Centos 7.1 Configuration DNS View

————————————————————————————————————

Overview:

1. Environmental Preparedness

2. Configure the master configuration file

3. Configure Zone files

4. Start the service and test

————————————————————————————————————

1. Environment Readiness:

OS:

Software Installation

~]# yum Install bindbind-utils [[email protected] ~]# Rpm-qa | grep bindbind-license-9.9.4-18.el7_1.5.noarchbind-utils-9.9.4-18.el7_1.5.x86_64bind-libs-9.9.4-18.el7_1.5.x86_ 64bind-libs-lite-9.9.4-18.el7_1.5.x86_64bind-9.9.4-18.el7_1.5.x86_64

Shutting down firewalls and SELinux

~]# systemctl stopfirewalld ~]# setenforce 0

Simulation of two different network segments can be used for host name resolution

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M01/73/76/wKioL1X-2efhxgUOAAE4GzOEGWA378.jpg "title=" Untitled picture. png "alt=" wkiol1x-2efhxguoaae4gzoegwa378.jpg "/>

two card IP Information:

[[email protected] ~]# ip a1: lo:<loopback,up,lower_up> mtu 65536  qdisc noqueue state unknown    link/loopback 00:00:00:00:00:00  brd00:00:00:00:00:00    inet 127.0.0.1/8 scope host lo        valid_lft forever preferred_lft forever     inet6 ::1/128 scope host       valid_lft forever  preferred_lft forever2: eno16777736:<broadcast,multicast,up,lower_up> mtu 1500 &NBSP;QDISC&NBSP;PFIFO_FAST&NBSP;STATE&NBSP;UP&NBSP;QLEN1000&NBSP;&NBSP;&NBSP;&NBSP;LINK/ETHER&NBSP;00:0C:29: ca:24:8e brdff:ff:ff:ff:ff:ff    inet 192.168.1.50/24brd 192.168.1.255  scope global eno16777736       valid_lft forever  Preferred_lft forever    inet6 fe80::20c:29ff:feca:248e/64 scopelink        valid_lft forever preferred_lft forever3: eno33554984:<broadcast,multicast,up, lower_up> mtu 1500 qdisc pfifo_fast state up qlen1000     link/ether 00:0c:29:ca:24:98 brdff:ff:ff:ff:ff:ff    inet 1.1.1.50/ 24brd 1.1.1.255 scope global dynamic eno33554984       &NBSP;VALID_LFT&NBSP;1573SEC&NBSP;PREFERRED_LFT&NBSP;1573SEC&NBSP;&NBSP;&NBSP;&NBSP;INET6&NBSP;FE80::20C:29FF: Feca:2498/64 scopelink       valid_lft forever preferred_lft  forever

————————————————————————————————————

2. Configure the master configuration file

----------

2.1 Configuration /etc/named.conf file

[[Email protected] ~]# vim/etc/named.conf //// named.conf//// provided by  redhat bind package to configure the isc bind named (8)  DNS/ / server as acaching only nameserver  (as a localhost dns  Resolver only) .//// see/usr/share/doc/bind*/sample/ for example named  configuration files.// options {//      listen-on port  53 { 127.0.0.1; };//      listen-on-v6 port 53 {  ::1; };        directory         "/var/named";        dump-file        "/var/named/data/cache_dump.db";         statistics-file "/ Var/named/data/named_stats.txt ";          memstatistics-file "/var/named/data/named_mem_stats.txt";         allow-query     { any; };          /*         -  If you are building an AUTHORITATIVEDNS server, do NOT  enable recursion.         - if you are  Building a recursive (caching)  DNS server, you need to enable            recursion.          - If your recursive DNS server has apublic IP  address, you must enable access            control to limit queries to yourlegitimate users. failing to do so will            cause your server to become  part oflarge scale dns amplification            attacks. Implementing BCP38 withinyour network would greatly            reduce such attack surface         */        recursion yes ; //      dnssec-enable yes;//       dnssec-validation yes;//      dnssec-lookaside auto;          /* Path to ISC DLV key *///       bindKeys-file "/etc/named.iscdlv.key";  //      managed-keys-directory "/var/named /dynamic "         pid-file"/run/named/named.pid ";//       session-keyfile "/run/named/session.key";};  logging {        channel default_debug {                 file "Data/named.run" ;                 severity  dynamic;        };};    include "/etc/named.rfc1912.zones";//include "/etc/named.root.key";

