(接上一篇linux rocky 搭建DNS高阶版)实现不同网段访问解析不同的服务器
上一篇链接:linux rocky 搭建DNS服务和禁止AD域控DNS,做到独立DNS并加域-CSDN博客文章浏览阅读417次,点赞13次,收藏7次。使用linux rocky 搭建DNS服务,用于独立AD域控DNS存在,并且实现加域。https://g.csdnimg.cn/static/logo/favicon32.icohttps://blog.csdn.net/xikui1551/article/details/138268837?spm=1001.2014.3001.5502一、环境规划(接上一个环境,先看上一篇再看这一篇文章)
①一台windows server 2022系统搭建AD域控环境。(IP:192.168.0.31 计算机名:DC01 域名:luyundong.com)
②安装好一台Linux rocky 系统,用于搭建DNS服务。(IP:192.168.0.203 主机名:DNS)
③一台客户端,任意系统,这里准备windows 10系统。(IP:192.168.0.80 )
以上是上一个环境配置,新增以下配置
④新增一台windows server 2022系统做luyundong.com的辅助域(IP:192.168.0.32 计算机名:DC02 域名:luyundong.com)
⑤新增一台windows 10测试机器(IP:192.168.0.81)
二、环境展示
1.AD主域控
https://img-blog.csdnimg.cn/direct/a66b7f29059143249b391b81eb767dbc.png
2.AD辅助域控
https://img-blog.csdnimg.cn/direct/b84f8b530a8946059f8d43cad210897a.png
3.第一台windows 10测试机
https://img-blog.csdnimg.cn/direct/ee69c3d4213f40f3acdb8774b1d52540.png
4.第二台windows 10测试机
https://img-blog.csdnimg.cn/direct/c73c1b09edfb483f98c7526ff43791a3.png
DNS服务端是在CentOS-Stream 9操作系统中进行的,IP地点为192.168.0.203,已经事先配置完成,需要注意的是,bind9在不同的Linux发行版中配置略有差异(如红帽系Linux和debian系Linux差异相对较大),具体配置方法需要根据实际情况进行。
bind 9版本以上才气操作,低于9版本,自行升级后操作
检察版本: name -v
https://img-blog.csdnimg.cn/direct/87941e0130b54e93b7e8cd62123a90b3.png
三、开始摆设
紧张的DNS配置bind配置文件
我这里引用其他博主(木下-俱欢颜)的一张截图
https://img-blog.csdnimg.cn/direct/73f034d1455541adb316516e341e818d.png
vim /etc/named.conf
view "openeuler" {
match-clients { 192.168.0.80; };
zone "luyundong.com" IN {
type master;
file "openeuler.luyundong.com.zone";
};
zone "." IN {
type hint;
file "named.ca";
};
};
view "debian" {
match-clients { 192.168.0.81; };
zone "luyundong.com" IN {
type master;
file "debian.luyundong.com.zone";
};
zone "." IN {
type hint;
file "named.ca";
};
};
https://img-blog.csdnimg.cn/direct/ac46b83a9e6642288852f7b1452b5291.png
把vim /etc/named.conf 配置文件最下面,/etc/named.rfc1912.zones注释。
https://img-blog.csdnimg.cn/direct/6cb070a54bc5420297871574578e8a95.png
在/var/named/下创建/etc/named.conf中file的两个文件,文件名自定义,但是要同等
https://img-blog.csdnimg.cn/direct/8dcc5ff017c64426938b1673495de047.png
vim /var/named/openeuler.luyundong.com.zone
$TTL 604800
@ IN SOA luyundong.com. root.luyundong.com. (
2 ; serial
604800 ; refresh
86400 ; retry
2419200 ; expire
604800 ) ; minimum
IN NS DNS.
NS IN A 192.168.0.31 //AD主域控IP
WWW IN A 192.168.0.31
@ IN A 127.0.0.1 //本机DNS
@ IN AAAA ::1
https://img-blog.csdnimg.cn/direct/1afb128d102f4dd686dd53f74132eb67.png
# cat /var/named/debian.luyundong.com.zone
$TTL 604800
@ IN SOA luyundong.com. root.luyundong.com. (
2 ; serial
604800 ; refresh
86400 ; retry
2419200 ; expire
604800 ) ; minimum
IN NS DNS.
