1.基本配置

systemctl stop firewalld.service

systemctl disable firewalld.service

setenforce 0

nmcli connection add con-name in ifname ens33 ipv4.addresses 192.168.1.10/24 type ethernet ipv4.method manual(内网网卡)

nmcli connection add con-name out ifname ens38 ipv4.addresses 192.168.2.10/24 type ethernet ipv4.method manual(外网网卡)

2.配置简单dns服务器

yum install -y bind bind-utils

2.1修改主配置文件

vim /etc/named.conf(修改该文件)

listen-on port 53 { any; };

allow-query     { any; };

zone "fengxiaoli41.com" IN {

type master;

file "fengxiaoli41.com.lan";

allow-update {none;};

};

zone "1.168.192.in-addr.arpa" IN {

type master;

file "1.168.192.lan";

allow-update {none;};

};

2.2编辑正解区域

cd /var/named/

cp named.localhost fengxiaoli41.com.lan

vim fengxiaoli41.com.lan

$TTL 665

@IN SOAfengxiaoli41.com. 123@qq.com (

2017062900; serial

3600; refresh

1800; retry

604800; expire

665 ); minimum

@IN NSfengxiaoli41.com.

fengxiaoli41.com. IN A 192.168.1.10

www.fengxiaoli41.com. IN CNAME fengxiaoli41.com.

client.fengxiaoli41.com. IN A 192.168.1.200

@       IN NS   slave.fengxiaoli41.com.

slave.fengxiaoli41.com. IN A 192.168.1.100

2.3编辑反解区域

cp fengxiaoli41.com.lan 1.168.192.lan

vim 1.168.192.lan

$TTL 665

@IN SOAfengxiaoli41.com. 123@qq.com (

2017062900; serial

3600; refresh

1800; retry

604800; expire

665 ); minimum

@IN NSfengxiaoli41.com.

10      IN PTR fengxiaoli41.com.

200     IN PTR client.fengxiaoli.com.

100     IN PTR slave.fengxiaoli.com.

chown named:named fengxiaoli41.com.lan

chown named:named 1.168.192.lan

2.4重启服务并测试

systemctl restart named

systemctl status named

dig fengxiaoli41.com

3.配置chroot环境

yum install -y bind-chroot

/usr/libexec/setup-named-chroot.sh /var/named/chroot/ on

systemctl stop named.service

systemctl disabled named

systemctl enable named-chroot.service

systemctl start named-chroot

dig fengxiaoli41.com

如果dns只为内网提供解析到此可以结束。


4.配置分离解析的dns(与2,3步独立)

4.1修改主配置文件

vim /etc/named.conf

listen-on port 53 { any; };

allow-query     { any; };

acl in {192.168.1.0/24;};

acl out { ! 192.168.1.0/24; any;};

view "internal"{

match-clients { in; localhost;};

zone "." IN {

type hint;

file "named.ca";

};

zone "fengxiaoli41.com" IN {

type master;

file "fengxiaoli41.com.lan";

allow-update {none;};

};

zone "1.168.192.in-addr.arpa" IN {

type master;

file "1.168.192.lan";

allow-update {none;};

};

include "/etc/named.rfc1912.zones";

include "/etc/named.root.key";

};

注意所有区域都要包含在view里

view "external"{

match-clients {out;};

zone "." IN {

type hint;

file "named.ca";

};

zone "fengxiaoli41.com" IN {

type master;

file "fengxiaoli41.com.wan";

allow-update {none;};

};

zone "2.168.192.in-addr.arpa" IN {

type master;

file "2.168.192.wan";

allow-update {none;};

};

};

cd /var/named/chroot/var/named/

4.2编辑内网正解反解区域

vim fengxiaoli41.com.lan

$TTL 665

@IN SOAfengxiaoli41.com. 123@qq.com (

2017062900; serial

3600; refresh

1800; retry

604800; expire

665 ); minimum

@IN NSfengxiaoli41.com.

fengxiaoli41.com. IN A 192.168.1.10

www.fengxiaoli41.com. IN CNAME fengxiaoli41.com.

client.fengxiaoli41.com. IN A 192.168.1.200

@       IN NS   slave.fengxiaoli41.com.

slave.fengxiaoli41.com. IN A 192.168.1.100

vim 1.168.192.lan 

$TTL 665

@IN SOAfengxiaoli41.com. 123@qq.com (

2017062900; serial

3600; refresh

1800; retry

604800; expire

665 ); minimum

@IN NSfengxiaoli41.com.

10      IN PTR fengxiaoli41.com.

200     IN PTR client.fengxiaoli.com.

100     IN PTR slave.fengxiaoli.com.

4.3编辑外围正解反解区域

vim fengxiaoli41.com.wan

$TTL 665

@IN SOAfengxiaoli41.com. 123@qq.com (

2017062900; serial

3600; refresh

1800; retry

604800; expire

665 ); minimum

@IN NSfengxiaoli41.com.

fengxiaoli41.com. IN A 192.168.2.10

vim 2.168.192.wan

$TTL 665

@IN SOAfengxiaoli41.com. 123@qq.com (

2017062900; serial

3600; refresh

1800; retry

604800; expire

665 ); minimum

@IN NSfengxiaoli41.com.

10IN PTR fengxiaoli41.com.

