Shulou(Shulou.com)06/02 Report--

My blog address: http://one.ifof1.cn/

The following describes the configuration of BIND-based primary DNS, secondary DNS and subdomain DNS under CentOS

Similarly, execute firewall-cmd-permanent-add-port=53/UDP first, or it will be configured for a long time, and DNS will not work, so you will think that the configuration is incorrect.

Some people come up to perform service firewalld stop, although it can also make the service normal access, but this is not secure, as a mature old concealment, we should consider more security and use whitelist access.

1: configuration of the main DNS:

1. Use the nmtui command to open the network configuration panel and configure IP to static IP (manually configure IP): nmtui is really useful!

two。 Open the / etc/named.conf file and comment listen-on port 53 {127.0.0.1;}; listen-on-v6 port 53 {:: 1;}; with / /

Add: allow-query {any;}

3. Open the zone file: / etc/named.rfc1912.zones, plus the following configuration (I want to add the domain of jsj.com, so write, similar, you can write love.cn)

In fact, the following configuration is no longer a simple primary DNS configuration, because allow-transfer {ip;} is added; this is configuring a secondary DNS, which means that the host referred to by IP is allowed to copy the resolution record file on this DNS. If only the primary DNS is configured, this item can not be configured (IP is set to none)

4. Create a new jsj.com.zone and jsj.com.rev forward and backward zone files in the / var/named/ directory.

The contents of the file are as follows (the file format is strict, you can directly use the command mv named.localhost jsj.com.zone to generate a region file from the template file, just modify it)

In the figure, ypb.jsj.com is the configured sub-domain, and the ip of the sub-domain server subdns.ypb.jsj.com is 192.168.151.16 (if you do not configure the sub-domain, you can ignore this section)

5. The configuration reverse zone file / var/named/jsj.com.rev can also be copied from the template file named.localhost

6. Test the nslookup command

Second: secondary DNS configuration: as mentioned in the above question, the secondary DNS has been mentioned, which is shown in the red line. 192.168.151.16 this machine is the auxiliary DNS.

1.

two。 Configure the / etc/named.rfc1912.zones file on the secondary DNS machine as follows: the zone file comes from this machine of 192.168.151.6:

3. Create a slaves directory under the / etc/named/ directory, and then authorize it. In order to save trouble, go directly to sudo chmod-R 777 slaves (actually undesirable, do not misuse 777)

This directory is used to store the area files copied from the main DNS

4. Execute servie named start while executing service named restart on the main DNS

At this point, in the slaves directory of the secondary DNS, you can see that the zone files have been copied from the primary DNS. Don't be silly, the network of the two machines must be connected.

Test: it's done!

Configuration of subdomain servers:

This has already indicated that ypb.jsj.com is a subdomain and is located on the 192.168.151.56 machine, so you can configure the 192.168.151.56 machine. The details will not be expanded.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.