配置DNS服务器
一、安装
yum install bind-utils.x86_64
yum install bind
二、配置
vim /etc/named.conf
编辑文件内容为:
############################################################
options {
listen-on port 53 { 127.0.0.1;192.168.4.103; };
directory "/var/named";
allow-query { any; };
};
zone "." IN {
type hint;
file "named.ca";
};
zone "example.com" IN {
type master;
file "example.com.zone";
};
include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";
###########################################################
[root@server03 Desktop]# cd /var/named/
[root@server03 named]# cp named.localhost example.com.zone -p
[root@server03 named]# vim example.com.zone
修改为:
###############################################################
$TTL 1D
@ IN SOA @ root.server03.example.com. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS @
A 127.0.0.1
server03 IN A 192.168.4.103
###################################################################
[root@server03 named]# /etc/init.d/named restart
指定DNS服务器:
[root@server03 named]# vim /etc/sysconfig/network-scripts/ifcfg-eth0
添加:
DNS1=192.168.4.103
重启网卡:
[root@server03 named]# /etc/init.d/network restart
测试:
[root@server03 named]# nslookup server03
Server: 192.168.4.103
Address: 192.168.4.103#53
Name: server03.example.com
Address: 192.168.4.103
[root@server03 named]# nslookup server03.example.com
Server: 192.168.4.103
Address: 192.168.4.103#53
Name: server03.example.com
Address: 192.168.4.103
三、将ip地址解析成域名
编辑name.conf文件:
添加内容:
zone "4.168.192.in-addr.arpa" IN {
type master;
file "192.168.4.zone";
};
[root@server03 named]# pwd
/var/named
[root@server03 named]# cp example.com.zone 192.168.4.zone -p
编辑192.168.4.zone 文件:
修改为:
$TTL 1D
@ IN SOA @ root.server03.example.com. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS @
A 127.0.0.1
103 IN PTR server03.example.com.
重启named
[root@server03 named]# /etc/init.d/named restart
测试:
[root@server03 named]# nslookup 192.168.4.103
Server: 192.168.4.103
Address: 192.168.4.103#53
103.4.168.192.in-addr.arpa name = server03.example.com.
四、让DNS服务器变得安全
安装bind-chroot
!!!停止named服务
[root@server03 named]# service named stop
安装:
[root@server03 named]# yum install bind-chroot
[root@server03 named]# cd /var/named/chroot/etc/
[root@server03 etc]# cp /etc/named* ./ -p
[root@server03 etc]# cd ../var/named/
[root@server03 named]# ls 为空为正常
[root@server03 named]# cp -rp /var/named/* ./
[root@server03 named]# rm -rf chroot/
[root@server03 named]# ls
192.168.4.zone dynamic named.ca named.localhost slaves
data example.com.zone named.empty named.loopback
不能有chroot
如果有[root@server05 var]# /etc/init.d/named stop 再进行删除
[root@server03 named]# cd /var/named
[root@server03 named]# pwd
/var/named
[root@server03 named]# rm -rf example.com.zone
[root@server03 named]# rm -rf 192.168.4.zone
重启服务:
[root@server03 etc]# /etc/init.d/named restart
Stopping named: [ OK ]
Starting named: [ OK ]
验证:
[root@server03 etc]# nslookup server03.example.com
Server: 192.168.4.103
Address: 192.168.4.103#53
Name: server03.example.com
Address: 192.168.4.103
[root@server03 etc]# nslookup 192.168.4.103
Server: 192.168.4.103
Address: 192.168.4.103#53
103.4.168.192.in-addr.arpa name = server03.example.com.
现在named.comf 使用的是/var/named/chroot/etc/named.conf
Ok!
【推荐】国内首个AI IDE,深度理解中文开发场景,立即下载体验Trae
【推荐】编程新体验,更懂你的AI,立即体验豆包MarsCode编程助手
【推荐】抖音旗下AI助手豆包,你的智能百科全书,全免费不限次数
【推荐】轻量又高性能的 SSH 工具 IShell:AI 加持,快人一步
· 开源Multi-agent AI智能体框架aevatar.ai,欢迎大家贡献代码
· Manus重磅发布:全球首款通用AI代理技术深度解析与实战指南
· 被坑几百块钱后,我竟然真的恢复了删除的微信聊天记录!
· 没有Manus邀请码?试试免邀请码的MGX或者开源的OpenManus吧
· 园子的第一款AI主题卫衣上架——"HELLO! HOW CAN I ASSIST YOU TODAY