centos7下网络管理之搭建DNS服务器
centos7下网络管理之搭建DNS服务器
首先明确概念:正向解析:将域名转化为IP地址
反向解析:将IP地址转化为域名(我只做了正向的)
说在前面的话:我的虚拟机,也就是我要做DNS服务器的ip地址为:192.168.3.155
开始实验
-
首先安装bind :#yum install bind bind-utils
-
安装vim编译器:#yum install vim //可以不安装
-
编辑主配置文件:#vim /etc/named.conf
options {
listen-on port 53 { any; }; //any表示监听所有的主机
listen-on-v6 port 53 { ::1; };
directory “/var/named”;
dump-file “/var/named/data/cache_dump.db”;
statistics-file “/var/named/data/named_stats.txt”;
memstatistics-file “/var/named/data/named_mem_stats.txt”;
recursing-file “/var/named/data/named.recursing”;
secroots-file “/var/named/data/named.secroots”;
allow-query { any; }; //所有人都可以对我的DNS发出查询请求
recursion yes;
dnssec-enable yes;
dnssec-validation yes;
/* Path to ISC DLV key */
bindkeys-file “/etc/named.iscdlv.key”;
managed-keys-directory “/var/named/dynamic”;
pid-file “/run/named/named.pid”;
session-keyfile “/run/named/session.key”;
};
logging {
channel default_debug {
file “data/named.run”;
severity dynamic;
};
};
zone “.” IN {
type hint;
file “named.ca”;
};
include “/etc/named.rfc1912.zones”;
include “/etc/named.root.key”; -
编辑区域配置文件/etc/named.rfc1912.zones :
vim /etc/named.rfc1912.zones
//添加下面的代码
zone “2.com” IN {
type master;
file “/var/named/2.com.zone”;
allow-transfer {192.168.3.0/24;};
}; -
新建解析库文件/var/named/2.com.zone
$TTL 1D
$ORIGIN 2.com.
@ IN SOA 2.com. admin.2.com. (
20170526; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
2.com. IN NS ns1.2.com.
ns1 IN A 192.168.3.155
www IN A 192.168.3.155
ftp IN A 1.1.1.1 -
修改解析库文件权限 :chgrp named /var/named/2.com.zone
-
检查 配置语法
(1)检查配置文件语法:# named-checkconf
(2)检查域配置文件语法:# named-checkzone 2.com /var/named/2.com.zone
//没有错误时会出现 zone 2.com/IN: loaded serial 20170526
OK -
启动named服务:# systemctl start named
-
测试
注意:要配置DNS服务器为本DNS服务器IP地址
或者使用dig命令则不需要修改DNS服务器
我在外部物理机访问,那么把物理机DNS修改为:192.168.3.155
我们来测试一下
过程一言难尽,好在结果还不错,嘻嘻~