安装bind
1 、安装bind软件,需要安装3 个bind、bind-chroot、bind-util
| [root@localhost pub]# yum install -y bind bind-chroot bind-utils Installed: bind.i686 32:9.8.2-0.17.rc1.el6_4.6 Complete! |
2 、修改配置文件“/etc/named.conf”,追加“forward”
| [root@localhost pub]# gedit /etc/named.conf options { listen-on port 53 { 127.0.0.1; }; # listen-on-v6 port 53 { ::1; }; directory "/var/named"; dump-file "/var/named/data/cache_dump.db"; statistics-file "/var/named/data/named_stats.txt"; memstatistics-file "/var/named/data/named_mem_stats.txt"; allow-query { localhost; }; recursion yes; dnssec-enable yes; dnssec-validation yes; dnssec-lookaside auto; /* Path to ISC DLV key */ bindkeys-file "/etc/named.iscdlv.key"; managed-keys-directory "/var/named/dynamic"; forward only; forwarders{ 8.8.8.8; } }; |
3 、设置防火墙,这里需要用到53端口。需要开启tcp和udp的53端口,记得重启防火墙
| [root@localhost pub]# gedit /etc/sysconfig/iptables -A INPUT -m state --state NEW -m tcp -p tcp --dport 443 -j ACCEPT -A INPUT -m state --state NEW -m tcp -p tcp --dport 53 -j ACCEPT -A INPUT -m state --state NEW -m udp -p udp --dport 53 -j ACCEPT [root@localhost phpMyAdmin]# service iptables restart iptables :将链设置为政策 ACCEPT : filter nat [ 确定 ] iptables :清除防火墙规则: [ 确定 ] iptables :正在卸载模块: [ 确定 ] iptables :应用防火墙规则: [ 确定 ] iptables :载入额外模块: nf_conntrack_ftp [ 确定 ] [root@localhost phpMyAdmin]# |
4 、启动服务
| [root@localhost pub]# service named start 启动 named : [ 确定 ] [root@localhost pub]# |
5 、测试,命令格式“dig 网站@ip”,这里用回环地址来测试,看是否能请求成功
| [root@localhost pub]# dig www.baidu.com @127.0.0.1 ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.17.rc1.el6_4.6 <<>> www.baidu.com @127.0.0.1 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 51491 ;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;www.baidu.com. IN A ;; ANSWER SECTION: www.baidu.com. 1191 IN CNAME www.a.shifen.com. www.a.shifen.com. 299IN A 14.215.177.38 // 这个就是请求到的结果 www.a.shifen.com. 299IN A 14.215.177.39 ;; Query time: 3053 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) ;; WHEN: Tue Aug 14 19:02:59 2018 ;; MSG SIZE rcvd: 90 |
6 、更改配置文件named.conf,让所有机器都可以使用该服务。
1 )将配置文件中的回环地址改为any,意味着允许任何人使用
| [root@localhost pub]# gedit /etc/named.conf options { listen-on port 53 {any; }; # listen-on-v6 port 53 { ::1; }; directory "/var/named"; dump-file "/var/named/data/cache_dump.db"; statistics-file "/var/named/data/named_stats.txt"; memstatistics-file "/var/named/data/named_mem_stats.txt"; allow-query { any; }; recursion yes; dnssec-enable yes; dnssec-validation yes; dnssec-lookaside auto; /* Path to ISC DLV key */ bindkeys-file "/etc/named.iscdlv.key"; managed-keys-directory "/var/named/dynamic"; forward only; forwarders{ 8.8.8.8; } }; |
2 )找一个其他ip地址来测试
| [root@localhost pub]# service named restart // 重启服务 停止 named : [ 确定 ] 启动 named : [ 确定 ] [root@localhost pub]# dig www.baidu.com @192.168.0.113 ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.17.rc1.el6_4.6 <<>> www.baidu.com @192.168.0.113 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 37134 ;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;www.baidu.com. IN A ;; ANSWER SECTION: www.baidu.com. 871 IN CNAME www.a.shifen.com. www.a.shifen.com. 299 IN A 14.215.177.39 www.a.shifen.com. 299 IN A 14.215.177.38 ;; Query time: 474 msec ;; SERVER: 192.168.0.113#53(192.168.0.113) ;; WHEN: Tue Aug 14 19:06:19 2018 ;; MSG SIZE rcvd: 90 |
做了一个Linux学习的平台,目前出来一个雏形,各位可以参考使用
链接: https://pan.baidu.com/s/1GOLVU2CbpBNGtunztVpaCQ 密码:n7bk
来自 “ ITPUB博客 ” ,链接:http://blog.itpub.net/29270124/viewspace-2222068/,如需转载,请注明出处,否则将追究法律责任。
转载于:http://blog.itpub.net/29270124/viewspace-2222068/
1085
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
