DNS服务——服务端 和 客户端 配置
前言
电脑经常会出现一些网络小毛病。有的时候,QQ能正常上网,但是网页却打不开。这种时候十有八九是DNS出问题了。
QQ在DNS不可用的时候,可以跳过DNS解析,直接访问对方IP
实验环境
rhel-server-6.4-x86_64-dvd(ED2000.COM).iso最小化安装
常用公网DNS服务器
8.8.8.8
222.222.222.222
202.99.168.8
202.99.160.68
配置DNS服务器
设置本地yum源
安装bind
域名系统 (Domain Name System, DNS)一种因特网的通讯协议名称,提供这种服务的软件有很多,比如(Berkeley Internet Name Domain, BIND)。
[root@ziqiang ~]# yum list | grep bind
PackageKit-device-rebind.x86_64 0.5.-.el6 vcd
bind.x86_64 :9.8.-0.17.rc1.el6 vcd
bind-chroot.x86_64 :9.8.-0.17.rc1.el6 vcd
bind-dyndb-ldap.x86_64 2.3-.el6 vcd
bind-libs.i686 :9.8.-0.17.rc1.el6 vcd
bind-libs.x86_64 :9.8.-0.17.rc1.el6 vcd
bind-utils.x86_64 :9.8.-0.17.rc1.el6 vcd
rpcbind.x86_64 0.2.-.el6 vcd
samba-winbind.x86_64 3.6.-.el6 vcd
samba-winbind-clients.i686 3.6.-.el6 vcd
samba-winbind-clients.x86_64 3.6.-.el6 vcd
samba4-winbind.x86_64 4.0.-.el6.rc4 vcd
samba4-winbind-clients.x86_64 4.0.-.el6.rc4 vcd
samba4-winbind-krb5-locator.x86_64 4.0.-.el6.rc4 vcd
ypbind.x86_64 :1.20.-.el6 vcd
[root@ziqiang ~]# yum -y install bind
Loaded plugins: product-id, subscription-manager
This system is not registered to Red Hat Subscription Management. You can use subscription-manager to register.
Setting up Install Process
Resolving Dependencies
--> Running transaction check
---> Package bind.x86_64 :9.8.-0.17.rc1.el6 will be installed
--> Processing Dependency: bind-libs = :9.8.-0.17.rc1.el6 for package: :bind-9.8.-0.17.rc1.el6.x86_64
--> Processing Dependency: liblwres.so.()(64bit) for package: :bind-9.8.-0.17.rc1.el6.x86_64
--> Processing Dependency: libisccfg.so.()(64bit) for package: :bind-9.8.-0.17.rc1.el6.x86_64
--> Processing Dependency: libisccc.so.()(64bit) for package: :bind-9.8.-0.17.rc1.el6.x86_64
--> Processing Dependency: libisc.so.()(64bit) for package: :bind-9.8.-0.17.rc1.el6.x86_64
--> Processing Dependency: libdns.so.()(64bit) for package: :bind-9.8.-0.17.rc1.el6.x86_64
--> Processing Dependency: libbind9.so.()(64bit) for package: :bind-9.8.-0.17.rc1.el6.x86_64
--> Running transaction check
---> Package bind-libs.x86_64 :9.8.-0.17.rc1.el6 will be installed
--> Finished Dependency Resolution Dependencies Resolved ===================================================================================================================================
Package Arch Version Repository Size
===================================================================================================================================
Installing:
bind x86_64 :9.8.-0.17.rc1.el6 vcd 4.0 M
Installing for dependencies:
bind-libs x86_64 :9.8.-0.17.rc1.el6 vcd k Transaction Summary
===================================================================================================================================
Install Package(s) Total download size: 4.8 M
Installed size: 9.4 M
Downloading Packages:
-----------------------------------------------------------------------------------------------------------------------------------
Total MB/s | 4.8 MB :
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
Installing : :bind-libs-9.8.-0.17.rc1.el6.x86_64 /
Installing : :bind-9.8.-0.17.rc1.el6.x86_64 /
Verifying : :bind-9.8.-0.17.rc1.el6.x86_64 /
Verifying : :bind-libs-9.8.-0.17.rc1.el6.x86_64 / Installed:
bind.x86_64 :9.8.-0.17.rc1.el6 Dependency Installed:
bind-libs.x86_64 :9.8.-0.17.rc1.el6 Complete!