4.4设置权限重启服务

chown named:named -R  /var/named/chroot/var/named/*

systemctl restart named-chroot

5.主从服务器配置(在2或者4的基础上配置)

5.1主服务器配置

 vim /etc/named.conf

allow-transfer { 192.168.1.0/24;};

cd /var/named/chroot/var/named/

vim fengxiaoli41.com.lan

@       IN NS   slave.fengxiaoli41.com.

slave.fengxiaoli41.com. IN A 192.168.1.100

vim 1.168.192.lan

100     IN PTR slave.fengxiaoli.com.

5.2从服务器配置(注意firewalld和selinux)

nmcli connection add con-name in ifname ens33 ipv4.addresses 192.168.1.100/24 type ethernet ipv4.method manual

yum install -y bind-utils bind

vim /etc/named.conf

listen-on port 53 { any; };

allow-query     { any; };

zone "fengxiaoli41.com" IN {

type slave;

masters { 192.168.1.10; };

file "slaves/fengxiaoli.com.lan";

};

zone "1.168.192.in-addr.arpa" IN {

type slave;

masters { 192.168.1.10; };

file "slaves/1.168.192.lan";

};

systemctl restart named

ll /var/named/slaves/

转载于:https://blog.51cto.com/fengxiaoli/1944870

redhat7.3 dns服务器配置的更多相关文章

  1. DNS服务器配置实践

    实验背景:在Linux系统上配置主要DNS服务器和辅助DNS服务器,所在域名为example.com,子网为192.168.X.0. 启动已安装LINUX系统,进行DNS服务器配置. 一.配置主要DN ...

  2. Linux DNS 服务器配置与管理

    一.环境介绍: 运行软件:VMware Workstation Pro 14 系统环境:CentOS-7-x86_64-1810 二.操作配置: 1.基础知识简介 (1)域名空间 域和域名: DNS树 ...

  3. rndc控制远程dns服务器配置方法

    1- 如果不存在/etc/rndc.conf touch /etc/rndc.conf chown named:named /etc/rndc.conf 2- rndc-confgen > /e ...

  4. DNS服务器配置

    导读 DNS(Domain Name Server,域名服务器)是进行域名(domain name)和与之相对应的IP地址 (IP address)转换的服务器.DNS中保存了一张域名(domain ...

  5. [Ubuntu] Ubuntu DNS服务器配置

    服务器IP:10.68.19.61 操作系统:Ubuntu 13.04 DNS程序:Bind9 测试域名:mycloud.com 目标IP:10.68.19.134 配置步骤 1.安装BIND9程序包 ...

  6. dns 服务器配置

    1.安装 named 2.配置如下文件: /etc/named.conf // 2 // named.conf 3 // 4 // Provided by Red Hat bind package t ...

  7. Linux下DNS服务器配置

    一步:yum install -y bind bind-utils bind-chroot yum install bind* //安装DNS服务 第二步:systemctl stop firewal ...

  8. linux——DNS服务器配置

    讲课,请不要在课堂上查找文件,浏览器搜索,会感觉你很不上心,玩听众,一定提前做很多遍,模拟很多遍: 演讲,请务必准备好材料,考虑听众的感受,一定不要让外行人云里雾里,听不懂你在讲什么,那就尴尬了, D ...

  9. redhat7.6 DNS配置正向解析

    1.安装DNS服务 yum install bind yum install bind-chroot 安装完的配置文件/etc/named.conf 启动systemctl start named.s ...

随机推荐

  1. C#如何正确的做深拷贝

    估计很多人在网上看到各种各样的DeepClone实现, 例如: 1. 通过BinaryFormatter进行二进制序列化 这玩意儿序列化出来的东西还带namespace类型, 尺寸非常大, 调试一下就 ...

  2. Deep Dream模型与实现

    Deep Dream是谷歌公司在2015年公布的一项有趣的技术.在训练好的卷积神经网络中,只需要设定几个参数,就可以通过这项技术生成一张图像. 本文章的代码和图片都放在我的github上,想实现本文代 ...

  3. MySQL学习之路4-数据的导入导出

    数据的导入 通过数据库管理工具,先建表,然后导入表记录. 通过sql语句导入: load data local infile '表路径' into table stuscore fields term ...

  4. ThinkPHP3.2.3集成微信分享JS-SDK实践

    先来看看微信分享效果:在没有集成微信分享js-sdk前是这样的:没有摘要,缩略图任意抓取正文图片 在集成微信分享js-sdk后是这样的:标题,摘要,缩略图自定义 一.下载微信SDK开发包下载地址:ht ...

  5. PHP中debug基本方法

    一.检查是否有语法错误 php -l test.php 二.基本调试基本调试 API: var_dump($var);print_r($var);echo $var; 基本的配置: display_e ...

  6. Maybatis的一些总结(二:基本使用过程)

    理清一下使用需要做的步骤 建项目,导入mybatis(3.5.2)和mysql(5.1.47)进pom.xml pom.xml需配置build时过滤器,否则会出现xml文件导出不了的问题 resour ...

  7. EL表达式---自定义函数(转)

    EL表达式---自定义函数(转) 有看到一个有趣的应用了,转下来,呵呵!! 1.定义类MyFunction(注意:方法必须为 public static) package com.tgb.jstl;  ...

  8. java的多线程是如何实现的?和操作系统有什么关系?

    本文是作者原创,版权归作者所有.若要转载,请注明出处.本文只贴我觉得比较重要的源码,其他不重要非关键的就不贴了 本文操作系统是centos7 1.查看 pthread_create 函数显示及其示例 ...

  9. vue2.x学习笔记(二十二)

    接着前面的内容:https://www.cnblogs.com/yanggb/p/12633051.html. 自定义指令 简介 除了核心功能默认内置的指令([v-mode]和[v-show]等),v ...

  10. NCTF2019 小部分题解

    前言 礼拜五领航杯打的比较累,做不出WEB,D3CTF没用,做了NJCTF的一些题目(懒,睡觉到12点起) Misc 第一次比赛先去做misc,以前一直做WEB,以后要WEB+MISC做.礼拜六下午做 ...