传统的内网dns一般都得大家手动进服务器配置,我相信认识了博主之后,能可视化或自动化配置的,绝不再手动去做了。
系统
[root@instance-7tgaowaa ~]# cat /etc/redhat-release CentOS release 6.8 (Final)
防火墙
selinux和iptables自行关闭不再介绍
安装
[root@instance-7tgaowaa ~]# cat /etc/hosts 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 192.168.0.2 dns.centoscn.vip
测试 [root@instance-7tgaowaa ~]# ping dns.centoscn.vip PING instance-7tgaowaa (192.168.0.2) 56(84) bytes of data. 64 bytes from instance-7tgaowaa (192.168.0.2): icmp_seq=1 ttl=64 time=0.027 ms 64 bytes from instance-7tgaowaa (192.168.0.2): icmp_seq=2 ttl=64 time=0.044 ms 64 bytes from instance-7tgaowaa (192.168.0.2): icmp_seq=3 ttl=64 time=0.035 ms
安装基础环境
[root@instance-7tgaowaa ~]# yum install perl httpd mod_ssl mysql-server php php-intl php-ldap php-mysql php-soap php-xml
修改配置
[root@instance-7tgaowaa ~]# vim /etc/httpd/conf/httpd.conf ServerName dns.centoscn.vip:80
启动
[root@instance-7tgaowaa ~]# service mysqld start [root@instance-7tgaowaa ~]# service httpd start [root@instance-7tgaowaa ~]# ss -tnlp State Recv-Q Send-Q Local Address:Port Peer Address:Port LISTEN 0 100 ::1:25 :::* users:(("master",2007,13)) LISTEN 0 100 127.0.0.1:25 *:* users:(("master",2007,12)) LISTEN 0 128 :::443 :::* users:(("httpd",22205,6),("httpd",22207,6),("httpd",22208,6),("httpd",22209,6),("httpd",22210,6),("httpd",22211,6),("httpd",22212,6),("httpd",22213,6),("httpd",22214,6)) LISTEN 0 50 *:3306 *:* users:(("mysqld",22173,10)) LISTEN 0 128 :::80 :::* users:(("httpd",22205,4),("httpd",22207,4),("httpd",22208,4),("httpd",22209,4),("httpd",22210,4),("httpd",22211,4),("httpd",22212,4),("httpd",22213,4),("httpd",22214,4)) LISTEN 0 128 :::22 :::* users:(("sshd",1904,4)) LISTEN 0 128 *:22 *:* users:(("sshd",1904,3))
加入开机启动
[root@instance-7tgaowaa ~]# chkconfig mysqld on [root@instance-7tgaowaa ~]# chkconfig httpd on
设置密码
[root@instance-7tgaowaa ~]# mysqladmin -u root password 123456
上传到rpm包到如下目录
[root@instance-7tgaowaa ~]# cd /usr/local/src/ [root@instance-7tgaowaa src]#
解压
[root@instance-7tgaowaa src]# unzip 2018110713484219.zip Archive: 2018110713484219.zip inflating: namedmanager-www-1.8.0-1.el6.noarch.rpm inflating: namedmanager-bind-1.8.0-1.el6.noarch.rpm [root@instance-7tgaowaa src]# ll total 2528 -rw-r--r-- 1 root root 1203294 Nov 7 13:48 2018110713484219.zip -rw-r--r-- 1 root root 109584 Dec 22 2013 namedmanager-bind-1.8.0-1.el6.noarch.rpm -rw-r--r-- 1 root root 1270108 Dec 22 2013 namedmanager-www-1.8.0-1.el6.noarch.rpm
安装
[root@instance-7tgaowaa src]# rpm -Uvh namedmanager-www-1.8.0-1.el6.noarch.rpm
初始化
[root@instance-7tgaowaa src]# cd /usr/share/namedmanager/resources/ [root@instance-7tgaowaa resources]# ./autoinstall.pl autoinstall.pl This script setups the NamedManager database components: * NamedManager MySQL user * NamedManager database * NamedManager configuration files THIS SCRIPT ONLY NEEDS TO BE RUN FOR THE VERY FIRST INSTALL OF NAMEDMANAGER. DO NOT RUN FOR ANY OTHER REASON Please enter MySQL root password (if any): 123456 Searching ../sql/ for latest install schema... ../sql//version_20131222_install.sql is the latest file and will be used for the install. Importing file ../sql//version_20131222_install.sql Creating user... Updating configuration file... DB installation complete! You can now login with the default username/password of setup/setup123 at http://localhost/namedmanager