查看安装完毕后的DNS服务
[root@ziqiang ~]# chkconfig
auditd :off :off :on :on :on :on :off
crond :off :off :on :on :on :on :off
dhcpd :off :off :off :off :off :off :off
dhcpd6 :off :off :off :off :off :off :off
dhcrelay :off :off :off :off :off :off :off
ip6tables :off :off :on :on :on :on :off
iptables :off :off :on :on :on :on :off
named :off :off :off :off :off :off :off
netconsole :off :off :off :off :off :off :off
netfs :off :off :off :on :on :on :off
network :off :off :on :on :on :on :off
portreserve :off :off :on :on :on :on :off
postfix :off :off :on :on :on :on :off
rdisc :off :off :off :off :off :off :off
restorecond :off :off :off :off :off :off :off
rhnsd :off :off :on :on :on :on :off
rhsmcertd :off :off :off :on :on :on :off
rsyslog :off :off :on :on :on :on :off
saslauthd :off :off :off :off :off :off :off
sshd :off :off :on :on :on :on :off
udev-post :off :on :on :on :on :on :off
刚刚安装的服务叫named,显示是关闭状态,接下来开启该服务
[root@ziqiang ~]# chkconfig named on
[root@ziqiang ~]# chkconfig
auditd :off :off :on :on :on :on :off
crond :off :off :on :on :on :on :off
dhcpd :off :off :off :off :off :off :off
dhcpd6 :off :off :off :off :off :off :off
dhcrelay :off :off :off :off :off :off :off
ip6tables :off :off :on :on :on :on :off
iptables :off :off :on :on :on :on :off
named :off :off :on :on :on :on :off
netconsole :off :off :off :off :off :off :off
netfs :off :off :off :on :on :on :off
network :off :off :on :on :on :on :off
portreserve :off :off :on :on :on :on :off
postfix :off :off :on :on :on :on :off
rdisc :off :off :off :off :off :off :off
restorecond :off :off :off :off :off :off :off
rhnsd :off :off :on :on :on :on :off
rhsmcertd :off :off :off :on :on :on :off
rsyslog :off :off :on :on :on :on :off
saslauthd :off :off :off :off :off :off :off
sshd :off :off :on :on :on :on :off
udev-post :off :on :on :on :on :on :off
[root@ziqiang ~]# runlevel
N
查看配置文件
bind安装完毕后所有配置文件(包含可执行文件)
[root@ziqiang ~]# rpm -lq bind
/etc/NetworkManager/dispatcher.d/-named
/etc/logrotate.d/named
/etc/named
/etc/named.conf
/etc/named.iscdlv.key
/etc/named.rfc1912.zones
/etc/named.root.key
/etc/portreserve/named
/etc/rc.d/init.d/named
/etc/rndc.conf
/etc/rndc.key
/etc/sysconfig/named
/usr/lib64/bind
/usr/sbin/arpaname
/usr/sbin/ddns-confgen
/usr/sbin/dnssec-dsfromkey
/usr/sbin/dnssec-keyfromlabel
/usr/sbin/dnssec-keygen
/usr/sbin/dnssec-revoke
/usr/sbin/dnssec-settime
/usr/sbin/dnssec-signzone
/usr/sbin/genrandom
/usr/sbin/isc-hmac-fixup
/usr/sbin/lwresd
/usr/sbin/named
/usr/sbin/named-checkconf
/usr/sbin/named-checkzone
/usr/sbin/named-compilezone
/usr/sbin/named-journalprint
/usr/sbin/nsec3hash
/usr/sbin/rndc
/usr/sbin/rndc-confgen
/usr/share/doc/bind-9.8.
