1.关闭selinux和firewalld并下载bind
[root@server ~]# setenforce 0
setenforce: SELinux is disabled
[root@server ~]# systemctl stop firewalld
[root@server ~]# yum install bind -y
2.修改配置文件
[root@server etc]# vim named.conf #修改主配置文件
listen-on port 53 { any; }; #监听允许访问的ip为any
allow-query { any; };
[root@server etc]# vim named.rfc1912.zones
zone "95.168.192.in-addr.arpa" IN { #反向解析
type master;
file "192.168.95.arpa";
allow-update { none; };
};
zone "openlab.com" IN { #正向解析
type master;
file "openlab.com.zone";
allow-update { none; };
};
[root@server named]# cp -a named.localhost openlab.com.zone
[root@server named]# cp -a named.loopback 192.168.95.arpa
[root@server named]# vim openlab.com.zone #正向解析
$TTL 1D
@ IN SOA ns.openlab.com. rname.invalid. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS ns.openlab.com.
ns A 192.168.95.131
www IN A 192.168.95.131
[root@server named]# vim 192.168.95.arpa #反向解析
$TTL 1D
@ IN SOA ns.openlab.com. yl.invalid. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS ns.openlab.com.
131 IN PTR ns.openlab.com.
www IN PTR ns.openlab.com.
bbs IN PTR ns.openlab.com.
~
重启named服务
[root@server ~]# systemctl restart named
测试:
将客户端dns改为服务端ip地址,并测试
[root@node1 kikk]# nmcli c modify ens160 ipv4.method auto ipv4.addresses '192.168.95.132/24' ipv4.gateway '192.168.95.2' ipv4.dns '192.168.95.131'
[root@node1 kikk]# nmcli c reload
[root@node1 kikk]# nmcli c up ens160
连接已成功激活(D-Bus 活动路径:/org/freedesktop/NetworkManager/ActiveConnection/2)
[root@node1 kikk]# cd
[root@node1 ~]# nslookup www.openlab.com
Server: 192.168.95.131
Address: 192.168.95.131#53
Name: www.openlab.com
Address: 192.168.95.131
[root@node1 ~]# nslookup 192.168.95.131
131.95.168.192.in-addr.arpa name = ns.openlab.com.