配置dns主从服务器,能够实现正常的正反向解析
一.配置文件介绍
提供DNS服务的软件叫bind,服务名是named。 [root@localhost ~]# yum install bind -y [root@localhost ~]# rpm -ql bind /etc/named.conf # bind主配置文件 /var/named/slaves # 从dns服务器文件夹 [root@localhost ~]# vim /etc/named.conf options { listen-on port 53 { 127.0.0.1; }; listen-on-v6 port 53 { ::1; }; directory "/var/named"; allow-query { localhost; }; }; zone "." IN { type hint; file "named.ca"; };
配置正向解析
1.下载bind服务并开启
[root@localhost ~]# yum install -y bind [root@localhost ~]# systemctl start named [root@localhost ~]# systemctl enable named
2.制定配置计划
www.xx.com——分配一个真实ip
dns.xx.com——分配一个真实ip
dhcp.xx.com——可以选择分配虚拟地址
nfs.xx.com——可以选择分配虚拟地址
ntp.xx.com——可以选择分配虚拟地址
3.修改主配置文件/etc/named.conf
[root@localhost ~]# vim /etc/named.conf listen-on port 53 { 192.168.119.131; }; directory "/var/named"; }; zone "baidu.com" IN { type master; file "named.baidu.com"; };
4.配置数据配置文件/var/named/
在/var/named/下vim一个“.zone”结尾的区域文件
[root@localhost ~]# cd /var/named/ [root@localhost named]# cp -a named.localhost named.baidu.zone
$TTL 1D @ IN SOA @ rname.invalid. ( 0 ; serial 1D ; refresh 1H ; retry 1W ; expire 3H ) ; minimum NS @ A 127.0.0.1 AAAA ::1
进行配置
[root@localhost ~]# vim /var/named/named.baidu.com $TTL 1D @ IN SOA @ admin.baidu.com. ( 0 1D 1H 1W 3H ) IN NS ns.baidu.com. IN MX 10 mail.baidu.com. ns IN A 192.168.119.131 mail IN A 192.168.119.131 www IN A 192.168.119.131 ftp IN CNAME www [root@localhost ~]# systemctl restart named [root@localhost ~]# systemctl disable firewalld --now
配置反向解析
1.修改主配置文件/etc/named.conf
[root@localhost ~]# vim /etc/named.conf zone "119.168.192.in-addr.arpa" IN { //倒着写你服务器ip所在网段,最后一位0可以省略,后缀需要加上.in-addr-arpa type master; file "119.168.192.zone"; };
2.修改数据配置文件
[root@localhost ~]# vim /var/named/119.168.192.zone //基本格式和正向解析相同 $TTL 1D @ IN SOA dns.lll.com. test.163.com ( 0 1D 1H 1W 3H ) IN NS dns.ssll.com. //将域名与IP指向反过来书写,这里的因为都属于是同一网段只需要写末尾一位 160 IN PTR dns.lll.com 161 IN PTR mail.lll.com 160 IN PTR www.lll.com xx IN PTR ftp xx IN PTR dhcp xx IN PTR ntp
3.检查书写并重启服务
[root@localhost ~]# systemctl restart named
4.测试
[root@localhost named]# nslookup 192.168.119.10 server can't find 10.119.168.192.in-addr.arpa: NXDOMAIN [root@localhost named]# nslookup 192.168.119.160 160.119.168.192.in-addr.arpa name = dns.lll.com.119.168.192.in-addr.arpa.