Preparation
1. Create two virtual machines, one as a server and one as a client
Both of my machines are Windows server2019
2. Select the host-only mode for the network adapter interfaces of the two virtual machines, and tick Connected and Connect at startup in the device status
3. Both virtual machines must close the firewall and security policy
Turn off the firewall systemctl stop firewalld.service
Turn off the security policy setenforce 0
4. Use the command rpm -q bind to check whether bind is installed
If not installed, use the following steps
1.cd /run/media/root/CentOS\ 7\ x86_64/Packages/
Note: Be sure to use padding, it is easy to make mistakes by hand
2. Use ls | grep bind to view, select the first installation
Installation command: rpm -ivh bind-9.11.4-26.P2.el7.x86_64.rpm
Note: If a python-ply error occurs, it means that a python-ply package must also be downloaded
Use the command: rpm -ivh python-ply-3.4-11.el7.noarch.rpm
configure server
The three files included in the installed bind:
Main configuration file: /etc/named.conf
Sub-configuration file: /etc/named.rfc1912.zones
zone file: /etc/named.root.key
1. Enter the main configuration file
vim /etc/named.conf
Modify or add listen-on and allow-query to any
Set dnssec-enable and dnssec-validation to no
2. Enter the sub-configuration file
vim /etc/named.rfc1912.zones
Manually enter the image content below the file to declare a zone file
3. Enter vim /var/named/named.localhost, as shown in the figure
Note: Be sure to keep the file, remember not to change it at will
4. Copy the file to /var/named/wjy.zone
Use the command: cp -p /var/named/named.localhost /var/named/wjy.zone
Enter to see if it is successful
5.vim wjy.zone enters and edits forward parsing files
Next edit the file to suit our needs:
first part:
Line 1: Defines the time for the DNS server to query cached data as 1 day.
Line 2: The @ symbol indicates the parent domain name of the file "wjy.net";
IN represents the type of ininternet, because the current Internet is the application of TCP/IP protocol, and the position of DNS service in TCP/IP is the application layer, so the IN written here is generally unchangeable;
SOA means setting the authorized host name. The following figure defines the authorized host name responsible for domain name resolution in this area. The host must have an A resource record in the zone file;
wjy.net: Indicates the declared server host name, which is the full domain name of this DNS server.
rname.invalid: This means that the domain name of the host corresponding to the email address of the DNS server system administrator is set to rname.invalid.
Line 3: It is the serial number of the forward parsing area. If you have changed the data of the primary DNS server, you need to increase the value so that the secondary DNS server will update the data
Line 4: The function of refresh is mainly to compare the serial number of the high-speed secondary DNS server with the primary DNS server.
Line 5: retry means that after the refresh fails, try again after the specified time.
the second part:
Line 8: Define the domain name resolution server of the wjy.net domain as www.life.net.
Line 9: Define the address of the domain name resolution server as 192.168.101.114.
Lines 10 and 11: define the forward resolution records of the subdomains web.wjy.net and mao.wjy.net in the wjy.net domain.
After configuration, as shown in the figure:
Ok, here we have configured the three files, but we still need to check
6. Check the command:
- named-checkconf /etc/named.conf
- named-checkconf /etc/named.rfc1912.zones
- Pay attention to the third one, we need to enter its directory to check first use: cd /var/named to the directory, then named-checkzone wjy.zone wjy.zone (note that you enter wjy.zone twice)
as the picture shows:
7. Open the DNS service directly after checking
systemctl start named
(If you are not sure whether it is enabled, enter systemctl status named to check and confirm)
After success, go to the client to configure
client
1. Enter the configured address of the corresponding DNS server
vim /etc/resolv.conf
2. After configuration, use the command
host www.wjy.net
host web.wjy.net
host mao.wjy.net
You can find the addresses corresponding to different domains resolved
Well, our DNS experiment is over here, if there are any mistakes in the article, please point them out, let's make progress together!