码迷,mamicode.com
首页 > 系统相关 > 详细

Linux课程第十八天学习笔记

时间:2016-11-26 00:19:02      阅读:298      评论:0      收藏:0      [点我收藏+]

标签:linux学习   linux课程   linux笔记   



############更改default.target的链接源为reboot.target############

reboot.target    ##init6

修复方法:
rm -fr /etc/systemd/system/default.target
ln -s /usr/lib/systemd/system/graphical.target /etc/systemd/system/default.target

####################
[root@localhost ~]# cd /etc/systemd/system/
[root@localhost system]# ll default.target
lrwxrwxrwx. 1 root root 40 Jul 10  2014 default.target -> /usr/lib/systemd/system/graphical.target
[root@localhost system]# rm -fr default.target
[root@localhost system]# ln -s /usr/lib/systemd/system/reboot.target /etc/systemd/system/default.target
[root@localhost system]# reboot
>重启后,系统在加载过程中提示以下信息
[    4.853749] systemd[1]: Successfully loaded SELinux policy in 259.768ms.
[    4.937647] systemd[1]: Relabelled /dev and /run in 21.891ms.
[   65.190274] systemd[1]: Job systemd-readahead-done.timer/start deleted to break ordering cycle starting with reboot.target/stop
>然后重新启动,一直循环下去
>Force Off虚拟机,然后再次开启
>在系统选择界面按"上/下"键中止启动,选中第一个标题,按"e"键
--------------------------------------------------
方法1:
将倒数第二行从"ro"开始至行尾全部删除,更改为:
rw rd.break                ##"rd.break"作用是打断初始化进程
方法2:
将倒数第二行从"root="开始至行尾全部删除,更改为:
root=/dev/vda1 rw rd.break
--------------------------------------------------
>按"ctrl+x"启动设定
switch_root:/# chroot /sysroot/
sh-4.2# rm -fr /etc/systemd/system/default.target
sh-4.2# ln -s /usr/lib/systemd/system/graphical.target /etc/systemd/system/default.target
sh-4.2# exit
exit
switch_root:/#exit
系统继续启动进入图形登陆界面
系统恢复正常!!!
####################

############更改default.target的链接源为poweroff.target############

poweroff.target    ##init0

修复方法:
rm -fr /etc/systemd/system/default.target
ln -s /usr/lib/systemd/system/graphical.target /etc/systemd/system/default.target

####################
[root@localhost ~]# cd /etc/systemd/system/
[root@localhost system]# ll default.target
lrwxrwxrwx. 1 root root 40 Nov 23 20:53 default.target -> /usr/lib/systemd/system/graphical.target
[root@localhost system]# rm -fr default.target
[root@localhost system]# ln -s /usr/lib/systemd/system/poweroff.target /etc/systemd/system/default.target
[root@localhost system]# reboot
>重启后,系统在加载过程中提示以下信息
[    4.254761] systemd[1]: Successfully loaded SELinux policy in 262.500ms.
[    4.332879] systemd[1]: Relabelled /dev and /run in 31.580ms.
[   64.585223] systemd[1]: Breaking ordering cycle by deleting job systemd-readahead-done.timer/start
[  124.594733] systemd[1]: Job systemd-readahead-done.timer/start deleted to break ordering cycle starting with poweroff.target/stop
>然后系统关机
>Force Off虚拟机,然后再次开启
>在系统选择界面按"上/下"键中止启动,选中第一个标题,按"e"键
--------------------------------------------------
方法1:
将倒数第二行从"ro"开始至行尾全部删除,更改为:
rw rd.break                ##"rd.break"作用是打断初始化进程
方法2:
将倒数第二行从"root="开始至行尾全部删除,更改为:
root=/dev/vda1 rw rd.break
--------------------------------------------------
>按"ctrl+x"启动设定
switch_root:/# chroot /sysroot/
sh-4.2# rm -fr /etc/systemd/system/default.target
sh-4.2# ln -s /usr/lib/systemd/system/graphical.target /etc/systemd/system/default.target
sh-4.2# exit
exit
switch_root:/#exit
系统继续启动进入图形登陆界面
系统恢复正常!!!
####################

