Getting Started DNS master-slave configuration

DNS: Domain Name Resolution Service
Record types for common DNS:
A: referred to as forward parsing, the domain name resolves to an IP address
PTR: Called reverse resolution, IP resolves to a domain name
MX: Mail exchange Records
NS: Specify a domain name server
CNAME: Alias Record
Soa:start of authority user represents the primary DNS server in the domain
Software that provides the DNS service: The package is named BIND and requires several packages as follows:
Bind-libs-9.8.2-0.17.rc1.el6_4.6.x86_64
Bind-9.8.2-0.17.rc1.el6_4.6.x86_64
Bind-chroot-9.8.2-0.17.rc1.el6_4.6.x86_64
Bind-utils-9.8.2-0.17.rc1.el6_4.6.x86_64
In RHEL6.5, the bind-utils and bing-libs two packages are installed by default, and in this case rhel6.5, we also need to install two packages
[Email protected] ~]# Mount/dev/cdrom/dev/cdrom
[[email protected] ~]# mount/dev/cdrom/media/cdrom///Mount disc to/media/cdrom/
Mount:block Device/dev/sr0 is write-protected, mounting read-only
[[email protected] ~]# cd/media/cdrom/packages///Switch to the package directory under the disc
[[email protected] packages]# RPM-IVH bind-9.8.2-0.17.rc1.el6_4.6.x86_64.rpm//install BIND main package
[[email protected] packages]# RPM-IVH bind-chroot-9.8.2-0.17.rc1.el6_4.6.x86_64.rpm//install chroot package; provide a disguise root directory for bind
[Email protected] packages]# Rpm-qa | After grep "^bind"//installation is complete, determine that the following four packages are already present in the system
Bind-libs-9.8.2-0.17.rc1.el6_4.6.x86_64
Bind-9.8.2-0.17.rc1.el6_4.6.x86_64
Bind-chroot-9.8.2-0.17.rc1.el6_4.6.x86_64
Bind-utils-9.8.2-0.17.rc1.el6_4.6.x86_64
[[Email protected] packages]# service named start//Start Services, package name is bind, service name is named
Start named: [OK]//Start successful
Example: adding forward parsing and reverse parsing of 192.168.211.0/24 network segments for www.520sec.com, creating a new zone configuration file
[[email protected] packages]# vim/etc/named.conf//dns main configuration file

Options {
Listen-on Port 53 {192.168.211.3;}; 53 is the listening port for DNS, followed by the listening IP address, for native IP
Listen-on-v6 Port 53 {:: 1;};
Directory "/var/named"; The working directory, where no absolute path is specified below, is in this directory
Dump-file "/var/named/data/cache_dump.db";
Statistics-file "/var/named/data/named_stats.txt";
Memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query {192.168.211.0/24;}; Which network segment can use this DNS resolution
recursion Yes;

Dnssec-enable Yes;
Dnssec-validation Yes;
Dnssec-lookaside Auto;

/* Path to ISC DLV key */
Bindkeys-file "/etc/named.iscdlv.key";

Managed-keys-directory "/var/named/dynamic";
};
Zone "." In {//This segment is the root parsing that comes with the bind after it is installed
Type hint;
File "named.ca";
}; The following starts with the content that you created
Zone "520sec.com" in {//Add forward parsing for 520sec.com
Type master; Type-based
File "520sec.com.zone"; The location of the zone data file is/var/named/520sec.com.zone,520sec.com.zone is the newly created parse log file
Allow-transfer {192.168.211.10;}; Allows files to be copied from the server from this server, where it is written from the server IP address
}; End of forward parsing for 520sec
Zone "211.168.192.in-addr.arpa" in {//for 192.168.211.0/24 add reverse parse, note to write in turn
Type master; Type-based
File "211.168.192.arpa"; The location of the zone data file is/var/named/211.168.192.arpa
Allow-transfer {192.168.211.10;}; Allows files to be copied from the server from this server, where it is written from the server IP address
}; #反向解析结束; Save exit
[[email protected] named]# named-checkconf-z/etc/named.conf//Use the command to check if there is a syntax error in the configuration file just now
Zone 520sec.com/in:loading from master file 520sec.com.zone failed:file not found//hint 520sec.com.zone not found, this is because we have not created a new zone File
Zone 520sec.com/in:not loaded due to errors.
_default/520sec.com/in:file not found
[[email protected] named]# VIM 520sec.com.zone//Create a new forward parsing zone file named 520sec.com.zone
$TTL 86400
@ SOA 520sec.com. Admin.520sec.com (
2011030301
4H
30M
12H
1D
)
@ in NS ns1.520sec.com.
In NS ns2.520sec.com.
In MX ten mail.520sec.com.
NS1 in A 192.168.211.3//ns1.520sec.com parsing to 192.168.211.30
NS2 in A 192.168.211.10//ns2.520sec.com parsing to 192.168.211.10
Mail in A 192.168.211.3
www in A 192.168.211.10
* in A 192.168.211.3//indicates the hostname of the input error is resolved to 192.168.211.3; Save exit
[[email protected] named]# vim 211.168.192.arpa//new Reverse Zone profile
$TTL 86400
@ SOA 520sec.com. Admin.520sec.com (
2011030301
4H
30M
12H
1D
)
In NS ns1.520sec.com.
In NS ns2.520sec.com.
1 in PTR www.520sec.com. Resolves 192.168.211.1 to Www.520sec.com;
2 in PTR mail.520sec.com.
3 in PTR ns1.520sec.com.
In PTR ns2.520sec.com. Save exit
[[email protected] named]# named-checkconf-z/etc/named.conf//re-use the name rate to check the configuration file for errors and the presence of the zone file is no longer an error.
Zone 520sec.com/in:loaded Serial 2011030301
Zone 211.168.192.in-addr.arpa/in:loaded Serial 2011030301
Zone localhost.localdomain/in:loaded Serial 0
Zone localhost/in:loaded Serial 0
Zone 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/in:loaded Serial 0
Zone 1.0.0.127.in-addr.arpa/in:loaded Serial 0
Zone 0.in-addr.arpa/in:loaded Serial 0
[[email protected] named]# vim/etc/resolv.conf//Change DNS address to own IP, and IP from DNS
NameServer 192.168.211.3
NameServer 192.168.211.10//Primary DNS configuration to this end
[[email protected] named]# nslookup www.benet.com use Nslookup to test if DNS resolution was successful
server:192.168.211.3//dns Address
address:192.168.211.3#53

Name:www.benet.com//Resolved domain name
ADDRESS:192.168.211.10//Resolution to the IP, you can compare the above Yes www.benet.com IP, is the same
The following starts from the DNS configuration: Install the corresponding BIND service by following the installation steps above, open the DNS configuration file, modify it in the configuration file
Zone "520sec.com" in {
Type slave;
Masters {}//Specify the primary IP address here to copy files from the primary DNS
File "Slaves/benet.com.zone"//Download files save location
}

Configuration to this end
Check the file in the Save directory from DNS in the set download file to have no resolution files downloaded to the master DNS

Getting Started DNS master-slave configuration