| 系统 | named版本 | IP地址 |
|---|---|---|
| centos7 | 默认最新版 | 192.168.1.2 |
※1.安装bind软件
#1. 安装
yum install bind* -y
#2.设置开机启动
[root@lianyu sysconfig] service named start #启动named进程
Redirecting to /bin/systemctl start named.service
[root@lianyu sysconfig] systemctl enable named #设置开机启动
Created symlink from /etc/systemd/system/multi-user.target.wants/named.service to /usr/lib/systemd/system/named.service.
#验证是否启动成功,可通过查看进程和端口号的启动状态
[root@lianyu sysconfig] ps aux|grep named
named 1702 0.0 3.0 242032 57464 ? Ssl 17:15 0:00 /usr/sbin/named -u named -c /etcnamed.conf
root 1726 0.0 0.0 112824 988 pts/0 S+ 17:17 0:00 grep --color=auto named
[root@lianyu sysconfig] netstat -antplu|grep named
tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN 1702/named
tcp 0 0 127.0.0.1:953 0.0.0.0:* LISTEN 1702/named
tcp6 0 0 ::1:53 :::* LISTEN 1702/named
tcp6 0 0 ::1:953 :::* LISTEN 1702/named
udp 0 0 127.0.0.1:53 0.0.0.0:* 1702/named
udp6 0 0 ::1:53 :::* 1702/named
#3.设置域名解析的文件
vim /etc/resolv.conf
#把dns服务器地址改为本机
#nameserver 114.114.114.114
nameserver 127.0.0.1
※2.验证是否搭建成功
#1.验证
[root@lianyu sysconfig] nslookup
> www.qq.com
Server: 127.0.0.1
Address: 127.0.0.1#53
Non-authoritative answer:
www.qq.com canonical name = ins-r23tsuuf.ias.tencent-cloud.net.
Name: ins-r23tsuuf.ias.tencent-cloud.net
Address: 112.53.42.52
Name: ins-r23tsuuf.ias.tencent-cloud.net
Address: 112.53.42.114
Name: ins-r23tsuuf.ias.tencent-cloud.net
Address: 2402:4e00:1020:1404:0:9227:71ab:2b74
Name: ins-r23tsuuf.ias.tencent-cloud.net
Address: 2402:4e00:1020:1404:0:9227:71a3:83d2
#2.修改配置文件,开启对外服务
[root@lianyu sysconfig] cd /etc/named
[root@lianyu named] ls
[root@lianyu named] vim /etc/named.conf
options {
listen-on port 53 { any; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
recursing-file "/var/named/data/named.recursing";
secroots-file "/var/named/data/named.secroots";
allow-query { any; };
forward first;
forwarders { 114.114.114.114; };
recursion yes;
dnssec-enable no;
dnssec-validation no;
/* Path to ISC DLV key */
bindkeys-file "/etc/named.root.key";
managed-keys-directory "/var/named/dynamic";
pid-file "/run/named/named.pid";
session-keyfile "/run/named/session.key";
..............
#配置域名解析文件路径,在编辑文件末尾直接添加,如下为模板修改一下域名就行
vi /etc/named.rfc1912.zones
zone "ty.com" IN {
type master;
file "/var/named/ty.com.zone";
allow-update { none; } ;
};
#这边拷贝的最终文件路径以及名称是根据上方的file定义的,记得给文件授权,否则不生效
cp /var/named/named.loopback /var/named/ty.com.zone
chown root.named /var/named/ty.com.zone
#如下为示范配置信息,可直接复制粘贴到定义的file中,自行修改一下
@ IN SOA ty.com. ns1.ty.com. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS dns.ty.com.
dns IN A 172.19.70.249
jump IN A 172.19.80.233
wiki IN A 172.19.80.233
yapi IN A 172.19.80.233
k8s IN A 172.19.80.223
[root@lianyu named] service named restart #重启服务
[root@lianyu named] ps aux|grep named
named 1922 0.2 3.1 242552 58288 ? Ssl 23:24 0:00 /usr/sbin/named -u named -c /etcnamed.conf
root 1928 0.0 0.0 112824 988 pts/0 S+ 23:25 0:00 grep --color=auto named
[root@lianyu named] netstat -anplut|grep named
tcp 0 0 192.168.81.128:53 0.0.0.0:* LISTEN 1922/named
tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN 1922/named
tcp 0 0 127.0.0.1:953 0.0.0.0:* LISTEN 1922/named
tcp6 0 0 :::53 :::* LISTEN 1922/named
tcp6 0 0 ::1:953 :::* LISTEN 1922/named
udp 0 0 192.168.81.128:53 0.0.0.0:* 1922/named
udp 0 0 127.0.0.1:53 0.0.0.0:* 1922/named
udp6 0 0 :::53 :::* 1922/named
#测试阶段,记得要使用的机器主dns需要修改成搭建dns机器的ip
[root@ty audit]# ping jump.ty.com
PING jump.ty.com (172.19.80.233) 56(84) bytes of data.
64 bytes from 172.19.80.233 (172.19.80.233): icmp_seq=1 ttl=63 time=0.327 ms
64 bytes from 172.19.80.233 (172.19.80.233): icmp_seq=2 ttl=63 time=0.352 ms
