1: The purpose of building DNS with CentOS is to resolve a download server with IP address 172.18.0.58. Now it is accessed by IP address. I want to build a DNS server and access it by domain name.
Use the following command to check the Bind version of the current system.
yum info bind
The version is 9.11.36. My CentOS is installed minimally.
2: Install Bind and test toolkit.
yum install bind bind-utils -y
3: After the installation is complete, use the following command to view Bind’s installation information, configuration files, main services, logs, etc. After the Bind program is installed, it can be used as a cache server by default. If there is no area that specifically needs to be parsed, start the service directly. That’s it.
rpm -ql bind
4: The main configuration file is in /etc/named.conf. The main configuration file generally has three configuration sections, the global configuration section options{...}, the logging configuration section logging{...}, and the regional configuration section zone{. ..}, where the local machine is responsible for parsing or forwarding the zone configuration section copy and parsing.
5: Edit the main configuration file.
vi /etc/named.conf
Remove 127.0.0.1 in the global configuration section and replace it with any, which means monitoring all addresses of the local machine. You can also write the address you want to monitor. Please note that there are spaces before and after {}, and there is a ; sign after each address, otherwise There will be grammatical errors. Allow-query is also replaced by any.
7: Check the configuration file for errors.
named-checkconf
8: Start the service and add auto-start at boot.
systemctl start bind
systemctl enable bind
9: Check whether port 53 of TCP and UDP is listening.
ss -tnul
11: Edit the configuration file and define the area.
vi /etc/named.rfc1912.zones
12: Add the following information to the configuration zone file. One forward and one reverse.
zone "xz.com" IN {
type master;
file "xz.com.zone";
};
zone "0.18.172.in-addr.arpa" IN {
type master;
file "0.18.172.zone";
};
13: Configure the forward zone file, the default path is under /var/named. There are templates below that you can copy and modify directly, named.localhost and named.loopback, one forward and one reverse. Use cp -p to preserve the permission copy.
vi /var/named/xz.com.zone
14: Fill in the following content. Where DNS is the IP address of this machine.
$TTL 1D
@ IN SOA xz.com. root.xz.com. (
1 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS dns.xz.com.
dns A 172.18.50.70
www A 172.18.0.58
14: Configure reverse zone file.
vim /var/named/0.18.172.zone
15: Add the following content.
$TTL 3H
@ IN SOA xz.com. root.xz.com. (
1 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS dns.xz.com.
58 PTR www.xz.com.
16: Check whether the area is correct.
named-checkzone xz.com /var/named/xz.com.zone
17: Reload area. The following command is equivalent to systemctl restarting the service. rndc also has many commands, such as flush to clear the cache.
rndc reload
18: Set the DNS of this machine to the IP address of this machine.
vi /etc/resolv.conf
nameserver 172.18.50.70
19: Release TCP and UDP port 53. This does not need to be done if the firewall is closed.
firewall-cmd --permanent --add-port=53/tcp --zone=public
firewall-cmd --permanent --add-port=53/udp --zone=public
firewall-cmd --reload
20: Restart the service.
systemctl restart named
21: Use the nslookup command to test.
22: If you find a host without DNS configuration, you cannot open the web page.
22: Configure the DNS of the test host as the IP address of the DNS server for access.