####################修改密码####################
修复方法:
chroot /sysroot/
passwd
touch /.autorelabel

chroot /mnt/sysimage
passwd

####################
[root@localhost ~]# reboot
>在系统选择界面按"上/下"键中止启动,选中第一个标题,按"e"键
--------------------------------------------------
方法1:
将倒数第二行从"ro"开始至行尾全部删除,更改为:
rw rd.break                ##"rd.break"作用是打断初始化进程
方法2:
将倒数第二行从"root="开始至行尾全部删除,更改为:
root=/dev/vda1 rw rd.break
--------------------------------------------------
>按"ctrl+x"启动设定
switch_root:/# chroot /sysroot/
sh-4.2# whoami
root
sh-4.2# passwd
Changing password for user root.
New password:
BAD PASSWORD: The password is shorter than 8 characters
Retype new password:
passwd: all authentication tokens updated successfully.
sh-4.2# touch /.autorelabel        ##让selinux重新检测
##缺少了这一步,进不去图形
##即使关闭了selinux,这一步也要写。否则一旦再次打开selinux并重启,还是进不去图形
sh-4.2# exit
exit
switch_root:/#exit
系统继续启动进入图形登陆界面
>如果之前没有关闭selinux,这里会启动的比较慢。因为要等待一个100%的进度,然后再次重启
系统恢复正常!!!
注意:进入挽救模式也可以修改密码,但是需要pxe或者光盘,不方便
####################

####################删除/bin/bash####################
修复方法:
cp /bin/bash /sysroot/bin/
chroot /sysroot/
touch /.autorelabel

chroot /mnt/sysimage
cp /bin/bash /mnt/sysimage/bin/

####################
[root@localhost ~]# rm -fr /bin/bash
[root@localhost ~]# reboot
>重启后,系统在加载过程中出现很多[FAILED],然后卡住不动
>Force Off虚拟机,然后再次开启
>在系统选择界面按"上/下"键中止启动,选中第一个标题,按"e"键
--------------------------------------------------
方法1:
将倒数第二行从"ro"开始至行尾全部删除,更改为:
rw rd.break                ##"rd.break"作用是打断初始化进程
方法2:
将倒数第二行从"root="开始至行尾全部删除,更改为:
root=/dev/vda1 rw rd.break
--------------------------------------------------
>按"ctrl+x"启动设定
switch_root:/# chroot /sysroot/
chroot: failed to run command ‘/bin/sh‘: No such file or directory
switch_root:/# ls /bin/bash
/bin/bash
switch_root:/# ls /sysroot/bin/bash
ls: cannot access /sysroot/bin/bash: No such file or directory
switch_root:/# cp /bin/bash /sysroot/bin/
switch_root:/# ls /sysroot/bin/bash
/sysroot/bin/bash
switch_root:/# chroot /sysroot/
sh-4.2# touch /.autorelabel        ##让selinux重新检测
##缺少了这一步,进不去图形
##即使关闭了selinux,这一步也要写。否则一旦再次打开selinux并重启,还是进不去图形
sh-4.2# exit
exit
switch_root:/# exit
系统继续启动进入图形登陆界面
>如果之前没有关闭selinux,这里会启动的比较慢。因为要等待一个100%的进度,然后再次重启
系统恢复正常!!!
注意:进入挽救模式也可以修复,但是需要pxe或者光盘,不方便
####################

####################
#####    DNS    #####
####################

####################1.DNS高速缓存####################
dig命令用于检测dns,能否回答你的问题

[root@foundation50 Desktop]# dig www.baidu.com

; <<>> DiG 9.9.4-RedHat-9.9.4-29.el7 <<>> www.baidu.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 12257    ##NOERROR表示查询成功
;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;www.baidu.com.            IN    A

;; ANSWER SECTION:
www.baidu.com.        760    IN    CNAME    www.a.shifen.com.
www.a.shifen.com.    269    IN    A    61.135.169.125
www.a.shifen.com.    269    IN    A    61.135.169.121

;; Query time: 1006 msec                    ##响应时间
;; SERVER: 221.11.1.67#53(221.11.1.67)                ##DNS服务器的IP地址和端口号
;; WHEN: Thu Nov 24 14:47:35 CST 2016
;; MSG SIZE  rcvd: 101

