Foreword
DNS (Domain Name System), Domain Name System, provided by the domain name resolved to ip service is an important Internet infrastructure services.
Here we have to configure it using the bind DNS server on CentOS7
A mounting configuration DNS
(A) install the Domain Name Service program
yum install bind-chroot -y
(Ii) modify the configuration file
Bind DNS service program name is called named, the service's configuration file as follows:
| The main program | /usr/sbin/named |
| The main configuration file | /etc/named.conf |
| Regional Profiles | /etc/named.rfc1912.zones |
Modify the main configuration file
;};
Recursion Yes;
DNSSEC-enable Yes;
DNSSEC Validation-Yes;
DNSSEC Auto-Lookaside;
/ * * Key DLV the Path to the ISC /
bindkeys-File "/etc/named.iscdlv.key";
Managed-Keys-Directory " / var / the named / Dynamic ";
PID-File" /run/named/named.pid ";
the session-KeyFile" /run/named/session.key ";
};
the logging {
Channel default_debug {
File" Data / the named.run ";
Severity Dynamic;
};
};
// within this document defines the IP address table 13 global root DNS servers
Zone." "{the iN
of the type hint;
file" named.ca ";
};
// this file holds positive to the regional information and reverse lookup, very important.
include "/etc/named.rfc1912.zones";
Modified files:
Second, the analytical test
(A) The modified DNS address system native
(B) forward address resolution experiments
1. Modify the profile region
Forward resolution is the role of the corresponding IP address based on the host name (domain name) to find there some default information, zone file, you can not ignore, can be added directly in the following:
[root @ tianzhankui-hbza ~] # vim / etc / named.rfc1912.zones
Zone "centos.com" {the IN
type Master;
File "centos.com.zone";
the allow-Update {none;};
}
2. Configure parsing data
can be copied forward resolution template file directly: " /var/named/named.localhost ", it can be used directly after fill in the information.
Switching working directory to bind (named) Data Contents:
[@ tianzhankui the root-hbza ~] # CD / var / the named /
查看区域数据文件的权限:
[root@tianzhankui-hbza named]# ls -al named.localhost
-rw-r-----. 1 root named 152 Jun 21 2007 named.localhost
执行cp命令时加入-a,代表连通复制原来文件的属性、所有者、组等信息:
[root@tianzhankui-hbza named]# cp -a named.localhost centos.com.zone
编辑centos.com域名的区域数据文件:
[root@tianzhankui-hbza named]# vim centos.com.zone
如图:
| $TTL 1D | #生存周期为1天 | ||||
| @ | IN SOA | centos.com. | root.centos.com. | ( | |
| #授权信息开始: | #DNS区域的地址 | #域名管理员的邮箱(不要用@符号) | |||
| 0;serial | #更新序列号 | ||||
| 1D;refresh | #更新时间 | ||||
| 1H;retry | #重试延时 | ||||
| 1W;expire | #失效时间 | ||||
| 3H;minimum | #无效解析记录的缓存时间 | ||||
| NS | ns.centos.com. | #域名服务器记录 | |||
| ns | IN A | 192.168.20.100 | #地址记录(ns.centos.com.) | ||
| IN MX 10 | mail.centos.com. | #邮箱交换记录 | |||
| IN A | 192.168.20.100 | #地址记录(mail.centos.com.) | |||
| www | IN A | 192.168.20.100 | #地址记录(www.centos.com.) | ||
| bbs | IN A | 192.168.20.100 | #地址记录(bbs.centos.com.) | ||
如图:
重启named服务让配置文件立即生效:
[root@tianzhankui-hbza named]# systemctl restart named
3.检验解析结果
nslookup命令用于检测能否从网络DNS服务器中查询到域名与IP地址的解析记录,检测named服务的解析能否成功。
此为查询DNS服务器的信息:
[root@tianzhankui-hbza ~]# nslookup
> www.centos.com
Server: 127.0.0.1
Address: 127.0.0.1#53
顺利的将域名的对应IP地址解析出来了:
Name: www.centos.com
Address: 192.168.10.10
> bbs.centos.com
