CentOS7域名服务器搭建
<h1>一、说明:</h1>
<pre><code class="language-bash">域名:xxx.techcenter.com
DNS Master主机:
主机名:dnsmaster.techcenter.com
主机IP:172.16.3.55
DNS Slave主机:
主机名: dnsslave.techcenter.com
主机IP:172.16.3.54
测试机:
172.16.68.188
首选DNS:172.16.3.55</code></pre>
<p>linux安装nslookup,dig,host命令
运行 nslookup, dig ,host 时候提示:</p>
<pre><code class="language-bash">#yum install bind-utils</code></pre>
<p>解决办法:
因为系统没有安装该命令,使用下面命令安装nslookup命令:
通常情况下,我们可以使用下面的命令查看某个命令是属于哪个软件包的,然后再安装对应的软件包:</p>
<pre><code class="language-bash">#yum provides "*bin/nslookup"
或者
#yum provides "*nslookup"</code></pre>
<h1>二、安装服务 bind</h1>
<pre><code class="language-bash">yum -y install bind*</code></pre>
<h1>三、修改主配置文件</h1>
<p>监听53端口,any代表允许所有主机的请求</p>
<pre><code class="language-bash">vim /etc/named.conf</code></pre>
<p><img src="https://www.showdoc.com.cn/server/api/attachment/visitfile/sign/8dcb02f33b8072fc7e2bb6d58a82a4f1?showdoc=.jpg" alt="" /></p>
<h1>三、修改区域文件 /etc/named.rfc1912.zones</h1>
<p>修改区域文件 /etc/named.rfc1912.zones,在这个文件里面最后面添加正向解析域和反向解析域</p>
<pre><code class="language-bash">zone "techcenter.com" IN {
type master;
file "techcenter.com.zone";
allow-update { none; };
};
zone "3.16.172.in-addr.arpa" IN {
type master;
file "172.16.3.zone";
allow-update { none; };
};
zone "30.168.192.in-addr.arpa" IN {
type master;
file "192.168.30.zone";
allow-update { none; };
};</code></pre>
<p><img src="https://www.showdoc.com.cn/server/api/attachment/visitfile/sign/7328ac9daaa2ca8b90a9cee4f2d1dd3d?showdoc=.jpg" alt="" />
1.设置一个域名为xxx.techcenter.com的正向解析域,dns类型为master,文件名为xxx.techcenter.com.zone,不允许自动更新。
2.设置xxx.techcenter.com的反向解析域,dns类型为master,文件名为172.16.3.zone,不允许自动更新。</p>
<h1>四、修改解析数据文件</h1>
<p>切换 cd /var/named 目录</p>
<h2>1.创建techcenter.com.zone文件</h2>
<p>vim /var/named/techcenter.com.zone,添加如下内容:</p>
<pre><code class="language-bash">$TTL 1D
@ IN SOA techcenter.com. admin.techcenter.com. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
@ IN NS dnsmaster.techcenter.com.
dnsmaster IN A 172.16.3.55
dnsslave IN A 172.16.3.54</code></pre>
<p>如图:
<img src="https://www.showdoc.com.cn/server/api/attachment/visitfile/sign/5c0ce0038896212ed63d3228a3faa4c5?showdoc=.jpg" alt="" /></p>
<h2>2.创建172.16.3.zone文件</h2>
<p>vim /var/named/172.16.3.zone,添加如下内容</p>
<pre><code class="language-bash">$TTL 1D
@ IN SOA techcenter.com. admin.techcenter.com. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
@ IN NS dnsmaster.techcenter.com.
54 IN PTR dnsslave.techcenter.com.</code></pre>
<p>如图:
<img src="https://www.showdoc.com.cn/server/api/attachment/visitfile/sign/93839fdddb2132b655594d7fa8b919f4?showdoc=.jpg" alt="" /></p>
<h1>五、检查并配置文件权限</h1>
<pre><code class="language-bash">chown -R root:named /var/named/172.16.3.zone
chown -R root:named /var/named/techcenter.com.zone</code></pre>
<h1>六、配置防火墙</h1>
<p>设置防火墙,放行53端口,(dns服务用的是53端口)</p>
<pre><code class="language-bash">firewall-cmd --query-service dns #查询,yes为开通
firewall-cmd --add-service=dns --permanent
firewall-cmd --reload</code></pre>
<h1>七、测试</h1>
<p>1.首选DNS服务器:172.16.3.55
打开cmd进行测试:
正向解析:
ping dnsslave.techcenter.com
反向解析:
nslookup 172.16.3.54
2.Linux下测试
Linux主机首选DNS服务器:172.16.3.55
2.1 根据域名查询IP</p>
<pre><code class="language-bash">[root@dnsslave ~]# host dnsslave.techcenter.com
dnsslave.techcenter.com has address 172.16.3.54</code></pre>
<p>2.2 查询所有信息</p>
<pre><code class="language-bash">[root@dnsslave ~]# host -a dnsslave.techcenter.com
Trying "dnsslave.techcenter.com"
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 64171
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1
;; QUESTION SECTION:
;dnsslave.techcenter.com. IN ANY
;; ANSWER SECTION:
dnsslave.techcenter.com. 86400 IN A 172.16.3.54
;; AUTHORITY SECTION:
techcenter.com. 86400 IN NS dnsmaster.techcenter.com.
;; ADDITIONAL SECTION:
dnsmaster.techcenter.com. 86400 IN A 172.16.3.55
Received 97 bytes from 172.16.3.55#53 in 0 ms</code></pre>
<p>2.3 反向查询域名</p>
<pre><code class="language-bash">[root@dnsslave ~]# host 172.16.3.54
54.3.16.172.in-addr.arpa domain name pointer dnsslave.techcenter.com.
[root@dnsslave ~]# nslookup 172.16.3.54
54.3.16.172.in-addr.arpa name = dnsslave.techcenter.com.</code></pre>
<p>参考资料:
<a href="http://www.west999.com/www/info/88995-1.htm">http://www.west999.com/www/info/88995-1.htm</a>
<a href="https://blog.51cto.com/14154700/2357252?source=dra">https://blog.51cto.com/14154700/2357252?source=dra</a>
<a href="https://blog.51cto.com/14449541/2435296?source=dra">https://blog.51cto.com/14449541/2435296?source=dra</a>
<a href="https://blog.csdn.net/mango_song/article/details/8314443">https://blog.csdn.net/mango_song/article/details/8314443</a></p>