----------

2.2. Configuring the /etc/named.rfc1912.zones file

[[email protected] ~]# vim/etc/named.rfc1912.zones //named.rfc1912.zones:////  provided by redhat caching-nameserver package//// isc bind namedzone  configuration for zones recommended by// rfc 1912 section4.1 :  localhost tlds and address zones// and http://www.ietf.org/internet-drafts/ draft-ietf-dnsop-default-local-zones-02.txt//  (c) 2007 r wfranks//// see/usr/share/doc/bind */sample/ for example named configuration files.//view wang_tong {         match-clients {  1.1.1.0/24; }; zone  " ." in {        type hint;         file  "named.ca";};  zone "Localhost.localdomain"  in {        type master;        file  "Named.localhost";         allow-update { none; };};  zone "localhost"  IN {        type master;         file  "Named.localhost";         allow-update { none; };};  zone "1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN {         type master;        file   "Named.loopback";        allow-update { none; };};  zone "1.0.0.127.in-addr.arpa"  IN {        type  master;        file  "Named.loopback";         allow-update { none; };};  zone "0.in-addr.arpa"  IN {        type master;         file  "Named.empty";         allow-update { none; };};         zone  "Zrd.com"  IN {                 type master;                 file "Zrd.com.wang_tong";         };}; view dian_xin {        match-clients { 192.168.1.0 /24; };        zone  "Zrd.com"  IN {                 type master;   &Nbsp;             file "Zrd.com.dian_xin";                            };};  view default {        match-clients { any;  };        zone  "Zrd.com"  IN {                 type master;                 file "Zrd.com.dian_xin";         };};

————————————————————————————————————

3. Configure Zone files

---------

3.1. creating a zrd.com.dian_xin zone file

[[email protected] ~]# cd/var/named/[[email protected] named] #vim  zrd.com.dian_ xin  $TTL  86400@       IN     SOA      dns.zrd.com.    admin.zrd.com.  (                          2015092021                         1D                         2D                          1D                         7d)         IN      NS      dns        IN      MX 10   mailwww     IN      A       192.168.1.11dns     IN      A       192.168.1.50mail IN A        192.168.1.12

-----

3.2. Creating a zrd.com.wang_tong file

[[email protected] named] #vim  zrd.com.wang_tong  $TTL  86400@        IN     SOA     dns.zrd.com.     admin.zrd.com.  (                         2015092021                          1D                         2D                         1D                          7d)   &Nbsp;     in     ns      dns         IN     MX 10    mailwww     in     a        1.1.1.11dns     IN     A        1.1.1.50mail    IN     A        1.1.1.12

----

3.3. modifying file properties

[[email protected] named] #chown root:named Zrd.com.wang_tong zrd.com.dian_xin

————————————————————————————————————

4. Start the service and test

-----

4.1. starting a service

[[Email protected] ~] #systemctl start named

----

4.2. Viewing service status

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M02/73/79/wKiom1X-19mQ6cKLAAZkZrFfm2g527.jpg "title=" Untitled picture. png "alt=" wkiom1x-19mq6cklaazkzrffm2g527.jpg "/>

----

4.3. Testing

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M00/73/79/wKiom1X-1_nB071HAAPdeiPBuNI493.jpg "title=" Untitled picture. png "alt=" wkiom1x-1_nb071haapdeipbuni493.jpg "/>

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M02/73/76/wKioL1X-2lHjVz1CAADKiQFRKTg081.jpg "title=" Untitled picture. png "alt=" wkiol1x-2lhjvz1caadkiqfrktg081.jpg "/>

-----------------------

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M00/73/76/wKioL1X-2nTx3HUaAAO8c0gUcWo315.jpg "title=" Untitled picture. png "alt=" wkiol1x-2ntx3huaaao8c0gucwo315.jpg "/>

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M00/73/79/wKiom1X-2FWwHE_iAACxRpVYbzE052.jpg "title=" Untitled picture. png "alt=" wkiom1x-2fwwhe_iaacxrpvybze052.jpg "/>

This article is from the "to Live are to die" blog, so be sure to keep this source http://7431686.blog.51cto.com/7421686/1696605

Centos 7.1 Configuration DNS View