访问主机用户过多，开启分机减轻负担
主机
zone "taxing.com" IN {

        type master;
        file "taxing.com.zone";
        allow-update { none; };
        allow-transfer {172.25.254.224;};
从机
zone "taxing.com" IN {

        type slave;
        masters {172.25.254.124;};
        file "slaves/taxing.com.zone";
        allow-update { none; };
时时同步
主机
vim /var/namedtaxing.com.zone
$TTL 1D
@       IN SOA  dns.taxing.com. root.taxing.com. (
                                        201611261       ; serial        # 最大为十位  文件在更新时查看比较的值，不同则更新 （rm -rf /var/name/slaves/taxing.com.zone; systemctl restart named）
                                        1D      ; refresh
                                        1H      ; retry
                                        1W      ; expire
                                        3H )    ; minimum
        NS      dns
dns     A       172.25.254.124
www     A       172.25.254.138
~                  
每次修改ip的时候都要修改serial值

vim /etc/name.rfc1912.zones
zone "taxing.com" IN {

        type master;
        file "taxing.com.zone";
        allow-update { none; };
        allow-transfer {172.25.254.224;};
        also-notify {172.25.254.224;};     ## 修改完通知从机
};
远程控制修改
客户端
setenforce 0
[root@localhost slaves]# nsupdate 
> server 172.25.254.124
> update delete www.taxing.com
> update add www.taxing.com 86400 A 172.25.254.138   #86400s  缓存时间
> send
> quit
主机
setenforc 0
vim /etc/named.rfc1912.zones
zone "taxing.com" IN {

        type master;
        file "taxing.com.zone";
        allow-update { 172.25.254.224; };
};
chmod 770 /var/name/
reboot 后会同步更新后的内容，先备份cp -p taxing.com.zone /mnt 重起后再删除taxing.com.zone.jnl 和已经同步了的taxing.com.zone 把备份了的taxing.com.zone 复制回来  cp -p /mnt/taxing.com.zone .
密钥匙认证
主机
 dnssec-keygen -a HMAC-MD5 -b 128 -n HOST taxing
cat Ktaxing.+157+22634.key 
cat Ktaxing.+157+22634.private 
cp -p /etc/rndc.key /etc/taxing.key
vim /etc/taxing.key 
key "taxing" {

        algorithm hmac-md5;
        secret "YtJ6Y7kyfL5moClanMIS6Q==";
};

vim /etc/named.rfc1912.zones
zone "taxing.com" IN {

        type master;
        file "taxing.com.zone";
        allow-update { key taxing; };
};

systemctl restart named
scp Ktaxing.+157+22634.* root@172.25.254.224:/mnt/

客户机
[root@localhost mnt]# nsupdate -k Ktaxing.+157+22634.private 
> server 172.25.254.124
> update delete www.taxing.com
> send
> quit

花生壳动态dhcp DNS获取
主机
vim /etc/dhcp/dhcpd.conf
# Use this to enble / disable dynamic dns updates globally.
ddns-update-style interim;
subnet 172.25.254.0 netmask 255.255.255.0 {

  range 172.25.254.224 172.25.254.242;
  option routers 172.25.254.124;
}
key taxing {

        algorithm hmac-md5;
        secret YtJ6Y7kyfL5moClanMIS6Q==;
        };
zone taxing.com.{

        primary 127.0.0.1;
    key taxing;
    }
vim /var/name/taxing.com.zone
                                                            41,1-8        90%
客户端
打开动态获取 dhcp

hostnamectl set-hostname timo.taxing.com

dig timo.taxing.com

gnome-screenshot -a    #截图

本文转自   Taxing祥   51CTO博客，原文链接:http://blog.51cto.com/12118369/1878385