/usr/share/doc/bind-9.8./CHANGES
/usr/share/doc/bind-9.8./COPYRIGHT
/usr/share/doc/bind-9.8./Copyright
/usr/share/doc/bind-9.8./README
/usr/share/doc/bind-9.8./arm
/usr/share/doc/bind-9.8./arm/Bv9ARM-book.xml
/usr/share/doc/bind-9.8./arm/Bv9ARM.ch01.html
/usr/share/doc/bind-9.8./arm/Bv9ARM.ch02.html
/usr/share/doc/bind-9.8./arm/Bv9ARM.ch03.html
/usr/share/doc/bind-9.8./arm/Bv9ARM.ch04.html
/usr/share/doc/bind-9.8./arm/Bv9ARM.ch05.html
/usr/share/doc/bind-9.8./arm/Bv9ARM.ch06.html
/usr/share/doc/bind-9.8./arm/Bv9ARM.ch07.html
/usr/share/doc/bind-9.8./arm/Bv9ARM.ch08.html
/usr/share/doc/bind-9.8./arm/Bv9ARM.ch09.html
/usr/share/doc/bind-9.8./arm/Bv9ARM.ch10.html
/usr/share/doc/bind-9.8./arm/Bv9ARM.html
/usr/share/doc/bind-9.8./arm/Bv9ARM.pdf
/usr/share/doc/bind-9.8./arm/Makefile
/usr/share/doc/bind-9.8./arm/Makefile.in
/usr/share/doc/bind-9.8./arm/README-SGML
/usr/share/doc/bind-9.8./arm/dnssec.xml
/usr/share/doc/bind-9.8./arm/isc-logo.eps
/usr/share/doc/bind-9.8./arm/isc-logo.pdf
/usr/share/doc/bind-9.8./arm/latex-fixup.pl
/usr/share/doc/bind-9.8./arm/libdns.xml
/usr/share/doc/bind-9.8./arm/man.arpaname.html
/usr/share/doc/bind-9.8./arm/man.ddns-confgen.html
/usr/share/doc/bind-9.8./arm/man.dig.html
/usr/share/doc/bind-9.8./arm/man.dnssec-dsfromkey.html
/usr/share/doc/bind-9.8./arm/man.dnssec-keyfromlabel.html
/usr/share/doc/bind-9.8./arm/man.dnssec-keygen.html
/usr/share/doc/bind-9.8./arm/man.dnssec-revoke.html
/usr/share/doc/bind-9.8./arm/man.dnssec-settime.html
/usr/share/doc/bind-9.8./arm/man.dnssec-signzone.html
/usr/share/doc/bind-9.8./arm/man.genrandom.html
/usr/share/doc/bind-9.8./arm/man.host.html
/usr/share/doc/bind-9.8./arm/man.isc-hmac-fixup.html
/usr/share/doc/bind-9.8./arm/man.named-checkconf.html
/usr/share/doc/bind-9.8./arm/man.named-checkzone.html
/usr/share/doc/bind-9.8./arm/man.named-journalprint.html
/usr/share/doc/bind-9.8./arm/man.named.html
/usr/share/doc/bind-9.8./arm/man.nsec3hash.html
/usr/share/doc/bind-9.8./arm/man.nsupdate.html
/usr/share/doc/bind-9.8./arm/man.rndc-confgen.html
/usr/share/doc/bind-9.8./arm/man.rndc.conf.html
/usr/share/doc/bind-9.8./arm/man.rndc.html
/usr/share/doc/bind-9.8./arm/managed-keys.xml
/usr/share/doc/bind-9.8./arm/pkcs11.xml
/usr/share/doc/bind-9.8./draft
/usr/share/doc/bind-9.8./draft/draft-faltstrom-uri-.txt
/usr/share/doc/bind-9.8./draft/draft-ietf-6man-text-addr-representation-.txt
/usr/share/doc/bind-9.8./draft/draft-ietf-behave-address-format-.txt
/usr/share/doc/bind-9.8./draft/draft-ietf-behave-dns64-.txt
/usr/share/doc/bind-9.8./draft/draft-ietf-dnsext-axfr-clarify-.txt
/usr/share/doc/bind-9.8./draft/draft-ietf-dnsext-dns-tcp-requirements-.txt
/usr/share/doc/bind-9.8./draft/draft-ietf-dnsext-dnssec-bis-updates-.txt
/usr/share/doc/bind-9.8./draft/draft-ietf-dnsext-dnssec-registry-fixes-.txt
/usr/share/doc/bind-9.8./draft/draft-ietf-dnsext-ecc-key-.txt
/usr/share/doc/bind-9.8./draft/draft-ietf-dnsext-interop3597-.txt
/usr/share/doc/bind-9.8./draft/draft-ietf-dnsext-rfc2671bis-edns0-.txt
/usr/share/doc/bind-9.8./draft/draft-ietf-dnsext-rfc2672bis-dname-.txt
/usr/share/doc/bind-9.8./draft/draft-ietf-dnsext-rfc3597-bis-.txt
/usr/share/doc/bind-9.8./draft/draft-ietf-dnsext-tsig-md5-deprecated-.txt
/usr/share/doc/bind-9.8./draft/draft-ietf-dnsop-bad-dns-res-.txt
/usr/share/doc/bind-9.8./draft/draft-ietf-dnsop-dnssec-key-timing-.txt
/usr/share/doc/bind-9.8./draft/draft-ietf-dnsop-dnssec-trust-history-.txt
/usr/share/doc/bind-9.8./draft/draft-ietf-dnsop-inaddr-required-.txt
/usr/share/doc/bind-9.8./draft/draft-ietf-dnsop-name-server-management-reqs-.txt
/usr/share/doc/bind-9.8./draft/draft-ietf-dnsop-respsize-.txt
/usr/share/doc/bind-9.8./draft/draft-kato-dnsop-local-zones-.txt
/usr/share/doc/bind-9.8./draft/draft-kerr-ixfr-only-.txt
/usr/share/doc/bind-9.8./draft/draft-mekking-dnsop-auto-cpsync-.txt
/usr/share/doc/bind-9.8./draft/draft-yao-dnsext-bname-.txt
/usr/share/doc/bind-9.8./draft/update
/usr/share/doc/bind-9.8./misc
/usr/share/doc/bind-9.8./misc/Makefile
/usr/share/doc/bind-9.8./misc/Makefile.in
/usr/share/doc/bind-9.8./misc/dnssec
/usr/share/doc/bind-9.8./misc/format-options.pl
/usr/share/doc/bind-9.8./misc/ipv6
/usr/share/doc/bind-9.8./misc/migration
/usr/share/doc/bind-9.8./misc/migration-4to9
/usr/share/doc/bind-9.8./misc/options
/usr/share/doc/bind-9.8./misc/rfc-compliance
/usr/share/doc/bind-9.8./misc/roadmap
/usr/share/doc/bind-9.8./misc/sdb
/usr/share/doc/bind-9.8./misc/sort-options.pl
/usr/share/doc/bind-9.8./named.conf.default
/usr/share/doc/bind-9.8./rfc
/usr/share/doc/bind-9.8./rfc/index.gz
