IPv6 DNS 服务器配置
初始化配置
设置主机名和域名
cat /etc/hostnametestserver配置主机解析名字
[root@testserver etc]# cat /etc/hosts127.0.0.1????????? testserver.test.com testserver172.12.0.100?????? testserver.test.com testserver::1??????????????? testserver.test.com testserver2020:102:101:1::1? testserver.test.com testserver
测试主机配置
[root@testserver etc]# hostname -ftestserver.test.com配置bind(DNS)配置文件
?vim? /etc/named.conf注意监听地址配置和allow-query的配置,否则会在客户端收到reply-code: 5 Refuse Query
options {??????? listen-on port 53 { 127.0.0.1;172.12.0.100; };??????? listen-on-v6 port 53 {::1; 2020:102:101:1::1; };?????? ?…..??????? allow-query???? { any; };
如果需要使能递归查询,需要开启forwards, 如:
forwarders {??????????????? 192.168.10.3;??????????????? 61.139.2.69;???????? };作为私网DNS Server还需要关闭安全检查
? ? ? ? dnssec-enable no;??????? dnssec-validation no;配置本地域名和主机
zone "test.com" IN {??????? type master;??????? file "/etc/named/test.com";??????? allow-update { none;};};配置域及主机记录:
[root@testserver etc]# cat /etc/named/test.com$TTL 86400@?? IN? SOA?? test.com. testserver.test.com. (???????? 20200103????? ;Serial???????????? 3600 ?????;Refresh???????????? 1800????? ;Retry?????????? 604800????? ;Expire??????????? 86400????? ;Minimum TTL)@?????? IN? NS??? testserver.test.com.testserver?? IN? A???? 172.12.0.100testserver?? IN? AAAA? 2020:102:101:1::1仅开启IPv6协议的主机获得地址后,ping testserver.test.com, 并抓取dns报文,可见地址正确解析
Apache Server开启IPv6 Web服务
在httpd.conf文件中,配置监听端口
vim /etc/httpd/conf/httpd.conf?Listen 80#表示监听所有接口的80端口用netstat检查接口监听情况,可见IPv6和IPv6都有监听
使用纯IPv6协议使能的PC, 打开
http://testserver.test.com, 页面能正确打开
FTP服务IPv6支持
确认配置中,IPv6监听开启
vim /etc/vsftpd/vsftpd.conflisten_ipv6=YESnetstart检查接口监听情况
开启sshd IPv6监听
vim /etc/ssh/sshd_config? #默认监听IPv4和IPv6的22端口检查接口监听情况:
Nginx支持IPv6
检查当前nginx是否支持IPv6 (nginx -V)
不支持,则进入下载的nginx源码解压目录中重新配置、编译、安装
cd /home/admin/nginx./configure --user=www?--group=www --prefix=/opt/nginx --with-http_stub_status_module --without-http-cache --with-http_ssl_module --with-http_gzip_static_module --with-ipv6?make && make install安装完成后,重启检查nginx是否支持IPv6
/opt/nginx/sbin/nginx -V
测试配置(nginx -t)
重启nginx
systemctl restart nginx