一,安装BIND

[root@localhost ~]# yum install bind bind-chroot bind-utils

Loaded plugins: product-id, subscription-manager

This system is not registered to Red Hat Subscription Management. You can use subscription-manager to register.

cdrom                                                                      | 4.1 kB  ::

Resolving Dependencies

--> Running transaction check

---> Package bind.x86_64 :9.9.-.el7 will be installed

--> Processing Dependency: bind-libs = :9.9.-.el7 for package: :bind-9.9.-.el7.x86_64

--> Processing Dependency: libbind9.so.()(64bit) for package: :bind-9.9.-.el7.x86_64

--> Processing Dependency: libdns.so.()(64bit) for package: :bind-9.9.-.el7.x86_64

--> Processing Dependency: libisc.so.()(64bit) for package: :bind-9.9.-.el7.x86_64

--> Processing Dependency: libisccc.so.()(64bit) for package: :bind-9.9.-.el7.x86_64

--> Processing Dependency: libisccfg.so.()(64bit) for package: :bind-9.9.-.el7.x86_64

--> Processing Dependency: liblwres.so.()(64bit) for package: :bind-9.9.-.el7.x86_64

---> Package bind-chroot.x86_64 :9.9.-.el7 will be installed

---> Package bind-utils.x86_64 :9.9.-.el7 will be installed

--> Running transaction check

---> Package bind-libs.x86_64 :9.9.-.el7 will be installed

--> Finished Dependency Resolution

Dependencies Resolved

==================================================================================================

 Package                 Arch               Version                       Repository         Size

==================================================================================================

Installing:

 bind                    x86_64             :9.9.-.el7               cdrom             1.8 M

 bind-chroot             x86_64             :9.9.-.el7               cdrom               k

 bind-utils              x86_64             :9.9.-.el7               cdrom              k

Installing for dependencies:

 bind-libs               x86_64             :9.9.-.el7               cdrom             1.0 M

Transaction Summary

==================================================================================================

Install   Packages (+ Dependent package)

Total download size: 3.0 M

Installed size: 7.2 M

Is this ok [y/d/N]: y

Downloading packages:

--------------------------------------------------------------------------------------------------

Total                                                               MB/s | 3.0 MB  ::

Running transaction check

Running transaction test

Transaction test succeeded

Running transaction

  Installing : :bind-libs-9.9.-.el7.x86_64                                               /

  Installing : :bind-9.9.-.el7.x86_64                                                    /

  Installing : :bind-chroot-9.9.-.el7.x86_64                                             /

  Installing : :bind-utils-9.9.-.el7.x86_64                                              /

  Verifying  : :bind-9.9.-.el7.x86_64                                                    /

  Verifying  : :bind-libs-9.9.-.el7.x86_64                                               /

  Verifying  : :bind-chroot-9.9.-.el7.x86_64                                             /

  Verifying  : :bind-utils-9.9.-.el7.x86_64                                              / 

Installed:

  bind.x86_64 :9.9.-.el7                     bind-chroot.x86_64 :9.9.-.el7

  bind-utils.x86_64 :9.9.-.el7              

Dependency Installed:

  bind-libs.x86_64 :9.9.-.el7                                                                

Complete!

二,BIND配置

/etc/named.conf                   主配置文件

/etc/named.rfc1912.zones     区域配置文件

/var/named/named.localhost 资源记录配置文件

1,编辑主配置文件

[root@localhost ~]# vim /etc/named.conf

//

// named.conf

//

// Provided by Red Hat bind package to configure the ISC BIND named(8) DNS

// server as a caching only nameserver (as a localhost DNS resolver only).

//

// See /usr/share/doc/bind*/sample/ for example named configuration files.

//

options {

        listen-on port  { any; };  //将“127.0.0.1”改为any,可监听任何IP地址(域名服务器的IP)

        listen-on-v6 port  { ::; };

        directory       "/var/named";

        dump-file       "/var/named/data/cache_dump.db";

        statistics-file "/var/named/data/named_stats.txt";

        memstatistics-file "/var/named/data/named_mem_stats.txt";

        allow-query     { any; };  //将“localhost”改为any,代表允许任何主机查询

        /*

         - If you are building an AUTHORITATIVE DNS server, do NOT enable recursion.

         - If you are building a RECURSIVE (caching) DNS server, you need to enable

           recursion.

