- 一、DNS简单介绍
- 二、安装Bind服务程序及配置
- 三、解析实验
- DNS系统
DNS(Domain Name System,域名系统,是一个分层的分布式数据库能够使用户更方便的访问互联网,而不用去记住能够被机器直接读取的IP数串。通过主机名,最终得到该主机名对应的IP地址的过程叫做域名解析(或主机名解析)。 - DNS服务器类型
①主DNS服务器:数据修改
②辅助DNS服务器:定期请求数据同步
③缓存DNS服务器:只缓存DNS数据,不提供权威答案
④转发器:缓存服务器去掉缓存功能
- 安装Bind服务
bind(Berkeley Internet Name Domain,伯克利因特网名称域)服务是全球范围内使用最广泛、最安全可靠且高效的域名解析服务程序。
[root@localhost ~]# dnf install bind bind-utils -y
- 配置文件解析(在Linux系统中,bind服务程序的名称为named)
主配置文件:named.conf
options { ----> 全局配置段
...
};
logging { ----> 日志配置段
...
};
zone "." IN { ----> 区域配置段,可定义在主配置文件,也可定义在"/etc/named.rfc1912.zones"文件中
type hint;
file "named.ca";
};
include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";
三、解析实验
1. 正向解析实验
①修改etc/named.conf文件的配置
[root@localhost ~]# cat /etc/named.conf
options {
listen-on port 53 { 192.168.100.147; };
directory "/var/named";
};
#正向解析
zone "baidu.com" IN {
type master;
file "named.baidu.com";
};
②在var/named路径下,修改named.baidu.com文件
[root@localhost named]# cat named.baidu.com $TTL 1D @ IN SOA @ admin.baidu.com. ( 0 5 3 10 15 ) IN NS ns.baidu.com. IN MX 10 mail.baidu.com. ns IN A 192.168.100.147 mail IN A 192.168.147.1 www IN A 192.168.147.5 www IN A 192.168.147.10 ftp IN CNAME www
③重启服务
[root@localhost named]# systemctl restart named
④检查实验结果**(dig)**
A记录
[root@localhost ~]# dig -t A ns.baidu.com @192.168.100.147 ; <<>> DiG 9.11.13-RedHat-9.11.13-3.el8 <<>> -t A ns.baidu.com @192.168.100.147 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 5307 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ; cookie: ebdf2d544c40cb37461c166b61b0d4df09b4f5888791201b (good) ;; QUESTION SECTION: ;ns.baidu.com. IN A ;; ANSWER SECTION: ns.baidu.com. 86400 IN A 192.168.100.147 ;; AUTHORITY SECTION: baidu.com. 86400 IN NS ns.baidu.com. ;; Query time: 0 msec ;; SERVER: 192.168.100.147#53(192.168.100.147) ;; WHEN: Wed Dec 08 10:53:03 EST 2021 ;; MSG SIZE rcvd: 99
MX记录
[root@localhost ~]# dig -t MX baidu.com @192.168.100.147 ; <<>> DiG 9.11.13-RedHat-9.11.13-3.el8 <<>> -t MX baidu.com @192.168.100.147 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 16981 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 3 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ; cookie: 62a2e6be1607cb73e0b6ff2b61b0d56da5e9cf609ff554de (good) ;; QUESTION SECTION: ;baidu.com. IN MX ;; ANSWER SECTION: baidu.com. 86400 IN MX 10 mail.baidu.com. ;; AUTHORITY SECTION: baidu.com. 86400 IN NS ns.baidu.com. ;; ADDITIonAL SECTION: mail.baidu.com. 86400 IN A 192.168.147.1 ns.baidu.com. 86400 IN A 192.168.100.147 ;; Query time: 0 msec ;; SERVER: 192.168.100.147#53(192.168.100.147) ;; WHEN: Wed Dec 08 10:55:25 EST 2021 ;; MSG SIZE rcvd: 136
NS记录
[root@localhost ~]# dig -t NS baidu.com @192.168.100.147 ; <<>> DiG 9.11.13-RedHat-9.11.13-3.el8 <<>> -t NS baidu.com @192.168.100.147 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 32545 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 2 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ; cookie: de5eabf1c4b72a445bc7a27261b0d57743ed2b278d1dc14b (good) ;; QUESTION SECTION: ;baidu.com. IN NS ;; ANSWER SECTION: baidu.com. 86400 IN NS ns.baidu.com. ;; ADDITIonAL SECTION: ns.baidu.com. 86400 IN A 192.168.100.147 ;; Query time: 0 msec ;; SERVER: 192.168.100.147#53(192.168.100.147) ;; WHEN: Wed Dec 08 10:55:35 EST 2021 ;; MSG SIZE rcvd: 99
FTP
[root@localhost ~]# dig -t CHAME ftp.baidu.com @192.168.100.147 ;; Warning, ignoring invalid type CHAME ; <<>> DiG 9.11.13-RedHat-9.11.13-3.el8 <<>> -t CHAME ftp.baidu.com @192.168.100.147 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 49730 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 1, ADDITIONAL: 2 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ; cookie: 45653faa72a7dc02d9f0bd7b61b0d55954fa96ffd21f62b1 (good) ;; QUESTION SECTION: ;ftp.baidu.com. IN A ;; ANSWER SECTION: ftp.baidu.com. 86400 IN CNAME www.baidu.com. www.baidu.com. 86400 IN A 192.168.147.10 www.baidu.com. 86400 IN A 192.168.147.5 ;; AUTHORITY SECTION: baidu.com. 86400 IN NS ns.baidu.com. ;; ADDITIonAL SECTION: ns.baidu.com. 86400 IN A 192.168.100.147 ;; Query time: 0 msec ;; SERVER: 192.168.100.147#53(192.168.100.147) ;; WHEN: Wed Dec 08 10:55:05 EST 2021 ;; MSG SIZE rcvd: 153
2. 反向解析实验
修改etc/named.conf文件的配置
[root@localhost ~]# cat /etc/named.conf
options {
listen-on port 53 { 192.168.100.147; };
directory "/var/named";
};
#反向解析
zone "100.168.192.in-addr.arpa" IN {
type master;
file "named.fanxiang";
};
②在var/named路径下,touch named.fanxiang
文件,作为反向解析实验文件
[root@localhost named]# cat named.fanxiang $TTL 1D @ IN SOA @ admin.baidu.com. ( 0 1 3 5 10 ) IN NS ns.baidu.com. 147 IN PTR ns.baidu.com. 1 IN PTR www.baidu.com. 2 IN PTR www.baidu.com. 3 IN PTR mail.baidu.com.
③重启服务
[root@localhost named]# systemctl restart named
④检查实验结果
[root@localhost named]# dig -x 192.168.100.147 @192.168.100.147 ; <<>> DiG 9.11.13-RedHat-9.11.13-3.el8 <<>> -x 192.168.100.147 @192.168.100.147 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 7728 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ; cookie: 2393b7139843c71129a9b20461b0d953aa34f8b17b3b25f2 (good) ;; QUESTION SECTION: ;147.100.168.192.in-addr.arpa. IN PTR ;; ANSWER SECTION: 147.100.168.192.in-addr.arpa. 86400 IN PTR ns.baidu.com. ;; AUTHORITY SECTION: 100.168.192.in-addr.arpa. 86400 IN NS ns.baidu.com. ;; ADDITIonAL SECTION: ns.baidu.com. 86400 IN A 192.168.100.147 ;; Query time: 0 msec ;; SERVER: 192.168.100.147#53(192.168.100.147) ;; WHEN: Wed Dec 08 11:12:03 EST 2021 ;; MSG SIZE rcvd: 141
