Install the DNS package:
Yum install-y bind
To Configure the DNS master configuration file:
Configuration files:/etc/named.conf,named.rfc1912.zones,
Parse Library file:/var/named/
1. vi/etc/named.conf
Listen-on Port 53 {192.168.1.10;};
To turn off the security features of DNS without affecting the local parsing feature:
Dnssec-enable No;
Dnssec-validation No;
Dnssec-lookaside No;
2. Check the configuration file syntax:
Named-checkconf
3. Start the DNS service program:
Systemctl Start named
4. Check if the service is open successfully: Port 53rd and Port 953
Ss-tanp
5. Point the native DNS server to its own
Vi/etc/resolv.conf
NameServer 192.168.1.10
6. Heavy Duty Service
Systemctl Reload Named.service
7. Test:
Forward resolution: That is, the FQDN---IP
Method One: Dig-t a www.baidu.com
Method Two: ~]# host-t A www.baidu.com
Method Three: [Root@localhost ~]# nslookup
> Server 192.168.1.10
Default server:192.168.1.10
address:192.168.1.10#53
> Set Q=a
> www.sina.com
server:192.168.1.10
address:192.168.1.10#53
Non-authoritative Answer:
www.sina.com canonical name = us.sina.com.cn.
us.sina.com.cn canonical name = News.sina.c om.cn.
news.sina.com.cn canonical name = jupiter.sina.com.cn.
jupiter.sina.com.cn canonical name = polaris.sina.com.cn.
Name:polaris.sina.com.cn
address:202.108.33.60
Reverse resolution: IP---FQDN
Dig-x 61.135.162.215
Define Zone Zone files:
Chown:named angrybeans.com
chmod o= angrybeans.com
Check syntax:
Named-checkozone Zone_name Zone_file
to configure the Forward parsing library:
1. Configure the resolution Library Master profile
Vim/etc/named.rfc1912.zones
Add the zone you want to configure:
Zone "Angrybeans.com" in {
Type master;
File "Angrybeans.zone";
};
2. Adding Angrybeans.zone's detailed forward parsing content
Vim/var/named/angrybeans.zone
Add the following content to the inside:
$TTL 3600
$ORIGIN angrybeans.com.
@ in SOA ns1 admin (
20170125
4H
2H
12H
1D
);
In NS ns1
In MX ten M1
In MX m2
NS1 in A 192.168.1.10
A In a 192.168.1.2
B in A 192.168.1.3
Flower in A 192.168.1.4
M1 in A 192.168.1.5
M2 in A 192.168.1.6
Food in A 192.168.1.7
Eat in CNAME food
Fish in A 192.168.1.10
Fish in A 192.168.1.20
Description: @ Indicates the name of the area specified in the/etc/named.rfc1912.zones angrybeans.com, to write the complete should be written as angrybeans.com. The second line in the beginning defines the macro $ORIGIN which means that angrybeans.com is used. However, it is necessary to add some of the following, in order to show the complete format, and the back in front omitted @ is because you can inherit the above SOA in front of the name
3. Check the zone syntax after configuration:
~]# Named-checkzone Angrybeans.com/var/named/angrybeans.zone
4. For security reasons, it is necessary to modify the permissions of the Zone profile
Chgrp Named/var/named/angrybeans.zon
chmod o=/var/named/angrybeans.zone
5. View Zone Number: 101
[Root@localhost ~]# RNDC Status
Version:9.9.4-redhat-9.9.4-18.el7 <id:8f9657aa>
CPUs Found:4
Worker Threads:4
UDP listeners per Interface:4
Number of zones:101
6. Heavy Duty Service:
Method One: ~]# RNDC Reload
Method Two: ~]# systemctl reload Named.service
7. Re-view the number of zones in zones 102, indicating a successful configuration
[Root@localhost ~]# RNDC Status
Version:9.9.4-redhat-9.9.4-18.el7 <id:8f9657aa>
CPUs Found:4
Worker Threads:4
UDP listeners per Interface:4
Number of zones:102
Debug level:0
Xfers running:0
Xfers deferred:0
SOA queries in progress:0
Query logging is OFF
Recursive clients:0/0/1000
TCP clients:0/100
Server is up and running
8. Detection:
~]# dig-t CNAME eat.angrybeans.com
~]# dig-t A m1.angrybeans.com
Now try to do reverse parsing is not possible, dig-x 192.168.1.5
To Configure the Reverse resolution Library:
1. Vim/etc/named.rfc1912.zones
Add a zone for the Reverse parsing library:
Zone "1.168.192.in-addr.arpa" {
Type master;
File "192.168.1.zone";
};
2.vim/var/named/192.168.1.zone
$TTL 3600
$ORIGIN 1.168.192.in-addr.arpa.
@ in SOAns1.angrybeans.com. Admin.angrybeans.com. (
20170125
1H
10M
2H
3H)
In NSns1.angrybeans.com.
Ten in PTRns1.angrybeans.com.
5 in PTRm1.angrybeans.com.
4 in PTRflower.angrybeans.com.
3. Check the syntax:
[Root@localhost named]# Named-checkzone/etc/named.rfc1912.zones/var/named/192.168.1.zone
/var/named/192.168.1.zone:4: Ignoring Out-of-zone data (1.168.192.in-addr.arpa)
/var/named/192.168.1.zone:12:ignoring out-of-zone data (10.1.168.192.in-addr.arpa)
/var/named/192.168.1.zone:13:ignoring out-of-zone data (5.1.168.192.in-addr.arpa)
/var/named/192.168.1.zone:14:ignoring out-of-zone data (4.1.168.192.in-addr.arpa)
Zone/etc/named.rfc1912.zones/in:has 0 SOA Records
Zone/etc/named.rfc1912.zones/in:has no NS Records
Zone/etc/named.rfc1912.zones/in:not loaded due to errors.
Reported a number of errors, but does not affect the inverse parsing
4. Modify Permissions:
Chown:named/var/named/192.168.1.zone
chmod o=/var/named/192.168.1.zone
5. View the number of zones and change to 103
RNDC status
6. Heavy-duty RNDC
RNDC Reload
7. Test, reverse parsing success, and then try forward parsing is no problem
[Root@localhost named]# dig-x 192.168.1.4
; <<>> DiG 9.9.4-redhat-9.9.4-18.el7 <<>>-X 192.168.1.4
;; Global options: +cmd
;; Got Answer:
;; ->>header<<-opcode:query, Status:noerror, id:62542
;; FLAGS:QR AA Rd RA; Query:1, Answer:1, Authority:1, Additional:2
;; OPT pseudosection:
; edns:version:0, Flags:; udp:4096
;; QUESTION section:
; 4.1.168.192.in-addr.arpa. Inptr
;; ANSWER section:
4.1.168.192.in-addr.arpa. 3600 inptr flower.angrybeans.com.
;; Authority section:
1.168.192.in-addr.arpa. 3600IN NS ns1.angrybeans.com.
;; ADDITIONAL section:
ns1.angrybeans.com. 3600IN A 192.168.1.10
;; Query time:0 msec
;; server:192.168.1.10#53 (192.168.1.10)
;; When:mon Jan 09:45:37 EST 2016
;; MSG SIZE rcvd:122