需求:在内网已部署一个苹果CMS,但每次访问都要通过IP很不方便,需要转变为用域名访问
方法一:
给每个需要访问该网站的人添加一条hosts记录;如果只是几个人这方法的确很快,但是如果上百人甚至上千人一个个去添加hosts显然是不理智的行为
方法二:在内网搭建一个DNS服务器添加解析记录即可
IP地址:192.168.111.68
环境:
[root@DNS-Server named]# cat /etc/redhat-release
CentOS Linux release 7.7.1908 (Core)安装DNS软件
yum install vim bind*-y修改配置文件
vim /etc/named.conf
配置域名解析
注:添加的内容可直接填写在/etc/named.conf或填写/etc/named.rfc1912.zones或自定义;本次实验填写在/etc/named.rfc1912.zones中。
vim /etc/named.rfc1912.zones # 在/etc/named.conf底部可看到/etc/named.rfc1912.zones被include的
创建正向解析文件
vim virgo.com.zone
$TTL 1D
@ IN SOA virgo.com. root.virgo.com. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
@ IN NS dns.virgo.com.
dns IN A 192.168.111.68 //DNS服务器地址
www IN A 192.168.111.58 //视频服务器IP地址由于暂时用不到反向解析,暂且跳过
重启服务:systemctl restart named
客户端配置DNS:
登录苹果CMS后台配置域名;www.virgo.com
客户端刷新DNS缓存:
测试访问即可
思考:上述搭建DNS仅是内网使用,如果查询的域名在内网DNS并没指向怎么办呢?添加转发地址即可。
options {
listen-on port 53 { any; }; //默认是any,表示允许所有网段的主机。可以改成自己所在的内网网段
listen-on-v6 port 53 { ::1; };
directory "/var/named"; //定义named的固定工作路径
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { any; }; //表示接收所有网段
recursion yes;
forward first; //下面这两行配置很重要,这个配置后,当客户端采用我们自己配置的内网DNS的NS服务器后,当访问别的网站,内网NS解析不了的就转发给8.8.8.8的DS服务器解析,保证能正常上网。
forwarders {
223.5.5.5; //阿里云的DNS服务器
223.6.6.6;
8.8.8.8;
8.8.4.4;
};
};参考文档:
拓展:搭配nginx代理服务
DNS配置文件:
注:192.168.107.130为DNS服务器、192.168.107.115为nginx服务器
$TTL 1D
@ IN SOA virgo.com. root.virgo.com. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
@ IN NS dns.virgo.com.
dns IN A 192.168.107.130
j IN A 192.168.107.115
s IN A 192.168.107.115
v IN A 192.168.107.115
u IN A 192.168.107.115
vm IN A 192.168.107.115
z IN A 192.168.107.115nginx配置文件:
配置文件中一个server表示一个服务
#user nobody;
worker_processes 1;
#error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
pid logs/nginx.pid;
#pid /usr/local/nginx/logs/nginx.pid;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
#log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
#access_log logs/access.log main;
sendfile on;
#tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 65;
#gzip on;
server {
listen 80;
server_name j.virgo.com;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
location / { proxy_pass http://192.168.111.180;}
error_page 500 502 503 504 /50x.html;
location = /50x.html { root html; }
}
server {
listen 80;
server_name s.virgo.com;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
location / { proxy_pass http://192.168.107.91;}
error_page 500 502 503 504 /50x.html;
location = /50x.html { root html; }
}
server {
listen 80;
server_name v.virgo.com;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
location / { proxy_pass http://192.168.107.114/;}
error_page 500 502 503 504 /50x.html;
location = /50x.html { root html; }
}
server {
listen 80;
server_name z.virgo.com;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
location / { proxy_pass http://192.168.107.119/zabbix/;}
error_page 500 502 503 504 /50x.html;
location = /50x.html { root html; }
}
server {
listen 80;
server_name vm.virgo.com;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
location / { proxy_pass https://192.168.107.112;}
error_page 500 502 503 504 /50x.html;
location = /50x.html { root html; }
}
}
本文章为转载内容,我们尊重原作者对文章享有的著作权。如有内容错误或侵权问题,欢迎原作者联系我们进行内容更正或删除文章。
