| 操作系统 | IP | 服务 |
| CentOS9 | 192.168.8.73 | Bind服务 |
| CentOS9 | 192.168.8.74 | Bind服务 |
| CentOS9 | 192.168.8.71 | openresty代理 |
| CentOS9 | 192.168.8.72 | openresty代理 |
wget -c https://openresty.org/download/openresty-1.25.3.1.tar.gz
[root@bind-m-74 opt]# tar xf openresty-1.25.3.1.tar.gz
yum -y install perl-devel openssl-devel pcre-devel gcc gcc-c++ autoconf make zlib-devel?
./configure ; echo $?
?make && make install ; echo $?
cd /usr/local/openresty
[root@bind-m-74 conf]# cat /usr/local/openresty/nginx/conf/nginx.conf
#user ?nobody;
worker_processes ?1;
#error_log ?logs/error.log;
#error_log ?logs/error.log ?notice;
#error_log ?logs/error.log ?info;
#pid ???????logs/nginx.pid;
events {
????worker_connections ?1024;
}
http {
????include ??????mime.types;
????default_type ?application/octet-stream;
????#log_format ?main ?'$remote_addr - $remote_user [$time_local] "$request" '
????# ?????????????????'$status $body_bytes_sent "$http_referer" '
????# ?????????????????'"$http_user_agent" "$http_x_forwarded_for"';
????#access_log ?logs/access.log ?main;
????sendfile ???????on;
????#tcp_nopush ????on;
????#keepalive_timeout ?0;
????keepalive_timeout ?65;
????#gzip ?on;
????server {
????????listen ??????80;
????????server_name ?localhost;
????????#charset koi8-r;
????????#access_log ?logs/host.access.log ?main;
????????location / {
????????????root ??html;
????????????index ?index.html index.htm;
????????}
????????#error_page ?404 ?????????????/404.html;
????????# redirect server error pages to the static page /50x.html
????????#
????????error_page ??500 502 503 504 ?/50x.html;
????????location = /50x.html {
????????????root ??html;
????????}
????????# proxy the PHP scripts to Apache listening on 127.0.0.1:80
????????#
????????#location ~ \.php$ {
????????# ???proxy_pass ??http://127.0.0.1;
????????#}
????????# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
????????#
????????#location ~ \.php$ {
????????# ???root ??????????html;
????????# ???fastcgi_pass ??127.0.0.1:9000;
????????# ???fastcgi_index ?index.php;
????????# ???fastcgi_param ?SCRIPT_FILENAME ?/scripts$fastcgi_script_name;
????????# ???include ???????fastcgi_params;
????????#}
????????# deny access to .htaccess files, if Apache's document root
????????# concurs with nginx's one
????????#
????????#location ~ /\.ht {
????????# ???deny ?all;
????????#}
????}
????# another virtual host using mix of IP-, name-, and port-based configuration
????#
????#server {
????# ???listen ??????8000;
????# ???listen ??????somename:8080;
????# ???server_name ?somename ?alias ?another.alias;
????# ???location / {
????# ???????root ??html;
????# ???????index ?index.html index.htm;
????# ???}
????#}
????# HTTPS server
????#
????#server {
????# ???listen ??????443 ssl;
????# ???server_name ?localhost;
????# ???ssl_certificate ?????cert.pem;
????# ???ssl_certificate_key ?cert.key;
????# ???ssl_session_cache ???shared:SSL:1m;
????# ???ssl_session_timeout ?5m;
????# ???ssl_ciphers ?HIGH:!aNULL:!MD5;
????# ???ssl_prefer_server_ciphers ?on;
????# ???location / {
????# ???????root ??html;
????# ???????index ?index.html index.htm;
????# ???}
????#}
}
stream {
?upstream bind-ms {
?server 192.168.8.73:53;
?server 192.168.8.74:53;
# access_log logs/proxy-bind-access.log ;
# error_log logs/proxy-bind-error.log error;
?}
?server {
?listen 53 udp;
?proxy_pass bind-ms;
?proxy_timeout 120s;
# access_log logs/proxy-bind-access.log ;
?error_log logs/proxy-bind-error.log error;
?}
}
[root@zabbixguo130 conf]# cat nginx.conf
#user ?nobody;
worker_processes ?1;
#error_log ?logs/error.log;
#error_log ?logs/error.log ?notice;
#error_log ?logs/error.log ?info;
#pid ???????logs/nginx.pid;
events {
????worker_connections ?1024;
}
http {
????include ??????mime.types;
????default_type ?application/octet-stream;
????#log_format ?main ?'$remote_addr - $remote_user [$time_local] "$request" '
