Before configuring the bind DNS server software: Bind is an open source DNS (domain name System) protocol implementation that contains all the software required to query and respond to domain names. It is the most widely used DNS server on the Internet and has become a de facto standard for UNIX-like systems.
In order to frame the DNS server to resolve the domain name or IP address, we have to install bind and caching-nameserver. For TCP and UDP53 packets to pass, we also need to configure the router.
Installing the BIND Package
1. Installation
# yum-y Install bind caching-nameserver
2. Configuration
The following example shows a public IP (172.16.0.80/29), a LAN IP (192.168.0.0/24), and a domain name (linuxde.net). When configuring your own server, use your own IP and domain name.
# vim/etc/named.conf
Options {directory "/var/named"; # query rangeallow-query {localhost; 192.168.0.0/24;}; # transfer Rangeallow-transfer {localhost; 192.168.0.0/24;}; # recursion rangeallow-recursion {localhost; 192.168.0.0/24;};}; Controls {inet 127.0.0.1 allow {localhost;} keys {rndckey;};}; # Here are the sections for internal Informationsvimew "internal" {match-clients {localhost;192.168.0.0/24;}; Zone "." in {Type hint;File "named.ca";}; #Set zones for Internalzone "Linuxde.net" in {type Master;file "Linuxde.net.lan"; allow-update {none;};}; # Set zones for Internalzone ' 0.168.192.in-addr.arpa ' in {type master;file "0.168.192.db"; allow-update {none;};}; Zone "Localdomain" in {type Master;file "Localdomain.zone"; allow-update {none;};}; Zone "localhost" in {type Master;file "Localhost.zone"; allow-update {none;};}; Zone "0.0.127.in-addr.arpa" in {type Master;file "named.local"; allow-update {none;};}; Zone "255.in-addr.arpa" in {type Master;file "Named.broadcast"; allow-update {none;};}; Zone "0.in-addr.arpa" in {type Master;file "Named.zero"; allow-update {none;};};}; Vimew "external" {match-clients {any;}; Zone "." In {type hint;file "named.ca";}; # Set zones for Externalzone ' linuxde.net ' in {type master;file ' Linuxde.net.wan '; allow-update {none;};}; # Set zones for external *notezone ' 80.0.16.172.in-addr.arpa ' in {type master;file ' 80.0.16.172.db '; allow-update {none;} ;};}; Include "/etc/rndc.key"; # *note:for HowTo write for reverse resolvimng, write network address reversely like Below.the case for 192.168.0.0/24network address? 1 92.168.0.0range of the network? 192.168.0.0-192.168.0.255how to write? 0.168.192.in-addr.arpa Case of 172.16.0.80/29network address? 172.16.0.80range of the network? 172.16.0.80-172.16.0.87how to write? 80.0.16.172.in-addr. ARP
Set zones
Create a zone file so that the server can resolve the domain name IP.
1. Internal zone file
This example uses the intranet address (192.168.0.0/24), the domain name (linuxde.net), please configure it according to your own situation.
# Vim/var/named/linuxde.net.lan
$TTL 86400@ in SOA ns.linuxde.net. root.linuxde.net. ( 2007041501 ; Serial 3600 ; Refresh 1800 ; Retry 604800 ; Expire 86400 ; Minimum TTL) # define name server in NS ns.linuxde.net. # internal IP address of name server in A 192.168.0.17 Mail exchanger in MX 10 ns.linuxde.net. Hostnamens In A 192.168.0.17
2. External zone file
This example uses the external network address (172.16.0.80/29), the domain name (linuxde.net), please replace your own.
# Vim/var/named/linuxde.net.wan
$TTL 86400@ in SOA ns.linuxde.net. root.linuxde.net. ( 2007041501 ; Serial 3600 ; Refresh 1800 ; Retry 604800 ; Expire 86400 ; Minimum TTL) # define name server in NS ns.linuxde.net. # external IP address of name server in A 172.16.0.82 # define Mail Exchanger in MX ten NS.L Inuxde.net. # define IP address and Hostnamens in A 172.16.0.82
Creating a zone file enables the server to reverse-parse the IP to the domain name.
