CentOS简单配置DNS服务器
2020-11-16
一、DNS简介
DNS是域名系统(Domain Name System)的缩写,是因特网的一项核心服务,它能提供域名与IP地址之间对应关系的转换服务。这样我们就可以更方便地去访问互联网了,不用去记住那一串IP数字。本文档主要是说明如何把一台CentOS主机配置成一个DNS服务器,以便能提供域名解析服务。
二、安装环境
操作系统:CentOS 6.8 IP地址:10.10.10.10 测试域名:ielave.com
三、安装DNS服务
CentOS终端执行
# yum install bind
四、修改配置文件
1.修改主配置文件named.conf
# vim /etc/named.conf
将如下代码
options {
listen-on port 53 { 127.0.0.1; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
recursing-file "/var/named/data/named.recursing";
secroots-file "/var/named/data/named.secroots";
allow-query { localhost; };
recursion yes;
dnssec-enable yes;
dnssec-validation yes;
/* Path to ISC DLV key */
bindkeys-file "/etc/named.root.key";
managed-keys-directory "/var/named/dynamic";
pid-file "/run/named/named.pid";
session-keyfile "/run/named/session.key";
};
改为
options {
listen-on port 53 { 10.10.10.10; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
recursing-file "/var/named/data/named.recursing";
secroots-file "/var/named/data/named.secroots";
allow-query { any; };
recursion yes;
dnssec-enable yes;
dnssec-validation yes;
/* Path to ISC DLV key */
bindkeys-file "/etc/named.root.key";
managed-keys-directory "/var/named/dynamic";
pid-file "/run/named/named.pid";
session-keyfile "/run/named/session.key";
};
其实就是将
listen-on port 53 { 127.0.0.1; };
中的IP地址改为本机IP 将allow-query { localhost; };
改为allow-query { any; };
2.添加正向区域和反向区域
# vim /etc/named.rfc1912.zones
添加如下代码
zone "ielave.com" IN {
type master;
file "ielave.zone";
allow-update { none; };
}; # 正向区域
zone "10.10.10.in-addr.arpa" IN {
type master;
file "10.10.10.zone";
allow-update { none; };
}; # 反向区域
3.创建区域对应的文件添加解析记录
# cd /var/named
直接复制对应的模板并对其做修改
# cp -p named.localhost ielave.com.zone
$TTL 1D
@ IN SOA @ ielave.com. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS @
A 10.10.10.10
AAAA ::1
www IN A 10.10.10.20
ftp IN A 10.10.10.30
blog IN A 10.10.10.40
# cp -p named.loopback 10.10.10.zone
$TTL 1D
@ IN SOA @ ielave.com. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS @
A 10.10.10.10
AAAA ::1
20 IN PTR www.ielave.com.
30 IN PTR ftp.ielave.com.
40 IN PTR blog.ielave.com.
五、启动DNS服务
# service named start
六、测试
使用nslook命令解析测试