Build a DNS server on Linux 6&7

Source: Internet
Author: User
Tags domain name server mail exchange nslookup

The entire Hteret family connected to hundreds of billions of server personal hosts, most of the sites, parts and other servers have used the domain name form of address, such as Www.google.com.mail 163.com. It is clear that this form of address is more intuitive and easier for users to remember than making the 01231317202103 7 a a month.

DNS system in the network

The role is to maintain a number of addresses are connected, which recorded a variety of host city name and address of the technical relationship in the light of the home lease sequence is now for positive Address resolution service forward resolution according to the domain name check IP address will be specified by the domain name to the corresponding P address, the domain name of the forward solution

Analysis is the most basic function of DNS server is also the most common function, reverse resolution according to IP address lookup domain name, the specified p address is resolved to the corresponding domain name, the reverse resolution of the domain name is not very common, only in some special occasions will be used as can be used for anti-spam verification.

In fact, each DI server is only responsible for managing one or several domains within the domain of the vitality of the name and IP address of the corresponding relationship, these specific DNS city or P address segment called "20 zone, according to address the direction of the bridge is different

DNS zones are appropriately divided into forward zones (the parsing records that contain the domain name to the P address and the reverse zone contain the P address to the domain name

Parsing records).

Depending on the source of the regional address data being managed, different DNS systems can be classified into different types, in the same DNS service

Different areas of the device, and there are several common types of identities.

Cache Name server: only provides the cache function of the domain name resolution result, in order to improve the query speed and efficiency, but

is an area address data that does not have its own control. You must set the root domain or specify additional DNS when building a cache name server

Server as the source of the resolution.

The primary name server maintains a local database of a specific DNS zone, with automatic control of the parsing records

is the only authoritative server and official server in the designated area. When building the primary domain name server, you need to establish the address data file of the responsible zone, from the domain name server, and the primary domain name server to provide the exact same DN resolution service is usually used for the DNS server hot backup. For the client. Whether you use a primary domain name server or a domain name server, the result of the query is a

The key difference is that the parsing results provided from the city name server are not determined by themselves, but from

Primary domain name server, when building from a domain name server, you need to specify the location of the primary name server so that the server can

Address database for dynamic synchronization zones

As described above, the role of the slave server is only for a specific DNS zone. For example, the same DNS server

Can be the primary domain name server for the China.net zone and can also be the slave name server for the us.cn zone.

    1. Installing DNS packages using the Yum repository

[email protected] ~]# Yum install-y bind bind-utils

The main functions of each package are as follows.
Bind: Provides the main program and related files for the domain name service.
Bind-utils: Provides test utilities for DNS servers, such as Nslookup.
Bind-libs: Provides a library function that Bind.bind-utils needs to use.
Bind-chroot: Provides a spoofed root directory for the BIND service (forces the/var/named/chroot/folder
root directory) to improve security.

2. Query the working directory where DNS resides, configuration files, etc.

[[email protected] ~]# RPM-QC bind

/etc/logrotate.d/named

/etc/named.conf

/etc/named.iscdlv.key

/etc/named.rfc1912.zones

/etc/named.root.key

/etc/rndc.conf

/etc/rndc.key

/etc/sysconfig/named

/var/named/named.ca

/var/named/named.empty

/var/named/named.localhost

/var/named/named.loopback

3. Edit the DNS configuration file

[Email protected] ~]# vim/etc/named.conf

Listen-on Port: (any;};

allow-query {any;};

The main configuration file named. conf is typically located in the/etc/directory, in the named. conf file, including the full post configuration
Zone configuration two sections, each configured to record the end of the line with a semicolon ", indicating the ending, with the" # "number or. //"Start
The section represents the comment text (a large segment comment can be formatted with "/*.....*/").
1) Global configuration section
The global configuration parameters are included in braces such as options 1, such as the address and port where the listener can be set, the zone
The directory where the data files are stored, which client queries are allowed, and so on.

Options
Liscen-on Port 53 173.16.16.1;
Listening for addresses and ports
Directory "/var/named";
/District City Data file default storage location
Alloqguery 192.168.1.0724; 17 0.16.16.0 124;1.//The use of the D5 service of the AH degree
In the above configuration, except that the dreclary items are usually retained, other configuration items can be omitted, if not specified
Isten-on configuration item, named Default on UDP 53 port listening service on all interfaces, do not specify a daily low query configuration item
, the default is to respond to query requests from all clients,

4. Modify the zone configuration file

[Email protected] ~]# Vim/etc/named.rfc1912.zones

Add the following at the end

Zone "Benet.com" in {

Type master;

File "Benet.com.zone";

allow-update {none;};

};


Zone "Accp.com" in {

Type master;

File "Accp.com.zone";

allow-update {none;};

};


Zone configuration parameters use ~zone ..... {The configuration format, a DNS server can provide solutions for multiple zones

Named conf file can also have a number of zone configuration segments, the region class can be divided into positive zone according to the analytic direction

Domain, Reverse region,

Forward to "benet.com" area

Zone "Benet.com" in 1

Type main District City

T ype Mas te R;

District City data file is Benet.com.zone

File "Benet.com.zone";

/1 Allow downloaded from server address

Allow-transferi 173.16.16.2; 1;

Zone "16.16.173.in-addr.arpa" INI//Reverse "13.16.16.0/24" District City

t ype ma s te;

File "173.16.16.arpa";

District City data file is 173.16.16.arpa

In the above configuration, there are several places to be aware of.