NS IN A 192.168.0.32
WWW IN A 192.168.0.32
@ IN A 127.0.0.1
@ IN AAAA ::1
https://img-blog.csdnimg.cn/direct/9c646fe7c7d34f6db4c2a629d18f97e7.png
也就是说,测试机器IP设置为192.168.0.80 访问的就是192.168.0.31的AD主域控
测试机设置IP为192.168.0.81访问的就说192.168.0.32的AD辅域控。
https://img-blog.csdnimg.cn/direct/16c91d79b6e44bfe9ab283d315437767.png
https://img-blog.csdnimg.cn/direct/2490085b13e040448f338e9cd2480dd5.png
假如要再实现加域功能,则必须添加
vim /var/named/openeuler.luyundong.com.zone
dc01 IN A 192.168.0.31
_ldap._tcp.luyundong.com. SRV 0 0 389 dc01.luyundong.com.
_kerberos._tcp.luyundong.com. SRV 0 0 88 dc01.luyundong.com.
_ldap._tcp.dc._msdcs.luyundong.com. SRV 0 0 389 dc01.luyundong.com.
_kerberos._tcp.dc._msdcs.luyundong.com. SRV 0 0 88 dc01.luyundong.com.
https://img-blog.csdnimg.cn/direct/08bb676c1d7b43dab3d31e6efcbf2ea5.png
vim /var/named/debian.luyundong.com.zone
$TTL 604800
@ IN SOA luyundong.com. root.luyundong.com. (
2 ; serial
604800 ; refresh
86400 ; retry
2419200 ; expire
604800 ) ; minimum
IN NS DNS.
NS IN A 192.168.0.32
WWW IN A 192.168.0.32
@ IN A 127.0.0.1
@ IN AAAA ::1
dc02 IN A 192.168.0.32
_ldap._tcp.luyundong.com. ? ? SRV 0 0 389 dc02.luyundong.com.
_kerberos._tcp.luyundong.com. ? ? SRV 0 0 88 dc02.luyundong.com.
_ldap._tcp.dc._msdcs.luyundong.com. ? ? SRV 0 0 389 dc02.luyundong.com.
_kerberos._tcp.dc._msdcs.luyundong.com. ? ? SRV 0 0 88 dc02.luyundong.com.
https://img-blog.csdnimg.cn/direct/727f151f4f194bd28718155a75bf0b7f.png
https://img-blog.csdnimg.cn/direct/b6e8419149ea4380b9f829fb672e61b9.png
https://img-blog.csdnimg.cn/direct/903ed82d2a484db384471a05f694b43c.png
第一台测试机器,加入的是AD主域控的192.168.0.31
https://img-blog.csdnimg.cn/direct/3fd388c13c5d414f81a616f7e6dd7549.png
第二台测试机器,加入的是AD主域控的192.168.0.32
https://img-blog.csdnimg.cn/direct/2c758dc0329a417698a779dba95d624a.png
上述内容,都是同一个域,只是不同的服务器,主辅域控
下面新建一个别的一个域,域名:zhaolixin.com
1.AD域控信息 IP:192.168.0.33 域名:zhaolixin.com
https://img-blog.csdnimg.cn/direct/f3a0f740ef9d4ef2bddd2e1a6d54bcec.png
vim /etc/named.conf
添加
view "other" {
match-clients { 192.168.0.83; };
zone "zhaolixin.com" IN {
type master;
file "zhaolixin.com.zone";
};
zone "." IN {
type hint;
file "named.ca";
};
};
https://img-blog.csdnimg.cn/direct/f404a05bdc12421083e617b8daa8f727.png
测试成功,也能加域
https://img-blog.csdnimg.cn/direct/f14dc1d8864f4fbeac13ba81ed721ff6.png
https://img-blog.csdnimg.cn/direct/753e4bbd54ea4a50b4afa7334395cb68.png
免责声明:如果侵犯了您的权益,请联系站长,我们会及时删除侵权内容,谢谢合作!更多信息从访问主页:qidao123.com:ToB企服之家,中国第一个企服评测及商务社交产业平台。
页:
[1]