Linux网络服务之DNS正向解析
#yum仓库安装bind软件包
[root@localhost ~]#yum install bind bind-utils -y
#关闭防火墙
[root@localhost ~]#systemctl stop firewalld.service
[root@localhost ~]#setenforce 0
#开启服务
[root@localhost ~]#systemctl start named
#过滤查看一下named
[root@localhost ~]# netstat -natp | grep named
tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN 2136/named
tcp 0 0 127.0.0.1:953 0.0.0.0:* LISTEN 2136/named
tcp6 0 0 ::1:53 :::* LISTEN 2136/named
tcp6 0 0 ::1:953 :::* LISTEN 2136/named
#更改网卡域名DNS地址
[root@localhost ~]#vim /etc/sysconfig/network-scripts/ifcfg-ens33
DNS1=127.0.0.1
#重启网卡
[root@localhost ~]#systemctl restart network
#查看配置文件包
[root@localhost ~]# rpm -qc bind
/etc/logrotate.d/named
/etc/named.conf
/etc/named.iscdlv.key
/etc/named.rfc1912.zones
/etc/named.root.key
/etc/rndc.conf
/etc/rndc.key
/etc/sysconfig/named
/var/named/named.ca
/var/named/named.empty
/var/named/named.localhost
/var/named/named.loopback
#先host一下百度域名地址
[root@localhost ~]# host www.baidu.com
;; connection timed out; no servers could be reached
#修改一下配置
[root@localhost ~]#vim /etc/named.conf
#可以修改配置,注释,或者删除这两行
listen-on port 53 { any; };
allow-query { any; };
# // listen-on port 53 { 127.0.0.1; };
# // allow-query { localhost; };
#重新加载DNS服务
[root@localhost ~]#rndc reload
server reload successful
#再host一下百度域名
[root@localhost ~]# host www.baidu.com
www.baidu.com is an alias for www.a.shifen.com.
www.a.shifen.com has address 180.101.49.11
www.a.shifen.com has address 180.101.49.12
#自己编写域名
[root@localhost named]# vim /etc/named.rfc1912.zones
zone "apple.com" {
type master;
file "apple.com.zone";
allow-update { none; };
};
#再cd到 /var/named目录下
[root@localhost ~]# cd /var/named/
[root@localhost named]# ls
data dynamic named.ca named.empty named.localhost named.loopback slaves
#保留权限复制
[root@localhost named]# cp -p named.localhost apple.com.zone
#编辑数据库文件,解析记录对应关系
[root@localhost named]#vim apple.com.zone
$TTL 1D
@ IN SOA master.apple.com. admin.apple.com. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS master.apple.com.
master IN A 192.168.59.131
www A 192.168.59.132
MX 10 mail.apple.com.
mail IN A 192.168.59.30
ftp IN CNAME www
* A 192.168.59.132 #代表泛域名
@ A 192.168.59.132 #代表不需要主机名字
#重启一下服务
[root@localhost named]# rndc reload
server reload successful
#客户端1访问服务器编写的域名
[root@localhost ~]# cat /etc/resolv.conf
# Generated by NetworkManager
nameserver 192.168.59.131
[root@localhost ~]# host www.apple.com
www.kgc.com has address 192.168.59.132
www.kgc.com mail is handled by 10 mail.kgc.com.
[root@localhost ~]# host mail.kgc.com
mail.kgc.com has address 192.168.59.30
[root@localhost ~]# host wwwwwwww.kgc.com
wwwwwwww.kgc.com has address 192.168.59.132
[root@localhost ~]# host kgc.com
kgc.com has address 192.168.59.132
#客户端2做http服务实验,测试
#先yum安装httpd软件包
[root@localhost ~]# yum install httpd -y
已安装:
httpd.x86_64 0:2.4.6-97.el7.centos
作为依赖被安装:
apr.x86_64 0:1.4.8-7.el7 apr-util.x86_64 0:1.5.2-6.el7
httpd-tools.x86_64 0:2.4.6-97.el7.centos mailcap.noarch 0:2.1.41-2.el7
完毕!
[root@localhost ~]# cd /var/www/html
[root@localhost html]# ls
[root@localhost html]# vim index.html
[root@localhost html]# ls
[root@localhost html]# ifconfig
ens33: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.59.132 netmask 255.255.255.0 broadcast 192.168.59.255
#开启httpd服务
[root@localhost html]# systemctl start httpd
#服务器端或浏览器访问IP地址
[root@localhost named]# curl 192.168.59.132
hello word....
[root@localhost named]# curl www.apple.com
hello word....
DNS反向解析
#服务器端
#先修改区域配置文件(在文末添加)
zone "59.168.192.in-addr.arpa" IN {
type master;
file "yun.com.zone";
allow-update { none; };
};
#复制正向解析文件
[root@localhost named]# cp apple.com.zone yun.com.zone -p
#编辑文件
[root@localhost named]# vim yun.com.zone
$TTL 1D
@ IN SOA master.yun.com. admin.yun.com. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS master.yun.com.
master IN A 192.168.59.131
100 IN PTR www.yun.com.
88 IN PTR db.yun.com.
#重启服务
[root@localhost named]# rndc reload
server reload successful
#客户端进行验证
[root@localhost ~]# host 192.168.59.100
100.59.168.192.in-addr.arpa domain name pointer www.yun.com.
[root@localhost ~]# host 192.168.59.88
88.59.168.192.in-addr.arpa domain name pointer db.yun.com.
浙公网安备 33010602011771号