el6 <<>> -x 192.168.37.17 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 45464 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2 ;; QUESTION SECTION: ;17.37.168.192.in-addr.arpa. IN PTR ;; ANSWER SECTION: 17.37.168.192.in-addr.arpa. 86400 IN PTR ns1.magedu.site.37.168.192.in-addr.arpa. ;; AUTHORITY SECTION: 37.168.192.in-addr.arpa. 86400 IN NS ns2.37.168.192.in-addr.arpa. 37.168.192.in-addr.arpa. 86400 IN NS ns1.37.168.192.in-addr.arpa. ;; ADDITIONAL SECTION: ns1.37.168.192.in-addr.arpa. 86400 IN A 192.168.37.17 ns2.37.168.192.in-addr.arpa. 86400 IN A 192.168.37.27 ;; Query time: 0 msec ;; SERVER: 192.168.37.17#53(192.168.37.17) ;; WHEN: Thu May 14 21:35:15 2020 ;; MSG SIZE rcvd: 142
Q2、搭建并实现智能DNS
#CDN分3个区域,beijing:192.168.37.0/24,guangdong:172.16.0.0/24,other
#CDN-server
1、安装
[root@CDN ~]# yum install bind -y
2、主配置文件添加acl
[root@CDN ~]# vim /etc/named.conf
options {
//listen-on port 53 { 127.0.0.1; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
recursing-file "/var/named/data/named.recursing";
secroots-file "/var/named/data/named.secroots";
//allow-query { localhost; };
recursion yes;
dnssec-enable yes;
dnssec-validation yes;
bindkeys-file "/etc/named.root.key";
managed-keys-directory "/var/named/dynamic";
pid-file "/run/named/named.pid";
session-keyfile "/run/named/session.key";
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
acl beijingnet {
192.168.37.0/24;
};
acl guangdongnet {
172.16.0.0/24;
};
acl othernet {
any;
};
view view_beijing {
match-clients { beijingnet; };
include "/etc/named.rfc1912.zones.bj";
};
view view_guangdong {
match-clients { guangdongnet; };
include "/etc/named.rfc1912.zones.gd";
};
view view_other {
match-clients { othernet; };
include "/etc/named.rfc1912.zones.other";
};
//zone "." IN {
// type hint;
// file "named.ca";
//};
//include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";
3、区域配置文件
[root@CDN ~]# vim /etc/named.rfc1912.zones.bj
zone "magedu.site" IN {
type master;
file "magedu.site.zone.bj";
};
zone "." IN {
type hint;
file "named.ca";
};
[root@CDN ~]# vim /etc/named.rfc1912.zones.gd
zone "magedu.site" IN {
type master;
file "magedu.site.zone.gd";
};
zone "." IN {
type hint;
file "named.ca";
};
[root@CDN ~]# vim /etc/named.rfc1912.zones.other
zone "magedu.site" IN {
type master;
file "magedu.site.zone.other";
};
zone "." IN {
type hint;
file "named.ca";
};
4、添加DNS解析
[root@CDN ~]# vim /var/named/magedu.site.zone.bj
$TTL 1D
@ IN SOA ns1 admin ( 1 1H 1H 1D 3H )
NS ns1
▽s1 A 192.168.37.7
www A 192.168.37.100
[root@CDN ~]# vim /var/named/magedu.site.zone.gd
$TTL 1D
@ IN SOA ns1 admin ( 1 1H 1H 1D 3H )
NS ns1
▽s1 A 192.168.37.7
www A 172.16.0.100
[root@CDN ~]# vim /var/named/magedu.site.zone.other
$TTL 1D
@ IN SOA ns1 admin ( 1 1H 1H 1D 3H )
NS ns1
ns1 A 192.168.37.7
www A 8.8.8.8
5、重启服务
[root@CDN ~]# named-checkconf
[root@CDN ~]# named-checkzone magedu.site /var/named/magedu.site.zone.bj
zone magedu.site/IN: loaded serial 1
OK
[root@CDN ~]# named-checkzone magedu.site /var/named/magedu.site.zone.gd
zone magedu.site/IN: loaded serial 1
OK
[root@CDN ~]# named-checkzone magedu.site /var/named/magedu.site.zone.other
zone magedu.site/IN: loaded serial 1
OK
[root@CDN ~]# systemctl start named
6、添加临时IP模拟测试
[root@CDN ~]# ip address add 172.16.0.7/24 dev eth0
[root@CDN ~]# ip address add 10.10.10.7/24 dev eth0
7、client测试:
[root@centos6 ~]$ vim /etc/resolv.conf
nameserver 192.168.37.7
[root@centos6 ~]$ ip address add 172.16.0.6/24 dev eth0
[root@centos6 ~]$ ip address add 10.10.0.6/24 dev eth0
[root@centos6 ~]$ dig www.magedu.site @192.168.37.7
; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.68.rc1.el6 <<>> www.magedu.site @192.168.37.7
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 36992
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1
;; QUESTION SECTION:
;www.magedu.site. IN A
;; ANSWER SECTION:
www.magedu.site. 86400 IN A 192.168.37.100
;; AUTHORITY SECTION:
magedu.site. 86400 IN NS ns1.magedu.site.
