The DNS service on Linux is provided by the BIND program.
So in order to build a DNS server, you need to install the BIND program.
Install bind
Bind file
Master configuration file:/etc/named.conf It contains other files
View other files for bind
which
/etc/named.iscdlv.key
/etc/named.rfc1912.zones
/etc/named.root.key
These three modules are three important modules of the main configuration file
Parse the library file:
under the/var/named/directory
Note:1. A DNS server can provide resolution for multiple zones at the same time
2. Must have root zone Parse library file:name.ca
3. There should also be two zone parsing files:localhost and 127.0.0.1 forward parsing
Named.localhost forward parsing file
Reverse parsing of Named.loopback
Master configuration file format
Global Configuration Segment
In the configuration file, the system is only monitored on 127.0.0.1 by default.
Now modify the following configuration file
You must have a space before and after adding an IP address
Default security settings are turned off first
The default is to allow only your own query, Allow-query comments out, you can allow all hosts to query
Log configuration section
Zone Configuration Segment
These two files are auxiliary files, the zone configuration section in the main configuration file is not modified, and all the changes are modified in the/etc/named.rfc1912.zones file.
Check the configuration file for syntax errors
Rndc:remote Name Domain controller
This is a remote control feature and is not recommended for use in unsafe environments.
953/tcp Port. The default is to listen only 127.0.0.1
Start bind
Viewing the Listening port status
TCP port 53 is used for transmitting zone information, and UDP port 53rd is used to listen for client requests.
Application detection
1, now the DNS server itself as its own DNS resolver
2. View Iptables-l-N to determine firewall shutdown
Systemctl Stop Firewalld
Systemctl Disable Firewalld.service
3. Introduction of testing tools
Dig
-B Specify the source IP address
This command is used to test the DNS system, does not query the Hosts file, and does not use the/etc/resolve.conf file if @server is added
-X for reverse parsing
Query options
+[no]trace: Trace parsing process
+[no]reurse: Recursive parsing
Specify to make queries on 61.139.2.69
Host
Specify to parse by 61.139.2.69
Resolved through its own root server.
Nslookup
It's an interactive command.
The direction prompt is followed by commands that need to be entered
RNDC Remote DNS server control commands, try not to use
RNDC Flush updates the local DNS cache
DNS service and BIND application for Linux