Install and configure the DNS server in Centos6

Install and configure the DNS server in Centos6

There are three types of DNS servers:

123

Cache DNS: It is responsible for receiving DNS requests from cached users. queries are forwarded to DNS servers. Generally, this DNS is used in residential routes. Recursive DNS: recursive DNS is the most commonly used by common users. It is used to recursively query the IP address corresponding to a domain name. Generally, the DNS provided by the carrier is used. Authoritative DNS: contains the root DNS and authoritative domain name DNS. When you query the IP address of a domain name through recursive DNS, you must query the authoritative DNS.

This article describes how to install and configure authoritative DNS servers to provide domain name resolution services.
BIND installation in Centos6:

12

#http://www.haiyun.meyum install bind

BIND installation in Centos5:

123

yum install bind cp -a /usr/share/doc/bind-9.3.6/sample/etc/* /etc/cp -a /usr/share/doc/bind-9.3.6/sample/var/named/* /var/named/

Configure as a local cache forwarding DNS Server:

12345678910111213

Cat/etc/named. confoptions {listen-on port 53 {127.0.0.1;}; directory "/var/named"; allow-query {localhost ;}; # Only allow local query recursion yes; # Allow recursive query of forward only; # forward only forwarders {8.8.8.8; # forward query of DNS server 4.4.4.4 ;};};

It is configured as an authoritative server for domain name resolution. Based on the view function, the recursive query service is provided internally and the domain name resolution service is provided externally. the DNS server, such as ns1.haiyun. me, must be changed at the domain name registrar.

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647

// Global options {listen-on port 53 {any ;}; directory "/var/named ";}; // set logging {channel default_debug {file "data/named. run "; print-time yes; severity dynamic;}; channel query_log {file" data/query. log "versions 3 size 20 m; severity info; print-time yes; print-category yes ;}; category queries {query_log ;};}; // match the local view localhost {match-clients {localhost ;}; allow-query {any ;}; recursion yes; // allow recursive queries, that is, the local DNS Cache Server include "/etc/named. rfc1912.zones "; // call the root server and local servers}; // match the external view {match-clients {any ;}; allow-query {any ;}; recursion no; // non-recursive server allow-transfer {none ;}; // The allow-query-cache {any ;}; zone "haiyun. me "{type master; file" haiyun. me ";};};

Positive Solution Configuration:

12345678910111213

$ ORIGIN haiyun. me // This parameter works with @ below, and the zone parameter $ TTL 600 IN the main configuration file is not set. // The SOA ns is used to determine the authoritative server @ in soa ns1.haiyun. me. mail. haiyun. me. (2012070401; # No., slave determines whether to download 3 H; # update frequency 10 M; # failure reconnect time 1 W; # failure time 1 H ); # TTL time @ in ns ns1.haiyun. me. // authorize the ns server @ in ns ns2.haiyun. me. ns1 in a 1.2.3.4nsin A 1.2.3.4www in a 1.2.3.4

After the configuration is complete, start the named service. If iptables is configured, You need to enable the udp53 port. for stability, you can configure the master-slave synchronization DNS server.

12

/etc/init.d/named startiptables -p upd --dport 53 -j ACCEPT

Verify whether the verification takes effect:

1234567891011

dig -t ns www.haiyun.me;; QUESTION SECTION:;www.haiyun.me.INNS;; ANSWER SECTION:www.haiyun.me.600INNSns1.haiyun.me.www.haiyun.me.600INNSns2.haiyun.me.;; ADDITIONAL SECTION:ns1.haiyun.me.600INA1.2.3.4ns2.haiyun.me.600INA1.2.3.4