文档课题：安装RAC时DNS服务器的配置.

DNS服务器：IP 192.168.133.200 + 主机名(leo-mydns)

系统：rhel 7.9 64位

1、修改主机名

[root@leo-mydns yum.repos.d]# vi /etc/sysconfig/network

[root@leo-mydns yum.repos.d]# cat /etc/sysconfig/network

# Created by anaconda

HOSTNAME=leo-mydns

 

2、安装bind软件

n  挂载镜像源

# mount /dev/sr0 /mnt

mount: /dev/sr0 is write-protected, mounting read-only

 

n  配置yum源

[root@leo-mydns ~]# cd /etc/yum.repos.d/

[root@leo-mydns yum.repos.d]# mkdir repo.bak

[root@leo-mydns yum.repos.d]# mv *.repo repo.bak

[root@leo-mydns yum.repos.d]# cat <<EOF>>/etc/yum.repos.d/local.repo

[local]

name=local

baseurl=file:///mnt

gpgcheck=0

enabled=1

EOF

[root@leo-mydns yum.repos.d]# yum makecache

[root@leo-mydns yum.repos.d]# rpm -qa bind

[root@leo-mydns yum.repos.d]# yum install -y bind*

[root@leo-mydns yum.repos.d]# rpm -qa bind

bind-9.11.4-26.P2.el7.x86_64

[root@leo-mydns yum.repos.d]# rpm -qa | grep bind

bind-libs-lite-9.11.4-26.P2.el7.x86_64

bind-chroot-9.11.4-26.P2.el7.x86_64

bind-9.11.4-26.P2.el7.x86_64

bind-export-libs-9.11.4-26.P2.el7.x86_64

keybinder3-0.3.0-1.el7.x86_64

bind-pkcs11-libs-9.11.4-26.P2.el7.x86_64

bind-pkcs11-9.11.4-26.P2.el7.x86_64

bind-libs-9.11.4-26.P2.el7.x86_64

bind-pkcs11-utils-9.11.4-26.P2.el7.x86_64

bind-dyndb-ldap-11.1-7.el7.x86_64

rpcbind-0.2.0-49.el7.x86_64

bind-utils-9.11.4-26.P2.el7.x86_64

bind-license-9.11.4-26.P2.el7.noarch

 

说明：

bind-9.11.4：主程序文件

bind-libs：主程序库文件

bind-utils：包含测试检测工具命令，如nslookup、dig、host、rndc...

 

3、编辑主配置文件"named.conf"

[root@leo-mydns yum.repos.d]# vi /etc/named.conf

options {

        directory "/var/named";      // Base directory for named

        allow-transfer {"none";};    // Slave serves that can pull zone transfer. Ban everyone by default

        };

 

zone "." IN {

        type hint;

        file "named.ca";

};

 

include "/etc/named.rfcl912.zones";

 

[root@leo-mydns yum.repos.d]# vi /etc/named.rfcl912.zones

# 反向解析Zone

zone "133.168.192.IN-ADDR.ARPA." IN { // Rerverse zone.

        type master;

        notify no;

        file "192.168.133.db";

};

# 正向解析Zone

zone "cqupt.com." IN {

        type master;

        notify no;

        file "cqupt.com.db";

};

 

4、创建正向解析文件

# vi /var/named/cqupt.com.db

$TTL 86400         ; Time to live

$ORIGIN  cqupt.com.

@              IN    SOA     leo-mydns  root.cqupt.com. (

                             2025030901    ; serial (todays date + todays serial #)

                             3H            ; refresh 3 hours

                             1H            ; retry 1 hour

                             1W            ; expire 1 week

                             1D )          ; minimum 24 hour

                           

@              IN            NS  leo-mydns

;             

               IN            A 192.168.133.200

leo-mydns      IN A          192.168.133.200

cbdps01        IN A          192.168.133.245

cbdps02        IN A          192.168.133.175

cbdps01-vip    IN A          192.168.133.246

cbdps02-vip    IN A          192.168.133.176

cbdps-scan     IN A          192.168.133.247

leo-openfiler  IN A          192.168.133.201

;

 

说明：

$TTL 86400：设置此区域文件中所有DNS记录的默认生存时间为24小时，TTL定义DNS记录在解析器或客户端缓存中的有效时间，过期后需要重新获取.

$ORIGIN  cqupt.com.：指定区域文件的默认域名，在该文件中任何不带域名的记录(如leo-mydns)会自动附加上该默认域名，最终变成"leo-mydns.cqupt.com"

2013011201：区域文件的序列号，通常由日期（2013年1月12日）加上一个递增的数字构成，用于标记区域更新

 

5、创建反向解析文件

# vi /var/named/192.168.133.db

$TTL 86400

@       IN      SOA     leo-mydns root.cqupt.com.  (

                        2025030901     ; serial (todays date + todays serial #)

                        3H             ; refresh 3 hours

                        1H             ; retry 1 hour

                        1W             ; expire 1 week

                        1D )           ; minimum 24 hour

;

                 NS        leo-mydns.cqupt.com.

200      IN      PTR       leo-mydns.cqupt.com.

245     IN PTR  cbdps01.cqupt.com.

175     IN PTR  cbdps02.cqupt.com.

246     IN PTR  cbdps01-vip.cqupt.com.

176     IN PTR  cbdps02-vip.cqupt.com.

247     IN PTR  cbdps-scan.cqupt.com.

201      IN PTR  leo-openfiler.cqupt.com.

 

6、修改 /etc/resolv.conf 文件

[root@leo-mydns ~]# vi /etc/resolv.conf

[root@leo-mydns ~]# cat /etc/resolv.conf

# Generated by NetworkManager

options attempts: 2

options timeout: 1

search cqupt.com

nameserver 192.168.133.200

 

说明：

nameserver 后需要填写DNS服务器的IP.

search     后面是搜索的域名.

