DNS:domain name server 域名解析服务器
安装与配置
安装软件:bind-9.9.4-29.el7.x86_64.rpm
端口:53
配置文件:
/etc/named.conf
/etc/named.rfc1912.zones
/var/named/
启动服务:systemctl restart named
正向解析
服务端:
1.vim /etc/named.conf(访问控制)
listen-on port 53 { any; };
allow-query { any; };
2.vim /etc/named.rfc1912.zones(定义域名及服务器类型)
zone "douniwan.com" IN {
type master;
file "douniwan.com.zone";
};
3.touch /var/named/east.com.zone(域解析文件)
chmod 640 /var/named/east.com.zone
chown .named /var/named/east.com.zone
vim /var/named/east.com.zone
$TTL 1D
east.com. IN SOA dns.east.com. root. (0 1D 1H 1W 3H)
east.com. IN NS dns.east.com.
dns.east.com. IN A 192.168.100.201
www.east.com. IN A 192.168.100.201
修改
$TTL 1D
@ IN SOA dns.east.com. root. (0 1D 1H 1W 3H)
IN NS dns.east.com.
dns IN A 192.168.100.201
www IN A 192.168.100.201
客户端测试:
安装 bind-utils
[root@client ~]# host www.douniwan.com
www.douniwan.com has address 192.168.200.226
[root@client ~]# nslookup www.douniwan.com
Server: 192.168.200.222
Address: 192.168.200.222#53
Name: www.douniwan.com
Address: 192.168.200.226
[root@client ~]# dig www.douniwan.com
ftp协议需要安装vsftpd
解析
nsloopuup 域名
host 域名
反向解析:
1.vim /etc/named.conf
listen-on port 53 { any; };
allow-query { any; };
2.vim /etc/named.rfc1912.zones
zone "200.192.168 in-addr.arpa " IN {
type master;
file "192.168.200.arpa";
};
3.
touch /var/named/192.168.200.arpa
chmod 640 /var/named/192.168.200.arpa
chown .named /var/named/192.168.200.arpa
vim /var/named/192.168.200.arpa
$TTL 1D
@ IN SOA dns.king.com. root. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
IN NS dns.king.com.
king IN A 192.168.200.222
226 IN PTR test.king.com.
各种写法
$TTL 1D
@ IN SOA dns.douniwan.com. root. ( 0 1D 1H 1W 3H )
IN NS dns.douniwan.com.
dns IN A 192.168.200.222
ww IN CNAME www
wwww IN CNAME www
www IN A 192.168.200.226
@ IN A 192.168.200.226
ftp.douniwan.com. IN CNAME www.douniwan.com.
* IN A 192.168.200.226
IN MX 5 mail.douniwan.com.
mail IN A 192.168.200.226
$GENERATE 1-254 stu$ IN A 192.168.1.$
转发服务器
新建一个虚拟机
让客户端连接新的虚拟机
vim /etc/resolv.conf
打开配置文件
vim /etc/named.conf
forward first;
forwarders { 192.168.200.222; };
forward only;
forwarders { 192.168.200.222; };
DNS主从服务器(时间必须同步)
主服务器配置
1.vim /etc/named.conf
listen-on port 53 { any; };
allow-query { any; };
2.vim /etc/named.rfc1912.zones
zone "upup.com" IN {
type master;
file "upup.com.zone";
};
3.
vim /var/named/upup.com.zone
$TTL 1D
@ IN SOA dns.upup.com. root. ( 0 1D 1H 1W 3H )
IN NS dns.upup.com.
dns IN A 192.168.200.222
www IN A 192.168.200.226
@ IN A 192.168.200.226
chown .named /var/named/upup.com.zone
chmod 640 /var/named/upup.com.zone
从服务器
1.vim /etc/named.conf
listen-on port 53 { any; };
allow-query { any; };
2.
zone "upup.com" IN {
type slave;
file "slaves/upup.com.zone";
masters { 192.168.200.222; };
};
同步数据
$TTL 1D
@ IN SOA dns1.upup.com. root. ( 20170622 1D 1H 1W 3H )
IN NS dns1.upup.com.
IN NS dns2.upup.com.
dns1 IN A 192.168.200.222
dns2 IN A 192.168.200.226
TSIG方式传输
主
key robinkey {
algorithm hmac-md5;
secret "YBMMsomw64S8BmK6/JbVaA==";
};
zone "upup.com" IN {
type master;
file "upup.com.zone";
allow-transfer { key robinkey; };
};
从
key robinkey {
algorithm hmac-md5;
secret "YBMMsomw64S8BmK6/JbVaA==";
};
zone "upup.com" IN {
type slave;
file "slaves/upup.com.zone";
masters { 192.168.200.222 key robinkey; };
};
子域授权
父域
1.vim /etc/named.conf
listen-on port 53 { any; };
allow-query { any; };
2.vim /etc/named.rfc1912.zones
zone "robin.com" IN {
type master;
file "robin.com.zone";
};
3.
vim /var/named/robin.com.zone
$TTL 1D
@ IN SOA dns.robin.com. root. ( 0 1D 1H 1W 3H )
IN NS dns.robin.com.
dns IN A 192.168.200.222
music.robin.com. IN NS dns.music.robin.com.
dns.music.robin.com. IN A 192.168.200.226
www IN A 192.168.200.226
@ IN A 192.168.200.226
chmod 640 /var/named/robin.com.zone
chown .named /var/named/robin.com.zone
子域
1.vim /etc/named.conf
listen-on port 53 { any; };
allow-query { any; };
2.vim /etc/named.rfc1912.zones
zone "music.robin.com" IN {
type master;
file "music.robin.com.zone";
};
3.
chmod 640 /var/named/music.robin.com.zone
chown .named /var/named/music.robin.com.zone
vim /var/named/music.robin.com.zone
$TTL 1D
@ IN SOA dns.music.robin.com. root. ( 0 1D 1H 1W 3H )
IN NS dns.music.robin.com.
dns IN A 192.168.200.222
www IN A 192.168.200.226
@ IN A 192.168.200.226
