参考 BIND 官网:http://www.isc.org/downloads/bind/
1、系统环境说明
[root@clsn6 ~]# cat /etc/redhat-release CentOS release 6.9 (Final) [root@clsn6 ~]# uname -r 2.6.32-696.el6.x86_64 [root@clsn6 ~]# sestatus SELinux status: disabled [root@clsn6 ~]# /etc/init.d/iptables status iptables: Firewall is not running. [root@clsn6 ~]# hostname -I 10.0.0.188 172.16.1.188 192.168.19.105
2、安装bind
[root@clsn6 ~]# yum install bind* -y # 文件说明 [root@clsn6 ~]# rpm -ql bind /etc/named.conf # 主配置文件 /etc/named.rfc1912.zones # 区域解析库文件 /var/log/named.log #日志文件 /var/named #服务根目录
3、修改配置文件
备份named.conf并修改
cp -p /etc/named.conf{,.bak}
修改配置文件
[root@clsn6 ~]# cat /etc/named.conf # 修改监听地址,删除ipv6监听 options { listen-on port 53 { 192.168.19.105; }; ··· # 运行所有地址请求 allow-query { localhost;any; }; ··· }
检查配置是否正确
[root@clsn6 ~]# named-checkconf /etc/named.conf
4、启动服务
[root@clsn6 ~]# /etc/init.d/named start Generating /etc/rndc.key: [ OK ] Starting named: [ OK ]
检查端口
[root@clsn6 ~]# netstat -lntup |grep :53 tcp 0 0 192.168.19.105:53 0.0.0.0:* LISTEN 4227/named-sdb udp 0 0 192.168.19.105:53 0.0.0.0:* 4227/named-sdb
测试DNS服务器
[root@clsn6 named]# dig nmtui.com @192.168.19.105 ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.62.rc1.el6_9.4 <<>> nmtui.com @192.168.19.105 ;; global options: +cmd ;; Got answer: ;; ->>HEADER < < opcode: QUERY, status: NOERROR, id: 38139 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 16 ;; QUESTION SECTION: ;nmtui.com. IN A ;; ANSWER SECTION: nmtui.com. 38 IN A 121.42.87.209 ;; AUTHORITY SECTION: nmtui.com. 172237 IN NS dns2.hichina.com. nmtui.com. 172237 IN NS dns1.hichina.com. ;; ADDITIONAL SECTION: dns2.hichina.com. 172237 IN A 106.11.211.54 dns2.hichina.com. 172237 IN A 106.11.211.64 dns2.hichina.com. 172237 IN A 140.205.41.14 dns2.hichina.com. 172237 IN A 140.205.41.24 dns2.hichina.com. 172237 IN A 140.205.81.14 dns2.hichina.com. 172237 IN A 140.205.81.24 dns2.hichina.com. 172237 IN A 106.11.141.114 dns2.hichina.com. 172237 IN A 106.11.141.124 dns1.hichina.com. 172237 IN A 106.11.211.63 dns1.hichina.com. 172237 IN A 140.205.41.13 dns1.hichina.com. 172237 IN A 140.205.41.23 dns1.hichina.com. 172237 IN A 140.205.81.13 dns1.hichina.com. 172237 IN A 140.205.81.23 dns1.hichina.com. 172237 IN A 106.11.141.113 dns1.hichina.com. 172237 IN A 106.11.141.123 dns1.hichina.com. 172237 IN A 106.11.211.53 ;; Query time: 0 msec ;; SERVER: 192.168.19.105#53(192.168.19.105) ;; WHEN: Tue Feb 6 21:03:38 2018 ;; MSG SIZE rcvd: 345
5、搭建公司内部域
搭建自己的域,让当前的DNS解析www.nmtui.com域
将域名 IP 关系存储在DNS上,在 /etc/named.rfc1912.zones 文件中进行添加
[root@clsn6 ~]# vim /etc/named.rfc1912.zones zone "nmtui.com" IN { # hengxia.top是域名 type master; # 表示权威DNS,即第一个 file "nmtui.com.zone"; # 域数据库,默认位于/var/named/下面,只需告知文件名nmtui.com.zone是库文件名 };
以/var/named目录下的named.localhost为模板,创建nmtui.com.zone文件,创建区域数据库
复制文件
[root@clsn6 named]# cp -av named.localhost nmtui.com.zone 'named.localhost' -> 'nmtui.com.zone' ## 注意cp -a 保持原有属性
源文件说明
[root@clsn6 named]# cat nmtui.com.zone # 解析区域数据库格式,存放名字与IP的对应关系 $TTL 1D # 统一定义TTL(过期时间、缓存时间) @ IN SOA @ rname.invalid. ( # SOA记录 IN internet技术 IN第一条要写,后面可以省略,可继承第一条IN rname.invalid. 资源的类型 0 ; serial 1D ; refresh 1H ; retry 1W ; expire 3H ) ; minimum NS @ # 代表当前配置域 A 127.0.0.1 # A记录 名字 到 IP 对应IPv4地址 AAAA ::1 # A记录 名字 到 IP 对应IPv6地址
修改配置文件
[root@clsn6 named]# cat /var/named/nmtui.com.zone $TTL 1D @ IN SOA @ nmtui.top. ( 30 ; serial 1M ; refresh 1M ; retry 1M ; expire 3M ) ; minimum NS @ www A 10.0.0.188 blog A 10.0.0.188 @ A 10.0.0.188
检查配置文件
[root@clsn6 named]# named-checkconf # 检查配置文件是否正确 # 检查区域配置是否正确 [root@clsn6 named]# named-checkzone nmtui.com /var/named/nmtui.com.zone zone nmtui.com/IN: loaded serial 0 OK # 载入配置 [root@clsn6 named]# rndc reload server reload successful
重新载入不成功可以重启服务!
6、验证测试
在windows上测试
C:\Users\clsn>nslookup - 192.168.19.105 默认服务器: UnKnown Address: 192.168.19.105 > nmtui.com 服务器: UnKnown Address: 192.168.19.105 名称: nmtui.com Address: 10.0.0.188 > www.nmtui.com 服务器: UnKnown Address: 192.168.19.105 名称: www.nmtui.com Address: 10.0.0.188 > blog.nmtui.com 服务器: UnKnown Address: 192.168.19.105 名称: blog.nmtui.com Address: 10.0.0.188
在linux里测试
方法一
[root@clsn6 named]# nslookup - 192.168.19.105 > nmtui.top Server: 192.168.19.105 Address: 192.168.19.105#53 Name: nmtui.top Address: 10.0.0.188
方法二
[root@clsn6 named]# dig nmtui.com @192.168.19.105 ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.62.rc1.el6_9.4 <<>> nmtui.com @192.168.19.105 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 43306 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 0 ;; QUESTION SECTION: ;nmtui.com. IN A ;; ANSWER SECTION: nmtui.com. 86400 IN A 10.0.0.188 ;; AUTHORITY SECTION: nmtui.com. 86400 IN NS nmtui.com. ;; Query time: 0 msec ;; SERVER: 192.168.19.105#53(192.168.19.105) ;; WHEN: Tue Feb 6 20:58:20 2018 ;; MSG SIZE rcvd: 57
方法三
[root@clsn6 named]# ping www.nmtui.com -c1 PING www.nmtui.com (10.0.0.188) 56(84) bytes of data. 64 bytes from 10.0.0.188: icmp_seq=1 ttl=64 time=0.010 ms --- www.nmtui.com ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.010/0.010/0.010/0.000 ms
