Shulou(Shulou.com)06/01 Report--

This article mainly shows you the "sample analysis of basic and advanced configuration of DNS in CentOS", which is easy to understand and well-organized. I hope it can help you solve your doubts. Let me lead you to study and study the "sample analysis of basic and advanced configuration of DNS in CentOS".

Working principle and function of DNS Server

DNS creates different areas in the network (an area represents a management collection of resources to be named in the network) and uses a distributed data system to query host names and addresses. When the host name to be accessed is typed in the browser of the passenger service machine, a query request for the IP address is triggered, the request is automatically sent to the default DNS server, and the DNS server queries the database for the corresponding IP address of the host, and returns the IP address as the query result. After the browser gets the IP address, it locates the resource to be accessed in the Internet according to the IP address.

The question part of the DNS query message

Name numerical description

A 1 IP address

NS 2 name server

CNAME 5 specification name

PTR 12 pointer recording

HINFO 13 Host Information

MX 15 Mail Exchange record

AXFR 252's request for zone conversion

A: an A record defines an IP address

NS: name server record. It describes the authorized name server for a domain, which is represented by a domain name.

CNAME: represents a canonical name and is used to represent a domain name, while a domain name with a canonical name is usually called an alias. Some FTP servers use it to provide other systems with an easily memorable alias.

HINFO: represents the host information, including two strings describing the host CPU and the operating system.

MX: Mail exchange records. Function: if there is an email to be sent to use@foo.com, send it to relay1.uu.net.

PTR: pointer records are used for pointer queries, and IP addresses are treated as a domain name under the in-addr.arpa domain (reverse query).

1. Basic DNS configuration:

1 my environment is centos6.6 version, first install the bind package

Yum install bind* (installed using yum)

2 Editing the configuration file of DNS

Vim / etc/named.conf

Options {

Listen-onport 53 {any;}; # change it to any here

Listen-on-v6port 53 {:: 1;}

Directory "/ var/named"

Dump-file "/ var/named/data/cache_dump.db"

Statistics-file "/ var/named/data/named_stats.txt"

Memstatistics-file "/ var/named/data/named_mem_stats.txt"

Allow-query {any;}; # change it to any here

Recursionyes

Dnssec-enableyes

Dnssec-validationyes

Dnssec-lookasideauto

/ * Path to ISC DLV key * /

Bindkeys-file "/ etc/named.iscdlv.key"

Managed-keys-directory "/ var/named/dynamic";}

Logging {

Channeldefault_debug {

File "data/named.run"

Severitydynamic;};}

Zone "." IN {# Root Type area

Typehint

File "named.ca";}

Include "/ etc/named.rfc1912.zones"; # split files

Include "/ etc/named.root.key"; # split files

Vim / etc/named.rfc1912.zones (positive solution and inverse solution are set in it-anti-solution doesn't work in China because of the Great Wall Firewall)

Add the following to this profile:

# set the positive solution area

Zone "wang.com" IN {# domain name

Typemaster; # server type

File "wang.zone"; # correct solution area file

}

Zone "1.168.192.in-addr.arpa" IN {# I am 192.168.1. Network of

Typemaster

File "wang.com.zone"; # Decoding area files

}

Enter the cd/var/named/ with the template of the positive solution region (named.localhost) and the template of the inverse solution region (named.loopback) given by the system

Cpnamed.localhost wang.zone cp named.loopback wang.com.zone

Currently vim wang.zone under / var/named/

$TTL1D

@ INSOA @ rname.invalid. (

0; serial

1D; refresh

1H; retry

1W; expire

3H); minimum

NS @

A 192.168.1.21#DNS server ip address

Www 0 A 192.168.1.22#www server ip address

0 A 192.168.1.11 # www server ip address (dns round robin with the above www server)

Ftp A 192.168.1.22#ftp Server

Mail A 192.168.1.11#mail Server

Web CNAME www# alias

@ MX 10 mail# Mail priority

Currently vim wang.com.zone under / var/named/

$TTL1D

@ INSOA @ rname.invalid. (

0; serial

1D; refresh

1H; retry

1W; expire

3H); minimum

NS @

A 192.168.1.2 server ip address

PTR wang.com.

22 PTRwww.wang.com. # Don't forget the following. '

11 PTR www.wang.com.

22 PTR ftp.wang.com.

22 PTR web.wang.com.

11 PTR mail.wang.com.

Restart the service servicenamed restart and change the DNS of the ip22 and 11 test machines to 192.168.1.21 for testing. (vim/etc/sysconfig/network-scripts/ifcfg-eth0 and vim/etc/resolv.conf modify dns)

2. One network corresponds to multiple domain names

Add several positive solutions to vim / etc/named.rfc1912.zones, for example:

Zone "ning.com" IN {

Typemaster

File "ning.zone"

}

Zone "wang.com" IN {

Typemaster

File "wang.zone"

}

# it doesn't matter, in China. You can also add a domain name and restart the named service.

3. Bind view # for example, a website has a domestic ip address and a foreign ip address. Users visiting websites in China are parsed by the dns server of the domestic ip address, while those visited abroad are parsed by the dns server of the foreign ip address to speed up the dns resolution. (one domain name corresponds to multiple different ip)

Vim / etc/named.rfc1912.zones adds at the end:

Acl "guowai" {192.168.200.0Universe 24;}; # name as you like

Acl "guonei" {192.168.1.0 take 24;}

View "guowai" {# try to pick a name at will

Match-clients {guowai;}; # must correspond

Zone "." IN {# Root Type area

Typehint

File "named.ca"

}

Zone "wangning.com" {# positive solution region

Typemaster

File "guowai.zone"; # create a guowai..zone in / var/named/

}

Zone "200.168.192.in-addr" {# inverse solution region

Typemaster

File "guowai.com.zone" # create guowai.com.zone in / var/named/

}

}

View "guonei" {

Match-clients {guonei;}

Zone "." IN {

Typehint

File "named.ca"

}

Zone "wangning.com" IN {

Typemaster

File "guonei.zone"; # create a guonei.zone in / var/named/

}

Zone "1.168.192.in-addr.arpa" IN {

Typemaster

File "guonei.com.zone"; # create a guonei.com.zone in / var/named/

}

}

Just restart the service.

4. SalvesDNS server (backup server)

To prevent the primary server from going down, a slaves server is required.

Vim / etc/named.rfc1912.zones join:

Zone "wang.com" IN {# domain name

Typeslave;# server type

File "slaves/wang.zone"; # correct solution area file

Masters {192.168.1.21;}

}

Zone "1.168.192.in-addr.arpa" IN {# I am 192.168.1. Network of

Typeslave

File "slaves/wang.com.zone"; # Decoding area files

Masters {192.168.1.21;}

}

The restart service automatically generates wang.zone and wang.com.zone in the / var/named/slaves/ directory

The above is all the content of the article "sample Analysis of basic and Advanced configuration of DNS in CentOS". Thank you for reading! I believe we all have a certain understanding, hope to share the content to help you, if you want to learn more knowledge, welcome to follow the industry information channel!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.