真机的配置:
yum install bind -y
systemctl start named
systemctl enable named
systemctl stop firewalld
vim /etc/named.conf
--------------------------------------------------
 11         listen-on port 53 { any; };

 17         allow-query     { any; };
 18         forwarders      { 221.11.1.67; };

 32         dnssec-validation no;
:wq
--------------------------------------------------
systemctl restart named

[root@dns-server ~]# yum install bind -y
......
[root@dns-server ~]# systemctl status named
named.service - Berkeley Internet Name Domain (DNS)        ##伯克利分校
   Loaded: loaded (/usr/lib/systemd/system/named.service; disabled)
   Active: inactive (dead)
[root@dns-server ~]# systemctl enable named
ln -s ‘/usr/lib/systemd/system/named.service‘ ‘/etc/systemd/system/multi-user.target.wants/named.service‘
[root@dns-server ~]# rpm -qc bind
/etc/logrotate.d/named
/etc/named.conf
/etc/named.iscdlv.key
/etc/named.rfc1912.zones
/etc/named.root.key
/etc/rndc.conf
/etc/rndc.key
/etc/sysconfig/named
/var/named/named.ca
/var/named/named.empty
/var/named/named.localhost
/var/named/named.loopback
[root@dns-server ~]# cat /etc/bind.key
cat: /etc/bind.key: No such file or directory
[root@dns-server ~]# systemctl start named
##注意此服务第一次启动的时候,需要摇摇鼠标或者敲敲键盘,否则命令行就会一直停留在等待状态
--------------------------------------------------
这里涉及到密码产生的机制:
cat /dev/random
>每当摇动鼠标或者敲击键盘时,命令行都会产生额外的输出,这就是随机数的产生
>当/dev/random不能产生新的随机数时就会阻塞程序
--------------------------------------------------
[root@dns-server ~]# cat /etc/rndc.key
key "rndc-key" {
    algorithm hmac-md5;
    secret "nPK+d7fPFBw+EXM1Rz4zCg==";
};
[root@dns-server ~]# firewall-cmd --permanent --add-service=dns
success
[root@dns-server ~]# firewall-cmd --reload
success

[root@client ~]# vim /etc/resolv.conf
--------------------------------------------------
  4 nameserver 172.25.50.200
:wq
--------------------------------------------------
[root@client ~]# dig www.baidu.com

; <<>> DiG 9.9.4-RedHat-9.9.4-14.el7 <<>> www.baidu.com
;; global options: +cmd
;; connection timed out; no servers could be reached

[root@dns-server ~]# netstat --help
--------------------------------------------------
        -a, --all                display all sockets (default: connected)    ##所有
        -n, --numeric            don‘t resolve names                ##不解析
        -l, --listening          display listening server sockets        ##正在被监听
        -p, --programs           display PID/Program name for sockets        ##进程名字
        -e, --extend             display other/more information            ##扩展信息

  <Socket>={-t|--tcp} {-u|--udp}
--------------------------------------------------
[root@dns-server ~]# netstat -antulpe | grep named
tcp        0      0 127.0.0.1:953           0.0.0.0:*               LISTEN      25         73918      31073/named         
tcp        0      0 127.0.0.1:53            0.0.0.0:*               LISTEN      25         73911      31073/named         
tcp6       0      0 ::1:953                 :::*                    LISTEN      25         73919      31073/named         
tcp6       0      0 ::1:53                  :::*                    LISTEN      25         73913      31073/named         
udp        0      0 127.0.0.1:53            0.0.0.0:*                           25         73910      31073/named         
udp6       0      0 ::1:53                  :::*                                25         73912      31073/named  
##只开放了环回地址的53端口
[root@dns-server ~]# rpm -qc bind
/etc/logrotate.d/named
/etc/named.conf
/etc/named.iscdlv.key
/etc/named.rfc1912.zones
/etc/named.root.key
/etc/rndc.conf
/etc/rndc.key
/etc/sysconfig/named
/var/named/named.ca
/var/named/named.empty
/var/named/named.localhost
/var/named/named.loopback
[root@dns-server ~]# vim /etc/named.conf
--------------------------------------------------
 11         listen-on port 53 { any; };                ##表示所有interface都开放53端口
:wq
--------------------------------------------------
[root@dns-server ~]# systemctl restart named
[root@dns-server ~]# netstat -antulpe | grep named | grep 172.25.50.200
tcp        0      0 172.25.50.200:53        0.0.0.0:*               LISTEN      25         96283      741/named           
udp        0      0 172.25.50.200:53        0.0.0.0:*                           25         96282      741/named       
##开放了eth0上172.25.50.200的53端口

