Examples to explain the Linux system server DNS related configuration

Time:2021-3-4

The running environment is RedHat 9.0, IP address is 172.18.121.35, and the domain name is jb51.net

1. Install the software package required by DNS
Check whether the bind software is installed, and input it in the terminal

Copy code

The code is as follows:

[[email protected] root]# rpm -qa|grep bind

redhat-config-bind-1.9.0-13
bind-9.2.1-16
bind-utils-9.2.1-16
ypbind-1.11-4
 
If the above words appear, it means that the installation is successful. If the above things do not appear, insert the correct CD to install. Or download the source code to install.

2. Set the IP address and DNS
Enter netconfig in the terminal, enter, enter IP, 172.18.121.35 in the first line, 255.255.255.0 in the second line, 172.18.121.1 in the third line, and DNS 172.18.121.35 in the last line

Copy code

The code is as follows:

[[email protected] root]#service network reload
[[email protected] root]#service network restart

View IP information through ifconfig

3. Configure DNS
Configure DNS forward search. The configuration file is as follows:

Copy code

The code is as follows:

[[email protected] root]#cp /var/named/localhost.zone /var/named/jb51.net

First copy a local DNS configuration template file and modify it

Copy code

The code is as follows:

[[email protected] root]# vi /var/named/jb51.net
$TTL 86400
$ORIGIN jb51.net.
@ 1D IN SOA jb51.net. root.jb51.net. (
42 ; serial (d. adams)
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum
1D IN NS @
1D IN MX 5 mail.jb51.net.
www 1D IN A 172.18.121.35
mail 1D IN A 172.18.121.35
ftp 1D IN A 172.18.121.35
pop3 IN CNAME mail.jb51.net.
smtp IN CNAME mail.jb51.net.

Save to exit, press ESC first, then: WQ
Configure DNS forward search. The configuration file is as follows:

Copy code

The code is as follows:

[[email protected] root]#cp /var/named/named.local /var/named/172.18.121.rev

First copy a local DNS configuration template file and modify it

Copy code

The code is as follows:

[[email protected] root]# vi /var/named/172.18.121.rev
$TTL 86400
@ IN SOA jb51.net. root.jb51.net. (
1997022700 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS jb51.net.</p>
<p>35 IN PTR www.jb51.net.
35 IN PTR mail.jb51.net.
35 IN PTR ftp.jb51.net.

Configure a main file of local DNS. After installation, it has a template. Modify it. The modified part is indicated by thick line

Copy code

The code is as follows:

[[email protected] root]# vi /etc/named.conf
// generated by named-bootconf.pl
options {
directory “/var/named”;
/*
* If there is a firewall between you and nameservers you want
* to talk to, you might need to uncomment the query-source
* directive below. Previous versions of BIND always asked
* questions using port 53, but BIND 8.1 uses an unprivileged
* port by default.
*/
// query-source address * port 53;
};
//
// a caching only nameserver config
//
controls {
inet 127.0.0.1 allow { localhost; } keys { rndckey; };
};
zone “.” IN {
type hint;
file “named.ca”;
};
zone “localhost” IN {
type master;
file “localhost.zone”;
allow-update { none; };
};
zone “0.0.127.in-addr.arpa” IN {
type master;
file “named.local”;
allow-update { none; };
};
zone “jb51.net”IN{
type master;
file “jb51.net”;
};
zone “121.18.172.in-addr.arpa”IN{
type master;
file “172.18.121.rev”;
};
include “/etc/rndc.key”;
“/etc/ named.conf “[converted] 45L, 894c

Configure the order of the local domain name converter

Copy code

The code is as follows:

[[email protected] root]# vi /etc/host.conf
order bind,hosts
multi off
trim jb51.net
[[email protected] root]# vi /etc/resolv.conf
nameserver 172.18.121.35
nameserver 218.196.42.2
namedsever 218.196.42.2
domain jb51.net
search www.jb51.net jb51.net
option nochecknames rotate

4. Start named service

Copy code

The code is as follows:

[[email protected] root]#service named start

5. Check whether the configuration is successful

Copy code

The code is as follows:

[[email protected] root]# nslookup

Note: nslookup is deprecated and may be removed from future releases.
Consider using the `dig’ or `host’ programs instead. Run nslookup with
the `-sil[ent]’ option to prevent this message from appearing.
> www.jb51.net
Server: 172.18.121.35
Address: 172.18.121.35#53

Name: www.jb51.net
Address: 172.18.121.35
> 172.18.121.35
Server: 172.18.121.35
Address: 172.18.121.35#53

35.121.18.172.in-addr.arpa name = ftp.jb51.net.
35.121.18.172.in-addr.arpa name = www.jb51.net.
35.121.18.172.in-addr.arpa name = mail.jb51.net.
>
CTRL + D exit
If the above situation appears, the text indicates that the configuration has been successful

6. In fact, in the process of configuration, to check whether your configuration is correct, you can use named – g to check where your configuration file is wrong, and then modify it

PS: DNS related profile description
. /etc/host.conf
When DNS domain name resolution and / etc / hosts host table mechanism exist in the system at the same time, the / etc/ host.conf Determine the host name interpretation order. Example:
Order hosts, bind # name interpretation order
Multi on allows a host to have multiple IP addresses
Nospoof on # prohibit IP address spoofing
Order is a keyword. It defines that the host table of the local machine is used to interpret the name first. If it cannot be interpreted, then the bind name server (DNS) is searched.

