天天看點
傳回

Centos7 bind dns緩存伺服器搭建?dns緩存在哪?如何驗證是緩存在生效?一、 實驗環境二、所需軟體三、軟體安裝四、緩存伺服器配置五、用戶端配置六、驗證

一、 實驗環境

本次使用Centos7.8系統

名稱 IP
DNS-cache(緩存伺服器) 10.20.177.248
DNS-client(用戶端) 10.20.177.97

二、所需軟體

此處預設大家的yum源都可用

軟體 安裝指令 作用
bind yum -y install bind DNS軟體
bind-utils yum -y install bind-utils bind工具包
tcpdump yum -y install tcpdump 抓包工具,用于抓包驗證緩存是否生效

三、軟體安裝

步驟一的2台伺服器均需安裝,以下僅舉一例:

[[email protected]10-20-177-248 ~]# yum -y install bind
[[email protected]10-20-177-248 ~]# yum -y install bind-utils
[[email protected]10-20-177-248 ~]# yum -y install tcpdump

四、緩存伺服器配置

1、臨時關閉firewalld、selinux。(重新開機後恢複)

[[email protected]10-20-177-248 ~]# systemctl stop firewalld
[[email protected]10-20-177-248 ~]# setenforce 0

2、修改/etc/named.conf(此檔案為bind的主配置檔案)

Centos7 bind dns緩存伺服器搭建?dns緩存在哪?如何驗證是緩存在生效?一、 實驗環境二、所需軟體三、軟體安裝四、緩存伺服器配置五、用戶端配置六、驗證

3、開啟服務

五、用戶端配置

用戶端可視為我們的個人電腦,此處使用Centos系統僅作實驗

1、修改DNS位址為上面的緩存伺服器位址:10.20.177.248。并重新開機網卡

Centos7 bind dns緩存伺服器搭建?dns緩存在哪?如何驗證是緩存在生效?一、 實驗環境二、所需軟體三、軟體安裝四、緩存伺服器配置五、用戶端配置六、驗證

2、清除DNS緩存(2台伺服器均要清除,此處僅舉例)

3、用戶端ping www.baidu.com,發起DNS請求。

(由于DNS緩存伺服器配置的公網DNS的IP位址為北京的DNS伺服器,而此次測試的伺服器在其他省份。是以,當我ping www.baidu.com的時候,用戶端會将請求發到北京DNS伺服器上去解析,由于地理距離較遠,可以實際感受到ping出後有短暫的停頓時間,這也可以從側面說明我的請求到了較遠的DNS伺服器上)

[[email protected]10-20-177-97 ~]# ping www.baidu.com
PING www.a.shifen.com (110.242.68.4) 56(84) bytes of data.
64 bytes from 110.242.68.4 (110.242.68.4): icmp_seq=1 ttl=50 time=35.4 ms
64 bytes from 110.242.68.4 (110.242.68.4): icmp_seq=2 ttl=50 time=35.1 ms
64 bytes from 110.242.68.4 (110.242.68.4): icmp_seq=3 ttl=50 time=35.2 ms
[[email protected]10-20-177-97 ~]#

此時,我們得到一個www.baidu.com解析的IP:110.242.68.4

百度搜尋這個IP發現,地理位置基本接近:

Centos7 bind dns緩存伺服器搭建?dns緩存在哪?如何驗證是緩存在生效?一、 實驗環境二、所需軟體三、軟體安裝四、緩存伺服器配置五、用戶端配置六、驗證

六、驗證

1、清除2台伺服器的DNS緩存(具體指令此處不再贅述,請看上文)

2、伺服器端啟動抓包(此處針對北京DNS和用戶端IP做了分别抓包),用戶端首次ping www.baidu.com,抓包結果如下:

[[email protected]10-20-177-248 data]# tcpdump -i eth0 -nn 'host 202.106.196.115'
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 262144 bytes
20:09:31.461315 IP 10.20.177.248.55993 > 202.106.196.115.53: 9865+% [1au] A? www.baidu.com. (42)
20:09:31.493690 IP 202.106.196.115.53 > 10.20.177.248.55993: 9865 3/0/0 CNAME www.a.shifen.com., 
20:09:31.494169 IP 10.20.177.248.37890 > 202.106.196.115.53: 29759+ A? www.a.shifen.com. (34)
20:09:31.526190 IP 202.106.196.115.53 > 10.20.177.248.37890: 29759 2/0/0 A 110.242.68.3, A 110.24
20:09:31.563797 IP 10.20.177.248.33884 > 202.106.196.115.53: 64805+ PTR? 4.68.242.110.in-addr.arp
20:09:32.764034 IP 10.20.177.248.60514 > 202.106.196.115.53: 53296+ PTR? 4.68.242.110.in-addr.arp
20:09:32.791882 IP 202.106.196.115.53 > 10.20.177.248.60514: 53296 NXDomain 0/1/0 (132)
^C
7 packets captured
7 packets received by filter
0 packets dropped by kernel
[[email protected]10-20-177-248 data]# 
           