3. Internal zone file
This example uses the intranet address (192.168.0.0/24), the domain name (linuxde.net), please replace it with your own settings.
# vim/var/named/0.168.192.db
$TTL 86400@ in SOA ns.linuxde.net. root.linuxde.net. ( 2007041501 ; Serial 3600 ; Refresh 1800 ; Retry 604800 ; Expire 86400 ; Minimum TTL) # define name server in NS ns.linuxde.net. # define range, this is domain name in the PTR linuxde.net. # define IP address and hostname in A 255.255.255.0 -in PTR ns.linuxde.net.
4. External zone file
This example uses the extranet address (172.16.0.80/29), the domain name (linuxde.net), please replace it with your own.
# vim/var/named/80.0.16.172.db
$TTL 86400@ in SOA ns.linuxde.net. root.linuxde.net. ( 2007041501 ; Serial 3600 ; Refresh 1800 ; Retry 604800 ; Expire 86400 ; Minimum TTL) # define name server in NS ns.linuxde.net. # define range, this is domain name in the PTR linuxde.net. # define IP address and hostname in A 255.255.255.248 -in PTR ns.linuxde.net.
Start bind
1. After the configuration of BIND is completed, the chroot environment needs to be established before starting named .
# yum-y Install Bind-chroot
#/etc/rc.d/init.d/named Start
# Chkconfig named on
2. Operation Inspection
Confirm that the server has correctly resolved the domain name or IP address.
# dig ns.linuxde.net.
; global options:printcmd
;; Got answer:
;;->>header<<-opcode:query, Status:noerror, id:54592
;; flags:qr AA Rd RA; Query:1, Answer:1, Authority:1, additional:0
; QUESTION section:
;ns.linuxde.net. IN A
;; ANSWER section:
ns.linuxde.net. 86400 in a 192.168.0.17
;; Authority section:
linuxde.net. 86400 in NS Ns.linuxde.net.
;; Query time:0 msec
;; server:192.168.0.17#53 (192.168.0.17)
;; When:thu Mar 8 19:35:19
;; MSG SIZE rcvd:68
# dig-x 192.168.0.17
; <<>> DiG 9.3.4 <<>>-X 192.168.0.17
;; Global Options:printcmd
;; Got Answer:
;; ->>header<<-opcode:query, Status:noerror, id:45743
;; FLAGS:QR AA Rd RA; Query:1, Answer:1, Authority:1, additional:1
;; QUESTION section:
; 17.0.168.192.in-addr.arpa. In PTR
;; ANSWER section:
17.0.168.192.in-addr.arpa. 86400 in PTR ns.linuxde.net.
;; Authority section:
0.168.192.in-addr.arpa. 86400 in NS ns.linuxde.net.
;; ADDITIONAL section:
Ns.linuxde.net. 86400 in A 192.168.0.17
;; Query time:0 msec
;; server:192.168.0.17#53 (192.168.0.17)
;; When:thu Mar 8 19:37:50 2007
;; MSG SIZE rcvd:107
Configure the DNS server from
Configuration is simpler from a DNS server. The following example of primary DNS is "ns.linuxde.net", from DNS is "ns.example." Info ".
