Centos7搭建DNS服務器

#1.安裝bind軟件    yum install bind -y
[root@localhost named]# vi /etc/named.conf  //  // named.conf  //  // Provided by Red Hat bind package to configure the ISC BIND named(8) DNS  // server as a caching only nameserver (as a localhost DNS resolver only).  //  // See /usr/share/doc/bind*/sample/ for example named configuration files.  //  // See the BIND Administrator's Reference Manual (ARM) for details about the  // configuration located in /usr/share/doc/bind-{version}/Bv9ARM.html    options {  	listen-on port 53 { 192.168.1.7; };  	listen-on-v6 port 53 { ::1; };  	directory 	"/var/named";  	dump-file 	"/var/named/data/cache_dump.db";  	statistics-file "/var/named/data/named_stats.txt";  	memstatistics-file "/var/named/data/named_mem_stats.txt";  	recursing-file  "/var/named/data/named.recursing";  	secroots-file   "/var/named/data/named.secroots";  	allow-query     { any; };    	/*  	 - If you are building an AUTHORITATIVE DNS server, do NOT enable recursion.  	 - If you are building a RECURSIVE (caching) DNS server, you need to enable  	   recursion.  	 - If your recursive DNS server has a public IP address, you MUST enable access  	   control to limit queries to your legitimate users. Failing to do so will  	   cause your server to become part of large scale DNS amplification  	   attacks. Implementing BCP38 within your network would greatly  	   reduce such attack surface  	*/  	recursion yes;    	dnssec-enable yes;  	dnssec-validation yes;    	/* Path to ISC DLV key */  	bindkeys-file "/etc/named.root.key";    	managed-keys-directory "/var/named/dynamic";    	pid-file "/run/named/named.pid";  	session-keyfile "/run/named/session.key";  };    logging {          channel default_debug {                  file "data/named.run";                  severity dynamic;          };  };    zone "." IN {  	type hint;  	file "named.ca";  };    include "/etc/named.rfc1912.zones";  include "/etc/named.root.key";    [root@localhost named]#

vi /etc/named.rfc1912.zones

在最後加上:

//正向區域配置  zone "xiaochangwei.com" IN {      type master;      file "xiaochangwei.com.zone";      allow-update { none; };  };    //反向區域配置  zone "1.168.192.in-addr.arpa" IN {      type master;      file "xiaochangwei.com.local";      allow-update { none; };  };

 進入/var/named

cp -p named.empty xiaochangwei.com.zone

vi xiaochangwei.com.zone

$TTL 1D  @    IN SOA    @ rname.invalid. (                      0    ; serial                      1D    ; refresh                      1H    ; retry                      1W    ; expire                      3H )    ; minimum      NS    @      A    192.168.1.7    www IN A 192.168.1.6  ftp IN A 192.168.1.6  mail IN CNAME www

vi xiaochangwei.com.local

$TTL 1D  @    IN SOA    @ rname.invalid. (                      0    ; serial                      1D    ; refresh                      1H    ; retry                      1W    ; expire                      3H )    ; minimum      NS    @      A    192.168.1.7  6 IN PTR www.xiaochangwei.com.  #最前面的6代表ip的最後一位,因為在named.rfc1912.zones反向配置中,倒敘配置了ip前三位,所以這裡就相當於說192.168.1.6解析到www.xiaochangwei.com這個域名  9 IN PTR www.zycloud.info.    #同理,192.168.1.9就會解析到 www.zycloud.info這個域名。 注意域名後面有個點,不能省略
systemctl restart named  systemctl enable named

換一台電腦DNS設置為DNS服務器地址(192.168.1.7)

[root@1-5 ~]# nslookup ftp.xiaochangwei.com  Server:        192.168.1.7  Address:    192.168.1.7#53    Name:    ftp.xiaochangwei.com  Address: 192.168.1.6    [root@1-5 ~]#  [root@1-5 ~]# nslookup www.xiaochangwei.com  Server:        192.168.1.7  Address:    192.168.1.7#53    Name:    www.xiaochangwei.com  Address: 192.168.1.6    [root@1-5 ~]#

若提示nslookup沒安裝,執行下面命令進行安裝

yum install bind-utils -y
[root@1-5 ~]# nslookup 192.168.1.6  6.1.168.192.in-addr.arpa    name = www.xiaochangwei.com.    [root@1-5 ~]#

 需要注意的是:配置客戶機的DNS的時候不要在 /etc/resolv.conf中配置,不然重啟後會被覆蓋,

 應該在/etc/sysconfig/network-scripts/ifcfg-*中配置,啟動的時候會自動生成到resolv.conf中的

[root@1-5 ~]# cat /etc/sysconfig/network-scripts/ifcfg-ens33 |grep DNS  DNS1=192.168.1.7  [root@1-5 ~]#

VirMach 便宜 VPS

QNews

QNews