dns 服务器架设

时间:2022-10-08 19:50:32

安装bind 软件包

 emerge -av bind bind-tools

 

/etc/bind/named.conf

 

/etc/resol.conf 文件中至少有一个可用的nameserver

运行如下命令

#dig -t NS .  (点表示根域 NS 表示域名服务器) 

产生的上半部分为根服务器的域名,下半部分为相应的IP

将这些IP 加到/etc/resol.conf 文件中

用根查根

#dig -t NS . >/var/bind/named.ca

 

把/etc/resol.conf 文件内容改为

nameserver 127.0.0.1

启动服务

/etc/init.d/named start

 


用以下命令测试可否成功

host www.google.com

 

如果不工作运行以下命令

rndc-confgen

生成两部分, 一部分为named.conf 的内容人,一部分为rndc.conf 文件

# Start of rndc.conf                     
key "rndc-key" {                         
        algorithm hmac-md5;              
        secret "f3gs/HIyKNPnO7e96ttnAQ==";
};

options {
        default-key "rndc-key";
        default-server 127.0.0.1;
        default-port 953;
};
# End of rndc.conf

# Use with the following in named.conf, adjusting the allow list as needed:
# key "rndc-key" {
#       algorithm hmac-md5;
#       secret "f3gs/HIyKNPnO7e96ttnAQ==";
# };
#
# controls {
#       inet 127.0.0.1 port 953
#               allow { 127.0.0.1; } keys { "rndc-key"; };
# };
# End of named.conf

 

 

重启服务 即可

 

 

dig 挖nameserver的IP ,域名等

内个命令 rndc stauts 查询状态

tar -n +13 filename

显示从第13行以后的内容

 

host www.google.com  查google.com 对应的IP

 

=========================================================================================================

下面:如果我想将jf.org 解析成127.0.0.1 这个地址

那么需要在/etc/bind/named.conf

 

中添加一段

可以copy 一段named.conf 中的其他内容进行修改  比如将localhost 改成jf.org 

然后copy /var/bind/pri/localhost.zone   /var/bind/pri/jf.org.zone 

修改里面的内容,基本也是将localhost 关键字替换成jf.org

例如修改后的内容

 

 

重启named 服务,

host jf.org 就会显示为127.0.0.1 了

 

===========================================================================================================

zone "." IN {           // .表示 根zone ,
    type hint;             //hint 默认
    file "named.cache";          表示根zone 的信息位于named.cache 文件内  所以#dig -t NS . >/var/bind/named.cache    也就是把查到的根 域名服务器放到这个文件中
 };

 

 

zone "jixiuf.org" IN {
    type master;                        //master 表示对于jixiuf.org 只有我能解析,如果我解析不了,其他域名服务器也解析不了,它们从我这里得到关于是jixiuf.org 域的结果, 也就是我是jixiuf.org 主域名解析器
    file "pri/jixiuf.org.zone";         文件位于/var/bind/pri/jixiuf.org.zone
    allow-update { none; };
    notify no;
};

 

 

 //反向域名解析,表示127开头的ip 地址根据/var/bind/pri/127.zone 这个规则文件反向解析,

zone "127.in-addr.arpa" IN {
    type master;
    file "pri/127.zone";
    allow-update { none; };
    notify no;
};

 

//反向域名解析,表示127.0.0开头的ip

zone "0.0.127.in-addr.arpa" IN {
    type master;
    file "pri/127.zone";
    allow-update { none; };
    notify no;
};

 

 

jf pri # cat /var/bind/pri/localhost.zone
$TTL 1W                //表示生存周期,你从我的这里解析得到结果,在你的缓存里存一周的时间,

 

@       IN      SOA     localhost(表示dns 服务器的完整域名). root.localhost(管理root 的邮箱 实际第一个. 是@符号,root@localhost).  (             //这里的@符号表示当前域,因为在/etc/bind/named.conf 中localhost 域指向文件pri/localhost.zone   则@ 表示localhost 域
                                      2008122601 ; Serial          //序列号,对zone 进行修改,建议自增一,以便告诉其他的从dns 服务器我这里有更新
                                      28800      ; Refresh         //告诉从dns 服务器每28800s 过来找我一次,比较一下序列号
                                      14400      ; Retry           //若我不反应,每隔14400s  再试一次
                                      604800     ; Expire - 1 week               //我不反应,你连续retry 了604800s ,我仍没反应,则认为我出问题了
                                      86400 )    ; Minimum                       //从dns 服务器缓存里最小保存时间
@        IN      NS      localhost.                         //NS 记录, 记录了这个区域里谁是dns 服务器
@        IN    A    127.0.0.1                                   //A 表示正向的dns 记录,   对应的ip                 ,注意@表示当前域localhost
mail    IN   CNAME    host.localhost.             //mail  后面没加点,表示它不完整,是相对当前域的 相当于mail.localhost (这里末尾有点)       ,CNAME 表示别名, 表示mail.localhost    和host.localhost.  相同,具有相同ip

www    IN   CNAME    host2.localhost.      
@        IN    AAAA    ::1          //ipv6 版

 

 

 

zone "localhost" IN {
    type master;
    file "pri/localhost.zone";
    allow-update { none; };
    notify no;
};

 

 

 

 

 

 

