码迷,mamicode.com
首页 > 其他好文 > 详细

dns

时间:2018-12-08 13:11:04      阅读:200      评论:0      收藏:0      [点我收藏+]

标签:反向   9.1   load   hint   host name   ESS   soa   sid   init   

dns服务器可以划分4种:

  • 1,缓存域名服务器 (帮你去找域名解析,本身并不能解析)

  • 2,主域名解析服务器
    也就是他自己维护一个域名的解析记录本(主机名:baidu.com)

  • 3,从域名解析服务器

  • 4,智能解析服务器(cdn),不同的地方,返回不同的结果

记录本

分为俩种

  • 1,正向解析记录

(1)A记录
(2)Cname (别名解析):多个域名同一个ip地址解析

域名======>IP

  • 2,反向解析记录

PTR反向解析
反向追踪ip地址的,看ip地址是否合法的

IP=========>域名

DNS的俩种查询方式
1,递归查询技术分享图片

 

2,递归查询
缓存域名服务器的配置

		[root@localhost ~]# yum install -y bind bind-chroot		
		
		[root@localhost ~]# rpm -qa | grep bind		
		bind-libs-9.8.2-0.17.rc1.el6_4.6.x86_64
		bind-chroot-9.8.2-0.17.rc1.el6_4.6.x86_64
		bind-9.8.2-0.17.rc1.el6_4.6.x86_64
		
		[root@localhost ~]# vim /etc/named.conf 		
		
		options {
		        listen-on port 53 { 192.168.182.134; };	
		        listen-on-v6 port 53 { ::1; };
		        directory       "/var/named";
		        dump-file       "/var/named/data/cache_dump.db";
		        statistics-file "/var/named/data/named_stats.txt";
		        memstatistics-file "/var/named/data/named_mem_stats.txt";
		        allow-query     { any; };			
		        forwarders 	{ 202.106.0.20; };		
		        recursion yes;	
			
		        dnssec-enable yes;
		        dnssec-validation no;		
		        dnssec-lookaside auto;
		
		        /* Path to ISC DLV key */
		        bindkeys-file "/etc/named.iscdlv.key";
		
		        managed-keys-directory "/var/named/dynamic";
		};
		
		logging {
		        channel default_debug {
		                file "data/named.run";
		                severity dynamic;
		        };
		};
		
		zone "." IN {
		        type hint;
		        file "named.ca";
		};
		
		include "/etc/named.rfc1912.zones";
		include "/etc/named.root.key";
		
		#检测语法
		[root@localhost ~]# named-checkconf /etc/named.conf 
		[root@localhost ~]# 
		[root@localhost ~]# /etc/init.d/named start		
		Generating /etc/rndc.key:                                  [  OK  ]
		Starting named:                                            [  OK  ]
		[root@localhost ~]# 
		
		
		[root@localhost named]# vim /etc/resolv.conf 
		; generated by /sbin/dhclient-script
		search localdomain
		nameserver 192.168.182.134
		
		[root@localhost ~]# ping www.baidu.com
		PING www.baidu.com (61.135.169.125) 56(84) bytes of data.
		64 bytes from 61.135.169.125: icmp_seq=1 ttl=128 time=1922 ms

主域名服务器

options {
        listen-on port 53 { 192.168.182.135; };
//      listen-on-v6 port 53 { ::1; };
        directory       "/var/named";
        dump-file       "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
        memstatistics-file "/var/named/data/named_mem_stats.txt";
        allow-query     { any; };
        farwarders { 202.106.0.20; };	
        recursion yes;
//      dnssec-enable yes;
//      dnssec-validation yes;
//      dnssec-lookaside auto;

        /* Path to ISC DLV key */
        bindkeys-file "/etc/named.iscdlv.key";

        managed-keys-directory "/var/named/dynamic";
};

logging {
        channel default_debug {
                file "data/named.run";
                severity dynamic;
        };
};
zone "yunjisuan.com" IN {		
        type master;				
        file "yunjisuan.com.zone";		
};
zone "." IN {
        type hint;
        file "named.ca";
};

include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";