安装bind
[root@instance-7tgaowaa resources]# cd /usr/local/src/ [root@instance-7tgaowaa src]# yum install bind php-process [root@instance-7tgaowaa src]# rpm -Uvh namedmanager-bind-1.8.0-1.el6.noarch.rpm
修改/etc/named.conf
[root@instance-7tgaowaa src]# cp /etc/named.conf /etc/named.conf.bak You have mail in /var/spool/mail/root [root@instance-7tgaowaa src]# > /etc/named.conf [root@instance-7tgaowaa src]# vim /etc/named.conf options { listen-on port 53 { any; }; // listen-on-v6 port 53 { ::1; }; directory "/var/named"; dump-file "/var/named/data/cache_dump.db"; statistics-file "/var/named/data/named_stats.txt"; memstatistics-file "/var/named/data/named_mem_stats.txt"; allow-query { any; }; allow-query-cache { any; }; //DNS查询的缓存功能。实际上不建议开启此功能,即删除这一行配置。如果打开了,当DNS解析修改后,因为缓存原因,需等待一段时间才能生效。 recursion yes; forward first; forwarders { 223.5.5.5; 223.6.6.6; 8.8.8.8; 8.8.4.4; }; dnssec-enable yes; dnssec-validation yes; dnssec-lookaside auto; bindkeys-file "/etc/named.iscdlv.key"; managed-keys-directory "/var/named/dynamic"; }; logging { channel default_debug { file "data/named.run"; severity dynamic; }; }; zone "." { type hint; file "named.ca"; }; include "/etc/named.rfc1912.zones"; include "/etc/named.root.key"; include "/etc/named.namedmanager.conf";
如果要bind可以在chroot的模式下运行
[root@instance-7tgaowaa src]# yum install bind-chroot [root@instance-7tgaowaa src]# ln /etc/named.namedmanager.conf /var/named/chroot/etc/named.namedmanager.conf
启动named服务
[root@instance-7tgaowaa src]# service named start Generating /etc/rndc.key: [ OK ] Starting named: [ OK ] You have new mail in /var/spool/mail/root [root@instance-7tgaowaa src]# chkconfig named on
修改/etc/namedmanager/config-bind.php
[root@instance-7tgaowaa src]# cp /etc/namedmanager/config-bind.php /etc/namedmanager/config-bind.php.bak You have new mail in /var/spool/mail/root [root@instance-7tgaowaa src]# vim /etc/namedmanager/config-bind.php $config["api_url"] = "http://192.168.0.2/namedmanager"; // Application Install Location $config["api_server_name"] = "dns.centoscn.vip"; // Name of the DNS server (important: part of the authentication process) $config["api_auth_key"] = "Dns"; // API authentication key
禁用IPV6。添加域名记录(正向解析与反向解析)。设置开机启动服务,并重启服务器。
[root@instance-7tgaowaa src]# vim /etc/modprobe.d/dist.conf ###末尾添加如下 alias net-pf-10 off alias ipv6 off chkconfig ip6tables off
加入开机启动并重启系统
[root@instance-7tgaowaa src]# chkconfig httpd on [root@instance-7tgaowaa src]# chkconfig mysqld on [root@instance-7tgaowaa src]# chkconfig named on [root@instance-7tgaowaa src]# reboot
web页面访问
https://180.76.189.187/namedmanager/index.php
默认账号和密码
(setup,setup123)。不要忘记在用户管理中修改用户名和密码。
接着设置API key(如下图。设置邮箱地址和API key,这个key是在上面的/etc/namedmanager/config-bind.php文件中设置的)
点击下面的save保存
添加服务器。Name Server FQDN的名称要和httpd中的ServerName一致。(如下添加部署机的主机名或者ip地址都可以)
点击save保存
添加域名正向解析
点击save保存
添加反向域名解析(如果有多个ip段的客户机,那么就如下图添加多个反向解析配置)
点击save保存
查看正反向解析域名添加情况
上面已经成功添加了正反向解析域名,现在尝试添加一些域名的A记录和PTR记录
先添加A正向解析记录
由于上面在添加A正向解析的时候,已经勾选了PTR反向解析(如果没有勾选,则需要手动添加PTR反向解析记录),故这时候已经有了上面那几个域名的反向解析记录了:
到此web页面配置成功了
检查server端是不是绿色的
客户端和服务端
不管是Linux还是windos把第一个dns设置成服务端IP即可。
提示
从现在起,大家使用过程中有什么问题,请在博文下方留言,博主会回复的,群里人太多回复不过来。
评论