琼殿技术论坛»首页 后端架构/服务器运行环境 Linux服务器论坛 Linux DNS服务器搭建和DNS 客户端配置
返回列表 发新帖
查看: 48|回复: 0

Linux DNS服务器搭建和DNS 客户端配置

[复制链接]
朱文梅

1

主题

0

回帖

0

积分

积极分子

金币
0
阅读权限
220
精华
0
威望
0
贡献
0
在线时间
0 小时
注册时间
2011-8-22
发表于 2019-8-2 12:20:00 | 显示全部楼层 |阅读模式

操作系统版本:

[root@node named]# cat /etc/redhat-release
Red Hat Enterprise Linux Server release 6.6 (Santiago)

Linux下设置DNS的位置主要是,

1网卡设置配置文件里面DNS服务器地址设置,

2.系统默认DNS服务器地址设置。

3,hosts文件指定

 

生效顺序是:

1 hosts文件

2 网卡配置文件DNS服务地址

3 /etc/resolv.conf

 

安装DNS

yum install bind -y

 1 [root@gs2node named]# cat /etc/named.conf 
 2 //
 3 // named.conf
 4 //
 5 // Provided by Red Hat bind package to configure the ISC BIND named(8) DNS
 6 // server as a caching only nameserver (as a localhost DNS resolver only).
 7 //
 8 // See /usr/share/doc/bind*/sample/ for example named configuration files.
 9 //
10 
11 options {
12         listen-on port 53 { any; };
13         listen-on-v6 port 53 { ::1; };
14         directory       "/var/named";
15         dump-file       "/var/named/data/cache_dump.db";
16         statistics-file "/var/named/data/named_stats.txt";
17         memstatistics-file "/var/named/data/named_mem_stats.txt";
18         allow-query     { any; };
19         recursion yes;
20 
21         dnssec-enable yes;
22         dnssec-validation yes;
23         dnssec-lookaside auto;
24 
25         /* Path to ISC DLV key */
26         bindkeys-file "/etc/named.iscdlv.key";
27 
28         managed-keys-directory "/var/named/dynamic";
29 };
30 
31 logging {
32         channel default_debug {
33                 file "data/named.run";
34                 severity dynamic;
35         };
36 };
37 
38 zone "." IN {
39         type hint;
40         file "named.ca";
41 };
42 
43 include "/etc/named.rfc1912.zones";
44 include "/etc/named.root.key";
 1 [root@node named]# cat /etc/named.rfc1912.zones
 2 // named.rfc1912.zones:
 3 //
 4 // Provided by Red Hat caching-nameserver package 
 5 //
 6 // ISC BIND named zone configuration for zones recommended by
 7 // RFC 1912 section 4.1 : localhost TLDs and address zones
 8 // and http://www.ietf.org/internet-drafts/draft-ietf-dnsop-default-local-zones-02.txt
 9 // (c)2007 R W Franks
10 // 
11 // See /usr/share/doc/bind*/sample/ for example named configuration files.
12 //
13 
14 zone "localhost.localdomain" IN {
15         type master;
16         file "named.localhost";
17         allow-update { none; };
18 };
19 
20 zone "localhost" IN {
21         type master;
22         file "named.localhost";
23         allow-update { none; };
24 };
25 
26 zone "1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN {
27         type master;
28         file "named.loopback";
29         allow-update { none; };
30 };
31 
32 zone "1.0.0.127.in-addr.arpa" IN {
33         type master;
34         file "named.loopback";
35         allow-update { none; };
36 };
37 
38 zone "0.in-addr.arpa" IN {
39         type master;
40         file "named.empty";
41         allow-update { none; };
42 };
43 
44 zone "cbf.com" IN{
45      type master;
46      file "cbf.com.zone";
47 };
48 
49 zone "4.168.192.in-addr.arpa" IN {
50      type master;
51      file "4.168.192.zone";
52 };
 1 [root@node named]# pwd
 2 /var/named
 3 [root@node named]# cat 4.168.192.zone
 4 $TTL 1D
 5 @ IN SOA ns.cbf.com. root (
 6                              0    ;serial
 7                              1D   ;refresh
 8                              1H   ;retry
 9                              1w   ;expire
10                              3H ) ;minimum
11       IN NS ns.cbf.com.
12 92    IN PTR www.cbf.com.
13 
14 [root@node named]# cat cbf.com.zone
15 $TTL 1D
16 @ IN SOA ns.cbf.com. root (
17                              0    ;serial
18                              1D   ;refresh
19                              1H   ;retry
20                              1w   ;expire
21                              3H ) ;minimum
22          NS ns.cbf.com.
23          MX 5 mail.cbf.com.
24 www   IN A 192.168.4.92
25 ns    IN A 192.168.4.92
26 mail  IN A 192.168.4.92
27 smtp  IN A 192.168.4.92
28 pop3  IN A 192.168.4.92
29 pop   IN A 192.168.4.92


检查防火墙状态

1 [root@node named]# service iptables status
2 iptables: Firewall is not running.
[root@node named]# getenforce              
Disabled

