2.5 cn域的主DNS服务器配置192.168.131.38/24
yum install bind -y
1.注释两行
// listen-on port 53 { 127.0.0.1; };
// allow-query { localhost; };
2.定义区域数据库类型和文件名
vim /etc/named.rfc1912.zones
zone "cn" {
type master;
file "cn.zone";
};
3.编写区域数据库
vim /var/named/org.zone
$TTL 1D
@ IN SOA master admin.suosuoli.cn. (
2019111709 ; serial
2D ; refresh
2H ; retry
5D ; expire
2H ) ; minimum
NS master
suosuoli NS suousolins1
suosuoli NS suousolins2
master A 192.168.131.38
suousolins1 A 192.168.131.48
suousolins2 A 192.168.131.58
4.权限和所属组配置
chgrp named /var/named/cn.zone
chmod 640 /var/named/cn.zone
service named start | systemctl start named
5.在客户端测试
192.168.131.6:$dig www.suosuoli.cn @192.168.131.38
2.6 根域服务器主DNS服务器配置192.168.131.28/24
yum install bind -y
1.注释两行,并直接在主配置文件中定义根域文件名
// listen-on port 53 { 127.0.0.1; };
// allow-query { localhost; };
zone "." IN {
type master;
file "root.zone"
};
2.编写区域数据库
vim /var/named/root.zone
@TTL 1D
@ IN SOA master admin.suosuoli.cn. (
2019111709 ; serial
2D ; refresh
2H ; retry
5D ; expire
2H ) ; minimum
NS master
cn NS cnns
master A 192.168.131.28
cnns A 192.168.131.38
3.组和权限设置
chgrp named /var/named/root.zone
chmod 640 /var/named/root.zone
service named start | systemctl start named
4.在客户端测试
192.168.131.6:$dig www.suosuoli.cn @192.168.131.28
2.7 转发目标DNS服务器配置192.168.131.18/24
yum install bind -y
1.注释两行
vim /etc/named.conf
2.编写区域数据库文件(在根区域数据库文件的基础上更改)
vim /var/named/named.ca
使用‘;;’两个分号注释掉其它行,添加下面两行
. 518400 IN NS a.root-servers.net.
a.root-servers.net. 3600000 IN NS 192.168.131.28
service named start | systemctl start named
3.在客户端测试
192.168.131.6:$dig www.suosuoli.cn @192.168.131.18
2.8 本地DNS服务器配置192.168.131.8/24
yum install bind -y
1.注释两行,并添加转发配置项,接着失能两项DNS安全检查配置项
vim /etc/named.conf
// listen-on port 53 { 127.0.0.1; };
// allow-query { localhost; }
forward only;
forwarders { 192.168.131.18; };
dnssec-enable no;
dnssec-validation no;
service named start | systemctl start named
3.在客户端测试
192.168.131.6:$dig www.suosuoli.cn @192.168.131.8
2.9 客服端测试
cat /etc/resolv.conf
nameserver 192.168.131.8
dig www.suosuoli.cn
root@localhost ~]# dig www.suosuoli.cn
; <<>> DiG 9.11.4-P2-RedHat-9.11.4-9.P2.el7 <<>> www.suosuoli.cn
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 432453
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 3
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;www.suosuoli.cn. IN A
;; ANSWER SECTION:
www.suosuoli.cn. 86181 IN A 192.168.131.68
;; AUTHORITY SECTION:
suosuoli.cn. 86181 IN NS ns2.suosuoli.cn.
suosuoli.cn. 86181 IN NS ns1.suosuoli.cn.
;; ADDITIONAL SECTION:
suosuoli.cn. 86181 IN A 192.168.131.48
suosuoli.cn. 86181 IN A 192.168.131.58
;; Query time: 1 msec
;; SERVER: 192.168.8.8
;; WHEN: Sun Nov 10 10:53:39 CST 2019
;; MSG SIZE rcvd: 127
curl www.suosuooli.cn
<h1>Welcome!<h1>