;; ADDITIONAL SECTION:
ns1.magedu.site. 86400 IN A 192.168.37.7
;; Query time: 0 msec
;; SERVER: 192.168.37.7#53(192.168.37.7)
;; WHEN: Thu May 14 22:21:51 2020
;; MSG SIZE rcvd: 83
[root@centos6 ~]$ dig www.magedu.site @172.16.0.7
; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.68.rc1.el6 <<>> www.magedu.site @172.16.0.7
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 48221
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1
;; QUESTION SECTION:
;www.magedu.site. IN A
;; ANSWER SECTION:
www.magedu.site. 86400 IN A 172.16.0.100
;; AUTHORITY SECTION:
magedu.site. 86400 IN NS ns1.magedu.site.
;; ADDITIONAL SECTION:
ns1.magedu.site. 86400 IN A 192.168.37.7
;; Query time: 0 msec
;; SERVER: 172.16.0.7#53(172.16.0.7)
;; WHEN: Thu May 14 22:24:05 2020
;; MSG SIZE rcvd: 83
[root@centos6 ~]$ dig www.magedu.site @10.10.10.7
; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.68.rc1.el6 <<>> www.magedu.site @10.10.10.7
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 38730
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1
;; QUESTION SECTION:
;www.magedu.site. IN A
;; ANSWER SECTION:
www.magedu.site. 86400 IN A 8.8.8.8
;; AUTHORITY SECTION:
magedu.site. 86400 IN NS ns1.magedu.site.
;; ADDITIONAL SECTION:
ns1.magedu.site. 86400 IN A 192.168.37.7
;; Query time: 1 msec
;; SERVER: 10.10.10.7#53(10.10.10.7)
;; WHEN: Thu May 14 22:24:58 2020
;; MSG SIZE rcvd: 83
Q3、编译安装Mariadb,并启动后可以正常登录
1、编译前准备
[root@centos7-2 src]# mkdir /data/mysql
[root@centos7-2 src]# useradd -r -s /sbin/nologin -d /data/mysql mysql
[root@centos7-2 src]# chown mysql.mysql /data/mysql/
[root@centos7-2 src]# tar xf mariadb-10.2.25.tar.gz
2、安装依赖包
[root@centos7-2 src]# yum install bison bison-devel zlib-devel libcurl-devel libarchive-devel boost-devel gcc gcc-c++ cmake ncurses-devel gnutls-devel libxml2-devel openssl-devel libevent-devel libaio-devel libdb-cxx-devel -y
3、开始编译安装
[root@centos7-2 src]# cd mariadb-10.2.25/
[root@centos7-2 mariadb-10.2.25]# cmake . -DCMAKE_INSTALL_PREFIX=/apps/mysql \
-DMYSQL_DATADIR=/data/mysql/ \
-DSYSCONFDIR=/etc/ \
-DMYSQL_USER=mysql \
-DWITH_INNOBASE_STORAGE_ENGINE=1 \
-DWITH_ARCHIVE_STORAGE_ENGINE=1 \
-DWITH_BLACKHOLE_STORAGE_ENGINE=1 \
-DWITH_PARTITION_STORAGE_ENGINE=1 \
-DWITHOUT_MROONGA_STORAGE_ENGINE=1 \
-DWITH_DEBUG=0 \
-DWITH_READLINE=1 \
-DWITH_SSL=system \
-DWITH_ZLIB=system \
-DWITH_LIBWRAP=0 \
-DENABLED_LOCAL_INFILE=1 \
-DMYSQL_UNIX_ADDR=/data/mysql/mysql.sock \
-DDEFAULT_CHARSET=utf8mb4 \
-DDEFAULT_COLLATION=utf8_general_ci
[root@centos7-2 mariadb-10.2.25]# make && make install
4、初始化环境变量及数据库
[root@centos7-2 mariadb-10.2.25]# echo 'PATH=/apps/mysql/bin:$PATH' > /etc/profile.d/mysql.sh
[root@centos7-2 mariadb-10.2.25]# . /etc/profile.d/mysql.sh
[root@centos7-2 mariadb-10.2.25]# cd /apps/mysql/
[root@centos7-2 mysql]# cp /apps/mysql/support-files/my-huge.cnf /etc/my.cnf
[root@centos7-2 mysql]# cp /apps/mysql/support-files/mysql.server /etc/init.d/mysqld
[root@centos7-2 mysql]# vim /etc/my.cnf
[mysqld]
character_set_server=utf8mb4
...
[root@centos7-2 mysql]# scripts/mysql_install_db --datadir=/data/mysql/ --user=mysql
5、启动数据库
service mysqld start
6、进入数据库测试
[root@centos7-2 mysql]# mysql
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 10
Server version: 10.2.25-MariaDB-log Source distribution
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
MariaDB [(none)]> show databases;
+--------------------+
| Database |
+--------------------+
| information_schema |
| mysql |
| performance_schema |
| test |
+--------------------+
4 rows in set (0.01 sec)
MariaDB [(none)]>
网友评论