CentOS 7 DNS服务配置

技术2022-07-12 85

CentOS 7 DNS服务配置

1.安装DNS服务组件

[root@localhost ~]# yum -y install bind

这里已将对应的依赖关系的组件都安装好了

2.配置DNS服务文件

进入etc文件夹中查找named文件

[root@localhost etc]# ls named* named-chroot.files named.iscdlv.key named.root.key named.conf named.rfc1912.zones named:

编辑named.conf文件，将原本的监听端口改为any 注释logging区域

/* logging { channel default_debug { file "data/named.run"; severity dynamic; }; }; */

在文件最后添加我们的正反向解析文件

zone "0.in-addr.arpa" IN { type master; file "named.empty"; allow-update { none; }; }; zone "example.com" IN { type master; file "example.com"; allow-update { none; }; }; zone "25.168.192.in-addr.arpa" IN { type master; file "192.168.26.zone"; allow-update { none; }; };

将named.localhost复制出两个文件，分别对应正反区域文件“example.com"和192.168.26.zone“，这样省下了编辑SOA的一些常规参数

[root@localhost named]# cp -a named.localhost example.com [root@localhost named]# cp -a named.localhost 192.168.26.zone

配置正反向区域文件

正向文件配置

vim example.com $TTL 1D @ IN SOA example.com. rname.invalid. ( 0 ; serial 1D ; refresh 1H ; retry 1W ; expire 3H ) ; minimum @ NS master.example.com. mater A 192.168.26.128 AAAA ::1 www CNAME master ftp CNAME master smtp A 192.168.26.11 mail A 192.168.26.12 @ MX 10 mail ~

反向文件配置

vim 192.168.26.zone $TTL 1D @ IN SOA master.exmaple.com. rname.invalid. ( 0 ; serial 1D ; refresh 1H ; retry 1W ; expire 3H ) ; minimum @ NS master.example.com. 128 PTR master.example.com. 11 PTR smtp.example.com. 12 PTR mail.example.com.

重启DNS服务

配置好我们的ＤＮＳ服务器

vim /etc/sysconfig/network-scripts/ifcfg-ens33 TYPE="Ethernet" PROXY_METHOD="none" BROWSER_ONLY="no" BOOTPROTO="static" DEFROUTE="yes" IPV4_FAILURE_FATAL="no" IPV6INIT="yes" IPV6_AUTOCONF="yes" IPV6_DEFROUTE="yes" IPV6_FAILURE_FATAL="no" IPV6_ADDR_GEN_MODE="stable-privacy" NAME="ens33" UUID="c5fe79f2-77d7-4431-9814-79f6646b6083" DEVICE="ens33" ONBOOT="yes" IPADDR="192.168.26.128" NETMASK="255.255.255.0" GATEWAY="192.168.26.2" DNS1="192.168.26.128" DNS2="8.8.8.8"

这里检查一下我们的配置有没有出错

named-checkconf -z /etc/named.rfc1912.zones [root@localhost named]# named-checkconf -z /etc/named.rfc1912.zones zone localhost.localdomain/IN: loaded serial 0 zone localhost/IN: loaded serial 0 zone 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN: loaded serial 0 zone 1.0.0.127.in-addr.arpa/IN: loaded serial 0 zone 0.in-addr.arpa/IN: loaded serial 0 zone example.com/IN: NS 'master.example.com' has no address records (A or AAAA) zone example.com/IN: not loaded due to errors. _default/example.com/IN: bad zone zone 25.168.192.in-addr.arpa/IN: loaded serial 0

这里example.com文件出错了，发现是master写成来了mater,改过来之后重启ＤＮＳ服务 systemctl restart named

测试DNS服务配置

测试前主机的DNS服务器地址记得设置成刚写好的地址

[root@master ~]# nslookup > www.example.com Server: 192.168.26.128 Address: 192.168.26.128#53 www.example.com canonical name = master.example.com. Name: master.example.com Address: 192.168.26.128 Name: master.example.com Address: ::1 > ftp.example.com Server: 192.168.26.128 Address: 192.168.26.128#53 ftp.example.com canonical name = master.example.com. Name: master.example.com Address: 192.168.26.128 Name: master.example.com Address: ::1 > 192.168.128 Server: 192.168.26.128 Address: 192.168.26.128#53

在win2003上测试一下，先关CentOS的防火墙service firewalld stop 测试成功

Processed: 0.023, SQL: 9