dns
Posted lizhizhi
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了dns相关的知识,希望对你有一定的参考价值。
dns服务器可以划分4种:
-
1,缓存域名服务器 (帮你去找域名解析,本身并不能解析)
-
2,主域名解析服务器
也就是他自己维护一个域名的解析记录本(主机名:baidu.com) -
3,从域名解析服务器
-
4,智能解析服务器(cdn),不同的地方,返回不同的结果
记录本
分为俩种
- 1,正向解析记录
(1)A记录
(2)Cname (别名解析):多个域名同一个ip地址解析
域名======>IP
- 2,反向解析记录
PTR反向解析
反向追踪ip地址的,看ip地址是否合法的
IP=========>域名
DNS的俩种查询方式
1,递归查询
2,递归查询
缓存域名服务器的配置
[[email protected] ~]# yum install -y bind bind-chroot
[[email protected] ~]# rpm -qa | grep bind
bind-libs-9.8.2-0.17.rc1.el6_4.6.x86_64
bind-chroot-9.8.2-0.17.rc1.el6_4.6.x86_64
bind-9.8.2-0.17.rc1.el6_4.6.x86_64
[[email protected] ~]# vim /etc/named.conf
options {
listen-on port 53 { 192.168.182.134; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { any; };
forwarders { 202.106.0.20; };
recursion yes;
dnssec-enable yes;
dnssec-validation no;
dnssec-lookaside auto;
/* Path to ISC DLV key */
bindkeys-file "/etc/named.iscdlv.key";
managed-keys-directory "/var/named/dynamic";
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
zone "." IN {
type hint;
file "named.ca";
};
include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";
#检测语法
[[email protected] ~]# named-checkconf /etc/named.conf
[[email protected] ~]#
[[email protected] ~]# /etc/init.d/named start
Generating /etc/rndc.key: [ OK ]
Starting named: [ OK ]
[[email protected] ~]#
[[email protected] named]# vim /etc/resolv.conf
; generated by /sbin/dhclient-script
search localdomain
nameserver 192.168.182.134
[[email protected] ~]# ping www.baidu.com
PING www.baidu.com (61.135.169.125) 56(84) bytes of data.
64 bytes from 61.135.169.125: icmp_seq=1 ttl=128 time=1922 ms
主域名服务器
options {
listen-on port 53 { 192.168.182.135; };
// listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { any; };
farwarders { 202.106.0.20; };
recursion yes;
// dnssec-enable yes;
// dnssec-validation yes;
// dnssec-lookaside auto;
/* Path to ISC DLV key */
bindkeys-file "/etc/named.iscdlv.key";
managed-keys-directory "/var/named/dynamic";
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
zone "yunjisuan.com" IN {
type master;
file "yunjisuan.com.zone";
};
zone "." IN {
type hint;
file "named.ca";
};
include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";
[[email protected] named]# cd /var/named/
[[email protected] named]# cp -p named.empty yunjisuan.com.zone
$TTL 3H
@ IN SOA @ yunjisuan.com.root.ns1.yunjisuan.com. (
20181205 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS ns1.yunjisuan.com. #位置
ns1 A 192.168.182.12
www A 192.168.182.13
news A 192.168.182.14
bbs CNAME news 192.168.182.14
* A 192.168.182.20 了192.168.182.20
[[email protected] named]# named-checkzone yunjisuan.com yunjisuan.com.zone
OK
[[email protected] named]# /etc/init.d/named restart
Stopping named: . [ OK ]
Starting named: [ OK ]
[[email protected] named]#
#反向解析记录本
[[email protected] named]# cp -p named.empty 192.168.182.arpa
[[email protected] named]# vim 192.168.182.arpa
$TTL 3H
@ IN SOA @ yunjisuan.com.root.ns1.yunjisuan.com. (
20181206 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS ns1.yunjisuan.com.
108 PTR ns1.yunjisuan.com.
13 PTR www.yunjisuan.com.
14 PTR news.yunjisuan.com.
14 PTR bbs.yunjisuan.com.
[[email protected] named]# named-checkzone named.empty 192.168.182.arpa #检测脚本是否有错误
zone named.empty/IN: loaded serial 20181206
OK
############重启服务
#客户端测试
#解析域名
[[email protected] etc]# nslookup www.yunjisuan.com
Server: 192.168.182.135
Address: 192.168.182.135#53
Name: www.yunjisuan.com
Address: 192.168.182.13
[[email protected] etc]# nslookup ns1.yunjisuan.com
Server: 192.168.182.135
Address: 192.168.182.135#53
Name: ns1.yunjisuan.com
Address: 192.168.182.135
[[email protected] etc]# nslookup bbs.yunjisuan.com
Server: 192.168.182.135
Address: 192.168.182.135#53
bbs.yunjisuan.com canonical name = news.yunjisuan.com.
Name: news.yunjisuan.com
Address: 192.168.182.14
[[email protected] etc]# nslookup new.yunjisuan.com
Server: 192.168.182.135
Address: 192.168.182.135#53
Name: new.yunjisuan.com
Address: 192.168.182.20
[[email protected] etc]# nslookup new.yunjisuan.com
#解析ip
[[email protected] etc]# nslookup 192.168.182.135
Server: 192.168.182.135
Address: 192.168.182.135#53
** server can‘t find 135.182.168.192.in-addr.arpa.: NXDOMAIN
[[email protected] etc]# nslookup 192.168.182.13
Server: 192.168.182.135
Address: 192.168.182.135#53
13.182.168.192.in-addr.arpa name = www.yunjisuan.com.
[[email protected] etc]# nslookup 192.168.182.14
Server: 192.168.182.135
Address: 192.168.182.135#53
14.182.168.192.in-addr.arpa name = news.yunjisuan.com.
14.182.168.192.in-addr.arpa name = bbs.yunjisuan.com.
[[email protected] etc]#
以上是关于dns的主要内容,如果未能解决你的问题,请参考以下文章