. /etc/resolv.conf
This file is a configuration file for DNS domain name resolution. Its format is very simple. Each line starts with a keyword, followed by configuration parameters. resolv.conf There are four main keywords for the
Nameserver # defines the IP address of the DNS server
Domain defines the local domain name
Search # defines the search list of domain names
Sortlist # sorts the returned domain names
/etc/ resolv.conf An example of
domain ringkee.com
search www.ringkee.com ringkee.com
nameserver 202.96.128.86
nameserver 202.96.128.166
The most important keyword is the nameserver keyword. If you don’t specify the nameserver, you can’t find the DNS server. Other keywords are optional.

. /etc/hosts
Set the corresponding table of IP address and host name, which can be used for host name interpretation. For example:
#Format: IP address ﹣ host name ﹣ alias

Copy code

The code is as follows:

127.0.0.1 localhost localhost.localdomain
192.168.1.1 debian debian
192.168.0.2 t02 t02.tiger
192.168.0.4 t04 t04.tiger
./etc/name.conf
// generated by named-bootconf.pl</p>
<p>options {
directory “/var/named”;
/*
* If there is a firewall between you and nameservers you want
* to talk to, you might need to uncomment the query-source
* directive below. Previous versions of BIND always asked
* questions using port 53, but BIND 8.1 uses an unprivileged
* port by default.
*/
// query-source address * port 53;
};</p>
<p>//
// a caching only nameserver config
//</p>
<p>zone “.” IN {
type hint;
file “named.ca”;
};</p>
<p>zone “0.0.127.in-addr.arpa” IN {
type master;
file “named.local”;
allow-update { none; };
};

This part is automatically generated after you install the bind software named.conf The original content of the file. “Directory” specifies that the directory where DNS record files are stored is / var / named. The words beginning with “/ /” are explanatory words, regardless of it. The next two “zone” statements define the root of DNS server and the corresponding reverse query domain, and point out that the record file of the root is“ name.ca ”The record file of the reverse query domain of the root is“ named.local ”。 These two record files are also included in the system, so there is no need to change them. named.conf We don’t have to change this part of the document.

But we can add a line under “directory”: Forwarders {202.96.134.133;}. 202.96.134.133 is the address of the DNS server of our telecom. The forwarders parameter indicates the server where the subsequent IP is located as an alternative DNS server. That is to say, send the host whose DNS cannot be resolved to the alternative DNS server for resolution.

Copy code

The code is as follows:

zone “jb51.net” IN {
type master;
file “named.jb51.net”;
allow-update { none; };
};
zone “0.0.10.in-addr.arpa” IN {
type master;
file “named.jb51.net.rev”;
allow-update { none; };
};

This part is added manually. The domain of “jb51. Net” and the corresponding reverse query domain are defined. “Type master” indicates that the machine is “jb51. Net” and “0. 0. 10. In”- addr.arpa ”The primary DNS server of these two domains. “ named.jb51 . net “and“ named.jb51 . net.rev ”Is the record file for the domain. These two files are also created by ourselves. Let’s take a look at these two files.
./var/named/naemd.***.com
The resource record file is located in the / var / named directory. This directory is named.conf Defined in.
1、 named.jb51 The. Net file is as follows:

Copy code

The code is as follows:

@ IN SOA netfinity.jb51.net. root.netfinity.jb51.net. (
1997022700 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS netfinity.jb51.net.
IN MX 10 netfinity.jb51.net.</p>
<p>netfinity IN A 10.0.0.211
lily IN A 10.0.0.139
www IN CNAME netfinity.jb51.net.
pop3 IN CNAME netfinity.jb51.net.
smtp IN CNAME netfinity.jb51.net.

In this record file, there are five types of records. SOA is the abbreviation of start of authority, followed by the host name of your DNS server“ netfinity.jb51 .net.”。 (note the dot after the host name. Remember to add these dots to the host name that appears in the record file.) NS is the name server resource record, indicating the name server in the domain, here is the DNS server. MX is the mail exchanger resource record, indicating the mail server of this domain. You can write multiple MX records to indicate multiple mail servers. The priority level is determined by the number after MX. The smaller the number is, the higher the priority of the mail server is. A is the host record, which corresponds the host and IP address. CNAME is an alias record that gives a host a different name, such aswww.jb51.netIn fact, pop3.jb51.net all point to the same host netfinity.jb51 .net。

./var/named/naemd.***.com.rev
 
  named.jb51 . net.rev Contents of the document:

Copy code

The code is as follows:

@ IN SOA netfinity.jb51.net. root.netfinity.jb51.net. (
1997022700 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS netfinity.jb51.net.
211 IN PTR netfinity.jb51.net.
139 IN PTR lily.jb51.net.

This is the reverse domain record file of “jb51. Net”, which allows DNS server to provide the service of looking up the host name by IP address. PTR records map IP to the host name. Because some programs will require reverse query, it is better not to omit the record file of reverse query domain.
So far, you have successfully configured a DNS server, which can resolve the domain of “jb51. Net”.

Recommended Today

Practice analysis of rust built-in trait: partialeq and EQ

Abstract:Rust uses traits in many places, from simple operator overloading to subtle features like send and sync. This article is shared from Huawei cloud community《Analysis of rust built-in trait: partialeq and EQ》Author: debugzhang Rust uses traits in many places, from simple operator overloading to subtle features like send and sync. Some traits can be automatically […]