Linux builds DNS

Linux builds DNS using Yum source installation

Yum-y Install bind*

Modifying the master configuration file

[[email protected] ~]# Cp/etc/named.conf/etc/named.conf.bak # back up once before modifying

Modify to the following:

Options {

Listen-on Port: (any;}; Listen on port 53 on the host. Any represents listening on all hosts

Directory "/var/named"; If the file has a zone file name that is normalized to a positive and negative solution, the file name should be placed under which directory

The following three items are statistical information about the service

Dump-file "/var/named/data/cache_dump.db";

Statistics-file "/var/named/data/named_stats.txt";

Memstatistics-file "/var/named/data/named_mem_stats.txt";

allow-query {any;}; Who can make a query request to my DNS server. Any on behalf of anyone

recursion Yes;

Dnssec-enable Yes;

Dnssec-validation Yes;

Dnssec-lookaside Auto;

Forwarders {//Specify upper-level DNS server

114.114.114.114;

};

Bindkeys-file "/etc/named.iscdlv.key";

Managed-keys-directory "/var/named/dynamic";

};

Logging {

Channel Default_debug {

File "Data/named.run";

Severity dynamic;

};

};

Zone "." in {

Type hint;

File "named.ca";

};

Include "/etc/named.rfc1912.zones";

Include "/etc/named.root.key";

Custom Domain Name Resolution configuration

[Email protected] ~]# Vi/etc/named.rfc1912.zones # For example, we want to add example.com This field parsing can add the following paragraph

Zone "Example123.com" in {//define to resolve primary domain

Type master;

File "Example123.com.zone"; Configuration files that are specifically related to parsing are saved in the/var/named/example123.com.zone file

};

Customizing the Example123.com.zone file

The full text reads as follows:

$TTL 86400

@ in SOA ns.example123.com. Root (

1; Serial

1D; Refresh

1H; Retry

1W; Expire

@ NS NS. Example123.com.

NS in A 192.168.1.219

www in A 192.168.1.45

BBS in A 192.168.1.46

TTT in A 192.168.1.68

The www in A 192.168.1.45 represents www.example123.com resolution to the 192.168.1.45 server. The other similar

Modify Permissions

[Email protected] named]# chown root:named Example123.com.zone # This step must be done

Restart Service

[Email protected]_server named]# service named restart

Added Domain name resolution

If we want to append a domain resolution. For example, the google.com:

Add the following paragraph

Zone "google.com" in {

Type master;

File "Google.com.zone";

};

[Email protected] named]# cp-a example123.com.zone google.com.zone

$TTL 86400

@ in SOA ns.google.com. Root (

1; Serial

1D; Refresh

1H; Retry

1W; Expire

0); Minimum

@ in NS ns.google.com.

NS in A 192.168.1.219

www in A 192.168.1.11

BBS in A 192.168.1.46

TTT in A 192.168.1.68

Check Bind error-prone during file configuration

The following commands are used to check the bind configuration file and zone file syntax

Named-checkconf/etc/named.conf

No error can be

Named-checkzone Example123.cn/var/named/example123.cn.zone

Restart service after configuration is complete

[Email protected]_server named]# service named restart

Add a firewall rule

[Email protected] web]# iptables-a input-m State--state new-m tcp-p TCP--dport 53-j ACCEPT

[Email protected] web]# iptables-a input-m State--state new-m udp-p UDP--dport 53-j ACCEPT

[Email protected] web]# iptables-a input-m State--state new-m tcp-p TCP--dport 953-j ACCEPT

[[Email protected] web]# service Iptables Save

iptables:saving firewall rules to/etc/sysconfig/iptables:[OK]

Linux builds DNS