Immediately following the previous article, this chapter explains the configuration from the server.
from the server configuration process:
1. Install DNS-related packages
[[email protected] ~]# yum -y install bind #安装bind包/etc/ logrotate.d/named /etc/named.conf #主配置文件/etc/named.iscdlv.key # Bind key File/etc/named.rfc1912.zones #区域配置文件 (included with the include directive in the master profile)/etc/named.root.key #根区域key文件以实现事务签名/etc/rndc.conf #rndc (remote name server Controller) configuration file/etc/rndc.key #rndc加密密钥/etc/sysconfig/named #bind进程选项/var/named/named.ca #全球13个根服务器存放文件/var/ named/named.empty/var/named/named.localhost #本地正向解析区域文件/var/named/named.loopback #本地反向解析区域文件
2. Edit the Master profile, commenting the relevant options
[[email protected] named]# vim/etc/named.conf #编辑主配置文件, use double slash note below three items
Options {
// listen-on port 53 {127.0.0.1;}; #注释只本地监听端口
// Listen-on-v6 port 53 {:: 1;}; #注释IPV6监听端口
Directory "/var/named";
Dump-file "/var/named/data/cache_dump.db";
Statistics-file "/var/named/data/named_stats.txt";
Memstatistics-file "/var/named/data/named_mem_stats.txt";
// allow-query {localhost;}; #注释只允许本地请求
3, edit the area configuration file forward and backward analysis
[[email protected] named]# vim /etc/named.rfc1912.zones #编辑区域配置文件zone "Dove.com" in { # Last line add forward region name type slave; #类型为slave (must be slave from dns type file type) file "Slaves/dove.com.zone"; #指定正向区域文件, Slaves directory is designed for use from the server, synchronization from the primary server zone files are saved in this directory masters { 192.168.8.7; }; #masters表示指定主DNS, Format: masters { ip; };}; zone "8.168.192.in-addr.arpa" IN { #末行添加反向区域名称 type slave; #type类型同上 file "Slaves/192.168.8.zone"; #指Reverse zone file, Ibid. masters { 192.168.8.7; }; #masters表示指定主DNS, ditto}; Note: Each line in the area must end with a semicolon or syntax error
4, edit the primary DNS forward and reverse zone file
[[email protected] named]# vim dove.com.zone #编辑主DNS正向区域文件 $ ttl 600@ in soa dove.com. admin.dove.com. ( 2015041801 2H 5M 3D note: must be in the primary DNS forwardzone file added from DNS corresponding NS, A records 1D ) IN NS dns in ns slave #添加从DNS对应NS记录 IN MX 9 maildns IN A 192.168.8.7mail IN A 192.168.8.8www in a 192.168.8.8 &Nbsp;web in cname wwwslave in a 192.168.8.9 #添加从DNS对应A记录 [[email protected] named]# vim 192.168.8.zone #编辑主DNS反向区域文件 $TTL 600@ IN SOA dove.com. admin.dove.com. ( 2015041801 2h 5m 3D Note: must be added in the primary DNS reverse zone file from DNS corresponding NS, PTR records 1D ) IN NS dns.dove.com. in ns Slave.dove.com. #添加从DNS对应NS记录, must write full name and add .7 IN PTR dns.dove.com.8 IN PTR mail.dove.com. 8 in ptr www.dove.com.9 in ptr Slave.dove.com. #添加从DNS对应PTR记录
5, synchronization from the server
[[email protected] named]# Setenforce 0 #关闭selinux to prevent synchronization from failing from DNS
[[Email protected] named]# service iptables stop #停止主DNS iptables services to prevent synchronization from failing from DNS
[[email protected] named]# RNDC reload #重读rndc (remote name server Controller) configuration file
Server Reload Successful #重读配置成功
[[Email protected] named]# service named start #启动从DNS named services
Generating/etc/rndc.key: [OK]
Starting named: [OK]
[[email protected] named]# RNDC reload #重读rndc (remote name server Controller) configuration file
Server Reload Successful #重读配置成功
[Email protected] named]# Ls-alh slaves/#查看slaves目录下区域文件同步成功
Total 16K
DRWXRWX---. 2 named named 4.0K Apr 21 11:36.
Drwxr-x---. 5 root named 4.0K Apr 21 08:44..
-rw-r--r--. 1 named named 420 Apr 11:36 192.168.8.zone #反向解析文件
-rw-r--r--. 1 named named 425 Apr 11:36 Dove.com.zone #正向解析文件
6. Dig tool test from DNS forward and backward parsing
[[email protected] named]# dig -t ns dove.com # Test dove.com area NS record; <<>> dig 9.8.2rc1-redhat-9.8.2-0.30.rc1.el6 <<>> -t NS dove.com;; global options: +cmd;; Got answer:;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 3605;; flags: qr aa rd ra; query: 1, answer: 2, authority: 0, ADDITIONAL: 2;; question section:;d Ove.com.INNS;; ANSWER SECTION:dove.com.600INNSSlave.dove.com. #从DNS NS records correspond to fqdndove.com.600innsdns.dove.com. #主DNS ns record corresponding FQDN;; ADDITIONAL SECTION:dns.dove.com.600INA192.168.8.7 #主DNS The FQDN corresponds to a record slave.dove.com.600ina192.168.8.9 #从DNS fqdn corresponding to a record;; query time: 1 msec;; server: 192.168.8.9#53 (192.168.8.9); WHEN: Tue Apr 21 13:42:13 2015;; MSG SIZE rcvd: 96[[email protected] named]# dig -x 192.168.8.7 #测试反向IP解析成FQDN; <<>> dig 9.8.2rc1-redhat-9.8.2-0.30.rc1.el6 <<>> -x 192.168.8.7;; global options: +cmd;; Got answer:;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 53502;; flags: qr aa rd ra; query: 1, answer: 1, authority: 2, ADDITIONAL: 2;; QUESTION SECTION:;7.8.168.192.in-addr.arpa.INPTR;; answer section:7.8.168.192.in-addr.arpa. 600inptrdns.dove.com. # The primary DNS reverse resolution corresponds to the FQDN;; authority section:8.168.192.in-addr.arpa.600innsslave.dove.com. # From DNS correspondence FQDN8.168.192.IN-ADDR.ARPA.600INNSDNS.DOVE.COM.&NBSp; #主DNS对应FQDN;; ADDITIONAL SECTION:dns.dove.com.600INA192.168.8.7 #主DNS FQDN corresponds to a record slave.dove.com.600ina192.168.8.9 #从DNS fqdn corresponds to a record;; Query time: 0 msec;; server: 192.168.8.9#53 (192.168.8.9); WHEN: Tue Apr 21 13:42:29 2015;; msg size rcvd: 134
The end! Linux DNS is completed from the server configuration.
This article is from "Why No!" blog, be sure to keep this source http://dovemy.blog.51cto.com/8487472/1636475
Linux DNS (BIND) is configured from a (secondary) server
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
