Install bind
Yum install-y bind Bind-chroot Bind-utis
If it's CentOS 5
# yum-y Install bind Caching-nameserver
File structure
# ll/etc/named.*
-rw-r-----1 root named 1021 May 8 16:39/etc/named.conf
-rw-r--r--1 root named 2389 Mar 23:55/etc/named.iscdlv.key
-rw-r-----1 root named 1073 May 9 11:27/etc/named.rfc1912.zones
-rw-r--r--1 root named 487 Jul 2010/etc/named.root.key
# tree/var/named/
/var/named/
├──chroot
│├──dev
││├──null
││├──random
││└──zero
│├──etc
││├──localtime
││├──named
││├──named.conf
││├──named.iscdlv.key
││├──named.rfc1912.zones
││├──named.root.key
││├──pki
│││└──dnssec-keys
││└──rndc.key
│├──usr
││└──lib64
││└──bind
│└──var
│├──log
│├──named
││├──199.168.192.zone
││├──app.com.zone
││├──chroot
│││├──dev
││││├──null
││││├──random
││││└──zero
│││├──etc
││││├──localtime
││││├──named
││││├──named.conf
││││├──named.iscdlv.key
││││├──named.rfc1912.zones
││││├──named.root.key
││││├──pki
│││││└──dnssec-keys
││││└──rndc.key
│││├──usr
││││└──lib64
││││└──bind
│││└──var
│││├──log
│││├──named
│││├──run
││││└──named
││││├──named.pid
││││└──session.key
│││└──tmp
││├──data
│││└──named.run
││├──dynamic
│││├──managed-keys.bind
│││└──managed-keys.bind.jnl
││├──named.ca
││├──named.empty
││├──named.localhost
││├──named.loopback
││└──slaves
│├──run
││└──named
││├──named.pid
││└──session.key
│└──tmp
├──data
│└──named.run
├──dynamic
│├──managed-keys.bind
│└──managed-keys.bind.jnl
├──named.ca
├──named.empty
├──named.localhost
├──named.loopback
└──slaves
The bind configuration file is guaranteed to exist:
/etc/named.conf Master configuration file
/var/named/Domain zone file location
Configuration changes:
Vim/etc/named.conf
Vim/etc/named.rfc1912.zones
Vim/var/named/app.com.zone
SOA represents authorization Start/* Above in indicates that the data behind it is using Internet standards. The @ represents the corresponding domain name, as it represents app.com, which represents the beginning of a domain name record definition. The ns.app.com is the primary domain name server for this domain, and root.app.com. Is the administrator's email address. Note that this is the e-mail address used to replace the @ in the common e-mail address. And SOA represents the beginning of authorization */1; Serial (d. Adams)/* The number in front of the bank indicates the modified version of the configuration file, which is the number of revisions modified on or after the date of the month, and should be modified every time the configuration file is modified, or your changes will not be updated to the database on the other DNS servers on the web. That is, your updates are likely to not reflect your updates to clients that do not use your configured DNS servers as DNS servers, and it makes no sense for them to update you. */1d; refresh/* defines the refresh rate of the unit, which specifies how long to query a master server from the domain name server to ensure that the data from the server is up-to-date */1h; retry/* above this value is the time interval that specifies the retry in seconds, That is, when the service tries to query on the primary server, and the connection fails, this value specifies how long it will take to retry the */1w from the service; expiry/* above this is used to specify from the server after the failure of the primary service update failed after the corresponding record, the above value is in minutes */3h)/* The above data is used to specify the buffer server can not contact the main service for how long to clear the corresponding record * *
@ in NS ns.app.com.
Ns.app.com. In A 192.168.199.61
Www.app.com. In A 192.168.199.60
Mail.app.com. In MX 5 ns.app.com.
Nginx1 in CNAME www
/* The first column above indicates the name of the host, eliminating the subsequent domain. NS: Indicates that the host is a domain name server, a: Defines a record, that is, the host name to the IP address of the corresponding record MX defines a message record CNAME: Defines an alias for the corresponding host
Vim/var/named/199.168.192.zone
/* The meanings of the keywords above are the same as app.com in NS ns.app.com.
In PTR ns.app.com.
In PTR www.app.com.
In PTR nginx1.app.com.
/* The second column above represents the host's IP address. The Network Address section is omitted. As 61 complete should be: 192.168.199.61
PTR: Indicates that the last column of the reverse record represents the domain name of the host.
Syntax Detection:
Named-checkconf/etc/named.conf #配置文件检测
Named-checkzone App.com/var/named/app.com.zone #zone文件检测
Firewall settings:
Vim/etc/sysconfig/iptables #配置防火墙端口
-ainput-m State--state new-m tcp-p TCP--dport 53-j ACCEPT
-ainput-m State--state new-m udp-p UDP--dport 53-j ACCEPT
-ainput-m State--state new-m tcp-p TCP--dport 953-j ACCEPT
Client testing:
# cat/etc/resolv.conf
NameServer 192.168.199.61
# Yum Install Bind-utils
Nslookup
Dig
Host
Troubleshooting
# tail-f/var/log/messages | grep named
# Service named restart
Zone xxx.xxx/in:loading from master file xxx.xxx.xxx Failed:permission denied
named[4089]: Zone Xxx.xxx/in:not loaded due to errors.
This error is reported because the named service is running through the named user and does not have permission to read the configuration file under/var/named
Execute chmod +r/var/named/* to
Reference:
Build DNS server and configuration file (named.conf) under Linux
Error collection
Construction of DNS server in Centos6.4 environment
Centos 6 DNS Server Configuration