Bind basic service and DNS master server configuration steps

BIND is the most widely used DNS server software.
"Named" in the name of the bind Service"
The BIND configuration file is stored in two main locations.
▲Bind service main configuration file:/etc/named. conf
▲Zone file:/var/named/
Chroot encapsulates related files in a pseudo root directory for security defense. Once the program is cracked,
You can only access contents in the pseudo root directory, rather than the real root directory.
Pass:
Yum install-y bind-chroot bind-utils
Bind Installation
Port 53 is used by default.
If bind-chroot is installed, bind will be encapsulated in a pseudo root directory (/var/named/chroot/), and the configuration file location will change:
▲Bind service main configuration file:/var/named/chroot/etc/named. conf
▲Zone file:/var/named/chroot/var/named/
The original configuration information in/etc and/var will be completely moved to the pseudo root.
BIND does not have a preset configuration file after installation, but in the BIND document folder (/usr/share/doc/bind-*), bind provides us with a configuration file template
We can copy it directly:
CP-RV/usr/share/doc/bind-9.3.6/sample/etc/*/var/named/chroot/etc
CP-RV/usr/share/doc/bind-9.3.6/sample/var/*/var/named/chroot/var
The contents of the minimal bind Service master configuration file are as follows:

[root@even etc]# cat named.confoptions{        directory "/var/named";        listien-on port 53 {127.0.0.1;};};

Configure the domain master server (master)

① -- Add the domain example.com definition to the BIND main configuration file

Definition:

Sets the file pointing to the ing information of each domain name and IP address.

● Configuration file location
/Var/named/chroot/etc/named. conf
● Add a zone definition for a single domain in the main configuration file:
Zone "example.com "{
Type master;
File "example.com. Zone ";
};

② -- Add the zone configuration file for the defined domain

Definition:

The domain name resolution file configured by the user is also called a zone file. If the current DNS server needs to resolve multiple domain names, you need to set multiple domain name resolution files. If you need reverse resolution, you also need to set the corresponding reverse resolution file.

● Location of the zone File
/Var/named/chroot/var/named/example.com. Zone
● Zone File Content
The content of the zone file is complex, and manual input is prone to errors. Therefore,
Generally, the default named. localhost configuration file is used as the template.
CP named. localhost or localdomain. Zone example.com. Zone
Then, add the resource record (RR)
In MX 10 mail.example.com.
WWW in a 192.168.1.110
Mail in a 192.168.1.126

And:
★Make sure that these configuration files have the read permission: LL
★SELinux is closed: getenforce

③ -- Start the bind service or refresh the configuration
Service named start
Service named reload

④ -- Use the local machine for testing: Direct the local DNS configuration to the Local Machine
/Etc/resolv. conf
Nameserver 127.0.0.1

⑤ -- Use the host or dig command to verify the DNS Configuration

[root@even named]# dig -t mx example.com; <<>> DiG 9.3.6-P1-RedHat-9.3.6-20.P1.el5 <<>> -t mx example.com;; global options:  printcmd;; Got answer:;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 65191;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 3;; QUESTION SECTION:;example.com.                   IN      MX;; ANSWER SECTION:example.com.            86400   IN      MX      10 mail.example.com.;; AUTHORITY SECTION:example.com.            86400   IN      NS      example.com.;; ADDITIONAL SECTION:mail.example.com.       86400   IN      A       192.168.1.126example.com.            86400   IN      A       127.0.0.1example.com.            86400   IN      AAAA    ::1;; Query time: 2 msec;; SERVER: 127.0.0.1#53(127.0.0.1);; WHEN: Tue Nov 27 20:13:03 2012;; MSG SIZE  rcvd: 124[root@even named]# host www.example.comwww.example.com has address 192.168.1.110

Troubleshooting

DNS configuration syntax is obscure, and configuration errors are prone
Bind provides two syntax check tools:
When using named-checkconf, you can view the errors in the BIND main configuration file:
Named-checkconf/var/named/chroot/etc/named. conf
Checking named-checkzone allows you to view the zone file errors:
Named-checkzone example.com/var/named/chroot/var/named/example.com. Zone
Generally, BIND configuration either has syntax errors or permission errors.