Linux DNS服务器搭建和DNS 客户端配置

Posted Spend Time On Money CANNOT Buy

tags:

篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了Linux DNS服务器搭建和DNS 客户端配置相关的知识,希望对你有一定的参考价值。

操作系统版本:

[root@node named]# cat /etc/redhat-release
Red Hat Enterprise Linux Server release 6.6 (Santiago)

Linux下设置DNS的位置主要是,

1网卡设置配置文件里面DNS服务器地址设置,

2.系统默认DNS服务器地址设置。

3,hosts文件指定

 

生效顺序是:

1 hosts文件

2 网卡配置文件DNS服务地址

3 /etc/resolv.conf

 

安装DNS

yum install bind -y

 1 [root@gs2node named]# cat /etc/named.conf 
 2 //
 3 // named.conf
 4 //
 5 // Provided by Red Hat bind package to configure the ISC BIND named(8) DNS
 6 // server as a caching only nameserver (as a localhost DNS resolver only).
 7 //
 8 // See /usr/share/doc/bind*/sample/ for example named configuration files.
 9 //
10 
11 options {
12         listen-on port 53 { any; };
13         listen-on-v6 port 53 { ::1; };
14         directory       "/var/named";
15         dump-file       "/var/named/data/cache_dump.db";
16         statistics-file "/var/named/data/named_stats.txt";
17         memstatistics-file "/var/named/data/named_mem_stats.txt";
18         allow-query     { any; };
19         recursion yes;
20 
21         dnssec-enable yes;
22         dnssec-validation yes;
23         dnssec-lookaside auto;
24 
25         /* Path to ISC DLV key */
26         bindkeys-file "/etc/named.iscdlv.key";
27 
28         managed-keys-directory "/var/named/dynamic";
29 };
30 
31 logging {
32         channel default_debug {
33                 file "data/named.run";
34                 severity dynamic;
35         };
36 };
37 
38 zone "." IN {
39         type hint;
40         file "named.ca";
41 };
42 
43 include "/etc/named.rfc1912.zones";
44 include "/etc/named.root.key";
 1 [root@node named]# cat /etc/named.rfc1912.zones
 2 // named.rfc1912.zones:
 3 //
 4 // Provided by Red Hat caching-nameserver package 
 5 //
 6 // ISC BIND named zone configuration for zones recommended by
 7 // RFC 1912 section 4.1 : localhost TLDs and address zones
 8 // and http://www.ietf.org/internet-drafts/draft-ietf-dnsop-default-local-zones-02.txt
 9 // (c)2007 R W Franks
10 // 
11 // See /usr/share/doc/bind*/sample/ for example named configuration files.
12 //
13 
14 zone "localhost.localdomain" IN {
15         type master;
16         file "named.localhost";
17         allow-update { none; };
18 };
19 
20 zone "localhost" IN {
21         type master;
22         file "named.localhost";
23         allow-update { none; };
24 };
25 
26 zone "1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN {
27         type master;
28         file "named.loopback";
29         allow-update { none; };
30 };
31 
32 zone "1.0.0.127.in-addr.arpa" IN {
33         type master;
34         file "named.loopback";
35         allow-update { none; };
36 };
37 
38 zone "0.in-addr.arpa" IN {
39         type master;
40         file "named.empty";
41         allow-update { none; };
42 };
43 
44 zone "cbf.com" IN{
45      type master;
46      file "cbf.com.zone";
47 };
48 
49 zone "4.168.192.in-addr.arpa" IN {
50      type master;
51      file "4.168.192.zone";
52 };
 1 [root@node named]# pwd
 2 /var/named
 3 [root@node named]# cat 4.168.192.zone
 4 $TTL 1D
 5 @ IN SOA ns.cbf.com. root (
 6                              0    ;serial
 7                              1D   ;refresh
 8                              1H   ;retry
 9                              1w   ;expire
10                              3H ) ;minimum
11       IN NS ns.cbf.com.
12 92    IN PTR www.cbf.com.
13 
14 [root@node named]# cat cbf.com.zone
15 $TTL 1D
16 @ IN SOA ns.cbf.com. root (
17                              0    ;serial
18                              1D   ;refresh
19                              1H   ;retry
20                              1w   ;expire
21                              3H ) ;minimum
22          NS ns.cbf.com.
23          MX 5 mail.cbf.com.
24 www   IN A 192.168.4.92
25 ns    IN A 192.168.4.92
26 mail  IN A 192.168.4.92
27 smtp  IN A 192.168.4.92
28 pop3  IN A 192.168.4.92
29 pop   IN A 192.168.4.92 


