Shulou(Shulou.com)06/02 Report--

Install DNS

Rpm-ivh bind*.rpm

Enter / etc/named/chroot/etc to set named.conf

[root@localhost named] # vim / etc/named.conf

/ /

/ / named.conf

/ /

/ / Provided by Red Hat bind package to configure the ISC BIND named (8) DNS

/ / server as a caching only nameserver (as a localhost DNS resolver only).

/ /

/ / See / usr/share/doc/bind*/sample/ for example named configuration files.

/ /

Options {

Listen-on port 53 {any;}; / / listening port

Listen-on-v6 port 53 {:: 1;}; / ipv6 listening port

Directory "/ var/named"

Dump-file "/ var/named/data/cache_dump.db"

Statistics-file "/ var/named/data/named_stats.txt"

Memstatistics-file "/ var/named/data/named_mem_stats.txt"

Allow-query {192.168.2.0 IP segment allowed to be accessed

Allow-transfer {192.168.2.1;}; / / configure master and slave DNS to send synchronization

Recursion yes

Forwarders {192.168.119.2 * 114.114.114.114;}; / / when you encounter a domain name mapping IP that you do not have, request to a higher level

Dnssec-enable yes

Dnssec-validation yes

/ * Path to ISC DLV key * /

Bindkeys-file "/ etc/named.iscdlv.key"

Managed-keys-directory "/ var/named/dynamic"

}

Logging {

Channel default_debug {

File "data/named.run"

Severity dynamic

}

}

View localhost_resolver {/ / parser

Match-clients {192.168.4.0 match-clients 24;}; / / you can use the parsed IP segment

Match-destinations {localhost;}

# recursion yes

Include "/ etc/baishan.zones"; / / specify the zones location

}

View localhost_resolver2 {

Match-clients {192.168.2.0 Universe 24;}

Match-destinations {localhost;}

# recursion yes

Include "/ etc/named.root.key"

Include "/ etc/named.rfc1912.zones"

}

Configure zones

Zone "4.168.192.in-addr.arpa" IN {

Type master; / / used in master-slave relationship

File "4.168.192.in-addr.arpa"; / / forward resolution

Allow-update {none;}

}

Zone "example.com" IN {

Type master

File "example.com"; / / specify the file name for reverse resolution, under var/name

Allow-update {none;}

}

Configuration parsing file

Positive direction

$TTL 1D

@ IN SOA example.com. Admin.example.com. (

0; serial

1D; refresh

1H; retry

1W; expire

3H); minimum

NS @

A 127.0.0.1

AAAA:: 1

Www IN A 192.168.4.131

~ reverse

$TTL 1D

@ IN SOA example.com. Admin.example.com. (

0; serial

1D; refresh

1H; retry

1W; expire

3H); minimum

NS @

A 127.0.0.1

AAAA:: 1

131 IN PTR www.example.com.

Detection command

Use named-checkconfig named.conf to detect errors

Use naned-checkzone 2.168.192.in-addr.arpa test.com

Start DNS after no error

Service named restart

Separation and analysis

The separated domain name server is actually the main domain name server. The separated resolution here mainly provides different resolution records for different clients. For example, when dns provides services for internet and intranet at the same time, intranet users may need to access the company's web service and mail service directly to the web and mail servers located in the intranet, thus reducing the burden of server address translation in / etc/named.conf.

View "LAN" {

Match-clients {192.168.4.0 LAN 24;};\ this LAN can only be accessed by 192.168.4.0 Universe 24.

Zone "tech.org" IN {

Type master

File "tech.org.zone.lan";}

}

View "WAN" {

Match-clients {any;}

Zone "tech.org" IN {

Type master

File "tech.org.wan";}

}

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.