[root@client ~]# dig www.baidu.com

; <<>> DiG 9.9.4-RedHat-9.9.4-14.el7 <<>> www.baidu.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 8190    ##REFUSED表示拒绝
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; WARNING: recursion requested but not available

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;www.baidu.com.            IN    A

;; Query time: 2 msec
;; SERVER: 172.25.50.200#53(172.25.50.200)            ##DNS服务器是dns-server
;; WHEN: Thu Nov 24 04:09:31 EST 2016
;; MSG SIZE  rcvd: 42

[root@dns-server ~]# vim /etc/named.conf
--------------------------------------------------
 17         allow-query     { any; };                ##表示回答所有人的问题
:wq
--------------------------------------------------
[root@dns-server ~]# systemctl restart named

[root@client ~]# dig www.baidu.com

; <<>> DiG 9.9.4-RedHat-9.9.4-14.el7 <<>> www.baidu.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 35504    ##SERVFAIL表示不知道
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;www.baidu.com.            IN    A

;; Query time: 2 msec
;; SERVER: 172.25.50.200#53(172.25.50.200)
;; WHEN: Thu Nov 24 04:15:30 EST 2016
;; MSG SIZE  rcvd: 42

[root@dns-server ~]# vim /etc/named.conf
--------------------------------------------------
 18         forwarders      { 172.25.50.250; };            ##表示缓存谁的答案

 32         dnssec-validation no;                ##非权威,内部测试用
:wq
--------------------------------------------------
[root@dns-server ~]# systemctl restart named

[root@client ~]# dig www.firefox.com

; <<>> DiG 9.9.4-RedHat-9.9.4-14.el7 <<>> www.firefox.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 36167    ##NOERROR表示查询成功
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 13, ADDITIONAL: 16

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;www.firefox.com.        IN    A

;; ANSWER SECTION:
www.firefox.com.    242    IN    CNAME    firefox.com.
firefox.com.        60    IN    A    63.245.213.24

;; AUTHORITY SECTION:
com.            172657    IN    NS    g.gtld-servers.net.
com.            172657    IN    NS    l.gtld-servers.net.
com.            172657    IN    NS    h.gtld-servers.net.
com.            172657    IN    NS    c.gtld-servers.net.
com.            172657    IN    NS    e.gtld-servers.net.
com.            172657    IN    NS    i.gtld-servers.net.
com.            172657    IN    NS    k.gtld-servers.net.
com.            172657    IN    NS    a.gtld-servers.net.
com.            172657    IN    NS    j.gtld-servers.net.
com.            172657    IN    NS    f.gtld-servers.net.
com.            172657    IN    NS    b.gtld-servers.net.
com.            172657    IN    NS    m.gtld-servers.net.
com.            172657    IN    NS    d.gtld-servers.net.

;; ADDITIONAL SECTION:
a.gtld-servers.net.    32653    IN    A    192.5.6.30
a.gtld-servers.net.    32653    IN    AAAA    2001:503:a83e::2:30
h.gtld-servers.net.    67767    IN    A    192.54.112.30
f.gtld-servers.net.    79561    IN    A    192.35.51.30
b.gtld-servers.net.    34019    IN    A    192.33.14.30
b.gtld-servers.net.    77812    IN    AAAA    2001:503:231d::2:30
d.gtld-servers.net.    78716    IN    A    192.31.80.30
m.gtld-servers.net.    74109    IN    A    192.55.83.30
i.gtld-servers.net.    67562    IN    A    192.43.172.30
e.gtld-servers.net.    75957    IN    A    192.12.94.30
g.gtld-servers.net.    31250    IN    A    192.42.93.30
j.gtld-servers.net.    78708    IN    A    192.48.79.30
l.gtld-servers.net.    78658    IN    A    192.41.162.30
c.gtld-servers.net.    74833    IN    A    192.26.92.30
k.gtld-servers.net.    67562    IN    A    192.52.178.30