1. Configure the zone file on the primary DNS server as follows
# Vim/var/named/linuxde.net.wan
$TTL 86400@ in SOA ns.linuxde.net. root.linuxde.net. ( # Update serial 2007041501 ; Serial 3600 ; Refresh 1800 ; Retry 604800 ; Expire 86400 ; Minimum TTL) in NS ns.linuxde.net. # Add Name server in NS ns.example.info. In a 172.16.0.82 in MX ten ns.linuxde.net. NS in a 172.16.0.82
# RNDC Reload
Server Reload Successful
2. Configure the DNS server
# vim/etc/named.conf
# Add these lines below
Zone "Linuxde.net" in {
Type slave;
Masters {172.16.0.82;};
File "Slaves/linuxde.net.wan";
};
# RNDC Reload
Server Reload Successful
# Ls/var/named/slaves
Linuxde.net.wan # zone file in Master DNS have been just transfered
Set the alias record, if you want to set another name for your host, define the CNAME record in the zone file
# vim/var/named/server-Linux.info.wan
$TTL 86400@ in SOA ns.server-linux.info. Root.server-linux.info. ( # Update serial 2007041501 ; Serial 3600 ; Refresh 1800 ; Retry 604800 ; Expire 86400 ; Minimum TTL) in NS ns.server-linux.info. In a 172.16.0.82 in MX ten ns.server-linux.info. NS in a 172.16.0.82# aliase in CNAME server ' s nameftp in CNAME
# RNDC Reload
Server Reload Successful
The following is a collation of the main file parameter interpretation (for reference only)/**/represents the comment:
The options {/*options option is used to define the environment that affects the entire DNS server, such as the Di Rectory used here to specify the path to the file specified in this file, as here is the designation to/var/named, where you can also specify the port and so on. Do not specify the port is 53*/directory "/var/named";}; A caching only nameserver config//controls {inet 127.0.0.1 allow {localhost;} keys {rndckey;};}; Zone "." In {//In this file is defined by the Zone keyword, a zone keyword defines a domain area type hint;/* Here there are three types of type, they are master,slave and hint respectively, they mean: master: The definition is the primary domain name server slave: the definition is the secondary name server hint: Indicates that the root domain name server in the Internet */file "named.ca"; Used to specify a file that specifically hosts DNS records};zone "localhost" in {//defines a forward zone with a domain name of localhost type master;file "Localhost.zone"; allow-update {None ; };}; Zone "Test.net "in {///specifies a forward zone with a domain name of test.net type Master;file" Test.net "allow-update {none;};}; Zone "0.0.127.in-addr.arpa" in {//define a reverse domain with IP 127.0.0.* type master;file "Named.local"; allow-update {none;};}; Zone "0.192.168.in-addr.arpa" in {//define an IP for 168.192.0.* reverse domain zone type master;file "168.192.0";/var/named/test.net file @ in SOA Linux.test.net. Webmaster.test.net. (SOA means that authorization start/* Above indicates that the data later uses Internet standards.) The @ represents the corresponding domain name, as it represents Test.net, which represents the beginning of a domain name record definition. While linux.test.net is the primary domain name server for this domain, Webmaster.test.net is the administrator's email address. Note that this is the e-mail address used to replace the @ in the common e-mail address. And SOA represents the beginning of authorization */2003012101; Serial (d. Adams)/* The number in front of the bank indicates the modified version of the configuration file, which is the number of revisions modified on or after the date of the month, and should be modified every time the configuration file is modified, or your changes will not be updated to the database on the other DNS servers on the web. That is, your updates are likely to not reflect your updates to clients that do not use your configured DNS servers as DNS servers, and it makes no sense for them to update you. */28800; refresh/* defines the refresh rate of the unit, which specifies how long to query a master server from the domain name server to ensure that the data from the server is up-to-date */7200; retry/* above this value is the time interval that specifies the retry in seconds, That is, when the service tries to query on the primary server, and the connection fails, this value specifies how long it will take to retry the */3600000 from the service; expiry/* above this is used to specify how long after the server fails to update the primary service after the failure to clear the corresponding records, the above values are in minutes */8400)/* Above this data to specify how long the buffer server cannot contact the primary service to clear the corresponding record */in NS Linuxin MThe first column above represents the name of the host, omitting the subsequent domain, linuxlinux in a 168.192.0.14it-test1 in a 168.192.0.133www in the CNAME linux/*. NS: Indicates that the host is a domain name server, a: Defines a record, that is, the host name to the IP address of the corresponding record MX defines a message record CNAME: Defines an alias for the corresponding host/var/named/168.192.0@ in SOA Linux.test.net. Webmastert.linux.net. (1997022700; Serial28800; Refresh14400; Retry3600000; EXPIRE86400); The meanings of the keywords above minimumin NS linux.test.net./* are the same as test.net in PTR linux.test.net.133 in PTR it-test1.test.net./* The first column above represents the host's IP address. The Network Address section is omitted. If 14 integrity should be: 168.192.0.14PTR: Indicates that the last column of the reverse record represents the domain name of the host.
DNS detailed under Linux