Linux DNS (BIND) is configured from a (secondary) server

Source: Internet
Author: User
Tags iptables

Immediately following the previous article, this chapter explains the configuration from the server.

from the server configuration process:

1. Install DNS-related packages

[[email protected] ~]# yum -y install bind     #安装bind包/etc/ logrotate.d/named        /etc/named.conf              #主配置文件/etc/named.iscdlv.key      # Bind key File/etc/named.rfc1912.zones    #区域配置文件 (included with the include directive in the master profile)/etc/named.root.key          #根区域key文件以实现事务签名/etc/rndc.conf               #rndc (remote name server Controller) configuration file/etc/rndc.key                #rndc加密密钥/etc/sysconfig/named         #bind进程选项/var/named/named.ca         #全球13个根服务器存放文件/var/ named/named.empty/var/named/named.localhost  #本地正向解析区域文件/var/named/named.loopback   #本地反向解析区域文件

2. Edit the Master profile, commenting the relevant options

[[email protected] named]# vim/etc/named.conf #编辑主配置文件, use double slash note below three items

Options {

// listen-on port 53 {127.0.0.1;}; #注释只本地监听端口

// Listen-on-v6 port 53 {:: 1;}; #注释IPV6监听端口

Directory "/var/named";

Dump-file "/var/named/data/cache_dump.db";

Statistics-file "/var/named/data/named_stats.txt";

Memstatistics-file "/var/named/data/named_mem_stats.txt";

// allow-query {localhost;}; #注释只允许本地请求

3, edit the area configuration file forward and backward analysis

[[email protected] named]# vim /etc/named.rfc1912.zones    #编辑区域配置文件zone   "Dove.com"  in {            # Last line add forward region name   type slave;                     #类型为slave (must be  slave from dns type  file type)   file   "Slaves/dove.com.zone";   #指定正向区域文件, Slaves directory is designed for use from the server, synchronization from the primary server zone files are saved in this directory   masters  { 192.168.8.7; };      #masters表示指定主DNS, Format: masters {  ip; };}; zone  "8.168.192.in-addr.arpa"  IN {    #末行添加反向区域名称   type slave;                           #type类型同上   file  "Slaves/192.168.8.zone";        #指Reverse zone file, Ibid.   masters { 192.168.8.7; };            #masters表示指定主DNS, ditto};                                Note: Each line in the   area must end with a semicolon or syntax error

    4, edit the primary DNS forward and reverse zone file

[[email protected] named]# vim dove.com.zone      #编辑主DNS正向区域文件 $ ttl    600@       in       soa     dove.com.       admin.dove.com.   (                         2015041801                         2H                          5M                         3D             note:  must be in the primary DNS forwardzone file added from DNS corresponding NS, A records                          1D )          IN      NS      dns         in      ns      slave           #添加从DNS对应NS记录          IN      MX 9    maildns      IN      A       192.168.8.7mail     IN      A        192.168.8.8www     in      a        192.168.8.8  &Nbsp;web     in      cname   wwwslave    in      a       192.168.8.9     #添加从DNS对应A记录 [[email protected] named]# vim 192.168.8.zone     #编辑主DNS反向区域文件 $TTL     600@       IN       SOA     dove.com.        admin.dove.com.  (                         2015041801                         2h                          5m                         3D            Note:  must be added in the primary DNS reverse zone file from DNS corresponding NS, PTR records                          1D )          IN      NS       dns.dove.com.        in      ns       Slave.dove.com.   #添加从DNS对应NS记录, must write full name and add .7        IN      PTR     dns.dove.com.8        IN      PTR      mail.dove.com.  8       in      ptr      www.dove.com.9       in      ptr      Slave.dove.com.   #添加从DNS对应PTR记录

5, synchronization from the server

[[email protected] named]# Setenforce 0 #关闭selinux to prevent synchronization from failing from DNS

[[Email protected] named]# service iptables stop #停止主DNS iptables services to prevent synchronization from failing from DNS

[[email protected] named]# RNDC reload #重读rndc (remote name server Controller) configuration file

Server Reload Successful #重读配置成功


[[Email protected] named]# service named start #启动从DNS named services

Generating/etc/rndc.key: [OK]

Starting named: [OK]

[[email protected] named]# RNDC reload #重读rndc (remote name server Controller) configuration file

Server Reload Successful #重读配置成功

[Email protected] named]# Ls-alh slaves/#查看slaves目录下区域文件同步成功

Total 16K

DRWXRWX---. 2 named named 4.0K Apr 21 11:36.

Drwxr-x---. 5 root named 4.0K Apr 21 08:44..

-rw-r--r--. 1 named named 420 Apr 11:36 192.168.8.zone #反向解析文件

-rw-r--r--. 1 named named 425 Apr 11:36 Dove.com.zone #正向解析文件

6. Dig tool test from DNS forward and backward parsing

[[email protected] named]# dig -t ns dove.com    # Test dove.com area NS record; <<>> dig 9.8.2rc1-redhat-9.8.2-0.30.rc1.el6 <<>>  -t NS dove.com;;  global options: +cmd;;  Got answer:;;  ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 3605;;  flags: qr aa rd ra; query: 1, answer: 2, authority: 0,  ADDITIONAL: 2;;  question section:;d Ove.com.INNS;;  ANSWER SECTION:dove.com.600INNSSlave.dove.com.   #从DNS   NS records correspond to fqdndove.com.600innsdns.dove.com.     #主DNS  ns record corresponding FQDN;;  ADDITIONAL SECTION:dns.dove.com.600INA192.168.8.7       #主DNS   The FQDN corresponds to a record slave.dove.com.600ina192.168.8.9       #从DNS  fqdn corresponding to a record;;  query time: 1 msec;;  server: 192.168.8.9#53 (192.168.8.9);  WHEN: Tue Apr 21 13:42:13 2015;;  MSG SIZE  rcvd: 96[[email protected] named]# dig -x  192.168.8.7     #测试反向IP解析成FQDN; <<>> dig  9.8.2rc1-redhat-9.8.2-0.30.rc1.el6 <<>> -x 192.168.8.7;;  global options: +cmd;;  Got answer:;;  ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 53502;;  flags: qr aa rd ra; query: 1, answer: 1, authority: 2,  ADDITIONAL: 2;;  QUESTION SECTION:;7.8.168.192.in-addr.arpa.INPTR;;  answer section:7.8.168.192.in-addr.arpa. 600inptrdns.dove.com.   # The primary DNS reverse resolution corresponds to the FQDN;;  authority section:8.168.192.in-addr.arpa.600innsslave.dove.com. # From DNS correspondence FQDN8.168.192.IN-ADDR.ARPA.600INNSDNS.DOVE.COM.&NBSp;   #主DNS对应FQDN;;  ADDITIONAL SECTION:dns.dove.com.600INA192.168.8.7      #主DNS   FQDN corresponds to a record slave.dove.com.600ina192.168.8.9      #从DNS  fqdn corresponds to a record;;  Query time: 0 msec;;  server: 192.168.8.9#53 (192.168.8.9);  WHEN: Tue Apr 21 13:42:29 2015;;  msg size  rcvd: 134

The end! Linux DNS is completed from the server configuration.

This article is from "Why No!" blog, be sure to keep this source http://dovemy.blog.51cto.com/8487472/1636475

Linux DNS (BIND) is configured from a (secondary) server

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.