;; Query time: 150 msec
;; SERVER: 172.25.50.200#53(172.25.50.200)            ##DNS服务器是dns-server
;; WHEN: Thu Nov 24 04:42:36 EST 2016
;; MSG SIZE  rcvd: 562

[root@client ~]# dig www.firefox.com | grep "Query time"
;; Query time: 1 msec                        ##响应时间1秒,实现高速缓存

####################2.DNS附加内容####################
CNAME    别名,比如www.a.shifen.com.至www.baidu.com.
PTR    反向解析
MX    域里面的邮件服务器
NS    nameserver
SOA    授权起始,dns区域的管理信息

QUESTION    ##提出实际的DNS查询
ANSWER        ##响应(如果有)
AUTHORITY    ##负责域/区域的名称服务器
ADDITIONAL    ##提供的其他信息,通常是关于名称服务器

.                ##根域名,全世界一共13台根域名服务器
.com .net .edu .cn .org等    ##顶级域名或者一级域名

=====域名解析=====
[root@dns-server named]# vim /etc/named.conf
--------------------------------------------------
/发现
 56 include "/etc/named.rfc1912.zones";
--------------------------------------------------
[root@dns-server ~]# vim /etc/named.rfc1912.zones
--------------------------------------------------
/19行按下"y6y",24行按下"p",修改25行和27行
 25 zone "westos.com" IN {
 26         type master;
 27         file "westos.com.zone";
 28         allow-update { none; };
 29 };  
:wq
--------------------------------------------------
[root@dns-server ~]# cd /var/named/
[root@dns-server named]# ll
total 16
drwxrwx---. 2 named named   22 Nov 24 02:58 data
drwxrwx---. 2 named named   58 Nov 24 21:08 dynamic
-rw-r-----. 1 root  named 2076 Jan 28  2013 named.ca
-rw-r-----. 1 root  named  152 Dec 15  2009 named.empty
-rw-r-----. 1 root  named  152 Jun 21  2007 named.localhost
-rw-r-----. 1 root  named  168 Dec 15  2009 named.loopback
drwxrwx---. 2 named named    6 Jan 29  2014 slaves
[root@dns-server named]# cp -p named.localhost westos.com.zone
[root@dns-server named]# vim westos.com.zone
--------------------------------------------------
  1 $TTL 1D                            ##"1D"表示一天
  2 @       IN SOA  dns.westos.com. root.westos.com. (        ##@表示域名(即westos.com)
  3                                         0       ; serial
  4                                         1D      ; refresh
  5                                         1H      ; retry
  6                                         1W      ; expire
  7                                         3H )    ; minimum
  8                 NS      dns.westos.com.
  9 dns             A       172.25.50.200
 10 www             A       172.25.50.201
:wq
--------------------------------------------------
##以上的域名必须以"."来结尾,否则就默认加上".westos.com"后缀
##第二行的"root.westos.com."是给打开这个文件的人看的。可以不改,保留为原来的"rname.invalid."
[root@dns-server named]# systemctl restart named
>如果出现以下提示:
Job for named.service failed. See ‘systemctl status named.service‘ and ‘journalctl -xn‘ for details.
使用以下命令排查:
> /var/log/messages
systemctl restart named
cat /var/log/messages

[root@client ~]# dig www.westos.com

; <<>> DiG 9.9.4-RedHat-9.9.4-14.el7 <<>> www.westos.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 4229
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;www.westos.com.            IN    A

;; ANSWER SECTION:
www.westos.com.        86400    IN    A    172.25.50.201    ##地址解析成功

;; AUTHORITY SECTION:
westos.com.        86400    IN    NS    dns.westos.com.

