标签:反向 9.1 load hint host name ESS soa sid init
1,缓存域名服务器 (帮你去找域名解析,本身并不能解析)
2,主域名解析服务器
也就是他自己维护一个域名的解析记录本(主机名:baidu.com)
3,从域名解析服务器
4,智能解析服务器(cdn),不同的地方,返回不同的结果
分为俩种
(1)A记录
(2)Cname (别名解析):多个域名同一个ip地址解析
域名======>IP
PTR反向解析
反向追踪ip地址的,看ip地址是否合法的
IP=========>域名
DNS的俩种查询方式
1,递归查询
2,递归查询
缓存域名服务器的配置
[root@localhost ~]# yum install -y bind bind-chroot
[root@localhost ~]# rpm -qa | grep bind
bind-libs-9.8.2-0.17.rc1.el6_4.6.x86_64
bind-chroot-9.8.2-0.17.rc1.el6_4.6.x86_64
bind-9.8.2-0.17.rc1.el6_4.6.x86_64
[root@localhost ~]# vim /etc/named.conf
options {
listen-on port 53 { 192.168.182.134; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { any; };
forwarders { 202.106.0.20; };
recursion yes;
dnssec-enable yes;
dnssec-validation no;
dnssec-lookaside auto;
/* Path to ISC DLV key */
bindkeys-file "/etc/named.iscdlv.key";
managed-keys-directory "/var/named/dynamic";
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
zone "." IN {
type hint;
file "named.ca";
};
include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";
#检测语法
[root@localhost ~]# named-checkconf /etc/named.conf
[root@localhost ~]#
[root@localhost ~]# /etc/init.d/named start
Generating /etc/rndc.key: [ OK ]
Starting named: [ OK ]
[root@localhost ~]#
[root@localhost named]# vim /etc/resolv.conf
; generated by /sbin/dhclient-script
search localdomain
nameserver 192.168.182.134
[root@localhost ~]# ping www.baidu.com
PING www.baidu.com (61.135.169.125) 56(84) bytes of data.
64 bytes from 61.135.169.125: icmp_seq=1 ttl=128 time=1922 ms
options {
listen-on port 53 { 192.168.182.135; };
// listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { any; };
farwarders { 202.106.0.20; };
recursion yes;
// dnssec-enable yes;
// dnssec-validation yes;
// dnssec-lookaside auto;
/* Path to ISC DLV key */
bindkeys-file "/etc/named.iscdlv.key";
managed-keys-directory "/var/named/dynamic";
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
zone "yunjisuan.com" IN {
type master;
file "yunjisuan.com.zone";
};
zone "." IN {
type hint;
file "named.ca";
};
include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";
[root@localhost named]# cd /var/named/
[root@localhost named]# cp -p named.empty yunjisuan.com.zone
$TTL 3H
@ IN SOA @ yunjisuan.com.root.ns1.yunjisuan.com. (
20181205 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS ns1.yunjisuan.com. #位置
ns1 A 192.168.182.12
www A 192.168.182.13
news A 192.168.182.14
bbs CNAME news 192.168.182.14
* A 192.168.182.20 了192.168.182.20
[root@localhost named]# named-checkzone yunjisuan.com yunjisuan.com.zone
OK
[root@localhost named]# /etc/init.d/named restart
Stopping named: . [ OK ]
Starting named: [ OK ]
[root@localhost named]#
#反向解析记录本
[root@localhost named]# cp -p named.empty 192.168.182.arpa
[root@localhost named]# vim 192.168.182.arpa
$TTL 3H
@ IN SOA @ yunjisuan.com.root.ns1.yunjisuan.com. (
20181206 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS ns1.yunjisuan.com.
108 PTR ns1.yunjisuan.com.
13 PTR www.yunjisuan.com.
14 PTR news.yunjisuan.com.
14 PTR bbs.yunjisuan.com.
[root@localhost named]# named-checkzone named.empty 192.168.182.arpa #检测脚本是否有错误
zone named.empty/IN: loaded serial 20181206
OK
############重启服务
#客户端测试
#解析域名
[root@localhost etc]# nslookup www.yunjisuan.com
Server: 192.168.182.135
Address: 192.168.182.135#53
Name: www.yunjisuan.com
Address: 192.168.182.13
[root@localhost etc]# nslookup ns1.yunjisuan.com
Server: 192.168.182.135
Address: 192.168.182.135#53
Name: ns1.yunjisuan.com
Address: 192.168.182.135
[root@localhost etc]# nslookup bbs.yunjisuan.com
Server: 192.168.182.135
Address: 192.168.182.135#53
bbs.yunjisuan.com canonical name = news.yunjisuan.com.
Name: news.yunjisuan.com
Address: 192.168.182.14
[root@localhost etc]# nslookup new.yunjisuan.com
Server: 192.168.182.135
Address: 192.168.182.135#53
Name: new.yunjisuan.com
Address: 192.168.182.20
[root@localhost etc]# nslookup new.yunjisuan.com
#解析ip
[root@localhost etc]# nslookup 192.168.182.135
Server: 192.168.182.135
Address: 192.168.182.135#53
** server can‘t find 135.182.168.192.in-addr.arpa.: NXDOMAIN
[root@localhost etc]# nslookup 192.168.182.13
Server: 192.168.182.135
Address: 192.168.182.135#53
13.182.168.192.in-addr.arpa name = www.yunjisuan.com.
[root@localhost etc]# nslookup 192.168.182.14
Server: 192.168.182.135
Address: 192.168.182.135#53
14.182.168.192.in-addr.arpa name = news.yunjisuan.com.
14.182.168.192.in-addr.arpa name = bbs.yunjisuan.com.
[root@localhost etc]#
标签:反向 9.1 load hint host name ESS soa sid init
原文地址:https://www.cnblogs.com/lizhizhi/p/10086967.html
