Linux下DNS服务器配置
简要描述各种DNS服务器的配置方法。包括正向解析DNS服务器、逆向解析DNS服务器、主从DNS服务器。
实验环境整体配置
关闭SElinux
setenfore 0
清空防火墙
iptables -F
修改主配置文件 /etc/named.conf
#监听本机外网端口
listen-on port 53 { 127.0.0.1;192.168.45.202; };
#不监听ipv6
//listen-on-v6 port 53 { ::1; };
#允许查询
allow-query { any; };
#关闭dnssec
dnssec-enable no;
dnssec-validation no;
配置正向解析DNS服务器配置
修改zone配置 /etc/named.rfc1912.zones
#增加zone文件
zone "easylinux.com" IN {
type master;
file "easylinux.com.zone";
allow-update { none; };
};
添加easylinux.com.zone文件至 /var/named
$TTL 86400
$ORIGIN easylinux.com.
@ IN SOA easylinux.com. nsadmin.easylinux.com. (
20170528
2H
1M
1W
1D
)
IN NS ns1.easylinux.com.
IN NS ns2.easylinux.com.
IN MX 10 mx.easylinux.com.
ns1 IN A 192.168.45.100
ns2 IN A 192.168.45.101
mx IN A 192.168.45.102
www IN A 192.168.45.201
web IN CNAME www
验证解析
~]# dig easylinux.com. @192.168.45.202 ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.47.rc1.el6 <<>> easylinux.com. @192.168.45.202 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 48423 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0 ;; QUESTION SECTION: ;easylinux.com. IN A ;; AUTHORITY SECTION: easylinux.com. 86400 IN SOA easylinux.com. nsadmin.easylinux.com. 20170528 7200 60 604800 86400 ;; Query time: 0 msec ;; SERVER: 192.168.45.202#53(192.168.45.202) ;; WHEN: Mon May 22 11:49:28 2017 ;; MSG SIZE rcvd: 75 [root@CentOS68every named]# host easylinux.com. @192.168.45.202 host: couldn't get address for '@192.168.45.202': failure [root@CentOS68every named]# host easylinux.com. 192.168.45.202 Using domain server: Name: 192.168.45.202 Address: 192.168.45.202#53 Aliases: easylinux.com mail is handled by 10 mx.easylinux.com.
配置逆向解析DNS
修改zone配置 /etc/named.rfc1912.zones
zone "45.168.192.in-addr.arpa" IN {
type master;
file "192.168.45.zone";
allow-update { none; };
};
添加192.168.45.zone文件至 /var/named
$TTL 86400
$ORIGIN 45.168.192.in-addr.arpa.
@ IN SOA ns1.easylinux.com. nsadmin.easylinux.com. (
20170528
2H
1M
1W
1D
)
IN NS ns1.easylinux.com.
IN NS ns2.easylinux.com.
192.168.45.100 IN PTR ns1.easylinux.com.
192.168.45.101 IN PTR ns2.easylinux.com.
192.168.45.102 IN PTR mx.easylinux.com.
192.168.45.201 IN PTR www.easylinux.com.
验证解析
~]# dig -x 192.168.45.201 @192.168.45.202 ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.47.rc1.el6 <<>> -x 192.168.45.201 @192.168.45.202 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 22989 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0 ;; QUESTION SECTION: ;201.45.168.192.in-addr.arpa. IN PTR ;; AUTHORITY SECTION: 45.168.192.in-addr.arpa. 86400 IN SOA ns1.easylinux.com. nsadmin.easylinux.com. 20170528 7200 60 604800 86400 ;; Query time: 1 msec ;; SERVER: 192.168.45.202#53(192.168.45.202) ;; WHEN: Mon May 22 12:06:51 2017 ;; MSG SIZE rcvd: 106
配置主从服务器
配置解析easylinux.com.的从服务器
增加一个从zone配置 /etc/named.rfc1912.zones
zone "easylinux.com" IN {
type slave;
file "slaves/easylinux.com.zone";
masters { 192.168.45.202; };
};
查看是否自动生成zone文件
~]# ls /var/named/slaves/ easylinux.com.zone
验证配置
~]# dig www.easylinux.com @192.168.45.203 ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.62.rc1.el6 <<>> www.easylinux.com @192.168.45.203 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 28361 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2 ;; QUESTION SECTION: ;www.easylinux.com. IN A ;; ANSWER SECTION: www.easylinux.com. 86400 IN A 192.168.45.201 ;; AUTHORITY SECTION: easylinux.com. 86400 IN NS ns2.easylinux.com. easylinux.com. 86400 IN NS ns1.easylinux.com. ;; ADDITIONAL SECTION: ns1.easylinux.com. 86400 IN A 192.168.45.100 ns2.easylinux.com. 86400 IN A 192.168.45.101 ;; Query time: 1 msec ;; SERVER: 192.168.45.203#53(192.168.45.203) ;; WHEN: Fri May 26 18:01:36 2017 ;; MSG SIZE rcvd: 119
原创文章,作者:easyTang,如若转载,请注明出处:http://www.178linux.com/77301
评论列表(1条)
主要介绍了dns正向解析,反向解析及dns的主从配置,内容介绍的很详细。排版也很好!