Linux Domain Name server configuration

Cat /etc/redhat-release

CentOS Linux release 7.0.1406 (Core)

Building a DNS server with BIND

1.BIND Server Installation

Yum Install bind*-y

2. Modify the configuration

Vim/etc/named.conf

Named.confProvided by Red Hat bind Configure the ISC bind named (8)DNSServer as a caching only nameserver (as a localhost DNS resolver only).////see/usr/share/doc/bind*/sample/ forExample named configurationFiles.//Options {listen- onPort 53 {192.168.124.129; };listen- on-v6 Port 53 {::1;};Directory "/var/named";Dump-file"/var/named/data/cache_dump.db";Statistics-file"/var/named/data/named_stats.txt";Memstatistics-file"/var/named/data/named_mem_stats.txt";allow-query {localhost;        }; /*          - IfYou is building an authoritative DNS server, Do  notEnable recursion.         - IfYou are building a RECURSIVE (caching) DNS server,You need to enable recursion.          - IfYour recursive DNS server has a public IP address,You must enable access control to the limit queries to your legitimate users. Failing to DoSo would cause your server to become part of the large scale DNS amplification attacks.implementing BCP38 within your network would greatly reduce such attack surface */recursion Yes;dnssec-enable Yes;dnssec-validation Yes;dnssec-lookaside Auto; /*PathTo ISC DLV key */Bindkeys-file"/etc/named.iscdlv.key";managed-Keys-directory "/var/named/dynamic";Pid-file"/run/named/named.pid";Session-keyfile"/run/named/session.key";};Logging {Channel Default_debug {file"Data/named.run";severity Dynamic;        };};Zone"."In {typeHintfile"Named.ca";};zone "nginxtest.com" in {type Master;  File "Nginxtest.com.zone"; };include"/etc/named.rfc1912.zones";include"/etc/named.root.key";

CP /var/named/named.localhost/var/named//var/named/nginxtest.com.zone

3. Establishing a forward zone file

$TTL 1d@       In SOA  nginxtest.cn rname.invalid. (                                  0     ; serial                                  1D    ; refresh                                  1H    ; retry                                  1W    ; expire                                  3H)  ; minimum       NS @@ a       192.168.  124.130www     A       192.168.  124.130Mail    A       192.168.  124.130

4. Create a reverse zone file

5. Modify Permissions

chmod 777 /var/named/nginxtest.com.zone

6. Test the named.conf master configuration file

7. Test the zone file

8. Configure the DNS client configuration file

Vim/etc/resolv.conf

192.168. 124.129  192.168. 124.2

9. Start the DNS server

Systemctl daemon-Reload systemctl start namedsystemctl status named

10. Test the DNS server

Primary test methods for DNS servers
More comprehensive testing of DNS servers using specialized tools such as Nslookup, Dig, and host
The nslookup command is installed by default on both Linux and Windows systems, and is a more commonly used test tool
Enter the nslookup command Exchange environment

nslookup> Server192.168.124.129test the forward parsing of localhost host domain name>the reverse parsing of localhost testing localhost host domain name>127.0.0.1testing Domain name resolution in the Internet>www.nginxtest.com testing a record in the nginxtest.com domain>mail.nginxtest.comtest the CNAME record in the nginxtest.com domain>www.nginxtest.com Test NS Records in the nginxtest.com domain> Set type=NS (set the domain name query type NS that is the domain name record)>nginxtest.com Testing MX records in the nginxtest.com domain> Set type=MX (set the domain name query type to MX as mail exchange record)>nginxtest.com setting test for a record> Set type=A (Set the domain name query type to be a, address record)>mail.nginxtest.com

To test if DNS resolution was successful

Host Www.nginxtest.com

192.168. 124.130

Configure nginx.conf

Linux Domain Name server configuration