;; ADDITIONAL SECTION:
dns.westos.com.        86400    IN    A    172.25.50.200

;; Query time: 1 msec
;; SERVER: 172.25.50.200#53(172.25.50.200)
;; WHEN: Thu Nov 24 23:25:03 EST 2016
;; MSG SIZE  rcvd: 93

[root@dns-server named]# vim westos.com.zone
--------------------------------------------------
/添加
 11 www             A       172.25.50.202
:wq
--------------------------------------------------
[root@dns-server named]# systemctl restart named

[root@client ~]# dig www.westos.com | grep www.westos.com.
;www.westos.com.            IN    A
www.westos.com.        86400    IN    A    172.25.50.201
www.westos.com.        86400    IN    A    172.25.50.202
[root@client ~]# dig www.westos.com | grep www.westos.com.
;www.westos.com.            IN    A
www.westos.com.        86400    IN    A    172.25.50.202
www.westos.com.        86400    IN    A    172.25.50.201
##一个域名对应两个IP地址,解析的时候就会以轮巡的方式解析

=====CNAME解析=====
[root@dns-server named]# vim westos.com.zone
--------------------------------------------------
/添加
 12 bbs             CNAME   www.westos.com.
:wq
--------------------------------------------------
[root@dns-server named]# systemctl restart named

[root@client ~]# dig bbs.westos.com

; <<>> DiG 9.9.4-RedHat-9.9.4-14.el7 <<>> bbs.westos.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 23454
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 1, ADDITIONAL: 2

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;bbs.westos.com.            IN    A

;; ANSWER SECTION:
bbs.westos.com.        86400    IN    CNAME    www.westos.com.
www.westos.com.        86400    IN    A    172.25.50.202
www.westos.com.        86400    IN    A    172.25.50.201    ##先别名解析,后地址解析

;; AUTHORITY SECTION:
westos.com.        86400    IN    NS    dns.westos.com.

;; ADDITIONAL SECTION:
dns.westos.com.        86400    IN    A    172.25.50.200

;; Query time: 1 msec
;; SERVER: 172.25.50.200#53(172.25.50.200)
;; WHEN: Thu Nov 24 23:28:47 EST 2016
;; MSG SIZE  rcvd: 127

=====MX解析=====
[root@foundation50 Desktop]# dig -t mx qq.com

; <<>> DiG 9.9.4-RedHat-9.9.4-29.el7 <<>> -t mx qq.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 39196
;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;qq.com.                IN    MX

;; ANSWER SECTION:
qq.com.            5415    IN    MX    30 mx1.qq.com.
qq.com.            5415    IN    MX    10 mx3.qq.com.
qq.com.            5415    IN    MX    20 mx2.qq.com.

;; Query time: 260 msec
;; SERVER: 221.11.1.67#53(221.11.1.67)
;; WHEN: Fri Nov 25 11:49:21 CST 2016
;; MSG SIZE  rcvd: 95

[root@client ~]# dig -t mx westos.com

; <<>> DiG 9.9.4-RedHat-9.9.4-14.el7 <<>> -t mx westos.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 36424
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;westos.com.            IN    MX

;; AUTHORITY SECTION:
westos.com.        10800    IN    SOA    dns.westos.com. root.westos.com. 0 86400 3600 604800 10800

;; Query time: 0 msec
;; SERVER: 172.25.50.200#53(172.25.50.200)
;; WHEN: Thu Nov 24 23:29:45 EST 2016
;; MSG SIZE  rcvd: 84

[root@dns-server named]# vim westos.com.zone
--------------------------------------------------
/添加
 13 westos.com.     MX 1    172.25.50.200.
:wq
--------------------------------------------------
[root@dns-server named]# systemctl restart named

[root@client ~]# dig -t mx westos.com

; <<>> DiG 9.9.4-RedHat-9.9.4-14.el7 <<>> -t mx westos.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 1672
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;westos.com.            IN    MX

;; ANSWER SECTION:
westos.com.        86400    IN    MX    1 172.25.50.200.    ##解析成功

;; AUTHORITY SECTION:
westos.com.        86400    IN    NS    dns.westos.com.

