Linux Beginner-dns Configuration Chapter

Linux Beginner-dns Configuration Chapter

DNS has been introduced in previous network management, and the following will describe some of the configuration and application of DNS in the learning work.

1. Cache DNS

A host through the DNS server to ask the domain name resolution IP is a certain amount of time, if asked again the domain name, the same time, it will undoubtedly prolong the parsing time and increase the burden of the server, if the DNS server can remember and share the queried domain name, Then other hosts will be much faster when they ask for this domain name. This is the cache DNS.

Configuring the cache requires the following configuration on the DNS server:

A, "Yum install bind-y", install the named service, the DNS cache service is provided by this service. After the installation is complete, enter "Systemctl start named" to start the service.

b, configure the firewall. Enter "Firewall-config" and "DNS" in "Public" under "Permanent", allowing the firewall to allow the DNS service. When finished, enter "Firewall-cmd--list-all" to see if it is turned on.

C, "vim/etc/resolv.conf". Enter "NameServer DNSIP" to configure DNS.

D, enter "vim/etc/named.conf". Configure the configuration file for the named service, and change the 11th line to "listen-on port: {any;};", which will open port 53rd on all networks. Change line 17th to "allow-query {any;};", which is to allow everyone to inquire. In line 18th, add "forwarders {172.25.254.250;};", this is the DNS server does not know the domain name resolution when asked this IP host, the IP host must be networked. Restart the service when you are finished.

To test on another host, you first set the DNS of this host to the IP of the DNS server. Then enter two times "dig Domain name" to test two times the time required for domain name resolution, as shown, input "Dig www.taobao.com", the first time to resolve the use of "145 msec", and the second time with "0 msec", thus, the cache can record the queried domain name resolution, The response time can be greatly reduced when asked repeatedly.

2. Forward parsing of DNS

The DNS forward resolution is to ask for the domain name and then resolve the IP. When doing forward parsing, you need to comment out the 18th line under "/etc/named.conf" that you configured earlier.

The DNS forward resolution configuration is as follows:

A, "Vim/etc/named.rfc1912.zones". After the 24th line of the configuration file, enter the following:

Zone "We.com" in {

Type master;

File "We.com.zone";

allow-update {none;};

};

Among them, "we.com" for the need to resolve the domain name, you can write your own, "We.com.zone" for the record domain name resolution IP files, the name can be written by itself.

B, "Cp-p/var/named/named.localhost/var/named/we.com.zone". Copy the template for the "We.com.zone" file, and the permissions must also be copied.

C, "Vim/var/named/we.com.zone". Edit this file, as shown in the content. where "root.we.com." For the administrator mailbox, "A" under "NS" stands for forward parsing, "music" and "www" represent domain names, after which the domain name is "music.we.com" and "www.we.com" and the corresponding IP is entered later. Restart the named service after completion.

After the configuration is complete, test with another host, for example, enter "Dig www.we.com" and "Dig music.we.com" to see the IP of the previously configured domain name.

In the configuration resolution IP file "We.com.zone" can also be added "Canme", that is, the alias record, is to point a domain name to another domain name. For example, the "wps.we.com" domain name to "music.we.com", after restarting the service on the test host, enter "Dig wps.we.com" will appear this point to the domain name and IP.

DNS configuration can also use polling technology to achieve load balancing, that is, a domain name corresponds to multiple IPs, which can reduce the burden on the host when it is accessed. In "wps.we.com" and then edit the same domain name corresponding to different IP, as shown, restart the service, see this domain name will appear two corresponding IP.

3. DNS Reverse resolution

DNS reverse resolution is to ask for IP, resolve the corresponding domain name. The reverse resolution is configured as follows:

A, "Vim/etc/named.rfc1912.zones". Edit the following in this file, as shown in:

Zone "254.25.172.in-addr.arpa" in {

Type master;

File "We.com.ptr";

allow-update {none;};

};

One of the "254.25.172" for the reverse resolution of the IP network segment, the network must be written backwards, that is, this network segment is "172.25.254", it should be written as "254.25.172". "We.com.ptr", for the record IP corresponding domain name resolution file, the name can be written by itself.

B, "Cp-p/var/named/named.loopback/var/named/we.com.ptr". Copy the "Named.loopback" template, and copy the permissions.

C, "Vim Var/named/we.com.ptr". In the file as shown in the content, "202" and "101" for the queried IP, "PTR" represents the reverse parsing, followed by the resolved domain name. It is important to note that reverse parsing and forward parsing are two different resolutions, with IP and domain names not necessarily corresponding to each other. Restart the service when you are finished.

Use the test host input "Dig-x 172.25.254.202" and "Dig-x 172.25.254.102" to resolve the IP, you can see the corresponding domain name.

4. Bidirectional parsing of DNS

In the use of DNS, sometimes need to LAN and outside the IP query DNS domain name resolution different IP, then need to use two-way resolution, two-way resolution is to make the local area network to resolve the domain name and local area network to resolve the different IP.

The steps for DNS bidirectional resolution are as follows:

A, "vim/etc/named.conf". Use "/*" to comment out the content shown.

B, "vim/etc/named.conf". In which the contents of lines 61st to 83rd are written:

View LocalNet {

match-clients {172.25.254.2;};

Zone "." in {

Type hint;

File "named.ca";

};

Include "/etc/named.rfc1912.zones";

};

View any {

match-clients {any;};

Zone "." in {

Type hint;

File "named.ca";

};

Include "/etc/named.rfc1913.zones";

};

Line 61st to 71st is the configuration of the host in the LAN, in order to test convenient to write the LAN host as "172.25.254.102", ' include '/etc/named.rfc1912.zones "', indicating that the host of the above network segment to access the domain name when asked"/ Etc/named.rfc1912.zones "This file.

Lines 73rd through 83rd are written for other network segment configurations, ' include '/etc/named.rfc1913.zones ' ' indicates that the host of another network segment is accessing the '/etc/named.rfc1913.zones ' file when asked for a domain name.

C, "Cp-p/etc/named.rfc1912.zones/etc/named.rfc1913.zones".

D, "Vim/etc/named.rfc1913.zones". To edit the content, simply change the "file" We.com.zone "" in line 27th to a different file.

E, "Cp-p/var/named/we.com.zone/var/named/we.com.any".

F, "Vim/var/named/we.com.any". In this file, set the IP that the DNS server wants to respond to when a host of other network segments is accessed. For example, this IP is for illustrative purposes only and is irrelevant.

When the above configuration is complete, different files are accessed when the host of different network segments accesses different IP. As set out above, test "www.we.com" on the "172.25.254.102" host and display IP as "172.25.254.101". When testing on hosts on other IPs, the display IP is "1.1.1.2".

Linux Beginner-dns Configuration Chapter