Linux domain name server deployment

Environment: vmware workstation system: Red Hat7.4

 

IP address: 192.168.100.151 DNS: 192.168.100.151

experiment:

1. Install this system configuration DNS Service, "chinaskills.net" responsible for regional host resolution, seven hosts were dns.chinaskills.net, mail.chinaskills.net, www1.chinaskills.net, www2.chinaskills.net ., ssm.chinaskills.net, www3 chinaskils.net, www.chinaskils.net, do forward and reverse DNS service to resolve; and prohibits 192.168.70.0 network access to the DNS server.

• Seven host IP addresses are: 192.168.100.151-157 this arrangement.

 

Install the DNS service:

[root@localhost ~]# yum install bind  -y

Edit /etc/named.conf:

[root@localhost ~]# vim /etc/named.conf
options {

listen-on port 53 { 192.168.100.151; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
blackhole { 1192.168.70.0/24; };           //禁止网段访问
allow-query { any; };

Setting the analysis area: /etc/named.rfc1912.zones

[root@localhost ~]# cat /etc/named.rfc1912.zones

zone "chinaskills.net" IN {
type master;
file "named.localhost";
allow-update { none; };
};

zone "100.168.192.in-addr.arpa" IN {
type master;
file "named.loopback";
allow-update { none; };
};

 Forward analysis area: /var/named/named.localhost

[root@localhost ~]# cat /var/named/named.localhost
$TTL 1D
@ IN SOA @ rname.invalid. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS @
A 127.0.0.1
AAAA ::1
dns IN A 192.168.100.151
mail IN A 192.168.100.152
WWW1 IN A 192.168.100.153
www2 IN A 192.168.100.154
ssm IN A 192.168.100.155
www3 IN A 192.168.100.156
www IN A 192.168.100.157

Reverse lookup area: /var/named/named.loopback

[root@localhost ~]# cat /var/named/named.loopback
$TTL 1D
@ IN SOA @ rname.invalid. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS @
A 127.0.0.1
AAAA ::1
PTR localhost.
151 IN PTR dns.chinaskills.net
152 IN PTR mail.chinaskills.net
153 IN PTR www1.chinaskills.net
154 IN PTR www2.chinaskills.net
155 IN PTR ssm.chinaskills.net
156 IN PTR www3.chinaskills.net
157 IN PTR www.chinaskills.net
[root@localhost ~]#systemctl restart named

 

Testing DNS server: install bind-utils 

[root@localhost ~]# nslookup
> dns.chinaskills.net
Server: 192.168.100.151
Address: 192.168.100.151#53

Name: dns.chinaskills.net
Address: 192.168.100.151
> www1.chinaskills.net
Server: 192.168.100.151
Address: 192.168.100.151#53

Name: www1.chinaskills.net
Address: 192.168.100.153
> 192.168.100.157
Server: 192.168.100.151
Address: 192.168.100.151#53

157.100.168.192.in-addr.arpa name = www.chinaskills.net.100.168.192.in-addr.arpa.
> 192.168.100.154
Server: 192.168.100.151
Address: 192.168.100.151#53

154.100.168.192.in-addr.arpa name = www2.chinaskills.net.100.168.192.in-addr.arpa.
>

 

     This article Gangster please correct me if wrong