????# ?????????????????'$status $body_bytes_sent "$http_referer" '
????# ?????????????????'"$http_user_agent" "$http_x_forwarded_for"';
????#access_log ?logs/access.log ?main;
????sendfile ???????on;
????#tcp_nopush ????on;
????#keepalive_timeout ?0;
????keepalive_timeout ?65;
????#gzip ?on;
# ???server {
# ??????listen ??????80;
# ???????server_name ?localhost;
????????#charset koi8-r;
????????#access_log ?logs/host.access.log ?main;
# ???????location / {
# ???????????root ??html;
# ???????????index ?index.html index.htm;
# ??????}
????????#error_page ?404 ?????????????/404.html;
????????# redirect server error pages to the static page /50x.html
????????#
# ???????error_page ??500 502 503 504 ?/50x.html;
# ???????location = /50x.html {
# ???????????root ??html;
# ???????}
????????# proxy the PHP scripts to Apache listening on 127.0.0.1:80
????????#
????????#location ~ \.php$ {
????????# ???proxy_pass ??http://127.0.0.1;
????????#}
????????# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
????????#
????????#location ~ \.php$ {
????????# ???root ??????????html;
????????# ???fastcgi_pass ??127.0.0.1:9000;
????????# ???fastcgi_index ?index.php;
????????# ???fastcgi_param ?SCRIPT_FILENAME ?/scripts$fastcgi_script_name;
????????# ???include ???????fastcgi_params;
????????#}
????????# deny access to .htaccess files, if Apache's document root
????????# concurs with nginx's one
????????#
????????#location ~ /\.ht {
????????# ???deny ?all;
????????#}
# ???}
????# another virtual host using mix of IP-, name-, and port-based configuration
????#
????#server {
????# ???listen ??????8000;
????# ???listen ??????somename:8080;
????# ???server_name ?somename ?alias ?another.alias;
????# ???location / {
????# ???????root ??html;
????# ???????index ?index.html index.htm;
????# ???}
????#}
????# HTTPS server
????#
????#server {
????# ???listen ??????443 ssl;
????# ???server_name ?localhost;
????# ???ssl_certificate ?????cert.pem;
????# ???ssl_certificate_key ?cert.key;
????# ???ssl_session_cache ???shared:SSL:1m;
????# ???ssl_session_timeout ?5m;
????# ???ssl_ciphers ?HIGH:!aNULL:!MD5;
????# ???ssl_prefer_server_ciphers ?on;
????# ???location / {
????# ???????root ??html;
????# ???????index ?index.html index.htm;
????# ???}
????#}
}
stream {
?upstream bind-ms {
?server 192.168.8.140:53;
?server 192.168.8.141:53;
# access_log logs/proxy-bind-access.log ;
# error_log logs/proxy-bind-error.log error;
?}
?server {
?listen 53 udp;
?proxy_pass bind-ms;
?proxy_timeout 120s;
# access_log logs/proxy-bind-access.log ;
?error_log logs/proxy-bind-error.log error;
?}
}
root@localhost openresty-1.25.3.1]# dig www.guomc.com @192.168.8.74
; <<>> DiG 9.16.23-RH <<>> www.guomc.com @192.168.8.74
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 9671
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
; COOKIE: 007304b61ca0838e0100000065afa306c1aac70cf7cdb798 (good)
;; QUESTION SECTION:
;www.guomc.com. IN A
;; ANSWER SECTION:
www.guomc.com. 7200 IN A 192.168.8.74
www.guomc.com. 7200 IN A 192.168.8.73
;; Query time: 4 msec
;; SERVER: 192.168.8.74#53(192.168.8.74)
;; WHEN: Tue Jan 23 19:29:12 CST 2024
;; MSG SIZE ?rcvd: 102
[root@localhost openresty-1.25.3.1]#
[root@localhost openresty-1.25.3.1]# dig www.guomc.com @192.168.8.73
; <<>> DiG 9.16.23-RH <<>> www.guomc.com @192.168.8.73
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 63818
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 5, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
; COOKIE: 7fecde1f7d393f840100000065afa2fb0df23893e2778884 (good)
;; QUESTION SECTION:
;www.guomc.com. IN A
;; ANSWER SECTION:
www.guomc.com. 7200 IN A 192.168.8.77
www.guomc.com. 7200 IN A 192.168.8.75
www.guomc.com. 7200 IN A 192.168.8.74
www.guomc.com. 7200 IN A 192.168.8.73
www.guomc.com. 7200 IN A 192.168.8.76
;; Query time: 4 msec
;; SERVER: 192.168.8.73#53(192.168.8.73)
;; WHEN: Tue Jan 23 19:29:00 CST 2024
;; MSG SIZE ?rcvd: 150