/usr/share/doc/bind-9.8./rfc/rfc1032.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc1033.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc1034.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc1035.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc1101.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc1122.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc1123.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc1183.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc1348.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc1535.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc1536.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc1537.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc1591.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc1611.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc1612.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc1706.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc1712.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc1750.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc1876.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc1886.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc1912.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc1982.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc1995.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc1996.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc2052.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc2104.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc2119.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc2133.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc2136.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc2137.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc2163.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc2168.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc2181.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc2230.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc2308.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc2317.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc2373.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc2374.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc2375.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc2418.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc2535.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc2536.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc2537.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc2538.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc2539.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc2540.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc2541.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc2553.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc2671.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc2672.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc2673.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc2782.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc2825.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc2826.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc2845.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc2874.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc2915.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc2929.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc2930.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc2931.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc3007.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc3008.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc3071.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc3090.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc3110.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc3123.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc3152.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc3197.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc3225.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc3226.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc3258.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc3363.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc3364.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc3425.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc3445.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc3467.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc3490.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc3491.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc3492.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc3493.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc3513.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc3596.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc3597.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc3645.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc3655.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc3658.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc3755.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc3757.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc3833.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc3845.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc3901.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc4025.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc4033.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc4034.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc4035.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc4074.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc4159.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc4193.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc4255.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc4294.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc4339.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc4343.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc4367.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc4398.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc4408.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc4431.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc4470.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc4471.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc4472.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc4509.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc4634.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc4635.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc4641.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc4648.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc4697.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc4701.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc4892.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc4955.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc4956.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc5001.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc5011.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc5155.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc5205.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc5452.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc5507.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc5625.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc5702.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc5933.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc6303.txt.gz
/usr/share/doc/bind-9.8./rfc/rfc952.txt.gz
/usr/share/doc/bind-9.8./rfc1912.txt
/usr/share/doc/bind-9.8./sample
/usr/share/doc/bind-9.8./sample/etc
/usr/share/doc/bind-9.8./sample/etc/named.conf
/usr/share/doc/bind-9.8./sample/etc/named.rfc1912.zones
/usr/share/doc/bind-9.8./sample/var
/usr/share/doc/bind-9.8./sample/var/named
/usr/share/doc/bind-9.8./sample/var/named/data
/usr/share/doc/bind-9.8./sample/var/named/my.external.zone.db
/usr/share/doc/bind-9.8./sample/var/named/my.internal.zone.db
/usr/share/doc/bind-9.8./sample/var/named/named.ca
/usr/share/doc/bind-9.8./sample/var/named/named.empty
/usr/share/doc/bind-9.8./sample/var/named/named.localhost
/usr/share/doc/bind-9.8./sample/var/named/named.loopback
/usr/share/doc/bind-9.8./sample/var/named/slaves
/usr/share/doc/bind-9.8./sample/var/named/slaves/my.ddns.internal.zone.db
/usr/share/doc/bind-9.8./sample/var/named/slaves/my.slave.internal.zone.db
/usr/share/man/man1/arpaname..gz
/usr/share/man/man5/named.conf..gz
/usr/share/man/man5/rndc.conf..gz
/usr/share/man/man8/ddns-confgen..gz
/usr/share/man/man8/dnssec-dsfromkey..gz
/usr/share/man/man8/dnssec-keyfromlabel..gz
/usr/share/man/man8/dnssec-keygen..gz
/usr/share/man/man8/dnssec-revoke..gz
/usr/share/man/man8/dnssec-settime..gz
/usr/share/man/man8/dnssec-signzone..gz
/usr/share/man/man8/genrandom..gz
/usr/share/man/man8/isc-hmac-fixup..gz
/usr/share/man/man8/lwresd..gz
/usr/share/man/man8/named-checkconf..gz
/usr/share/man/man8/named-checkzone..gz
/usr/share/man/man8/named-compilezone..gz
/usr/share/man/man8/named-journalprint..gz
/usr/share/man/man8/named..gz
/usr/share/man/man8/nsec3hash..gz
/usr/share/man/man8/rndc-confgen..gz
/usr/share/man/man8/rndc..gz
/var/log/named.log
/var/named
/var/named/data
/var/named/dynamic
/var/named/named.ca
/var/named/named.empty
/var/named/named.localhost
/var/named/named.loopback
/var/named/slaves
/var/run/named
/etc/named.conf主配置文件设置DNS服务器的属性
/etc/named.rfc1912.zones区域定义
/var/named/区域文件所在的目录
查看Internet上根DNS服务器
[root@ziqiang data]# cat /var/named/named.ca
; <<>> DiG 9.5.0b2 <<>> +bufsize= +norec NS . @a.root-servers.net
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id:
;; flags: qr aa; QUERY: , ANSWER: , AUTHORITY: , ADDITIONAL: ;; OPT PSEUDOSECTION:
; EDNS: version: , flags:; udp:
;; QUESTION SECTION:
;. IN NS ;; ANSWER SECTION:
. IN NS M.ROOT-SERVERS.NET.