 

7、启动DNS进程

[root@leo-mydns ~]# systemctl restart named

[root@leo-mydns ~]# systemctl status named

● named.service - Berkeley Internet Name Domain (DNS)

   Loaded: loaded (/usr/lib/systemd/system/named.service; disabled; vendor preset: disabled)

   Active: active (running) since Sun 2025-03-09 15:37:57 CST; 7s ago

  Process: 6878 ExecStart=/usr/sbin/named -u named -c ${NAMEDCONF} $OPTIONS (code=exited, status=0/SUCCESS)

  Process: 6875 ExecStartPre=/bin/bash -c if [ ! "$DISABLE_ZONE_CHECKING" == "yes" ]; then /usr/sbin/named-checkconf -z "$NAMEDCONF"; else echo "Checking of zone files is disabled"; fi (code=exited, status=0/SUCCESS)

 Main PID: 6881 (named)

    Tasks: 5

   CGroup: /system.slice/named.service

           └─6881 /usr/sbin/named -u named -c /etc/named.conf

 

Mar 09 15:37:57 leo-mydns named[6881]: configuring command channel from '/etc/rndc.key'

Mar 09 15:37:57 leo-mydns named[6881]: command channel listening on 127.0.0.1#953

Mar 09 15:37:57 leo-mydns named[6881]: configuring command channel from '/etc/rndc.key'

Mar 09 15:37:57 leo-mydns named[6881]: command channel listening on ::1#953

Mar 09 15:37:57 leo-mydns named[6881]: managed-keys-zone: loaded serial 0

Mar 09 15:37:57 leo-mydns named[6881]: zone cqupt.com/IN: loaded serial 2025030901

Mar 09 15:37:57 leo-mydns named[6881]: zone 133.168.192.IN-ADDR.ARPA/IN: loaded serial 2025030901

Mar 09 15:37:57 leo-mydns named[6881]: all zones loaded

Mar 09 15:37:57 leo-mydns named[6881]: running

Mar 09 15:37:57 leo-mydns systemd[1]: Started Berkeley Internet Name Domain (DNS).

 

[root@leo-mydns ~]# rndc status

version: BIND 9.11.4-P2-RedHat-9.11.4-26.P2.el7 (Extended Support Version) <id:7107deb>

running on leo-mydns: Linux x86_64 3.10.0-1160.el7.x86_64 #1 SMP Tue Aug 18 14:50:17 EDT 2020

boot time: Sun, 09 Mar 2025 07:37:57 GMT

last configured: Sun, 09 Mar 2025 07:37:57 GMT

configuration file: /etc/named.conf

CPUs found: 2

worker threads: 2

UDP listeners per interface: 1

number of zones: 102 (99 automatic)

debug level: 0

xfers running: 0

xfers deferred: 0

soa queries in progress: 0

query logging is OFF

recursive clients: 0/900/1000

tcp clients: 2/150

server is up and running

 

8、配置DNS进程开机自启

[root@leo-mydns ~]# systemctl is-enabled named

disabled

[root@leo-mydns ~]# systemctl enable named

Created symlink from /etc/systemd/system/multi-user.target.wants/named.service to /usr/lib/systemd/system/named.service.

[root@leo-mydns ~]# systemctl is-enabled named

enabled

 

9、DNS解析测试

n  测试dns正向解析 cbdps01

[root@leo-mydns ~]# nslookup cbdps01

Server:         192.168.133.200

Address:        192.168.133.200#53

 

Name:   cbdps01.cqupt.com

Address: 192.168.133.245

 

n  测试dns正向解析 cbdps02

[root@leo-mydns ~]# nslookup cbdps02

Server:         192.168.133.200

Address:        192.168.133.200#53

 

Name:   cbdps02.cqupt.com

Address: 192.168.133.175

 

n  测试dns正向解析 cbdps-scan

[root@leo-mydns ~]# nslookup cbdps-scan

Server:         192.168.133.200

Address:        192.168.133.200#53

 

Name:   cbdps-scan.cqupt.com

Address: 192.168.133.247

 

n  测试dns反向解析 192.168.133.245(cbdps01)

[root@leo-mydns ~]# nslookup 192.168.133.245

245.133.168.192.IN-ADDR.ARPA    name = cbdps01.cqupt.com.

 

n  测试dns反向解析 192.168.133.175(cbdps02)

[root@leo-mydns ~]# nslookup 192.168.133.175

175.133.168.192.IN-ADDR.ARPA    name = cbdps02.cqupt.com.

 

n  测试dns反向解析 192.168.133.247(cbdps-scan)

[root@leo-mydns ~]# nslookup 192.168.133.247

247.133.168.192.IN-ADDR.ARPA    name = cbdps-scan.cqupt.com.

 

10、关闭防火墙

[root@leo-mydns ~]# systemctl stop firewalld.service

[root@leo-mydns ~]# systemctl disable firewalld.service

Removed symlink /etc/systemd/system/multi-user.target.wants/firewalld.service.

Removed symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.

 

说明：以上 DNS 服务器配置与测试完成.

 

参考网址：

https://www.cnblogs.com/polestar/p/3827268.html