Each zone zone is optional (including root domain, loopback domain, reverse domain) depending on the actual needs of the zone

The "N" keyword in the configuration section can also be omitted.

The name of the reverse zone is reversed by the network address and. In-addrapa combination. _ For example, for

192.168.10/24 the network segment, its reverse region name is expressed as "168.192.in-add APA."

The file configuration item is used to specify the actual zone data file, which is set by the administrator.

Some of the parameters in the zone configuration (such as Allew-transfer) can also be placed in a full set,

After you modify the master configuration file, you can perform a named-checkconf command to check the named conf file for syntax

If there is no syntax error in the file, the command will not give any hint, and the corresponding prompt will be given, as long as the root

The error in the file was corrected. The named-checkconf command with the 12 option also attempts to load the main

file, and check that the file has a problem. For example, when the Lenotfound appears

Error indicates that the corresponding file could not be found.

A detailed description of the various configuration items in the named.conf file. Can execute NAM named conf View man page

5. Modify the Zone data configuration file

Copy the original template to the newly added template (retain the original permission)

[Email protected] named]# cp-p named.localhost benet.com.zone

6. Edit the new template

$TTL 1D

@ in SOA @ rname.invalid. (

0; Serial

1D; Refresh

1H; Retry

1W; Expire

3H); Minimum

NS @

A 127.0.0.1

AAAA:: 1

PTR localhost.

www in A 192.168.100.70

Copy the Benet into a ACCP

[Email protected] named]# cp-p benet.com.zone accp.com.zone


The name of the city where the weight is collected. Manage the Department box and specify update parameters for the domain Name service.

Sttl 86400 effectively parses the record's life cycle

@ in SOA benet.com.adnin.benet.com. SOA tagging, domain names, managing mailboxes

3H refresh time, interval of re-data

2011030501 Update serial number, can be an integer within 10 bits

15M retry delay, retry interval after download failure

IW expiration time, more than that time still cannot download then discard

1D Invalid parse record life cycle

Up to the configuration content, the time units default to seconds, you can also use the following units, M (points. H (Hours), W (week).

"Benet.com." Admin.benet.com

The ' @ ' symbol in the file indicates the current DNS zone name, which is equivalent to

Indicates the domain administrator's e-mail address (because the ' @ ' symbol already has other meanings, so the [email protected] in the email address

instead), the update sequence number in the SOA record is used to synchronize the zone data of the primary and slave servers, and when the zone is updated from the server,

If the serial number in the primary server is found to be the same as the serial number in the local zone data, no download is made.

2) Address resolution record section

Address resolution records are used to set domain names in DNS zones, P address mapping relationships, including forward parsing records and reverse parsing

Recording. The reverse parse record can only be used in a reverse zone data file.

@ in NS ns1.benet.com.

In MX ten mail.benet.com.

NSL in A 58.119.74.203

www in A 173.16.16.1

Mail in A 173.16.16.4

FTP in CNAME www

The following four common address resolution records are used in the above configuration content,

The NS domain name server (name server) records the host address of the DNS server for the current zone.

The host address of the part server that records the current zone in Mail exchange (mail exchange), and the number 10 indicates that when

There are multiple priority levels for selecting a part server at record time, and the higher the number the lower the priority.

A Address records A positive analysis entry.

CNAME alias (Canonical name): Records a different name for a forward resolution.

7. Start the service

[[Email protected] ~]# service named Start (Red Hat 6)

[Email protected] ~]# systemctl start named (Red Hat 7)

8. Specify the DNS address

[Email protected] named]# echo "nameserver 192.168.100.70" >/etc/resolv.conf

8. Verification

[email protected] named]# nslookup www.benet.com

server:192.168.100.70

address:192.168.100.70#53


Name:www.benet.com

address:192.168.100.70


[email protected] named]# nslookup www.accp.com

server:192.168.100.70

address:192.168.100.70#53


Name:www.accp.com

address:192.168.100.70


This article is from the "13219718" blog, please be sure to keep this source http://13229718.blog.51cto.com/13219718/1959720

Build a DNS server on Linux 6&7

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.