Linux 实验 -8 软件实现的DNS实验

1、ubuntu的DNS实验

1.1 更新apt源

1.2 安装软件

apt install bind9 bind9-utils -y

1.3 修改区域配置文件

vim /etc/bind/named.conf.default-zones

// prime the server with knowledge of the root servers
zone "." {
        type hint;
        file "/usr/share/dns/root.hints";
};

// be authoritative for the localhost forward and reverse zones, and for
// broadcast zones as per RFC 1912

zone "AiLun.com" {
        type master;
        file "/etc/bind/AiLun.zone";
};
zone "localhost" {
        type master;
        file "/etc/bind/db.local";
};

zone "127.in-addr.arpa" {
        type master;
        file "/etc/bind/db.127";
};

zone "0.in-addr.arpa" {
        type master;
        file "/etc/bind/db.0";
};

zone "255.in-addr.arpa" {
        type master;
        file "/etc/bind/db.255";
};

1.4 新建数据库文件

root@ubuntu:~# cd /etc/bind
root@ubuntu:/etc/bind# ls
bind.keys  db.127  db.empty  gfy.zone    named.conf.default-zones  named.conf.options  zones.rfc1918
db.0       db.255  db.local  named.conf  named.conf.local          rndc.key
root@ubuntu:/etc/bind# cp -a /etc/bind/db.local /etc/bind/AiLun.zone
root@ubuntu:/etc/bind# ls
AiLun.zone  db.0    db.255    db.local  named.conf                named.conf.local    rndc.key
bind.keys   db.127  db.empty  gfy.zone  named.conf.default-zones  named.conf.options  zones.rfc1918
root@ubuntu:/etc/bind# rm -rf gfy.zone 
root@ubuntu:/etc/bind# vim AiLun.zone

;
; BIND data file for local loopback interface
;
$TTL    604800
@       IN      SOA     master.AiLun.com. admin.AiLun.com. (
                              2         ; Serial
                         604800         ; Refresh
                          86400         ; Retry
                        2419200         ; Expire
                         604800 )       ; Negative Cache TTL
;
        IN      NS      master
master  IN      A       192.168.107.180
www     IN      A       192.168.107.150

1.5 重启服务 测试域名

root@ubuntu:/etc/bind# systemctl restart named
root@ubuntu:/etc/bind# dig @192.168.107.180 www.AiLun.com

; <<>> DiG 9.18.30-0ubuntu0.22.04.2-Ubuntu <<>> @192.168.107.180 www.AiLun.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 19600
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
; COOKIE: 650dacba4d6b89ac0100000068024028c710d7fa1797fbff (good)
;; QUESTION SECTION:
;www.AiLun.com.			IN	A

;; ANSWER SECTION:
www.AiLun.com.		604800	IN	A	192.168.107.150

;; Query time: 3 msec
;; SERVER: 192.168.107.180#53(192.168.107.180) (UDP)
;; WHEN: Fri Apr 18 12:06:00 UTC 2025
;; MSG SIZE  rcvd: 86

root@ubuntu:/etc/bind# vim AiLun.zone 
root@ubuntu:/etc/bind# 

2、centos的DNS实验

2.1 关闭防火墙 和 核心防护 （默认关闭）

2.2 安装软件

yum install -y bind bind-utils

开启 named服务

systemctl start named

已安装:
  bind.x86_64 32:9.11.4-26.P2.el7_9.16                                                                 

作为依赖被安装:
  bind-export-libs.x86_64 32:9.11.4-26.P2.el7_9.16                                                     

更新完毕:
  bind-utils.x86_64 32:9.11.4-26.P2.el7_9.16                                                           

作为依赖被升级:
  bind-libs.x86_64 32:9.11.4-26.P2.el7_9.16         bind-libs-lite.x86_64 32:9.11.4-26.P2.el7_9.16     
  bind-license.noarch 32:9.11.4-26.P2.el7_9.16      dhclient.x86_64 12:4.2.5-83.el7.centos.2           
  dhcp-common.x86_64 12:4.2.5-83.el7.centos.2       dhcp-libs.x86_64 12:4.2.5-83.el7.centos.2          

完毕！
[root@localhost ~]# systemctl   start  named
[root@localhost ~]# 

2.3 修改主配置文件

vim /etc/named.conf

//
// named.conf
//
// Provided by Red Hat bind package to configure the ISC BIND named(8) DNS
// server as a caching only nameserver (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
// See the BIND Administrator's Reference Manual (ARM) for details about the
// configuration located in /usr/share/doc/bind-{version}/Bv9ARM.html

options {
        listen-on port 53 { 127.0.0.1; };
        listen-on-v6 port 53 { ::1; };
        directory       "/var/named";
        dump-file       "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
        memstatistics-file "/var/named/data/named_mem_stats.txt";
        recursing-file  "/var/named/data/named.recursing";
        secroots-file   "/var/named/data/named.secroots";
        #allow-query     { localhost; };

注释掉 allow-query

2.4 修改区域配置文件

[root@localhost named]# vim /etc/named.rfc1912.zones

zone "ailun.com" IN {
        type master;
        file "ailun.zone";
};

2.5 准备数据库文件

[root@localhost named]# ls
ailun.zone  data  dynamic  named.ca  named.empty  named.localhost  named.loopback  slaves
[root@localhost named]# vim ailun.zone 
[root@localhost named]# 

$TTL 1D
@       IN SOA  master.ailun.com.      admin.ailun.com. (
                                        0       ; serial
                                        1D      ; refresh
                                        1H      ; retry
                                        1W      ; expire
                                        3H )    ; minimum
                NS      master
master  IN      A       192.168.107.190
www     IN      A       192.168.107.191
ftp     IN      A       192.168.107.192

重启服务 并验证

[root@localhost named]# dig @192.168.107.190 www.ailun.com

; <<>> DiG 9.11.4-P2-RedHat-9.11.4-26.P2.el7_9.16 <<>> @192.168.107.190 www.ailun.com
; (1 server found)
;; global options: +cmd
;; connection timed out; no servers could be reached

实验好像失误了