. IN NS A.ROOT-SERVERS.NET.
. IN NS B.ROOT-SERVERS.NET.
. IN NS C.ROOT-SERVERS.NET.
. IN NS D.ROOT-SERVERS.NET.
. IN NS E.ROOT-SERVERS.NET.
. IN NS F.ROOT-SERVERS.NET.
. IN NS G.ROOT-SERVERS.NET.
. IN NS H.ROOT-SERVERS.NET.
. IN NS I.ROOT-SERVERS.NET.
. IN NS J.ROOT-SERVERS.NET.
. IN NS K.ROOT-SERVERS.NET.
. IN NS L.ROOT-SERVERS.NET. ;; ADDITIONAL SECTION:
A.ROOT-SERVERS.NET. IN A 198.41.0.4
A.ROOT-SERVERS.NET. IN AAAA ::ba3e:::
B.ROOT-SERVERS.NET. IN A 192.228.79.201
C.ROOT-SERVERS.NET. IN A 192.33.4.12
D.ROOT-SERVERS.NET. IN A 128.8.10.90
E.ROOT-SERVERS.NET. IN A 192.203.230.10
F.ROOT-SERVERS.NET. IN A 192.5.5.241
F.ROOT-SERVERS.NET. IN AAAA ::2f::f
G.ROOT-SERVERS.NET. IN A 192.112.36.4
H.ROOT-SERVERS.NET. IN A 128.63.2.53
H.ROOT-SERVERS.NET. IN AAAA ::::803f:
I.ROOT-SERVERS.NET. IN A 192.36.148.17
J.ROOT-SERVERS.NET. IN A 192.58.128.30
J.ROOT-SERVERS.NET. IN AAAA ::c27:::
K.ROOT-SERVERS.NET. IN A 193.0.14.129
K.ROOT-SERVERS.NET. IN AAAA :7fd::
L.ROOT-SERVERS.NET. IN A 199.7.83.42
M.ROOT-SERVERS.NET. IN A 202.12.27.33
M.ROOT-SERVERS.NET. IN AAAA :dc3:: ;; Query time: msec
;; SERVER: 198.41.0.4#(198.41.0.4)
;; WHEN: Mon Feb ::
;; MSG SIZE rcvd:
修改主配置文件
named.conf原始配置文件内容如下
[root@ziqiang named]# cat /etc/named.conf
//
// named.conf
//
// Provided by Red Hat bind package to configure the ISC BIND named(8) DNS
// server as a caching only nameserver (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
// options {
listen-on port { 127.0.0.1; };
listen-on-v6 port { ::; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { localhost; };
recursion yes; dnssec-enable yes;
dnssec-validation yes;
dnssec-lookaside auto; /* Path to ISC DLV key */
bindkeys-file "/etc/named.iscdlv.key"; managed-keys-directory "/var/named/dynamic";
}; logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
}; zone "." IN {
type hint;
file "named.ca";
}; include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";
修改后named.conf原始配置文件内容如下
[root@ziqiang named]# cat /etc/named.conf
//
// named.conf
//
// Provided by Red Hat bind package to configure the ISC BIND named(8) DNS
// server as a caching only nameserver (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
// options {
listen-on port { any; };
listen-on-v6 port { ::; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { 192.168.80.0/;192.168.90.0/;};
recursion yes; dnssec-enable no;
dnssec-validation no;
dnssec-lookaside no; /* Path to ISC DLV key */
bindkeys-file "/etc/named.iscdlv.key"; managed-keys-directory "/var/named/dynamic";
}; logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
}; zone "." IN {
type hint;
file "named.ca";
