服务管理-DNS
DNS服务
DNS(Domain Names System,域名系统),因特网上作为域名和IP地址相互映射的一个分布式数据库,能够使用户更方便的访问互联网,而不用去记住能够被机器直接读取的IP地址。通过主机名,最终得到该主机名对应的IP地址的过程叫做域名解析。DNS协议运行在UDP之上,使用的端口号是53.
BIND实现正向区解析
[root@localhost ~]# yum install bind [root@localhost ~]# vim /etc/named.conf [root@localhost ~]#
[root@localhost ~]# cd /var/named/ [root@localhost named]# ls data dynamic named.ca named.empty named.localhost named.loopback slaves [root@localhost named]# cp named.localhost named.zyg [root@localhost named]# vim named.zyg [root@localhost named]#
[root@localhost named]# chgrp named named.zyg [root@localhost named]# systemctl start named
在启动的时候可能会报:Failed to start Berkeley Internet Name Domain (DNS)
原来是我在写配置文件的时候少写了两个分号导致的。。
[root@localhost named]# vim /etc/resolv.conf
bind实现方向区解析
[root@localhost named]# vim /etc/named.conf
[root@localhost named]# cp named.zyg named.210.29.172 [root@localhost named]# vim named.210.29.172 [root@localhost named]#
[root@localhost named]# chgrp named named.210.29.172 [root@localhost named]# systemctl restart named [root@localhost named]#
智能DNS
普通的DNS服务器只负责为用户解析出IP记录,而不去判断用户从哪里来,这样会造成所有用户都只能解析到固定的IP地址上。
智能DNS颠覆了这个概念。智能DNS会判断用户的来路,而做出一些智能化的处理,然后把智能化判断后的IP地址返回给用户,比如:智能DNS就会自动判断用户的上网线路是网通还是典型,然后智能返回网通或者典型的服务器IP地址。
server:
--------------------------------------------------------------------------------------------------------------------------
[root@localhost named]# cat /etc/named.conf // // named.conf // // Provided by Red Hat bind package to configure the ISC BIND named(8) DNS // server as a caching only nameserver (as a localhost DNS resolver only). // // See /usr/share/doc/bind*/sample/ for example named configuration files. // // See the BIND Administrator's Reference Manual (ARM) for details about the // configuration located in /usr/share/doc/bind-{version}/Bv9ARM.html options { listen-on port 53 { 127.0.0.1; any; }; listen-on-v6 port 53 { ::1; }; directory "/var/named"; dump-file "/var/named/data/cache_dump.db"; statistics-file "/var/named/data/named_stats.txt"; memstatistics-file "/var/named/data/named_mem_stats.txt"; allow-query { localhost; any; }; /* - If you are building an AUTHORITATIVE DNS server, do NOT enable recursion. - If you are building a RECURSIVE (caching) DNS server, you need to enable recursion. - If your recursive DNS server has a public IP address, you MUST enable access control to limit queries to your legitimate users. Failing to do so will cause your server to become part of large scale DNS amplification attacks. Implementing BCP38 within your network would greatly reduce such attack surface */ recursion yes; dnssec-enable yes; dnssec-validation yes; /* Path to ISC DLV key */ bindkeys-file "/etc/named.iscdlv.key"; managed-keys-directory "/var/named/dynamic"; pid-file "/run/named/named.pid"; session-keyfile "/run/named/session.key"; }; logging { channel default_debug { file "data/named.run"; severity dynamic; }; }; zone "." IN { type hint; file "named.ca"; }; include "/etc/named.rfc1912.zones"; include "/etc/named.root.key"; zone "zyg.com" { type master; file "named.zyg"; }; zone "210.29.172.in-addr.arpa" { type master; file "named.210.29.172"; }; [root@localhost named]#
client:
-------------------------------------------------------------------------------------------------------------------------
[root@localhost named]# cat /etc/resolv.conf # Generated by NetworkManager search zyg.com nameserver 10.0.0.2 [root@localhost named]#
更多请百度度。。用到了会补全的,现在没空研究。。
本文来自博客园,作者:一石数字欠我15w!!!,转载请注明原文链接:https://www.cnblogs.com/52-qq/p/9646991.html
【推荐】编程新体验,更懂你的AI,立即体验豆包MarsCode编程助手
【推荐】凌霞软件回馈社区,博客园 & 1Panel & Halo 联合会员上线
【推荐】抖音旗下AI助手豆包,你的智能百科全书,全免费不限次数
【推荐】博客园社区专享云产品让利特惠,阿里云新客6.5折上折
【推荐】轻量又高性能的 SSH 工具 IShell:AI 加持,快人一步
· 一个奇形怪状的面试题:Bean中的CHM要不要加volatile?
· [.NET]调用本地 Deepseek 模型
· 一个费力不讨好的项目,让我损失了近一半的绩效!
· .NET Core 托管堆内存泄露/CPU异常的常见思路
· PostgreSQL 和 SQL Server 在统计信息维护中的关键差异
· DeepSeek “源神”启动!「GitHub 热点速览」
· 我与微信审核的“相爱相杀”看个人小程序副业
· 微软正式发布.NET 10 Preview 1:开启下一代开发框架新篇章
· 如何使用 Uni-app 实现视频聊天(源码,支持安卓、iOS)
· C# 集成 DeepSeek 模型实现 AI 私有化(本地部署与 API 调用教程)
2017-09-14 数据库其它操作