         - If your recursive DNS server has a public IP address, you MUST enable access

           control to limit queries to your legitimate users. Failing to do so will

           cause your server to become part of large scale DNS amplification

           attacks. Implementing BCP38 within your network would greatly

           reduce such attack surface

        */

        recursion yes;

        dnssec-enable yes;

        dnssec-validation yes;

        dnssec-lookaside auto;

        /* Path to ISC DLV key */

        bindkeys-file "/etc/named.iscdlv.key";

        managed-keys-directory "/var/named/dynamic";

        pid-file "/run/named/named.pid";

        session-keyfile "/run/named/session.key";

};

logging {

        channel default_debug {

                file "data/named.run";

                severity dynamic;

        };

};

zone "." IN {

        type hint;

        file "named.ca";

};

include "/etc/named.rfc1912.zones";  //区域配置文件

include "/etc/named.root.key";

2,编辑区域配置文件

[root@localhost ~]# vim /etc/named.rfc1912.zones 

// named.rfc1912.zones:

//

// Provided by Red Hat caching-nameserver package

//

// ISC BIND named zone configuration for zones recommended by

// RFC 1912 section 4.1 : localhost TLDs and address zones

// and http://www.ietf.org/internet-drafts/draft-ietf-dnsop-default-local-zones-02.txt

// (c)2007 R W Franks

//

// See /usr/share/doc/bind*/sample/ for example named configuration files.

//

zone "localhost.localdomain" IN {

        type master;

        file "named.localhost";

        allow-update { none; };

};      

zone "localhost" IN {

        type master;

        file "named.localhost";

        allow-update { none; };

};      

zone "1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN {

        type master;

        file "named.loopback";

        allow-update { none; };

};      

zone "1.0.0.127.in-addr.arpa" IN {

        type master;

        file "named.loopback";

        allow-update { none; };

};      

zone "0.in-addr.arpa" IN {

        type master;

        file "named.empty";

        allow-update { none; };

};

zone "kernel.org" IN {          //"kernel.org"为域名

        type master;            //"master"代表主域名服务器

        file "kernel.org.zone"; //"kernel.org.zone"为资源信息记录文件,在/var/named/目录下

        allow-update { none; };

};

3,编辑资源信息文件

[root@localhost ~]# cp -a  /var/named/named.localhost  /var/named/kernel.org.zone

[root@localhost ~]# vim /var/named/kernel.org.zone 

$TTL 1D

@       IN SOA  @ rname.invalid. (                        //"@"表示域名,相当于"kernel.org"可替换成"kernel.org"  "SOA"表示权威区域的开始 "rname.invalid."表示域名管理员邮箱

                                               ; serial  //区域传送序列号

                                        1D      ; refresh //从服务器更新主服务器资源的时间

                                        1H      ; retry   //"refresh"失败,重试的时间间隔

                                        1W      ; expire  //从服务器过期时长

                                        3H )    ; minimum //无效解析记录过期时长

NS ns.kernel.org.        //域名服务器记录
  ns      IN A 192.168.16.20       //域名地址记录

IN      MX   10      mail.kernel.org. //邮箱交换记录

www     IN A    192.168.16.20  //加入一条资源信息,即"www.kernel.org"和"192.168.16.20"的对应关系
mail    IN A 192.168.16.21

将DNS指向域名服务器IP地址

[root@localhost ~]# vim /etc/resolv.conf 

# Generated by NetworkManager

nameserver 192.168.16.20 //如果在其他客户端测试需要将其DNS地址更改为本域名服务器IP:"nameserver 192.168.16.20"

关闭SELinux、firewalld,清空防火墙

[root@localhost ~]# setenforce

[root@localhost ~]# getenforce

Permissive

[root@localhost ~]# systemctl stop firewalld
[root@localhost ~]# iptables -F

三,验证DNS

在另一台客户端查询“www.kernel.org”IP地址,需要将客户端DNS改为域名服务器IP地址

[root@localhost ~]# dig www.kernel.org

; <<>> DiG 9.9.-RedHat-9.9.-.el7 <<>> www.kernel.org

;; global options: +cmd

;; Got answer:

;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id:

;; flags: qr aa rd ra; QUERY: , ANSWER: , AUTHORITY: , ADDITIONAL: 

;; OPT PSEUDOSECTION:

; EDNS: version: , flags:; udp:

;; QUESTION SECTION:

;www.kernel.org.            IN    A

;; ANSWER SECTION:

www.kernel.org.            IN    A    192.168.16.20

;; AUTHORITY SECTION:

kernel.org.            IN    NS    ns.kernel.org.

;; ADDITIONAL SECTION:

ns.kernel.org.            IN    A    192.168.16.20

;; Query time:  msec

;; SERVER: 192.168.16.20#(192.168.16.20)

;; WHEN: Fri Feb  :: CST

;; MSG SIZE  rcvd:

查询“kernel.org”域的邮件记录

[root@localhost ~]# dig -t mx kernel.org

; <<>> DiG 9.9.-RedHat-9.9.-.el7 <<>> -t mx kernel.org

;; global options: +cmd

;; Got answer:

;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id:

;; flags: qr aa rd ra; QUERY: , ANSWER: , AUTHORITY: , ADDITIONAL: 

;; OPT PSEUDOSECTION:

; EDNS: version: , flags:; udp:

;; QUESTION SECTION:

;kernel.org.            IN    MX

;; AUTHORITY SECTION:

kernel.org.            IN    SOA    kernel.org. rname.invalid.     

