Summary of problems related to installing Bind 6.0 in CentOS 9.7

1. [root @ linuxidc ~] # Yum-y install bind * // use yum to install all bind Software
2. [root @ linuxidc ~] # Rpm-qa | grep bind // query all software installed in bind
Bind-9.7.3-8.P3.el6_2.2.i686
Bind-libs-9.7.3-8.P3.el6_2.2.i686
Bind-sdb-9.7.3-8.P3.el6_2.2.i686
Bind-devel-9.7.3-8.P3.el6_2.2.i686
Bind-utils-9.7.3-8.P3.el6_2.2.i686
3. [root @ linuxidc ~] # Cat/etc/named. conf // view the main configuration file of named. conf
//
// Named. conf
//
// Provided by Red Hat bind package to configure the isc bind named (8) DNS
// Server as a caching only nameserver (as a localhost DNS resolver only ).
//
// See/usr/share/doc/bind */sample/for example named configuration files.
//
Options {
Listen-on port 53 {any ;}; // enable listening port 53 and accept any IP address connection.
Listen-on-v6 port 53 {: 1 ;};
Directory "/var/named"; // the forward and reverse directories are created in this directory.
Dump-file "/var/named/data/cache_dump.db ";
Statistics-file "/var/named/data/named_stats.txt ";
Memstatistics-file "/var/named/data/named_mem_stats.txt ";
Allow-query {0.0.0.0/0;}; // allows any IP address to be queried. You can also change it to any here. If this parameter is not modified, an error occurs in nslookup and refused is rejected.
Forward only; // added the forwarding function.
Forwarders {
202.101.172.35; // Zhejiang DNS server address
202.101.172.46 ;};
Recursion yes;
Dnssec-enable yes;
Dnssec-validation yes;
Dnssec-lookaside auto;
/* Path to isc dlv key */
Bindkeys-file "/etc/named. iscdlv. key ";
};
Logging {
Channel default_debug {
File "data/named. run ";
Severity dynamic;
};
};
Zone "." IN {
Type hint;
File "named. ca ";
};
Include "/etc/named. rfc1912.zones"; // main configuration file

4. // named. rfc1912.zones: // etc/named. rf1912.zones configuration file: add the forward and reverse region files at the end
//
// Provided by Red Hat caching-nameserver package
//
// Isc bind named zone configuration for zones recommended
// RFC 1912 section 4.1: localhost TLDs and address zones
// And http://www.ietf.org/internet-drafts/draft-ietf-dnsop-default-local-zones-02.txt
// (C) 2007 r w Franks
//
// See/usr/share/doc/bind */sample/for example named configuration files.
//
// Configuration statement of the main configuration file/etc/named. conf
Acl-defined IP Address Access Control List
Control defines the control channel used by ndc
Include other files in the configuration file
Key defines the authorized security key
Logging defines what logs are written
Opitons defines global configuration options and default values
Server defines features of remote servers
Trunsted-keys defines the DNSSEC encryption key for the server
Zone defines a zone
The value of type indicates that the master Domain Name Server slave is defined as the secondary Domain Name Server hint.
The first line is the TTL setting, and the TTL record field. It defines the length of time that the information in the resource record is stored in the cache in seconds. This parameter is defined as 604800 seconds, that is, 1 week. the second line is the $ ORIGIN setting, indicating where the following records are from. please pay more attention to the last small decimal point ". "The third line is the setting of an SOA record. here we can see a special character @, which is the meaning of ORIGIN, that is, the $ ORIGIN linuxidc.com. you can write it as linuxidc.com. you can also use @ instead. If $ ORIGIN is not defined before this file, the value of this @ will be named. zone. then, after SOA, the authorization host and administrator mailbox in this region are specified, which is "linuxidc.com. "and" root.linuxidc.com. ". The mailbox we usually use is usually in the format of "user @ host", but because @ is a reserved character in the DNS record, ". "To replace @. This mailbox is "root@linuxidc.com .".
The following SOA settings are five groups of numbers enclosed in "()", mainly used to synchronize DNS data with the slave server:
Serial: The format is usually "year, month, day + change order" (but not necessarily so, you can remember it ). This number will be compared When slave wants to synchronize data. If you find that the number here is "Greater" than the value on the other side, update the number. Otherwise, ignore it. But you must note that there is a place for serial: no more than 10 digits!
Refresh: This is to tell slave how long it will take to synchronize data (whether to synchronize depends on the comparison result of Serial ).
Retry: If slave fails to update, it will take several minutes to Retry.
Expire: this is the record expiration time: When slave fails to get in touch with the master, the retry will be abandoned here, and the information here will also be marked as expired (
Expired ).
Minimum: this is the Minimum default TTL value. If "$ TTL" is not defined before, this value prevails.
Note: In the SOA record, the first "(") "symbol must be written in the same line as the SOA, rather than using Enter to break the line to the next line, and it is best to have a space key or tab on the left. The last ")" Bracket cannot be written on the right of the annotation symbol. The RR record of DNS is strictly formatted, so we cannot take it lightly. For example, if a sentence does not start with a space key, a Tab key, or an annotation symbol (;), or is not included in the SOA "()", a "new record Entry" is defined) "; if a sentence starts with a space key or a tab key, its settings are considered as the content of the previous" record item. Therefore, if you want to define multiple record settings for "the same record item" without repeated typing, You Can Be lazy: in the next few lines, use blank spaces or tabs to scale down the rows.
NS indicates that the Name Server responsible for the linuxidc.com. domain is the host of linuxidc.com.
The MX record indicates that the email sent to the linuxidc.com domain is received by mail.linuxidc.com.
The A record indicates the correspondence between the IP address and the domain name.
Next, create the reverse ing resource file for the region.

