DNS service and BIND application for Linux

Source: Internet
Author: User

The DNS service on Linux is provided by the BIND program.

So in order to build a DNS server, you need to install the BIND program.

Install bind


Bind file

Master configuration file:/etc/named.conf It contains other files

View other files for bind


which

/etc/named.iscdlv.key

/etc/named.rfc1912.zones

/etc/named.root.key

These three modules are three important modules of the main configuration file


Parse the library file:

under the/var/named/directory

Note:1. A DNS server can provide resolution for multiple zones at the same time

2. Must have root zone Parse library file:name.ca

3. There should also be two zone parsing files:localhost and 127.0.0.1 forward parsing

Named.localhost forward parsing file

Reverse parsing of Named.loopback


Master configuration file format

Global Configuration Segment

In the configuration file, the system is only monitored on 127.0.0.1 by default.

Now modify the following configuration file

You must have a space before and after adding an IP address

Default security settings are turned off first

The default is to allow only your own query, Allow-query comments out, you can allow all hosts to query

Log configuration section

Zone Configuration Segment

These two files are auxiliary files, the zone configuration section in the main configuration file is not modified, and all the changes are modified in the/etc/named.rfc1912.zones file.

Check the configuration file for syntax errors

Rndc:remote Name Domain controller

This is a remote control feature and is not recommended for use in unsafe environments.

953/tcp Port. The default is to listen only 127.0.0.1

Start bind

Viewing the Listening port status

TCP port 53 is used for transmitting zone information, and UDP port 53rd is used to listen for client requests.

Application detection

1, now the DNS server itself as its own DNS resolver

2. View Iptables-l-N to determine firewall shutdown

Systemctl Stop Firewalld

Systemctl Disable Firewalld.service

3. Introduction of testing tools

Dig

-B Specify the source IP address

This command is used to test the DNS system, does not query the Hosts file, and does not use the/etc/resolve.conf file if @server is added

-X for reverse parsing

Query options

+[no]trace: Trace parsing process

+[no]reurse: Recursive parsing

Specify to make queries on 61.139.2.69

Host

Specify to parse by 61.139.2.69

Resolved through its own root server.

Nslookup

It's an interactive command.

The direction prompt is followed by commands that need to be entered

RNDC Remote DNS server control commands, try not to use

RNDC Flush updates the local DNS cache


DNS service and BIND application for Linux

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.