检查防火墙状态

1 [root@node named]# service iptables status
2 iptables: Firewall is not running.
[root@node named]# getenforce             
Disabled

检查53端口

 1 [root@node named]# netstat -anlpe | grep named
 2 tcp        0      0 192.168.1.70:53             0.0.0.0:*                   LISTEN      25         1291049098 17887/named         
 3 tcp        0      0 6.55.4.171:53               0.0.0.0:*                   LISTEN      25         1291049096 17887/named         
 4 tcp        0      0 127.0.0.1:53                0.0.0.0:*                   LISTEN      25         1291049094 17887/named         
 5 tcp        0      0 127.0.0.1:953               0.0.0.0:*                   LISTEN      25         1291049103 17887/named         
 6 tcp        0      0 ::1:53                      :::*                        LISTEN      25         1291049100 17887/named         
 7 tcp        0      0 ::1:953                     :::*                        LISTEN      25         1291049104 17887/named         
 8 udp        0      0 192.168.1.70:53             0.0.0.0:*                               25         1291049097 17887/named         
 9 udp        0      0 6.55.4.171:53               0.0.0.0:*                               25         1291049095 17887/named         
10 udp        0      0 127.0.0.1:53                0.0.0.0:*                               25         1291049093 17887/named         
11 udp        0      0 ::1:53                      :::*                                    25         1291049099 17887/named         
12 unix  2      [ ]         DGRAM                    1291049077 17887/named 

 

启动DNS服务

service named start

 

==========================

本地测试

 1 [root@node named]# service iptables status
 2 iptables: Firewall is not running.
 3 [root@node named]# getenforce              
 4 Disabled
 5 [root@node named]# nslookup www.cbf.com
 6 Server:         127.0.0.1
 7 Address:        127.0.0.1#53
 8 
 9 Name:   www.cbf.com
10 Address: 192.168.4.92
11 
12 [root@node named]# nslookup mail.cbf.com
13 Server:         127.0.0.1
14 Address:        127.0.0.1#53
15 
16 Name:   mail.cbf.com
17 Address: 192.168.4.92
18 
19 [root@node named]# nslookup smtp.cbf.com
20 Server:         127.0.0.1
21 Address:        127.0.0.1#53
22 
23 Name:   smtp.cbf.com
24 Address: 192.168.4.92
25 
26 [root@node named]# nslookup 192.168.4.92
27 Server:         127.0.0.1
28 Address:        127.0.0.1#53
29 
30 92.4.168.192.in-addr.arpa       name = www.cbf.com.

 

==========================

客户端测试

 1 [root@node2 ~]# cat /etc/resolv.conf 
 2 nameserver <node IP>
 3 [root@node2 ~]# nslookup 192.168.4.92
 4 Server:         16.155.14.171
 5 Address:        16.155.14.171#53
 6 
 7 92.4.168.192.in-addr.arpa       name = www.cbf.com.
 8 
 9 [root@node2 ~]# nslookup www.cbf.com
10 Server:         16.155.14.171
11 Address:        16.155.14.171#53
12 
13 Name:   www.cbf.com
14 Address: 192.168.4.92

 

以上是关于Linux DNS服务器搭建和DNS 客户端配置的主要内容,如果未能解决你的问题,请参考以下文章

Linux下的主辅DNS服务器同步

linux下搭建DNS域名解析服务器

Linux怎么搭建DNS服务器

Linux DNS服务的搭建

linux配置dns服务器配置命令

Linux—CentOS7.4-DNS二(搭建分离解析的DNS服务器)