简单搭建DNS服务器——bind

Posted 2020-11-22 max27149

安装bind

# yum install -y bind bind-utils bind-chroot

 

修改配置文件

# grep ‘^[^#]‘ /etc/named.conf 
options {
    listen-on port 53 { any; };
。。。
    allow-query     { any; };

。。。

 

# grep ‘^[^#]‘ /etc/named.rfc1912.zones
zone "test.com" IN {
      type master;
      file "test.com.zone";  
};
zone "50.168.192.in-addr.arpa" IN {
      type master;
      file "50.168.192.in-addr.arpa.zone";
};

 

# grep ‘^[^#]‘ /var/named/50.168.192.in-addr.arpa.zone 
$TTL 1D
@       IN SOA  ns root (
                                        0       ; serial
                                        1D      ; refresh
                                        1H      ; retry
                                        1W      ; expire
                                        3H )    ; minimum
@              IN       NS         ns.test.com.
43             IN       PTR        mail.test.com.
44             IN       PTR        www.test.com.

 

# grep ‘^[^#]‘ /var/named/test.com.zone
$TTL 600
$ORIGIN test.com.
@    IN     SOA    ns  root (
                    0    ; serial
                    1D    ; refresh
                    1H    ; retry
                    1W    ; expire
                    3H )    ; minimum
        NS     ns.test.com.
        NS     ns.test.net.
        MX  10  mail.test.com.
ns       IN         A      192.168.50.42
mail     IN         A      192.168.50.43  
www      IN         A      192.168.50.44
wap      IN         CNAME    www

 

生成key

# rndc-confgen -r /dev/urandom -a
wrote key file "/etc/rndc.key"

# chown named.named /var/named/*    ##关乎成败的一步

 

启动bind

# tailf /var/log/messages   ##观察日志，注意报错信息

启动
# systemctl restart named.service

 

测试

# dig -t A wap.test.com @192.168.50.42  ##正向解析 -t
; <<>> DiG 9.11.4-P2-RedHat-9.11.4-9.P2.el7 <<>> -t A wap.test.com @192.168.50.42
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 11064
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 2, ADDITIONAL: 2

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;wap.test.com.            IN    A

;; ANSWER SECTION:
wap.test.com.        600    IN    CNAME    www.test.com.
www.test.com.        600    IN    A    192.168.50.44

;; AUTHORITY SECTION:
test.com.        600    IN    NS    ns.test.net.
test.com.        600    IN    NS    ns.test.com.

;; ADDITIONAL SECTION:
ns.test.com.        600    IN    A    192.168.50.42

;; Query time: 1 msec
;; SERVER: 192.168.50.42#53(192.168.50.42)
;; WHEN: Tue Nov 12 19:03:37 CST 2019
;; MSG SIZE  rcvd: 133

 

# dig -x 192.168.50.43 @192.168.50.42  ##反向解析 -x
; <<>> DiG 9.11.4-P2-RedHat-9.11.4-9.P2.el7 <<>> -x 192.168.50.43 @192.168.50.42
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 20415
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;43.50.168.192.in-addr.arpa.    IN    PTR

;; ANSWER SECTION:
43.50.168.192.in-addr.arpa. 86400 IN    PTR    mail.test.com.

;; AUTHORITY SECTION:
50.168.192.in-addr.arpa. 86400    IN    NS    ns.test.com.

;; ADDITIONAL SECTION:
ns.test.com.    600    IN    A    192.168.50.42

;; Query time: 0 msec
;; SERVER: 192.168.50.42#53(192.168.50.42)
;; WHEN: Tue Nov 12 19:08:03 CST 2019
;; MSG SIZE rcvd: 115

 

PS: 博客园自定义皮肤功能很不错，就是博客编译器太烂了。。。

凑够150字，凑够150字，凑够150字，凑够150字，凑够150字，凑够150字，凑够150字，凑够150字，凑够150字，凑够150字，凑够150字，凑够150字，凑够150字，凑够150字，凑够150字，凑够150字，凑够150字，凑够150字，凑够150字，凑够150字，凑够150字，凑够150字，凑够150字，凑够150字，凑够150字，凑够150字，凑够150字，凑够150字，凑够150字，凑够150字，凑够150字，