实现Internet 的DNS 服务架构

整体架构的构架图如下图（其中服务器用centos8系统搭建，测试客户端用centos7系统实现）

 1.8台主机介绍

DNS客户端：10.0.0.7/24 
本地DNS服务器（只缓存）：10.0.0.8/24
转发目标DNS服务器：10.0.0.18/24
根DNS服务器：10.0.0.28/24
org域DNS服务器：10.0.0.38/24
magedu.org域主DNS服务器：10.0.0.48/24
magedu.org域从DNS服务器：10.0.0.58/24
www.magedu.org的WEB服务器：10.0.0.68/24

2.服务器具体的搭建过程

#为防止服务器搭建过程出现错误，我们从后往前搭建（利用测试客户端不断检测，以免搭建过程出现错误）

（1）搭建web服务器10.0.0.68

[ ~]$yum -y install httpd
[ ~]$systemctl enable --now httpd
Created symlink /etc/systemd/system/multi-user.target.wants/httpd.service →/usr/lib/systemd/system/httpd.service.
[ ~]$echo www.magedu.org > /var/www/html/index.html

（2）搭建主DNS服务器：10.0.0.48

[ ~]$yum -y install bind bind-utils
[ ~]$vim /etc/named.conf
//  listen-on port 53 { 127.0.0.1; };

//  allow-query     { localhost; };
[ ~]$vim /etc/named.rfc1912.zones
zone "magedu.org" {
       type master;
       file "magedu.org.zone";
  };

[ ~]$vim /var/named/magedu.org.zone

  1 $TTL  1D
  2 @     IN SOA master  admin.magedu.org. (
  3                         1   ; serial
  4                         1D  ; refresh
  5                         1H  ; retry
  6                         1W  ; expire
  7                         3H  )   ; minimum
  8           NS    master  
  9           NS    slave
 10 master    A     10.0.0.48
 11 slave     A     10.0.0.58
 12 www       A     10.0.0.68
[ ~]$systemctl start named

（3）搭建从DNS服务器：10.0.0.58

[ ~]$yum -y install bind bind-utils
[ ~]$vim /etc/named.conf
//  listen-on port 53 { 127.0.0.1; };

//  allow-query     { localhost; };
[ ~]$vim /etc/named.rfc1912.zones
zone "magedu.org" {
      type slave;
      masters {10.0.0.48;};
      file "slaves/magedu.org.zone";
   };
[ ~]$systemctl start named
[ ~]$ll /var/named/slaves/
total 4
-rw-r--r-- 1 named named 319 May 31 14:53 magedu.org.zone

（4）搭建org域DNS服务器：10.0.0.38

[ ~]$yum -y install bind bind-utils
[ ~]$vim /etc/named.conf
//  listen-on port 53 { 127.0.0.1; };

//  allow-query     { localhost; };
[ ~]$vim /etc/named.rfc1912.zones
zone "org" IN  {
       type master;
       file "org.zone";
  };
[ ~]$vim /var/named/org.zone

    $TTL 1D
    @   IN  SOA     master  admin.magedu.org. ( 1 1D 1H 1W 3D )
                    NS      master
    magedu          NS      mageduns1
    magedu          NS      mageduns2
      master          A       10.0.0.38
     mageduns1       A       10.0.0.48
     mageduns2       A       10.0.0.58
[ ~]$systemctl restart named

（5）搭建根DNS服务器：10.0.0.28

[ ~]$yum -y install bind bind-utils
[ ~]$vim /etc/named.conf
//  listen-on port 53 { 127.0.0.1; };

//  allow-query     { localhost; };

#默认有根服务器，所有更改在53行
   zone "." IN {
       type master;
       file "root.zone";
   };
[ ~]$vim /var/named/root.zone

    $TTL  1D
    @   IN  SOA     master  admin.magedu.org.   ( 1 1D 1H 1W 3D )
                    NS  master
    org             NS  orgns
    master          A   10.0.0.28
    orgns           A   10.0.0.38
[ ~]$systemctl start named

（6）搭建转发目标DNS服务器：10.0.0.18

[ ~]$yum -y install bind bind-utils
[ ~]$vim /etc/named.conf
//  listen-on port 53 { 127.0.0.1; };

//  allow-query     { localhost; };

33      dnssec-enable no;
34     dnssec-validation no;
[ ~]$vim /var/named/named.ca
 .           518400  IN  NS  a.root-servers.net.
 a.root-servers.net. 518400  IN  A   10.0.0.28
[ ~]$systemctl restart named

（7）搭建本地DNS服务器（只缓存）：10.0.0.8

[ 8 ~]$yum -y install bind bind-utils
[ 8 ~]$vim /etc/named.conf
//  listen-on port 53 { 127.0.0.1; };
//  allow-query     { localhost; };
forward only;
 forwarders {10.0.0.18;};
33      dnssec-enable no;
34     dnssec-validation no;

[ ~]$systemctl restart named

（8）客户端10.0.0.7测试部分（此部分并非为最后一步，而是随着七台服务器的搭建过程中随时测试，出现以下测试结果则服务器搭建成功）

[ ~]$curl 10.0.0.68
www.magedu.org
[ ~]$host www.magedu.org 10.0.0.48
Using domain server:
Name: 10.0.0.48
Address: 10.0.0.48#53
Aliases: 

www.magedu.org has address 10.0.0.68
[ ~]$host www.magedu.org 10.0.0.58
Using domain server:
Name: 10.0.0.58
Address: 10.0.0.58#53
Aliases: 

www.magedu.org has address 10.0.0.68
[ ~]$host www.magedu.org 10.0.0.38
Using domain server:
Name: 10.0.0.38
Address: 10.0.0.38#53
Aliases: 

www.magedu.org has address 10.0.0.68
[ ~]$host www.magedu.org 10.0.0.28
Using domain server:
Name: 10.0.0.28
Address: 10.0.0.28#53
Aliases: 

www.magedu.org has address 10.0.0.68
[ ~]$host www.magedu.org 10.0.0.18
Using domain server:
Name: 10.0.0.18
Address: 10.0.0.18#53
Aliases: 

www.magedu.org has address 10.0.0.68
[ ~]$host www.magedu.org 10.0.0.8
Using domain server:
Name: 10.0.0.8
Address: 10.0.0.8#53
Aliases: 

www.magedu.org has address 10.0.0.68
[ ~]$curl www.magedu.org
www.magedu.org
[ ~]$