[root@localhost named]# cd /var/named/		
[root@localhost named]# cp -p  named.empty yunjisuan.com.zone	
$TTL 3H			
@       IN SOA  @ yunjisuan.com.root.ns1.yunjisuan.com. (		
                                        20181205        ; serial		
                                        1D      ; refresh
                                        1H      ; retry
                                        1W      ; expire
                                        3H )    ; minimum
        NS      ns1.yunjisuan.com.	#位置
ns1     A       192.168.182.12
www     A       192.168.182.13
news    A       192.168.182.14
bbs     CNAME   news		192.168.182.14
*       A       192.168.182.20		了192.168.182.20
[root@localhost named]# named-checkzone yunjisuan.com yunjisuan.com.zone		
OK
[root@localhost named]# /etc/init.d/named restart		
Stopping named: .                                          [  OK  ]
Starting named:                                            [  OK  ]
[root@localhost named]# 

#反向解析记录本
[root@localhost named]# cp -p named.empty 192.168.182.arpa
[root@localhost named]# vim 192.168.182.arpa 
$TTL 3H
@       IN SOA  @ yunjisuan.com.root.ns1.yunjisuan.com. (
                                        20181206        ; serial
                                        1D      ; refresh
                                        1H      ; retry
                                        1W      ; expire
                                        3H )    ; minimum
        NS      ns1.yunjisuan.com.
108     PTR     ns1.yunjisuan.com.
13      PTR     www.yunjisuan.com.
14      PTR     news.yunjisuan.com.
14      PTR     bbs.yunjisuan.com.
[root@localhost named]# named-checkzone named.empty 192.168.182.arpa 	#检测脚本是否有错误
zone named.empty/IN: loaded serial 20181206
OK
############重启服务

#客户端测试
#解析域名
[root@localhost etc]# nslookup www.yunjisuan.com
Server:		192.168.182.135
Address:	192.168.182.135#53

Name:	www.yunjisuan.com
Address: 192.168.182.13

[root@localhost etc]# nslookup ns1.yunjisuan.com
Server:		192.168.182.135
Address:	192.168.182.135#53

Name:	ns1.yunjisuan.com
Address: 192.168.182.135

[root@localhost etc]# nslookup bbs.yunjisuan.com
Server:		192.168.182.135
Address:	192.168.182.135#53

bbs.yunjisuan.com	canonical name = news.yunjisuan.com.
Name:	news.yunjisuan.com
Address: 192.168.182.14

[root@localhost etc]# nslookup new.yunjisuan.com
Server:		192.168.182.135
Address:	192.168.182.135#53

Name:	new.yunjisuan.com
Address: 192.168.182.20

[root@localhost etc]# nslookup new.yunjisuan.com

#解析ip
[root@localhost etc]# nslookup 192.168.182.135
Server:		192.168.182.135
Address:	192.168.182.135#53

** server can‘t find 135.182.168.192.in-addr.arpa.: NXDOMAIN

[root@localhost etc]# nslookup 192.168.182.13
Server:		192.168.182.135
Address:	192.168.182.135#53

13.182.168.192.in-addr.arpa	name = www.yunjisuan.com.

[root@localhost etc]# nslookup 192.168.182.14
Server:		192.168.182.135
Address:	192.168.182.135#53

14.182.168.192.in-addr.arpa	name = news.yunjisuan.com.
14.182.168.192.in-addr.arpa	name = bbs.yunjisuan.com.

[root@localhost etc]# 

dns

标签:反向   9.1   load   hint   host name   ESS   soa   sid   init   

原文地址:https://www.cnblogs.com/lizhizhi/p/10086967.html

(0)
(0)
   
举报
评论 一句话评论(0
登录后才能评论!
© 2014 mamicode.com 版权所有  联系我们:gaon5@hotmail.com
迷上了代码!