}; include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";
关键字段解析
listen-on port 53 { any; };
假如DNS服务器有多块网卡,每个网卡有不同IP,我们可以只填一个IP,这样就只有一块网卡在53号端口监听DNS请求。也可以填多个IP,这样就有多块网卡在53号端口监听DNS请求。如果填any,是所有网卡都监听53号端口的DNS请求
allow-query { 192.168.80.0/24;192.168.90.0/24 };
允许哪些网段计算机向我发起域名解析。默认值是localhost,即只允许自己找自己解析。
recursion yes;
DNS服务器是否允许递归查询。所谓递归查询,其过程是:如果当前DNS无法解析该域名,则向Root DNS请求,根据Root DNS返回记录在向其他层级的DNS查询。
dnssec-enable no;
dnssec-validation no;
dnssec-lookaside no;
是否允许安全DNS查询,全部改成no。因为目前Internet上的DNS服务器不支持安全的DNS查询。
重启DNS服务
[root@ziqiang named]# service named restart
Stopping named: [ OK ]
Generating /etc/rndc.key: [ OK ]
Starting named: [ OK ]
再重启过程中会生成远程配置管理DNS所需要的密钥/etc/rndc.key
重启完毕后,查询DNS进程
[root@ziqiang named]# ps -eeaf | grep named
named : ? :: /usr/sbin/named -u named
root : pts/ :: grep named
查看named服务侦听的53端口
[root@ziqiang named]# netstat -an | grep
tcp 192.168.40.120: 0.0.0.0:* LISTEN
tcp 127.0.0.1: 0.0.0.0:* LISTEN
tcp 127.0.0.1: 0.0.0.0:* LISTEN
tcp ::: :::* LISTEN
tcp ::: :::* LISTEN
udp 192.168.40.120: 0.0.0.0:*
udp 127.0.0.1: 0.0.0.0:*
udp ::: :::*
unix [ ] STREAM CONNECTED
查看日志
[root@ziqiang named]# cat /var/named/data/named.run
zone .in-addr.arpa/IN: loaded serial
zone 1.0.0.127.in-addr.arpa/IN: loaded serial
zone 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN: loaded serial
zone localhost.localdomain/IN: loaded serial
zone localhost/IN: loaded serial
managed-keys-zone ./IN: loaded serial
running
managed-keys-zone ./IN: Initializing automatic trust anchor management for zone '.'; DNSKEY ID is now trusted, waiving the normal -day waiting period
配置DNS客户端
Windows
填写上面DNS服务器的IP
然后在命令行下ping www.baidu.com
如果不能ping通,关闭服务器端防火墙。service iptables stop
但实际场景中,防火墙不能轻易关闭。下面单独为TCP和UDP开放53端口
[root@ziqiang ~]# iptables -I INPUT -p tcp --dport -j ACCEPT
[root@ziqiang ~]# iptables -I INPUT -p udp --dport -j ACCEPT
[root@ziqiang ~]# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT udp -- anywhere anywhere udp dpt:domain
ACCEPT tcp -- anywhere anywhere tcp dpt:domain Chain FORWARD (policy ACCEPT)
target prot opt source destination Chain OUTPUT (policy ACCEPT)
target prot opt source destination
保存防火墙配置,防止重启后新配置的防火墙规则消失
[root@ziqiang ~]# /sbin/service iptables save
iptables: Saving firewall rules to /etc/sysconfig/iptables:[ OK ]
DNS服务——服务端 和 客户端 配置的更多相关文章
- 红帽学习笔记[RHCE]OpenLDAP 服务端与客户端配置
目录 OpenLDAP 服务端与客户端配置 关于LDIF 一个LDIF基本结构一个条目 属性 Object的类型 服务端 安装 生成证书 生成默认数据 修改基本的配置 导入基础数据 关于ldif的格式 ...
- seata服务端和客户端配置(使用nacos进行注册发现,使用mysql进行数据持久化),以及过程中可能会出现的问题与解决方案
seata服务端和客户端配置(使用nacos进行注册发现,使用mysql进行数据持久化),以及过程中可能会出现的问题与解决方案 说明: 之所以只用nacos进行了注册与发现,因为seata使用naco ...
