TypechoJoeTheme

运维茶馆

统计
登录
用户名
密码

dnsmasq部署与配置

掌柜博主
2019-09-25
/
0 评论
/
2,309 阅读
/
72 个字
/
百度已收录
09/25
本文最后更新于2023年07月07日,已超过515天没有更新。如果文章内容或图片资源失效,请留言反馈,我会及时处理,谢谢!

环境说明

角色主机名IP系统版本
dns主服务器sy-gmh-app-vm41.shaoyan.pro192.168.168.41CentOS Linux release 7.6.1810 (Core)
dns备用服务器sy-gmh-app-vm42.shaoyan.pro192.168.168.42CentOS Linux release 7.6.1810 (Core)

安装和配置dnsmasq

# 安装
 [root@sy-gmh-app-vm41:~]# yum install dnsmasq  deltarpm bind-utils -y
# 配置
[root@sy-gmh-app-vm41:~]# egrep -v "#|^$" /etc/dnsmasq.conf 
listen-address=192.168.168.41
conf-dir=/etc/dnsmasq.d,.rpmnew,.rpmsave,.rpmorig
[root@sy-gmh-app-vm41:~]# cat /etc/dnsmasq.d/hosts 
address=/sy-gmh-sa-vm3.shaoyan.pro/192.168.168.3
# 启动服务
[root@sy-gmh-app-vm41:~]# systemctl start dnsmasq
[root@sy-gmh-app-vm41:~]# systemctl enable dnsmasq
Created symlink from /etc/systemd/system/multi-user.target.wants/dnsmasq.service to /usr/lib/systemd/system/dnsmasq.service.
# 放行内网端口
[root@sy-gmh-app-vm41:~]# iptables -I INPUT -s 192.168.168.0./24 -p udp -m udp -j ACCEPT
[root@sy-gmh-app-vm41:~]# iptables -I INPUT -s 192.168.168.0./24 -p tcp -m tcp -j ACCEPT
[root@sy-gmh-app-vm41:~]# service iptables save

测试效果

[root@sy-gmh-test-vm21:~]# yum install bind-utils -y
[root@sy-gmh-test-vm21:~]# ping sy-gmh-sa-vm3.shaoyan.pro
PING sy-gmh-sa-vm3.shaoyan.pro (192.168.168.3) 56(84) bytes of data.
64 bytes from 192.168.168.3 (192.168.168.3): icmp_seq=1 ttl=64 time=0.388 ms
64 bytes from 192.168.168.3 (192.168.168.3): icmp_seq=2 ttl=64 time=1.91 ms
64 bytes from 192.168.168.3 (192.168.168.3): icmp_seq=3 ttl=64 time=0.871 ms
64 bytes from 192.168.168.3 (192.168.168.3): icmp_seq=4 ttl=64 time=0.906 ms
^C
--- sy-gmh-sa-vm3.shaoyan.pro ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3005ms
rtt min/avg/max/mdev = 0.388/1.021/1.919/0.557 ms
[root@sy-gmh-test-vm21:~]# dig sy-gmh-sa-vm3.shaoyan.pro

; <<>> DiG 9.9.4-RedHat-9.9.4-74.el7_6.1 <<>> sy-gmh-sa-vm3.shaoyan.pro
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 20344
;; flags: qr aa rd ra ad; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;sy-gmh-sa-vm3.shaoyan.pro.    IN    A

;; ANSWER SECTION:
sy-gmh-sa-vm3.shaoyan.pro. 0    IN    A    192.168.168.3

;; Query time: 1 msec
;; SERVER: 192.168.168.41#53(192.168.168.41)
;; WHEN: 二 6月 25 09:28:23 CST 2019
;; MSG SIZE rcvd: 59

同步配置到备用服务器

# 生成公钥,拷贝公钥到sy-gmh-app-vm41.shaoyan.pro
[root@sy-gmh-app-vm42:~]# ssh-keygen -t rsa
Generating public/private rsa key pair.

Enter file in which to save the key (/root/.ssh/id_rsa): Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:97LIORWYoxjp7K0Vbbk3z+LyGdDwOLLvU3unO6Xsc2I root@sy-gmh-app-vm42.shaoyan.pro
The key's randomart image is:
+---[RSA 2048]----+
| |
| |
| . .o |
| o .+*. |
| o oo.S.+. |
| + .= =o. . |
| . .o .o=o.o |
| ...o++oOE o |
| .. .**==*O |
+----[SHA256]-----+
[root@sy-gmh-app-vm42:~]# cat .ssh/id_rsa.pub 
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCzD1NHiTMnOaj0AtL0uxTOhaoyQGDdd9hAMql9rHN2WvDPOXxiK+JqeN3i8rbtVrvA0uIg0rDPbFYJvyC+g6NEmPzeppkdgyY1xCanG0Z1FJECB4xO0rzLH8qxEAwXE+LYPJkq+2vGJwN/fcOWTqihl4fSSAYwdErhzJ2T356ia6GaRjKVp7llqBoJJewdjFdTpELfyL1jqV3a5pybKKpoEavbzfqgvp008gH3DoUHtuSlG1zBzmNaQ1NqEn3uIsADwFdccVCZh9FL4+8Zy8t3fgSuj348ny3L4rgfowtvJD45qesj+HSztA2fCOjKEa85U0bJ6VQtSeZw+HJh73Kl root@sy-gmh-app-vm42.shaoyan.pro

[root@sy-gmh-app-vm41:~]# tail -1 .ssh/authorized_keys 
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCzD1NHiTMnOaj0AtL0uxTOhaoyQGDdd9hAMql9rHN2WvDPOXxiK+JqeN3i8rbtVrvA0uIg0rDPbFYJvyC+g6NEmPzeppkdgyY1xCanG0Z1FJECB4xO0rzLH8qxEAwXE+LYPJkq+2vGJwN/fcOWTqihl4fSSAYwdErhzJ2T356ia6GaRjKVp7llqBoJJewdjFdTpELfyL1jqV3a5pybKKpoEavbzfqgvp008gH3DoUHtuSlG1zBzmNaQ1NqEn3uIsADwFdccVCZh9FL4+8Zy8t3fgSuj348ny3L4rgfowtvJD45qesj+HSztA2fCOjKEa85U0bJ6VQtSeZw+HJh73Kl root@sy-gmh-app-vm42.shaoyan.pro

定时拉取配置

[root@sy-gmh-app-vm42:/data/sh]# cat rsync_dnsmasq_hosts_conf.sh 
#!/bin/sh

rsync -avzP -e "ssh -p 12080" 192.168.168.41:/etc/dnsmasq.d/hosts /etc/dnsmasq.d/
systemctl restart dnsmasq

[root@sy-gmh-app-vm42:/data/sh]# chmod +x rsync_dnsmasq_hosts_conf.sh
[root@sy-gmh-app-vm42:/data/sh]# sh rsync_dnsmasq_hosts_conf.sh 
receiving incremental file list

sent 20 bytes received 44 bytes 128.00 bytes/sec
total size is 49 speedup is 0.77

[root@sy-gmh-app-vm42:/data/sh]# crontab -l
30 1 * * * /bin/bash /data/sh/rsync_dnsmasq_hosts_conf.sh >> /data/sh/rsync_dnsmasq_hosts_conf.log

赞(0)
赞赏
感谢您的支持,我会继续努力哒!
版权属于:

运维茶馆

本文链接:

https://opstea.com/archives/dnsmasq.html(转载时请注明本文出处及文章链接)

评论 (0)