支持轮询的bind9的部署方法:
yum install bind -y
cat /etc/named.conf
options {
listen-on port 53 { any; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { any; };
#设置转发的公网DNS服务器地址;
forwarders{114.114.114.114;8.8.8.8;};
recursion yes;
dnssec-enable no;
dnssec-validation no;
bindkeys-file "/etc/named.iscdlv.key";
managed-keys-directory "/var/named/dynamic";
pid-file "/run/named/named.pid";
session-keyfile "/run/named/session.key";
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
zone "." IN {
type hint;
file "named.ca";
};
#增加解析域名daxmall.com;
zone "daxmall.com" {
type master;
file "/var/named/daxmall.com";
};
include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";
cat /var/named/daxmall.com
$TTL 3H
@ IN SOA @ daxmall.com. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS @
A 127.0.0.1
AAAA ::1
oms-api IN A 192.168.89.131
oms-api IN A 192.168.89.132
oms-api IN A 192.168.89.133
oms-api IN A 192.168.89.130
pms-api IN A 192.168.89.134
pms-api IN A 192.168.89.136
pims-api IN A 192.168.89.133
pims-api IN A 192.168.89.139
cshop-api IN A 192.168.89.135
cshop-api IN A 192.168.89.139
report-api IN A 192.168.89.137
report-api IN A 192.168.89.135
vendor-api IN A 192.168.89.132
vendor-api IN A 192.168.89.133
* IN A 121.201.72.173
注意要把iptables关闭。
启动服务:
systemctl start named
查看服务状态:
systemctl status named
重启服务:
systemctl restart named
不支持轮询但配置简单的dnsmasq部署方法:
yum install -y dnsmasq
cat /etc/dnsmasq.conf
no-hosts #不加载本地的/etc/hosts文件
local-ttl=3600 #本地缓存时间,通常不要求缓存本地,这样更改hosts文件后即使生效
cache-size=1000000 #最大缓存条数
dns-forward-max=1000000
listen-address=127.0.0.1,192.168.89.131 #如果想要这台服务器做解析,就要填上自己的地址,并且填上127.0.0.1的地址
resolv-file=/etc/resolv.dnsmasq.conf #这个文件是可以自定义的,我就跟随大流,直接复制了一份resolv.conf改了名称就用了
all-servers #这条语句的意思就是如果本地没查询到,则想我们的resolv.dnsmasq.conf文件中所有的DNS查询,谁查到的快就用谁的
log-queries #开启日志选项
log-facility=/var/log/dnsmasq/dnsmasq.log
log-async=100 #异步log,缓解阻塞,提高性能。默认为5,最大为100
conf-dir=/etc/dnsmasq.d #作用其实就是说明该目录下的所有.conf文件都是要做解析的
增加以下配置文件:
cat /etc/dnsmasq.d/daxmall.conf
address=/oms-api.daxmall.com/10.0.6.56
address=/pms-api.daxmall.com/10.0.6.53
address=/pims-api.daxmall.com/10.0.6.52
增加DNS转发配置文件:
cat /etc/resolv.dnsmasq.conf
nameserver 114.114.114.114
nameserver 8.8.8.8
二种方法各有优点,使用在生产环境的时间看自己的具体业务需求选择。
生产建议部署二台做冗余备份。客户端就可以配置2个DNSIP一主一从。