Centos builds dns server

Centos is a distributed name management and mapping system
The main work is the mutual translation between ip address and domain name and the management of domain name address mapping database.

Tip: the following is the main content of this article. The following cases can be used for reference

1, DNS server domain name overview

Domain names often take the form of:
www.xxx.com
Among them, "com" is called the top-level domain name, "xxx" is called the secondary domain name, and "www" is called the tertiary domain name. Symbols are used between each level "Separated.
It can be seen that the domain names are in reverse order, that is, the higher the domain name level is, the higher the domain name level is, and the lower the domain name level is, forming a typical tree structure, which makes it possible to realize the distributed management of domain names.

2, Build DNS environment

Two centos7, one as DNS server and one as DNS client
DNS server: ip: 192.168.3.5/24
dns:192.168.3.5
DNS client: ip: 192.168.3.6/24
dns:192.168.3.5

3, Configure DNS server

1. Install DNS server

Install vim and DNS server using yum install vim bind* -y

yum install vim bind*-y

2. Modify the DNS master configuration file / etc / named conf

vim /etc/named.conf 
options {
        listen-on port 53 { any; };//Change "127.0.0.1" to "any"
        listen-on-v6 port 53 { ::1; };
        directory       "/var/named";
        dump-file       "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
        memstatistics-file "/var/named/data/named_mem_stats.txt";
        recursing-file  "/var/named/data/named.recursing";
        secroots-file   "/var/named/data/named.secroots";
        allow-query     { any; };//Change "localhost" to "any"

        recursion yes;

        dnssec-enable yes;
        dnssec-validation yes;

        /* Path to ISC DLV key */
        bindkeys-file "/etc/named.root.key";

        managed-keys-directory "/var/named/dynamic";

        pid-file "/run/named/named.pid";
        session-keyfile "/run/named/session.key";
};

logging { 
        channel default_debug { 
                file "data/named.run";
                severity dynamic;
        };  
};         

zone "." IN { 
        type hint;
        file "named.ca";
};  
zone "xxx.com" { //Add forward resolution area
        type master;//The type is master
        file "xxx.com.zone";//The region resolution file is "/ var/named/xxx.com"
};  
zone "3.168.192.in-addr.arpa" { //Add the reverse parsing area as "3.168.192.in-addr.arpa"
        type master;//Type is "master"
        file "3.168.192.in-addr.arpa.zone";//The region resolution file is "/ var / named / 3.168.192. In addr. ARPA. Zone"
};

include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";

3. Create a new forward region file

vim /var/named/xxx.com.zone

$TTL 1D
@       IN SOA  xxx.com. root.xxx.com. (
                                        0       ; serial
                                        1D      ; refresh
                                        1H      ; retry
                                        1W      ; expire
                                        3H )    ; minimum
@       IN      NS      dns.xxx.com.
dns     IN      A       192.168.3.5
www     IN      A       192.168.3.5

4. Create a new reverse region file

vim /etc/named/3.168.192.in-addr.arpa.zone 
$TTL 1D
@       IN SOA  3.168.192.in-addr.arpa. root.xxx.com. (
                                        0       ; serial
                                        1D      ; refresh
                                        1H      ; retry
                                        1W      ; expire
                                        3H )    ; minimum
@       IN      NS      dns.xxx.com.
5       IN      PTR     dns.xxx.com.
5       IN      PTR     www.xxx.com.

4, Test whether the DNS server is configured successfully

1. Change the group of files "/ etc/named.conf", "var/named/xxx.com.zone", "var / named / 3.168.192. In addr. ARPA. Zone" to named

chgrp named /etc/named.conf
chgrp named /var/named/xxx.com.zone
chgrp named /var/named/3.168.192.in-addr.apra.zone

2. Close the firewall and restart the server

systemctl stop firewalld
systemctl restart named

3. Client authentication

Validate using nslookup

V Common commands about DNS

1. Start, stop, restart and self start DNS services

View process status: systemctl status named
Restart dns server: systemctl start named
Close dns server: systemctl stop named
Restart dns server: systemctl restart named
Reload dns server: systemctl reload named
dns startup: systemctl enable named
Cancel dns startup automatic startup: systemctl disable named

2.DNS service troubleshooting

nslookup: test domain name resolution
netstat -an | grep 53: check port 53 of TCP or UDP
named-checkconf -z /etc/named.conf: check the configuration file for errors

summary

DNS service can realize the positive and negative resolution of domain names, which provides the basis for other servers involving domain names, such as the web.
DNS service configuration mainly involves named The configuration of conf file and the configuration of area file. named.conf is mainly used to define areas. The zone file is the zone DNS database. The DNS resolution process is completed by querying these resource records.

Keywords: Linux CentOS server

Added by programmermatt on Tue, 15 Feb 2022 02:13:37 +0200

Popular Keywords

©2024 Programming VIP