- DHCP服务——服务端 和 客户端 配置
转载注明出处:https://www.cnblogs.com/kelamoyujuzhen/p/9520341.html 实验环境 rhel-server-6.4-x86_64-dvd(ED2000 ...
- shadow服务端、客户端配置流程
服务端 系统环境 CentOS 7 64位,由于系统自带python,shadowsocks服务端我们选择python版,过程如下 yum install python-setuptools & ...
- 综合架构之Rsync备份服务,服务端和客户端配置
服务端配置(即备份服务器) ps:客户端配置见下方 配置一个新服务的步骤: 第一步:先将该服务下载 yum install -y rsync 第二步:编写服务配置文件 配置文件:/etc/rsyncd ...
- Linux Yum仓库介绍及服务端及客户端配置
YUM服务器 适合在于内网使用,因为很多包需要国外的网站下载应用包,这样网络很不稳定 下载慢,所有为何不尝试搭建 自己内部的YUM服务器呢 YUM服务器搭建 一 创建yum仓库目录 #mkdir -p ...
- react全家桶-服务端与客户端配置
全家桶内装有: react - github react-router - github redux - github react-redux - github react-router-redux ...
- NFS服务端与客户端配置
#首先确认系统中是否安装了对于的软件 rpm -qa|grep -i nfs #在有网络的情况下使用YUM安装NFS.rpcbind软件包 yum install lrzsz nmap tree do ...
- PHP 文件上传服务端及客户端配置参数说明
文件上传服务器端配置: ·file_uploads = On, 支持HTTP上传 ·upload_tmp_dir = , 临时文件保存的目录 ·upload_max_filesize=2M, 允许上传 ...
随机推荐
- c#中多线程同步Lock(锁)的研究以及跨线程UI的操作 (转)
https://www.cnblogs.com/tommyheng/p/4104552.html 本文只针对C#中,多线程同步所用到的锁(lock)作为研究对象.由于想更直观的显示结果,所以,在做de ...
- Unity3d基于Socket通讯例子(转)
按语:按照下文,服务端利用网络测试工具,把下面客户端代码放到U3D中摄像机上,运行结果正确. http://www.manew.com/thread-102109-1-1.html 在一个网站上看到有 ...
- 【Anaconda】关于conda使用环境未被激活的问题
前言 在win10系统中安装Anaconda,并创建虚拟环境,但是不明白为什么切换环境之后并未激活要使用的虚拟环境. conda常用命令 activate // 切换到base环境 activate ...
- 【Leetcode_easy】1022. Sum of Root To Leaf Binary Numbers
problem 1022. Sum of Root To Leaf Binary Numbers 参考 1. Leetcode_easy_1022. Sum of Root To Leaf Binar ...
- 导入数据到数据库表,报错[Err] [Row1] [Imp] 1153 - Got a packet bigger than 'max_allowed_packet' bytes
# 在数据库新增查询,执行如下命令即可: show VARIABLES like '%max_allowed_packet%'; set global max_allowed_packet = 2*1 ...
- docker 在 centos7.* 上的部署及问题解决
最近尝试搭建docker 环境,其实个人是比较喜欢“菜鸟学习系列”的知识的,怎奈它的讲解是以Ubuntu为主的,最后找到一个搭建学习系列,感觉写的很好,主要是页面风格清晰明了,遂决定按照此教程学习搭建 ...
- c++ 在Ubuntu系统中使用access函数
include<iostream> #include<stdlib.h> #include<stdio.h> #include<unistd.h> us ...
- 《ucore lab7》实验报告
资源 ucore在线实验指导书 我的ucore实验代码 练习1: 理解内核级信号量的实现和基于内核级信号量的哲学家就餐问题(不需要编码) 题目 完成练习0后,建议大家比较一下(可用meld等文件dif ...
- `GLIBCXX_3.4.15' not found when using mex file in matlab (linux)
from: http://www.360doc.com/content/14/0314/16/175261_360565922.shtml Invalid MEX-file '*/*/*.mexa64 ...
- Kubernetes(k8s)目录
Kubernetes(k8s)目录 Kubernetes集群安装(亲测有效)