Install Bind on CentOS to build a DNS server

Install Bind on CentOS to build a DNS server

Because the company's internal network needs to be tested, domain names are used to access the company's internal server. However, the vro does not have the domain name forwarding function. Therefore, the DNS method is used.

Background:

One internal server:

System: CentOS6.5 _ x64hostname: server. bkjia. localIP: 192.168.10.10

1. Install the bind Service

yum -y install bind*

2. Configure the DNS Server. All the following settings are modified in blue.

vim /etc/named.conf//// named.conf//// Provided by Red Hat bind package to configure the ISC BIND named(8) DNS// server as a caching only nameserver (as a localhost DNS resolver only).//// See /usr/share/doc/bind*/sample/ for example named configuration files.//options {// listen-on port 53 { 127.0.0.1; }; listen-on port 53 { any; }; listen-on-v6 port 53 { ::1; }; directory "/var/named"; dump-file "/var/named/data/cache_dump.db"; statistics-file "/var/named/data/named_stats.txt"; memstatistics-file "/var/named/data/named_mem_stats.txt";// allow-query { localhost; }; allow-query { any; }; recursion yes; dnssec-enable yes; dnssec-validation yes; dnssec-lookaside auto; /* Path to ISC DLV key */ bindkeys-file "/etc/named.iscdlv.key"; managed-keys-directory "/var/named/dynamic";};logging { channel default_debug { file "data/named.run"; severity dynamic; };};zone "." IN { type hint; file "named.ca";};include "/etc/named.rfc1912.zones";include "/etc/named.root.key";

------------

vim /etc/named.rfc1912.zones// named.rfc1912.zones://// Provided by Red Hat caching-nameserver package //// ISC BIND named zone configuration for zones recommended by// RFC 1912 section 4.1 : localhost TLDs and address zones// and http://www.ietf.org/internet-drafts/draft-ietf-dnsop-default-local-zones-02.txt// (c)2007 R W Franks// // See /usr/share/doc/bind*/sample/ for example named configuration files.//zone "localhost.localdomain" IN { type master; file "named.localhost"; allow-update { none; };};zone "localhost" IN { type master; file "named.localhost"; allow-update { none; };};zone "1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN { type master; file "named.loopback"; allow-update { none; };};zone "1.0.0.127.in-addr.arpa" IN { type master; file "named.loopback"; allow-update { none; };};zone "0.in-addr.arpa" IN { type master; file "named.empty"; allow-update { none; };};zone "bkjia.local" IN { type master; file "named.bkjia.local"; allow-update { none; };};zone "xxxx.com" IN { type master; file "named.xxxx.com"; allow-update { none; };};

Note that each sentence is followed by a semicolon;

3. Add a forward DNS File

Vim/var/named. bkjia. local $ TTL 86400 @ in soa server. bkjia. local. root. bkjia. local. (2015080700; (serial number) each update requires an additional 3600; (update frequency) the update time requested from the server to the master server is 1800; (retry failure time) generally, it is 604800 of the update frequency. (The failure time) the failed attempt time is limited to 86400. (The cache time can be understood as the default TTL time) @ in ns server. bkjia. local. @ in a 192.168.10.10server in a 192.168.10.10ns in a 192.168.10.10

Add xxxx domain name resolution File

Vim/var/named/named.xxxx.com $ TTL 86400 @ in soa ns. bkjia. local. root. bkjia. local. (2015080700; (serial number) each update requires an additional 3600; (update frequency) the update time requested from the server to the master server is 1800; (retry failure time) generally, it is 604800 of the update frequency. (The expiration time) the failed attempt time is limited to 86400. (The cache time can be understood as the default TTL time) @ in ns. bkjia. local. @ in a 192.168.10.10www in a 192.168.10.10user in a 192.168.10.10admin in a 192.168.10.10

Then start the dns server

/Etc/init. d/named start // start chkconfig named on

Then configure the first DNS address on the vro as 192.168.10.10.

The second DNS address is the normal DNS address.

In this way, the company's internal access to a specific xxxx.com domain name will be resolved to the internal server. You can also access the internet.

dig xxxx.com; <<>> DiG 9.8.3-P1 <<>> xxxx.com;; global options: +cmd;; Got answer:;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 61174;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1;; QUESTION SECTION:;xxxx.com. IN A;; ANSWER SECTION:xxxx.com. 86400 IN A 192.168.10.10;; AUTHORITY SECTION:xxxx.com. 86400 IN NS ns.bkjia.local.;; ADDITIONAL SECTION:ns.bkjia.local. 86400 IN A 192.168.10.10;; Query time: 30 msec;; SERVER: 192.168.10.10#53(192.168.10.10);; WHEN: Thu Sep  3 18:04:09 2015;; MSG SIZE  rcvd: 86

Generally, the DNS server performs a Master/Slave Mode and also needs to parse the file. Here, the main company's internal testing is used, so there is no more to do. You can search by yourself.

Use BIND to configure the DNS server

BIND + DLZ + MySQL smart DNS implementation of forward and reverse resolution

Domain Name Service BIND construction and application configuration

Ubuntu BIND9 wildcard domain name resolution Configuration

Install BIND9.6 in CentOS 5.2

Install the Bind DNS server in CentOS 6.4

This article permanently updates the link address: