学习到DNS时,做实验折腾了快一周总是不成功,以为是虚拟机设置问题,看了如下的介绍才知道有些域设置不对,因此写下这篇博客记录下,感谢博主的分享。
https://blog.csdn.net/mingmingwei123/article/details/78447017
搭建环境:两台centos虚拟机,
centos7.1(IP地址:192.168.245.141):
centos7.2(IP地址:192.168.245.160)
主DNS服务器IP地址:192.168.245.141 从DNS服务器IP地址:192.168.245.160
>[root@adobe ~]# lsb_release -a
LSB Version::core-4.1-amd64:core-4.1-noarch:cxx-4.1-amd64:cxx-4.1-noarch:desktop-4.1-amd64:desktop-4.1-noarch:languages-4.1-amd64:languages-4.1-noarch:printing-4.1-amd64:printing-4.1-noarch
Distributor ID: CentOS
Description:CentOS Linux release 7.5.1804 (Core)
Release:7.5.1804
Codename: Core
一、因为我的主机名安装时写的是adobe.com(最好是单个名字),所以需要修改一下;
> [root@adobe ~]# hostname
> adobe.com
> [root@adobe ~]# hostnamectl set-hostname adobe
> [root@adobe ~]# hostname
> adobe
二、安装bind等服务程序;
[root@adobe ~]# yum -y install bind bind-utils bind-chroot
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* base: mirror.bit.edu.cn
* epel: mirrors.aliyun.com
* extras: mirrors.aliyun.com
* updates: mirrors.aliyun.com
Package 32:bind-9.9.4-61.el7_5.1.x86_64 already installed and latest version
Package 32:bind-utils-9.9.4-61.el7_5.1.x86_64 already installed and latest version
Package 32:bind-chroot-9.9.4-61.el7_5.1.x86_64 already installed and latest version
Nothing to do
三、启动named服务:
启动之前将网络注释掉一个;免得它联网向真实网络查询;
> ~]# cat /etc/resolv.conf
> # Generated by NetworkManager
> search localdomain com
> nameserver 192.168.245.2
> nameserver 192.168.245.141
[root@adobe ~]# systemctl start named.service
四、检查服务状态:
[root@adobe ~]# rndc status
version: 9.9.4-RedHat-9.9.4-61.el7_5.1 <id:8f9657aa>
CPUs found: 1
worker threads: 1
UDP listeners per interface: 1
number of zones: 101
debug level: 0
xfers running: 0
xfers deferred: 0
soa queries in progress: 0
query logging is OFF
recursive clients: 0/0/1000
tcp clients: 0/100
server is up and running
五、查看bind进程状态:
[root@adobe ~]# ss -tunlp | grep 53
udpUNCONN 0 0 127.0.0.1:53*:* users:(("named",pid=1497,fd=512))
udpUNCONN 0 0 ::1:53 :::* users:(("named",pid=1497,fd=513))
tcpLISTEN 0 10 127.0.0.1:53*:* users:(("named",pid=1497,fd=21))
tcpLISTEN 0 128127.0.0.1:953 *:* users:(("named",pid=1497,fd=23))
tcpLISTEN 0 10 ::1:53 :::* users:(("named",pid=1497,fd=22))
tcpLISTEN 0 128 ::1:953 :::* users:(("named",pid=1497,fd=24))
六、修改/etc/named.conf文件:
// named.conf
options {
listen-on port 53 { any; }; #设置监听的端口及IP地址,修改成any;
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { any; };
recursion yes;
dnssec-enable no; # 把yes修改成no;
dnssec-validation no; # 把yes修改成no;
/* Path to ISC DLV key */
bindkeys-file "/etc/named.iscdlv.key";
managed-keys-directory "/var/named/dynamic";
pid-file "/run/named/named.pid";
session-keyfile "/run/named/session.key";
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
zone "." IN {
type hint;
file "named.ca";
};
include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";
七、在/etc/name.rfc1912.zones文件中增加一个zone。
zone "adobe.com" IN { #根据自己的主机名修改;
type master; #此处作为主DNS设备;
file "adobe.com.zone"; #域文件名称
allow-update { none; };
};
八、在/var/named/下增加一个相对应的解析库文件adobe.com.zone。
> ~]# cp -a /var/named/named.localhost /var/named/adobe.com.zone //复制源文件的全部属性给新文件
> [root@adobe named]# vim adobe.com.zone
> $TTL 1D
> @ IN SOA dnssrv1 admin.adobe.com. (
> 0 ; serial
> 1D ; refresh
> 1H ; retry
> 1W ; expire
> 3H ) ; minimum
> IN NS dnssrv1
> dnssrv1 IN A 192.168.245.141
> websrv1 IN A 192.168.245.160
> www IN CNAME websrv1
> mailsrv IN A 192.168.245.162
九、使用检查语法和重新加载配置文件。
> [root@adobe named]# named-checkzone "adobe.com" adobe.com.zone
> zone adobe.com/IN: loaded serial 2018090217
> OK
> [root@adobe named]# named-checkconf /etc/named.conf
十、现在就可以正向查询本虚拟机的DNS了;正常显示如下:
~]# dig www.adobe.com
; <<>> DiG 9.9.4-RedHat-9.9.4-61.el7_5.1 <<>> www.adobe.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 6270
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 1, ADDITIONAL: 2
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;www.adobe.com. IN A
;; ANSWER SECTION:
www.adobe.com. 86400 IN CNAME websrv1.adobe.com.
websrv1.adobe.com. 86400 IN A 192.168.245.160
;; AUTHORITY SECTION:
adobe.com. 86400 IN NS dnssrv1.adobe.com.
;; ADDITIONAL SECTION:
dnssrv1.adobe.com. 86400 IN A 192.168.245.141
;; Query time: 67 msec
;; SERVER: 192.168.245.141#53(192.168.245.141)
;; WHEN: Tue Sep 04 20:33:29 CST 2018
;; MSG SIZE rcvd: 118