检查53端口

 1 [root@node named]# netstat -anlpe | grep named
 2 tcp        0      0 192.168.1.70:53             0.0.0.0:*                   LISTEN      25         1291049098 17887/named         
 3 tcp        0      0 6.55.4.171:53               0.0.0.0:*                   LISTEN      25         1291049096 17887/named         
 4 tcp        0      0 127.0.0.1:53                0.0.0.0:*                   LISTEN      25         1291049094 17887/named         
 5 tcp        0      0 127.0.0.1:953               0.0.0.0:*                   LISTEN      25         1291049103 17887/named         
 6 tcp        0      0 ::1:53                      :::*                        LISTEN      25         1291049100 17887/named         
 7 tcp        0      0 ::1:953                     :::*                        LISTEN      25         1291049104 17887/named         
 8 udp        0      0 192.168.1.70:53             0.0.0.0:*                               25         1291049097 17887/named         
 9 udp        0      0 6.55.4.171:53               0.0.0.0:*                               25         1291049095 17887/named         
10 udp        0      0 127.0.0.1:53                0.0.0.0:*                               25         1291049093 17887/named         
11 udp        0      0 ::1:53                      :::*                                    25         1291049099 17887/named         
12 unix  2      [ ]         DGRAM                    1291049077 17887/named

 

启动DNS服务

service named start

 

==========================

本地测试

 1 [root@node named]# service iptables status
 2 iptables: Firewall is not running.
 3 [root@node named]# getenforce              
 4 Disabled
 5 [root@node named]# nslookup www.cbf.com
 6 Server:         127.0.0.1
 7 Address:        127.0.0.1#53
 8 
 9 Name:   www.cbf.com
10 Address: 192.168.4.92
11 
12 [root@node named]# nslookup mail.cbf.com
13 Server:         127.0.0.1
14 Address:        127.0.0.1#53
15 
16 Name:   mail.cbf.com
17 Address: 192.168.4.92
18 
19 [root@node named]# nslookup smtp.cbf.com
20 Server:         127.0.0.1
21 Address:        127.0.0.1#53
22 
23 Name:   smtp.cbf.com
24 Address: 192.168.4.92
25 
26 [root@node named]# nslookup 192.168.4.92
27 Server:         127.0.0.1
28 Address:        127.0.0.1#53
29 
30 92.4.168.192.in-addr.arpa       name = www.cbf.com.

 

==========================

客户端测试

 1 [root@node2 ~]# cat /etc/resolv.conf 
 2 nameserver <node IP>
 3 [root@node2 ~]# nslookup 192.168.4.92
 4 Server:         16.155.14.171
 5 Address:        16.155.14.171#53
 6 
 7 92.4.168.192.in-addr.arpa       name = www.cbf.com.
 8 
 9 [root@node2 ~]# nslookup www.cbf.com
10 Server:         16.155.14.171
11 Address:        16.155.14.171#53
12 
13 Name:   www.cbf.com
14 Address: 192.168.4.92

 

问题一:

 1 [root@node named]# cat gs.ct.com.zone   
 2 $TTL 1D
 3 @ IN SOA ns.gs.ct.com. root (
 4                              0    ;serial
 5                              1D   ;refresh
 6                              1H   ;retry
 7                              1w   ;expire
 8                              3H ) ;minimum
 9 
10 @                 IN NS ns.gs.ct.com.
11                  IN MX 5 mail.gs.ct.com.
12 GS   IN A 16.155.14.12
 

 

 1 [root@node named]# service named restart
 2 Stopping named:                                            [  OK  ]
 3 Starting named: 
 4 Error in named configuration:
 5 zone localhost.localdomain/IN: loaded serial 0
 6 zone localhost/IN: loaded serial 0
 7 zone 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN: loaded serial 0
 8 zone 1.0.0.127.in-addr.arpa/IN: loaded serial 0
 9 zone 0.in-addr.arpa/IN: loaded serial 0
10 zone gs.ct.com/IN: NS 'ns.gs.ct.com' has no address records (A or AAAA)
11 zone gs.ct.com/IN: not loaded due to errors.
12 _default/gs.ct.com/IN: bad zone
13 zone 14.155.16.in-addr.arpa/IN: loaded serial 0
14                                                            [FAILED]

 

解决方法:

修改/var/named/gs.ct.com.zone 文件

 1 [root@node named]# cat gs.ct.com.zone   
 2 $TTL 1D
 3 @ IN SOA ns.gs.ct.com. root (
 4                              0    ;serial
 5                              1D   ;refresh
 6                              1H   ;retry
 7                              1w   ;expire
 8                              3H ) ;minimum
 9 
10 @                 IN NS GS.gs.ct.com.
11                  IN MX 5 mail.gs.ct.com.
12 GS  IN A 16.155.14.12
[root@node named]# service named restart
Stopping named:                                            [  OK  ]
Starting named:                                            [  OK  ]

[root@node named]# nslookup 16.155.14.12
Server:         127.0.0.1
Address:        127.0.0.1#53

12.14.55.6.in-addr.arpa name = GS.gs.ct.com.

 



来源:https://www.cnblogs.com/coreloving/p/11287874.html
回复

使用道具 举报

返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 立即注册

本版积分规则

Archiver|手机版|小黑屋|琼殿技术论坛 |nimba_sitemap:appname

相关侵权、举报、投诉及建议等,请发 E-mail:qiongdian@foxmail.com

Powered by Discuz! X5.0 © 2001-2026 Discuz! Team.

在本版发帖返回顶部