CentOS DNS

Bind

Install

1
yum install bind bind bind-chroot -y

Start Service

1
2
3
service named start
systemctl name start # CentOs 7
systemctl enable named-chroot

Bind 配置

named.conf
1
vim /var/named/chroot/etc/named.conf
/var/named/chroot/etc/named.conf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
options {
        listen-on port 53 { any; };# 监听任何ip对53端口的请求
        listen-on-v6 port 53 { ::1; };
        directory       "/var/named";
        dump-file       "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
        memstatistics-file "/var/named/data/named_mem_stats.txt";
        allow-query     { any; }; # 接收任何来源查询dns记录
        recursion yes;

        dnssec-enable yes;
        dnssec-validation yes;

        /* Path to ISC DLV key */
        bindkeys-file "/etc/named.iscdlv.key";

         managed-keys-directory "/var/named/dynamic";
};

//以下用于限定 bind 服务器的日志参数
logging {
        channel default_debug {
                file "data/named.run";
                severity dynamic;
        };
};

//用于指定根服务器的配置信息,一般不能改动
zone "." IN {
        type hint;
        file "named.ca";
};

include "/etc/named.zones"; //指定住配置文件,按实际改动
include "/etc/named.root.key";

配置主配置文件

1
2
3
cd /var/named/chroot/etc/
cp -p named.rfc1912.zones named.zones
vim named.zones
/var/named/chroot/etc/named.zones
1
2
3
4
5
6
7
8
9
10
11
zone "vitan.me" IN {
        type master;
        file "vitan.me.zone";
        allow-update { none; };
};

zone "197.28.149.in-addr.arpa" IN {
        type master;
        file "149.28.197.zone";
        allow-update { none; };
};

区域配置文件

  • 正向解析域
1
2
3
cd /var/named/chroot/var/named
cp -p named.localhost vitan.me.zone
vim vitan.me.zone
/var/named/chroot/var/named/vitan.me.zone
1
2
3
4
5
6
7
8
9
10
11
12
13
$TTL 1D
@       IN SOA  www.vitan.me. mail.vitan.me. (
                2007101100      ; serial
                1D      ; refresh # 主从刷新时间
                1H      ; retry # 主从通讯失败后重试间隔
                1W      ; expire # 缓存过期时间
                3H )    ; minimum # 没有TTL定义时的最小生存周期

@       IN      NS              www.vitan.me.
@       IN      MX      10      www.vitan.me.
www     IN      A               149.28.197.1
mail    IN      A               149.28.197.1
www1    IN      CNAME           www.vitan.me.
  • 反向向解析域
1
2
3
cd /var/named/chroot/var/named
cp -p named.loopback 149.28.197.zone
vim /var/named/chroot/var/named/149.28.197zone
/var/named/chroot/var/named/149.28.197.zone
1
2
3
4
5
6
7
8
9
10
11
12
13
$TTL 1D
@       IN SOA  www.vitan.me. mail.vitan.me. (
                2007101100      ; serial
                1D      ; refresh # 主从刷新时间
                1H      ; retry # 主从通讯失败后重试间隔
                1W      ; expire # 缓存过期时间
                3H )    ; minimum # 没有TTL定义时的最小生存周期

@       IN      NS              www.vitan.me.
@       IN      MX      10      www.vitan.me.
www     IN      A               149.28.197.1
mail    IN      A               149.28.197.1
www1    IN      CNAME           www.vitan.me.

重启 DNS 服务

1
2
service named restart/reload
systemctl named restart # CentOs 7

客户端配置与测试

  • 以便能使用 nslookup dig 和 host
1
yum install bind-utils -y
/etc/resolv.conf
1
vim /etc/resolv.conf
/etc/resolv.conf
1
2
search vitan.me
nameserver 149.28.197.1

Test

1
2
dig www.vitan.me
nslookup www.vitan.me
许可协议

本文采用 署名-非商业性使用-相同方式共享 4.0 国际 许可协议,转载请注明出处。

快来参与讨论吧~

本站由 VITAN 使用 Stellar 主题创建。
本博客所有文章除特别声明外,均采用 CC BY-NC-SA 4.0 许可协议,转载请注明出处。