[[email protected]10-20-177-248 ~]# tcpdump -i eth0 -nn 'host 10.20.177.97'
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 262144 bytes
20:09:31.460465 IP 10.20.177.97.49630 > 10.20.177.248.53: 12385+ A? www.baidu.com. (31)
20:09:31.526552 IP 10.20.177.248.53 > 10.20.177.97.49630: 12385 3/0/0 CNAME www.a.shifen.com., A 
20:09:31.563337 IP 10.20.177.97.60468 > 10.20.177.248.53: 51262+ PTR? 4.68.242.110.in-addr.arpa. 
20:09:32.792264 IP 10.20.177.248.53 > 10.20.177.97.60468: 51262 NXDomain 0/1/0 (132)
20:09:36.467310 ARP, Request who-has 10.20.177.248 tell 10.20.177.97, length 46
20:09:36.467347 ARP, Reply 10.20.177.248 is-at fa:6e:a5:24:7f:00, length 28
^C
6 packets captured
6 packets received by filter
0 packets dropped by kernel
[[email protected]10-20-177-248 ~]#

通過抓包可發現,本次緩存伺服器向公網DNS做了域名解析請求

3、在不清除緩存的情況下,用戶端再次ping www.baidu.com,抓包結果如下:

[[email protected]10-20-177-248 data]# tcpdump -i eth0 -nn 'host 202.106.196.115'
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 262144 bytes
20:14:05.794949 IP 10.20.177.248.60653 > 202.106.196.115.53: 64942+ PTR? 3.68.242.110.in-addr.arpa. (43)
20:14:06.995367 IP 10.20.177.248.39769 > 202.106.196.115.53: 1872+ PTR? 3.68.242.110.in-addr.arpa. (43)
20:14:07.024789 IP 202.106.196.115.53 > 10.20.177.248.39769: 1872 NXDomain 0/0/0 (43)
^C
3 packets captured
3 packets received by filter
0 packets dropped by kernel
[[email protected]10-20-177-248 data]# 
           
[[email protected]10-20-177-248 ~]# tcpdump -i eth0 -nn 'host 10.20.177.97'
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 262144 bytes
20:14:05.755494 IP 10.20.177.97.33145 > 10.20.177.248.53: 48640+ A? www.baidu.com. (31)
20:14:05.755831 IP 10.20.177.248.53 > 10.20.177.97.33145: 48640 3/0/0 CNAME www.a.shifen.com., A 110.242.68.3, A 110.242.68.4 (90)
20:14:05.794555 IP 10.20.177.97.34796 > 10.20.177.248.53: 34447+ PTR? 3.68.242.110.in-addr.arpa. (43)
20:14:07.025150 IP 10.20.177.248.53 > 10.20.177.97.34796: 34447 NXDomain 0/0/0 (43)
20:14:10.759439 ARP, Request who-has 10.20.177.97 tell 10.20.177.248, length 28
20:14:10.759708 ARP, Reply 10.20.177.97 is-at fa:c3:eb:9c:25:00, length 46
^C
6 packets captured
6 packets received by filter
0 packets dropped by kernel
[[email protected]10-20-177-248 ~]#

通過抓包可發現,本次緩存伺服器直接回複了用戶端的域名解析請求

4、如何檢視伺服器緩存了哪些解析到的位址?

緩存僅儲存在伺服器記憶體中,此處有一個指令:rndc dumpdb。可将記憶體資料儲存成檔案:/var/named/data/cache_dump.db

[[email protected]10-20-177-248 data]#pwd
/var/named/data
[[email protected]10-20-177-248 data]# ls
named.run
[[email protected]10-20-177-248 data]# rndc dumpdb
[[email protected]10-20-177-248 data]# ls
cache_dump.db  named.run
[[email protected]10-20-177-248 data]# cat cache_dump.db 
;
; Start view _default
;
;
; Cache dump of view '_default' (cache _default)
;
$DATE 20201227122121
; answer
4.68.242.110.in-addr.arpa. 2627	IN \-ANY ;-$NXDOMAIN
; 110.in-addr.arpa. SOA ns1.apnic.net. read-txt-record-of-zone-first-dns-admin.apnic.net. 3006096239 7200 1800 604800 3600
; answer
www.baidu.com.		279	IN CNAME www.a.shifen.com.
; answer
www.a.shifen.com.	47	A	110.242.68.4
			47	A	110.242.68.3
;
; Address database dump
;
; [edns success/4096 timeout/1432 timeout/1232 timeout/512 timeout]
; [plain success/timeout]
;
;
; Unassociated entries
;
;	202.106.196.115 [srtt 146314] [flags 00000008] [edns 1/0/0/0/0] [plain 7/6] [udpsize 512] [ttl 1090]
;
; Bad cache
;
;
; SERVFAIL cache
;
;
; Start view _bind
;
;
; Cache dump of view '_bind' (cache _bind)
;
$DATE 20201227122121
;
; Address database dump
;
; [edns success/4096 timeout/1432 timeout/1232 timeout/512 timeout]
; [plain success/timeout]
;
;
; Unassociated entries
;
;
; Bad cache
;
;
; SERVFAIL cache
;
; Dump complete
[[email protected]10-20-177-248 data]#

檢視檔案内容可以看到,www.baidu.com解析的位址在裡面。

DNS(Centos7.8) bind dns伺服器 緩存
上一篇: centos下安裝bind
下一篇: [App] DNS 單點安裝

繼續閱讀