Zone "localhost. localdomain" IN {
Type master;
File "named. localhost ";
Allow-update {none ;};
};
Zone "localhost" IN {
Type master;
File "named. localhost ";
Allow-update {none ;};
};
Zone "1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN {
Type master;
File "named. loopback ";
Allow-update {none ;};
};
Zone "1.0.0.127.in-addr. arpa" IN {
Type master;
File "named. loopback ";
Allow-update {none ;};
};
Zone "0. in-addr.arpa" IN {
Type master;
File "named. empty ";
Allow-update {none ;};
};
Zone "linuxidc.com" IN {// forward Region
Type master; // The type is master.
File "linuxidc.com"; // the file name is linuxidc.com. in/var/named, create a linuxidc.com
Allow-update {none ;};
};
Zone "40.168.192.in-addr. arpa" IN {// reverse region File
Type master;
File "linuxidc. rev ";
Allow-update {none ;};
};

5. [root @ linuxidc named] # ls // view the content in the/var/named/directory:
Data dynamic named. ca named. empty named. localhost named. loopback slaves linuxidc.com linuxidc. rev

6. [root @ linuxidc named] # cat linuxidc.com // view the forward region File
$ TTL 1D
@ In soa linuxidc.com. root.linuxidc.com .(
0; serial
1D; refresh
1 H; retry
1 W; expire
3 H); minimum

NS @
A 127.0.0.1
AAAA: 1
Www in a 192.168.40.40
Mail in a 192.168.40.40
Mail in mx 10 mail.linuxidc.com

7. [root @ linuxidc named] # cat linuxidc. rev // reverse Region
$ TTL 86400
@ In soa linuxidc.com. root.linuxidc.com .(
1997022700; Serial
28800; Refresh
14400; Retry
3600000; Expire
86400); Minimum
@ In ns linuxidc.com.
40 in ptr mail.linuxidc.com.
40 in ptr www.linuxidc.com.

8. [root @ linuxidc bind] # cat/etc/resolv. conf // set the domain name to the local ip Address
Nameserver 192.168.40.40
Search linuxidc.com

9. [root @ linuxidc bind] # cat/etc/hosts // view the local hosts
127.0.0.1 localhost. localdomain localhost4 localhost4.localdomain4
: 1 localhost. localdomain localhost6 localhost6.localdomain6
192.168.40.40 linuxidc.com linuxidc
10. [root @ linuxidc bind] # cat/etc/sysconfig/network // view the local hostname
NETWORKING = yes
HOSTNAME = linuxidc.com
11. Test nslookup
[Root @ linuxidc bind] # service named restart
Stopping named:. [OK]
Starting named: [OK]
[Root @ linuxidc bind] # nslookup
> Www.linuxidc.com
Server: 192.168.40.40
Address: 192.168.40.40 #53
** Server can't find www.linuxidc.com.linuxidc.com: REFUSED
> // The cause is/etc/named. conf.
Allow-query {0.0.0.0;} if it is not added with/0, the above denial message or any will appear.
[Root @ linuxidc bind] # service named restart // restart the named service after modification
Stopping named:. [OK]
Starting named: [OK]
[Root @ linuxidc bind] # nslookup // view the forward DNS Region
> Www.linuxidc.com
Server: 192.168.40.40
Address: 192.168.40.40 #53
Name: www.linuxidc.com
Address: 192.168.40.40
// Query successfully haha!
[Root @ linuxidc bind] # nslookup // view the reverse DNS Region
> 192.168.40.40
Server: 192.168.40.40
Address: 192.168.40.40 #53
40.40.168.192.in-addr. arpa name = www.linuxidc.com.
40.40.168.192.in-addr. arpa name = mail.linuxidc.com.
// Query successful.
[Root @ linuxidc bind] # nslookup
> Set type = MX
> Mail.linuxidc.com
Server: 192.168.40.40
Address: 192.168.40.40 #53
Mail.linuxidc.com mail exchanger = 10 mail.linuxidc.com.linuxidc.com.
> // Email exchange successful

> Set type = SOA // view authorization information
> Linuxidc.com
Server: 192.168.40.40
Address: 192.168.40.40 #53
Linuxidc.com
Origin = linuxidc.com
Mail addr = root.linuxidc.com
Serial = 0
Refresh = 86400.
Retry = 3600.
Expire = 604800
Minimum= 10800

This article from the Linux community website original article link: http://www.linuxidc.com/Linux/2012-03/56086.htm