;; ADDITIONAL SECTION:
dns.westos.com.        86400    IN    A    172.25.50.200

;; Query time: 1 msec
;; SERVER: 172.25.50.200#53(172.25.50.200)
;; WHEN: Thu Nov 24 23:30:25 EST 2016
;; MSG SIZE  rcvd: 102

[root@client ~]# mail root@westos.com
Subject: 111
222
EOT
[root@client ~]# mailq
-Queue ID- --Size-- ----Arrival Time---- -Sender/Recipient-------
92C6F17E864      430 Thu Nov 24 23:32:34  root@client.example.com
                (connect to 172.25.50.200[172.25.50.200]:25: No route to host)
                                         root@westos.com

-- 0 Kbytes in 1 Request.
##未发送成功,邮件传输之后会讲

=====反向解析=====
反向解析和正向解析没有一毛钱关系

[root@client ~]# dig -x 172.25.254.200

; <<>> DiG 9.9.4-RedHat-9.9.4-14.el7 <<>> -x 172.25.254.200
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 5704        ##不存在此名称
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;200.254.25.172.in-addr.arpa.    IN    PTR

;; AUTHORITY SECTION:
25.172.in-addr.arpa.    86400    IN    SOA    25.172.in-addr.arpa. . 0 28800 7200 604800 86400

;; Query time: 1 msec
;; SERVER: 172.25.50.200#53(172.25.50.200)
;; WHEN: Fri Nov 25 01:30:13 EST 2016
;; MSG SIZE  rcvd: 91

[root@dns-server named]# vim /etc/named.rfc1912.zones
--------------------------------------------------
/25行按下"y6y",42行按下"p",修改43行和45行
 43 zone "254.25.172.in-addr.arpa" IN {
 44         type master;
 45         file "westos.com.ptr";
 46         allow-update { none; };
 47 };
:wq
--------------------------------------------------
[root@dns-server named]# cp -p named.localhost westos.com.ptr
[root@dns-server named]# vim westos.com.zone
--------------------------------------------------
  1 $TTL 1D
  2 @       IN SOA  dns.westos.com. root.westos.com. (            ##"@"表示254.25.172
  3                                         0       ; serial
  4                                         1D      ; refresh
  5                                         1H      ; retry
  6                                         1W      ; expire
  7                                         3H )    ; minimum
  8         NS      dns.westos.com.
  9         A       172.25.254.200
 10 222     PTR     www.westos.com.
 11 200     PTR     www.hello.com.
:wq
--------------------------------------------------
[root@dns-server named]# systemctl restart named

[root@client ~]# dig -x 172.25.254.200

; <<>> DiG 9.9.4-RedHat-9.9.4-14.el7 <<>> -x 172.25.254.200
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 8064
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;200.254.25.172.in-addr.arpa.    IN    PTR

;; ANSWER SECTION:
200.254.25.172.in-addr.arpa. 86400 IN    PTR    www.hello.com.        ##反向解析成功

;; AUTHORITY SECTION:
254.25.172.in-addr.arpa. 86400    IN    NS    dns.westos.com.

;; ADDITIONAL SECTION:
dns.westos.com.        86400    IN    A    172.25.50.200

;; Query time: 2 msec
;; SERVER: 172.25.50.200#53(172.25.50.200)
;; WHEN: Fri Nov 25 01:45:54 EST 2016
;; MSG SIZE  rcvd: 124

[root@client ~]# dig -x 172.25.254.222

; <<>> DiG 9.9.4-RedHat-9.9.4-14.el7 <<>> -x 172.25.254.222
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 40119
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;222.254.25.172.in-addr.arpa.    IN    PTR

;; ANSWER SECTION:
222.254.25.172.in-addr.arpa. 86400 IN    PTR    www.westos.com.        ##反向解析成功

;; AUTHORITY SECTION:
254.25.172.in-addr.arpa. 86400    IN    NS    dns.westos.com.

