centos快速安装bind dns解析工具

  sre

检查53端口占用

[root@nginx ~]# netstat -nlp |grep 53
tcp        0      0 0.0.0.0:53              0.0.0.0:*               LISTEN      28799/dnsmasq       
tcp6       0      0 :::53                   :::*                    LISTEN      28799/dnsmasq       
udp        0      0 0.0.0.0:53              0.0.0.0:*                           28799/dnsmasq       
udp6       0      0 :::53                   :::*                                28799/dnsmasq  

停掉其他dns工具:

service dnsmasq stop
chkconfig dnsmasq off
netstat -nlp |grep 53

安装配置

yum install

yum info bind
yum   install -y  bind-utils bind bind-devel bind-libs

配置主配置文件:/etc/named.conf

options {
    listen-on port 53 { any; };
    listen-on-v6 port 53 { ::1; };
    directory     "/var/named";
    dump-file     "/var/named/data/cache_dump.db";
    statistics-file "/var/named/data/named_stats.txt";
    memstatistics-file "/var/named/data/named_mem_stats.txt";
    recursing-file  "/var/named/data/named.recursing";
    secroots-file   "/var/named/data/named.secroots";
    allow-query     { any; };
    recursion yes;
    dnssec-enable yes;
    dnssec-validation yes;
    bindkeys-file "/etc/named.iscdlv.key";
    managed-keys-directory "/var/named/dynamic";
    pid-file "/run/named/named.pid";
    session-keyfile "/run/named/session.key";
    forwarders { 114.114.114;8.8.8.8; };
};

logging {
        channel default_debug {
                file "data/named.run";
                severity dynamic;
        };
};

zone "." IN {
    type hint;
    file "named.ca";
};

include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";

其实修改之处只有三行:

...
    listen-on port 53 { any; }; #改成any
    allow-query     { any; };   #改成any
    forwarders { 114.114.114;8.8.8.8; }; #上游dns

追加域名解析入口配置:/etc/named.rfc1912.zones

...
zone "test.com" IN {          
        type master;
        file "test.com.zone";  # 配置文件为/var/named/test.com.zone
};

测试域名单独解析文件:

cd /var/named/
cp named.localhost test.com.zone
chown named.named test.com.zone
vim test.com.zone

修改配置/var/named/test.com.zone

$TTL 1D                                         ;TTL 修改配置生效时间,默认为一天
@       IN SOA  @ rname.invalid. (
      ; serial,配置编号,每次改完配置 +1,这样从服务器就知道更新配置
                                        1D      ; refresh,从服务器刷新时间,默认一天刷新一次
                                        1H      ; retry,如果刷新失败,默认1小时重试一次
                                        1W      ; expire,缓存过期时间,一周
                                        3H )    ; minimum
        NS      @
        A       127.0.0.1
        AAAA    ::1
git             IN      A       172.16.0.2
hub             IN      A       172.16.0.13
mvn             IN      A       172.16.0.2
bug             IN      A       172.16.0.2
disk            IN      A       172.16.0.2
ci              IN      A       172.16.0.4

检查配置 启动

检查配置

named-checkconf /etc/named.conf
named-checkzone test.com /var/named/test.com.zone

启动服务测试:

systemctl restart named
systemctl enable named

测试下:

[root@nginx named]# dig git.test.com

; <<>> DiG 9.11.4-P2-RedHat-9.11.4-16.P2.el7_8.3 <<>> git.test.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 37775
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 3

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;git.test.com.          IN  A

;; ANSWER SECTION:
git.test.com.       86400   IN  A   172.16.0.2

;; AUTHORITY SECTION:
test.com.       86400   IN  NS  test.com.

;; ADDITIONAL SECTION:
test.com.       86400   IN  A   127.0.0.1
test.com.       86400   IN  AAAA    ::1

;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Sat May 16 16:00:01 CST 2020
;; MSG SIZE  rcvd: 116

LEAVE A COMMENT

Captcha Code