Use Bind to configure DNS service in CentOS
1. Introduction to DNS
Ii. Bind Installation
3. Bind configuration
Iv. Bind Check Configuration File
V. Verification
6. Common Errors
VII. Waiting for sorting
1. Introduction to DNS
DNS (Domain Name Service), Domain Name resolution Service.
Development History:
1. When there were few computers in the early days, people created and modified hosts files on their computers to achieve the correspondence between IP addresses and domain names.
2. for unified management and faster updates to the latest hosts files, people download the hosts files on an ftp server.
3. When the computer grows explosively, it is unrealistic to download and update the hosts file on the ftp server. Therefore, a multi-level domain is generated to manage the domain name. The upper-level domain name is only responsible for authorizing the lower-level domain name.
Domain Name type:
[Root domain]
.
[Primary domain/top-level domain]
Organization domain, business organization domain: com, com.cn, org, gov, edu, net
Country: cn, hk, tw, jp, kr, ir, iq, my, us, uk, ru, jp
Reverse Domain: in-addr-arpa
[Second-level domain]
Baidu.comsina.com.cngoogle.cn163.com
Example: (the TTL description is ignored here)
The DNS server set by the user 202.96.128.1 is 8.8.8.8. It needs to obtain the IP address of tieba.baidu.com. The process is as follows:
1. 202.96.128.1 first query whether the local cache is not queried. If not, query it from the DNS server.
2. Because the DNS server does not directly return the IP address of tieba.baidu.com, it tells the DNS server 8.8.8.8.8.8: "com. the address is 1.1.1.1. You can query it."
4. Ask from 8.8.8.8 to com. Similarly, if the IP address of tieba.baidu.com is not stored in the com. domain, it will return information to the DNS server 8.8.8.8.8: "The address of baidu.com. Is 10.10.10.10. You can query it ."
5. At this time, the DNS server 8.8.8.8 queries the address of tieba.baidu.com from baidu.com. baidu.com returns the IP address of tieba.baidu.com. 12.12.12 to the DNS server.
6. After receiving the query results, the DNS Server caches the records for later query and returns the query results to the user 202.96.128.1.
<br><br>
Ii. Bind Installation
Bind (Berkeley Internet Name Domain)
Use yum installation in CentOS: yum install bindbind-utilsbind-libsportreserve
I don't know what it is, and the dependency is installed on it.
Library used by bind-libsbind
Bind-utils tools, nslookup, host, dig, etc.
Bind is the installation package for domain name resolution.
3. Bind configuration
# Vim/etc/named. conf # modify the listening address and allow query Configuration
listen-onport53{192.168.86.16;};
//
Set the bind listener to 192.168.86.16: 53
allow-query{192.168.86.0
/24
;};
//
Set 192.168.86.0 CIDR block to DNS server for query
# Vim/etc/named. rfc1912.zones # Add the contoso.com domain and reverse resolution 192.168.86.arpa
zone
"contoso.com"
IN{
type
master;
file
"contoso.com"
;
//
The file name must be the same as the zone file created later (
/var/named/
) Corresponding
allow-update{none;};
};
zone
"86.168.192.in-addr.arpa"
IN{
type
master;
file
"192.168.86.arpa"
;
//
The file name must be the same as the zone file created later (
/var/named/
) Corresponding
allow-update{none;};
};
# Vim/var/named/contoso.com
$ TTL 1800
@ IN SOAcontoso.com. admin.contoso.com .(
0; serial
1D; refresh
1 H; retry
1 W; expire
3 H); minimum
@ INNSlinuxdns.contoso.com.
LinuxdnsINA192.168.86.16
Dc01INA192.168.86.1
Dc02INA192.168.86.2
* INA192.168.86.12
# Vim/var/named/192.168.86.arpa
$ TTL 1800
@ IN SOAcontoso.com. admin.contoso.com .(
0; serial
1D; refresh
1 H; retry
1 W; expire
3 H); minimum
@ INNSlinuxdns.contoso.com.
16INPTRlinuxdns.contoso.com.
1INPTRdc01.contoso.com.
2INPTRdc02.contoso.com.
# Chown named. named/var/named/192.168.86.arpa/var/named/contoso.com
#/Etc/init. d/named start
Iv. Bind Check Configuration File
# Named-checkconf/etc/named. conf
# Named-checkconf/etc/named. rfc1912.zones
# Named-checkzone contoso.com/var/named/contoso.com
V. Verification
Nslookup linuxdns.contoso.com 192.168.86.16
Nslookup dc01.contoso.com 192.168.86.16
Nslookup dc02.contoso.com 192.168.86.16
Diglinuxdns.contoso.com @ 192.168.86.16
6. troubleshoot Common Errors
1. bind configuration file: allow-query, listen-on,
2. zone file format and permissions (named requires the permission to read the file) # chown-R named. named/var/named/
3. iptables (open port 53) # iptables-F
4. selinux (usually set to permissive or disabled) # setenforce 0