DNS服务器配置实验

于 2018-09-02 16:21:24 发布
阅读量2.9k 收藏 7
点赞数 1
分类专栏: Linux
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/xgrx2008/article/details/82315667
版权

学习到DNS时,做实验折腾了快一周总是不成功,以为是虚拟机设置问题,看了如下的介绍才知道有些域设置不对,因此写下这篇博客记录下,感谢博主的分享。

https://blog.csdn.net/mingmingwei123/article/details/78447017

搭建环境:两台centos虚拟机,

centos7.1(IP地址:192.168.245.141):

centos7.2(IP地址:192.168.245.160)

主DNS服务器IP地址:192.168.245.141 从DNS服务器IP地址:192.168.245.160

 

>[root@adobe ~]# lsb_release -a
LSB Version::core-4.1-amd64:core-4.1-noarch:cxx-4.1-amd64:cxx-4.1-noarch:desktop-4.1-amd64:desktop-4.1-noarch:languages-4.1-amd64:languages-4.1-noarch:printing-4.1-amd64:printing-4.1-noarch
Distributor ID: CentOS
Description:CentOS Linux release 7.5.1804 (Core) 
Release:7.5.1804
Codename:   Core
 

一、因为我的主机名安装时写的是adobe.com(最好是单个名字),所以需要修改一下;

    > [root@adobe ~]# hostname
    > adobe.com
    > [root@adobe ~]# hostnamectl set-hostname adobe
    > [root@adobe ~]# hostname
    > adobe

二、安装bind等服务程序;

    [root@adobe ~]# yum -y install bind bind-utils bind-chroot
    Loaded plugins: fastestmirror
    Loading mirror speeds from cached hostfile
     * base: mirror.bit.edu.cn
     * epel: mirrors.aliyun.com
     * extras: mirrors.aliyun.com
     * updates: mirrors.aliyun.com
    Package 32:bind-9.9.4-61.el7_5.1.x86_64 already installed and latest version
    Package 32:bind-utils-9.9.4-61.el7_5.1.x86_64 already installed and latest version
    Package 32:bind-chroot-9.9.4-61.el7_5.1.x86_64 already installed and latest version
    Nothing to do

三、启动named服务:

   启动之前将网络注释掉一个;免得它联网向真实网络查询;

> ~]# cat /etc/resolv.conf
> # Generated by NetworkManager
> search localdomain com
> nameserver 192.168.245.2
> nameserver 192.168.245.141

    [root@adobe ~]# systemctl start named.service

四、检查服务状态:

    [root@adobe ~]# rndc status
    version: 9.9.4-RedHat-9.9.4-61.el7_5.1 <id:8f9657aa>
    CPUs found: 1
    worker threads: 1
    UDP listeners per interface: 1
    number of zones: 101
    debug level: 0
    xfers running: 0
    xfers deferred: 0
    soa queries in progress: 0
    query logging is OFF
    recursive clients: 0/0/1000
    tcp clients: 0/100
    server is up and running

五、查看bind进程状态:

    [root@adobe ~]# ss -tunlp | grep 53
    udpUNCONN 0  0  127.0.0.1:53*:*   users:(("named",pid=1497,fd=512))
    udpUNCONN 0  0   ::1:53   :::*   users:(("named",pid=1497,fd=513))
    tcpLISTEN 0  10 127.0.0.1:53*:*   users:(("named",pid=1497,fd=21))
    tcpLISTEN 0  128127.0.0.1:953   *:*   users:(("named",pid=1497,fd=23))
    tcpLISTEN 0  10  ::1:53   :::*   users:(("named",pid=1497,fd=22))
    tcpLISTEN 0  128 ::1:953  :::*   users:(("named",pid=1497,fd=24))

六、修改/etc/named.conf文件:

          // named.conf
    options {
            listen-on port 53 { any; };       #设置监听的端口及IP地址,修改成any;
            listen-on-v6 port 53 { ::1; };
            directory   "/var/named";
            dump-file   "/var/named/data/cache_dump.db";
            statistics-file "/var/named/data/named_stats.txt";
            memstatistics-file "/var/named/data/named_mem_stats.txt";
            allow-query { any; };
            
            recursion yes;
            
            dnssec-enable no;      # 把yes修改成no;
            dnssec-validation no;     # 把yes修改成no;
            
            /* Path to ISC DLV key */
            bindkeys-file "/etc/named.iscdlv.key";
            
            managed-keys-directory "/var/named/dynamic";
            
            pid-file "/run/named/named.pid";
            session-keyfile "/run/named/session.key";
    };
    
    logging {
        channel default_debug {
                file "data/named.run";
                severity dynamic;
            };
    };
    
    zone "." IN {
            type hint;
            file "named.ca";
    };
    
    include "/etc/named.rfc1912.zones";
    include "/etc/named.root.key";

七、在/etc/name.rfc1912.zones文件中增加一个zone。

    zone "adobe.com" IN {     #根据自己的主机名修改;
            type master;     #此处作为主DNS设备;
            file "adobe.com.zone";   #域文件名称
            allow-update { none; };
    };

八、在/var/named/下增加一个相对应的解析库文件adobe.com.zone。

> ~]# cp -a /var/named/named.localhost /var/named/adobe.com.zone  //复制源文件的全部属性给新文件

> [root@adobe named]# vim adobe.com.zone

>  $TTL 1D
> @    IN SOA    dnssrv1     admin.adobe.com. (
>                     0    ; serial
>                     1D    ; refresh
>                     1H    ; retry
>                     1W    ; expire
>                     3H )    ; minimum
>             IN    NS    dnssrv1
> dnssrv1        IN    A        192.168.245.141    
> websrv1        IN    A        192.168.245.160
> www            IN    CNAME    websrv1
> mailsrv        IN    A        192.168.245.162

 

九、使用检查语法和重新加载配置文件。

    > [root@adobe named]# named-checkzone "adobe.com" adobe.com.zone  
    > zone adobe.com/IN: loaded serial 2018090217
    > OK
    > [root@adobe named]# named-checkconf /etc/named.conf 

十、现在就可以正向查询本虚拟机的DNS了;正常显示如下:

~]# dig www.adobe.com

; <<>> DiG 9.9.4-RedHat-9.9.4-61.el7_5.1 <<>> www.adobe.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 6270
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 1, ADDITIONAL: 2

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;www.adobe.com.            IN    A

;; ANSWER SECTION:
www.adobe.com.        86400    IN    CNAME    websrv1.adobe.com.
websrv1.adobe.com.    86400    IN    A    192.168.245.160

;; AUTHORITY SECTION:
adobe.com.        86400    IN    NS    dnssrv1.adobe.com.

;; ADDITIONAL SECTION:
dnssrv1.adobe.com.    86400    IN    A    192.168.245.141

;; Query time: 67 msec
;; SERVER: 192.168.245.141#53(192.168.245.141)
;; WHEN: Tue Sep 04 20:33:29 CST 2018
;; MSG SIZE  rcvd: 118

xgrx2008
关注
  • 1
    点赞
  • 7
    收藏
    觉得还不错? 一键收藏
  • 0
    评论
专栏目录
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值