反向解析文件

 

jf pri # cat  /var/bind/pri/127.zone
$ORIGIN 127.in-addr.arpa.
$TTL 1W
@                       1D IN SOA       localhost. root.localhost. (
                                        2008122601      ; serial
                                        3H              ; refresh
                                        15M             ; retry
                                        1W              ; expiry
                                        1D )            ; minimum

@                       1D IN NS        localhost.
1.0.0                   1D IN PTR       localhost.           反向解析  ,表示127.0.0.1   反向解析对应的域名是localhost  ,注意1.0.0   倒序,然后加上前缀127   因为 /etc/bind/         zone "127.in-addr.arpa" IN

 

 

 

 

 

 

==========================================================================================================

 /etc/bind/named.conf

 添加

zone "jixiuf2.org" IN {
    type master;
    file "pri/jixiuf2.org.zone";
    allow-update { none; };
    notify no;
};

//jixiuf.org 域对应192.168.0.*

zone "0.168.192.in-addr.arpa" IN {
    type master;
    file "pri/jixiuf2_fanxiang.zone";
    allow-update { none; };
    notify no;
};

 

 

 /var/bind/pri/jixiuf2.org.zone

 

$TTL 1W
@       IN      SOA  jixiuf2.org    root.mail.jixiuf2.org.  (
                                      2010091808 ; Serial
                                      28800      ; Refresh
                                      14400      ; Retry
                                      604800     ; Expire - 1 week
                                      86400 )    ; Minimum
@                      IN     NS    jixiuf2.org.
                      IN      NS   dns1.jixiuf2.org.
                      IN      NS   dns2.jixiuf2.org.
jixiuf2.org.           IN       A   192.168.0.222
dns1.jixiuf2.org.      IN       A   192.168.0.1
dns2.jixiuf2.org.      IN       A   192.168.0.2
www                   IN    CNAME   dns1.jixiuf2.org.
mail                   IN   CNAME   dns2.jixiuf2.org.

 

/var/bind/pri/jixiuf2_fanxiang.zone

$ORIGIN 0.168.192.in-addr.arpa
$TTL 1W
@                       1D IN SOA       jixiuf2.org. root.mail.jixiuf2.org. (
                                        2010091801      ; serial
                                        3H              ; refresh
                                        15M             ; retry
                                        1W              ; expiry
                                        1D )            ; minimum

@                       1D IN NS           jixiuf2.org.
1                          1D IN PTR      dns1.jixiuf2.org        
2                         1D IN PTR      dns2.jixiuf2.org
1                         1D IN PTR      www.jixiuf2.org
2                         1D IN PTR      mail.jixiuf2.org

 

测试结果 :

jf pri #  host dns1.jixiuf2.org
dns1.jixiuf2.org has address 192.168.0.1
jf pri # host dns2.jixiuf2.org
dns2.jixiuf2.org has address 192.168.0.2
jf pri # host www.jixiuf2.org
www.jixiuf2.org is an alias for dns1.jixiuf2.org.
dns1.jixiuf2.org has address 192.168.0.1
jf pri # host mail.jixiuf2.org
mail.jixiuf2.org is an alias for dns2.jixiuf2.org.
dns2.jixiuf2.org has address 192.168.0.2
jf pri # host jixiuf2.org
jixiuf2.org has address 192.168.0.222

==========================================================================================================

关于本地127.0.0.1 对应多个域名,如localhost ,jixiuf

 

 /etc/bind/named.conf

zone "localhost" IN {
    type master;
    file "pri/localhost.zone";
    allow-update { none; };
    notify no;
};
zone "127.in-addr.arpa" IN {
    type master;
    file "pri/127.zone";
    allow-update { none; };
    notify no;
};



zone "jixiuf.org" IN {
    type master;
    file "pri/jixiuf.org.zone";
    allow-update { none; };
    notify no;
};

 /var/bin/pri/jixiuf.org.zone

$TTL 1W
@       IN      SOA  jixiuf.org.    root.jixiuf.org.  (
                                      2010091804 ; Serial
                                      28800      ; Refresh
                                      14400      ; Retry
                                      604800     ; Expire - 1 week
                                      86400 )    ; Minimum
@        IN      NS      jixiuf.org.
@         IN    A    127.0.0.1
mail        IN      CNAME   jixiuf.org.
@        IN      MX 5       mail.jixiuf.org.

 

/var/bin/pri/127.zone

$ORIGIN 127.in-addr.arpa.
$TTL 1W
@                       1D IN SOA       localhost. root.localhost. (
                                        2010091800      ; serial
                                        3H              ; refresh
                                        15M             ; retry
                                        1W              ; expiry
                                        1D )            ; minimum

@                       1D IN NS        localhost.
1.0.0                   1D IN PTR       jixiuf.org.
1.0.0                   1D IN PTR       localhost.

 

 

/etc/init.d/named restart

 

 

测试

 

jf pri # nslookup
> jixiuf.org       ----------------------------------------------------正向解析
Server:        127.0.0.1
Address:    127.0.0.1#53

Name:    jixiuf.org
Address: 127.0.0.1
> 127.0.0.1                   -------------------------------------------------反向解析
Server:        127.0.0.1
Address:    127.0.0.1#53

1.0.0.127.in-addr.arpa    name = jixiuf.org.
1.0.0.127.in-addr.arpa    name = localhost.

标签:

相关文章