DNS监听端口和协议
53端口/udp
53端口/tcp
953端口/tcp,udp
1.安装相应的软件,这里建议安装这几个包
[root@localhost named]# rpm -qa | grep ^bind
bind-libs-9.8.2-0.30.rc1.el6_6.3.i686 #服务器组件以及工具库
bind-utils-9.8.2-0.30.rc1.el6_6.3.i686 #
bind-9.8.2-0.30.rc1.el6_6.3.i686 #服务器包
2.编辑配置文件/etc/named.conf (注意配置文件和数据文件的权限640和属组属主root:named)内容为
[root@localhost named]# cat /etc/named.conf
options {
directory "/var/named";
};
zone "." IN {
type hint;
file "named.ca";
};
zone "localhost" IN {
type master;
file "named.localhost";
};
zone "0.0.127.in-addr.arpa" IN {
type master;
file "named.loopback";
};
zone "mageedu.com" IN {
type master;
file "mageedu.com.zone";
};
zone "85.168.192.in-addr.arpa" IN {
type master;
file "192.168.85.zone";
};
其中 :
mageedu.com和85.168.192.in-addr.arpa为我添加的mageedu.com区域的正向区域和反向区域;
/var/named/named.ca中存放的是13个根服务器信息,若果没有该文件或误删可以通过安装的bind-utils包手动生成(dig -t NS . 来查找根域NS记录的所以根服务器);
/var/named/named.localhsot(正向):将localhost解析为127.0.0.1
本机的正向/反向解析文件为 {
/var/named/named.loopback(反向):将127.0.0.1解析为localhost
3.在/var/named中建立对应的区域数据文件
正向区域数据文件:
[root@localhost named]# cat mageedu.com.zone
$TTL 600
@ IN SOA ns1.mageedu.com. admin.mageedu.com. (
2015073101
1H
5M
2D
6H )
IN NS ns1 #mageedu.com这个域的ns1.mageedu.com主机负责名称解析服务,
IN MX 10 mail #定义mail.mageedu.com负责邮件服务
ns1 IN A 192.168.85.128 #ns1.mageedu.com的NS记录对应的A记录
mail IN A 192.168.85.129 #mail.mageedu.com的MX记录对应的A记录
www IN A 192.168.85.133 #定义web服务的A记录
ftp IN CNAME www #定义www的别名为ftp
反向区域数据文件:
[root@localhost named]# cat 192.168.85.zone
$TTL 600
@ IN SOA mageedu.com. admin.mageedu.com. (
2015073101
1H
5M
2D
6H )
IN NS ns1.mageedu.com.
128 IN PTR ns1.mageedu.com.
129 IN PTR mail.mageedu.com.
133 IN PTR />
4.修改/etc/resolv文件(该文件的nameserver一定要是能给你递归的主机)
[root@localhost named]# cat /etc/resolv.conf
# Generated by NetworkManager
domain localdomain
search localdomain
nameserver 192.168.85.128
本机IP为192.168.85.128
5.测试:
测试配置:
5.1 named-checkconf:检查配置文件是否有错误;
[root@localhost named]# named-checkconf
[root@localhost named]# #这里没错误
5.2 named-check:检查数据文件是否有错误:
格式:named-checkzone "zone名" 该zone所对应数据文件路径
[root@localhost ~]# named-checkzone "mageedu.com" /var/named/mageedu.com.zone
zone mageedu.com/IN: loaded serial 2015073101
OK
测试服务:
这里可以用nslookup dig host等命令
5.3 dig命令(dig -t 类型 要查看对象 这里类型可以为NS/MX/ASOA等)如查看mageedu.com的NS记录
[root@localhost named]# dig -t NS mageedu.com
; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.30.rc1.el6_6.3 <<>> -t NS mageedu.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 55483
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; QUESTION SECTION:
;mageedu.com. IN NS
;; ANSWER SECTION:
mageedu.com. 600 IN NS ns1.mageedu.com.
;; ADDITIONAL SECTION:
ns1.mageedu.com. 600 IN A 192.168.85.128
;; Query time: 7 msec
;; SERVER: 192.168.85.128#53(192.168.85.128)
;; WHEN: Fri Jul 31 03:11:14 2015
;; MSG SIZE rcvd: 63
或是查看的A记录
[root@localhost named]# dig -t A
; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.30.rc1.el6_6.3 <<>> -t A
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 62939
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1
;; QUESTION SECTION:
;. IN A
;; ANSWER SECTION:
. 600 IN A 192.168.85.133
;; AUTHORITY SECTION:
mageedu.com. 600 IN NS ns1.mageedu.com.
;; ADDITIONAL SECTION:
ns1.mageedu.com. 600 IN A 192.168.85.128
;; Query time: 3 msec
;; SERVER: 192.168.85.128#53(192.168.85.128)
;; WHEN: Fri Jul 31 03:14:29 2015
;; MSG SIZE rcvd: 83
dig命令也可以反向查看(-x选项)
[root@localhost named]# dig -x 192.168.85.133
; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.30.rc1.el6_6.3 <<>> -x 192.168.85.133
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 11124
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1
;; QUESTION SECTION:
;133.85.168.192.in-addr.arpa. IN PTR
;; ANSWER SECTION:
133.85.168.192.in-addr.arpa. 600 IN PTR .
;; AUTHORITY SECTION:
85.168.192.in-addr.arpa. 600 IN NS ns1.mageedu.com.
;; ADDITIONAL SECTION:
ns1.mageedu.com. 600 IN A 192.168.85.128
;; Query time: 4 msec
;; SERVER: 192.168.85.128#53(192.168.85.128)
;; WHEN: Fri Jul 31 03:19:31 2015
;; MSG SIZE rcvd: 108
5.4 nslookup命令
[root@localhost named]# nslookup
>
Server: 192.168.85.128
Address: 192.168.85.128#53
Name:
Address: 192.168.85.133
> 192.168.85.128
Server: 192.168.85.128
Address: 192.168.85.128#53
128.85.168.192.in-addr.arpa name = ns1.mageedu.com.
5.5 host命令
[root@localhost named]# host -t A
has address 192.168.85.133
[root@localhost named]# host 192.168.85.133
133.85.168.192.in-addr.arpa domain name pointer />
补充:
泛与解析:
*.mageedu.com. IN A ..........
域和区域:
域:Domain,是一个逻辑概念;
区域: Zone,是一个物理概念;
域和区域没有必然的包含关系,域的授权来自上级域;
阅读(834) | 评论(0) | 转发(0) |