;; Query time:  msec

;; SERVER: 192.168.16.20#(192.168.16.20)

;; WHEN: Fri Feb  :: CST

;; MSG SIZE  rcvd:

主DNS配置的更多相关文章

  1. Redhat linux DNS配置指南(SCANIP配置手册)

    在oracle 11g的RAC中增加了SCAN IP,而使用 SCAN IP的一种方式就是使用DNS,这里介绍在Redhat Linux 5.4中DNS的详细配置操作在配置DNS之前修改主机名Redh ...

  2. 6.DNS公司PC访问外网的设置 + 主DNS服务器和辅助DNS服务器的配置

    网站部署之~Windows Server | 本地部署 http://www.cnblogs.com/dunitian/p/4822808.html#iis DNS服务器部署不清楚的可以看上一篇:ht ...

  3. 配置域主DNS服务器

    一.DNS服务器的类型 ①Primary DNS Server(Master) 一个域的主服务器保存着该域的zone配置文件,该域所有的配置.更改都是在该服务器上进行,本篇随笔要讲解的也是如何配置一个 ...

  4. Linux_配置主DNS服务(基础)

    [RHEL8]-DNSserver:[Centos7.4]-DNSclient !!!测试环境我们首关闭防火墙和selinux(DNSserver和DNSclient都需要) [root@localh ...

  5. Linux 如何查看修改DNS配置

    DNS服务器介绍 DNS是计算机域名系统(Domain Name System 或Domain Name Service) 的缩写,它是由域名解析器和域名服务器组成的.域名服务器是指保存有该网络中所有 ...

  6. DNS配置

    配置永久IP: cd  /etc/sysconfig/network-scripts/ 主DNS服务器配置: 由于caching-nameserver软件包提供了各种配置文件的模板,大大降低了BIND ...

  7. 从DNS配置

    从服务器可以从主服务器上抓取指定的区域数据文件起到备份解析记录和负载均衡的作用. 主DNS服务器IP:192.168.16.20 从DNS服务器IP:192.168.16.30 1,修改主服务器区域配 ...

  8. 安装Oracle 11g RAC R2 之Linux DNS 配置

    Oracle 11g RAC 集群中引入了SCAN(Single Client Access Name)的概念,也就是指集群的单客户端访问名称.SCAN 这个特性为客户端提供了单一的主机名,用于访问集 ...

  9. RedHat Linux AS4 DNS 配置

     RedHat Linux AS4 DNS配置   检查当前系统中安装 DNS功能组件bind情况 [root@svr01 /]# rpm -qa|grep bind* ypbind-1.17.2 ...

随机推荐

  1. [ActionScritp 3.0] 使用LocalConnection建立通信

    包 flash.net 类 public class LocalConnection 继承 LocalConnection → EventDispatcher → Object 语言版本:  Acti ...

  2. Redis 新特性---pipeline(管道)

    转载自http://weipengfei.blog.51cto.com/1511707/1215042 Redis本身是一个cs模式的tcp server, client可以通过一个socket连续发 ...

  3. Selenium

    Selenium可以抓取完整的页面的html但是request 和java的url不能抓的很完整. selenium的方法是dirver.page_source

  4. POJ C Looooops

    Description A Compiler Mystery: We are given a C-language style for loop of type for (variable = A; ...

  5. [转]CABasicAnimation用法

    CABasicAnimation用法   CABasicAnimation 自己只有三个property   fromValue  toValue  ByValue 当你创建一个 CABasicAni ...

  6. sencha touch 入门系列 (二)sencha touch 开发准备

    这是本人第一次写博客教程,没什么经验,文笔也不是很好,写这教程一方面为了巩固自己这段时间的学习成果,一方面帮助大家解决问题,欢迎大家多提建议,指出问题.接下来我们就开始我们的sencha touch开 ...

  7. Hibernate总结

    SSH原理总结 Hibernate工作原理及为什么要用: 原理: hibernate,通过对jdbc进行封装,对 java类和 关系数据库进行mapping,实现了对关系数据库的面向对象方式的操作,改 ...

  8. ASPxSpinEdit 控件的三元判断

    方法一:<dx:ASPxSpinEdit ID=" DisplayFormatString="c" Width="100px"></ ...

  9. iperf3实践

    The basic commands are the same for iperf and iperf3: SAMPLE IPERF/IPERF3 COMMANDS Server: iperf/ipe ...

  10. 为什么C++中空类和空结构体大小为1?(转载)

    原文链接:http://www.spongeliu.com/260.html 对于结构体和空类大小是1这个问题,首先这是一个C++问题,在C语言下空结构体大小为0(当然这是编译器相关的).这里的空类和 ...