;; ADDITIONAL SECTION:
dns.westos.com.        86400    IN    A    172.25.50.200

;; Query time: 2 msec
;; SERVER: 172.25.50.200#53(172.25.50.200)
;; WHEN: Fri Nov 25 01:51:26 EST 2016
;; MSG SIZE  rcvd: 118

=====双向解析=====
[root@dns-server named]# cp -p westos.com.zone westos.com.inter
[root@dns-server named]# vim westos.com.inter
--------------------------------------------------
  1 $TTL 1D
  2 @       IN SOA  dns.westos.com. root.westos.com. (
  3                                         0       ; serial
  4                                         1D      ; refresh
  5                                         1H      ; retry
  6                                         1W      ; expire
  7                                         3H )    ; minimum
  8                 NS      dns.westos.com.
  9 dns             A       172.25.0.200
 10 www             A       172.25.0.201
 11 www             A       172.25.0.202
 12 bbs             CNAME   www.westos.com.
 13 westos.com.     MX 1    172.25.0.200.
:wq
--------------------------------------------------
[root@dns-server named]# cp -p /etc/named.rfc1912.zones /etc/named.rfc1912.zones.inter
[root@dns-server named]# vim /etc/named.rfc1912.zones.inter
--------------------------------------------------
 27         file "westos.com.inter";
:wq
--------------------------------------------------
[root@dns-server named]# man 5 named.conf
--------------------------------------------------
VIEW
           view string optional_class {
                match-clients { address_match_element; ... };
--------------------------------------------------
/复制
[root@dns-server named]# vim /etc/named.conf
--------------------------------------------------
 50 /*zone "." IN {
 51         type hint;
 52         file "named.ca";
 53 };
 54
 55 include "/etc/named.rfc1912.zones";
 56 include "/etc/named.root.key";
 57 */
 58 view localnet {
 59         match-clients { 172.25.50.100/32; };
 60         zone "." IN {
 61                 type hint;
 62                 file "named.ca";
 63         };
 64
 65         include "/etc/named.rfc1912.zones";
 66 };
 67
 68 view internet {
 69         match-clients { any; };
 70         zone "." IN {
 71                 type hint;
 72                 file "named.ca";
 73         };
 74
 75         include "/etc/named.rfc1912.zones.inter";
 76 };
--------------------------------------------------
[root@dns-server named]# systemctl restart named
[root@dns-server named]# vim /etc/resolv.conf
--------------------------------------------------
  4 nameserver 172.25.50.200
:wq
--------------------------------------------------
[root@dns-server named]# dig www.westos.com

; <<>> DiG 9.9.4-RedHat-9.9.4-14.el7 <<>> www.westos.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 8562
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 1, ADDITIONAL: 2

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;www.westos.com.            IN    A

;; ANSWER SECTION:
www.westos.com.        86400    IN    A    172.25.0.202
www.westos.com.        86400    IN    A    172.25.0.201        ##第三位是0

;; AUTHORITY SECTION:
westos.com.        86400    IN    NS    dns.westos.com.

;; ADDITIONAL SECTION:
dns.westos.com.        86400    IN    A    172.25.0.200

;; Query time: 1 msec
;; SERVER: 172.25.50.200#53(172.25.50.200)
;; WHEN: Fri Nov 25 02:15:32 EST 2016
;; MSG SIZE  rcvd: 109

[root@client ~]# dig www.westos.com

; <<>> DiG 9.9.4-RedHat-9.9.4-14.el7 <<>> www.westos.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 60150
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 1, ADDITIONAL: 2

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;www.westos.com.            IN    A

;; ANSWER SECTION:
www.westos.com.        86400    IN    A    172.25.50.202
www.westos.com.        86400    IN    A    172.25.50.201        ##第三位是50

;; AUTHORITY SECTION:
westos.com.        86400    IN    NS    dns.westos.com.

;; ADDITIONAL SECTION:
dns.westos.com.        86400    IN    A    172.25.50.200

;; Query time: 1 msec
;; SERVER: 172.25.50.200#53(172.25.50.200)
;; WHEN: Fri Nov 25 02:14:09 EST 2016
;; MSG SIZE  rcvd: 109


本文出自 “施超Linux学习笔记” 博客,谢绝转载!

Linux课程第十八天学习笔记

标签:linux学习   linux课程   linux笔记   

原文地址:http://shichao.blog.51cto.com/5804953/1876612

(0)
(0)
   
举报
评论 一句话评论(0
登录后才能评论!
© 2014 mamicode.com 版权所有  联系我们:gaon5@hotmail.com
迷上了代码!