DNS server installation and configuration are divided into three parts
1. Install bind software
2. Forward resolution configuration
3. Reverse resolution configuration
One, install the bind software
able to pass
rpm -qa | grep bind*
To find all files related to bind
Install the required BIND software through yum, and the installation file of the BIND service is included in the system CD
yum -y install bind*
Note that if you use yum to install the software in centos, Could not retrieve mirrorlist may appear, which is generally a network problem.
1. If the DHCP dynamic network is configured, add nameserver 8.8.8.8 in the /etc/resolv.conf file.
2. If it is a static network, add DNS1= in the /etc/sysconfig/network-scripts/ifcfg-ens33 file 8.8.8.8
Finally enter the restart network service
service network restart
Two, forward analysis configuration
1. Configure the forward parsing file
vim /etc/named.conf
After entering, enter i to enter the insert mode, and only modify two places
. The 13th line is the listening address and port. If there is no special requirement, it is recommended to delete and change the line. After deleting this line, the service will be monitored on UDP 53 port of all interfaces by default
. Line 19 indicates the network segment allowed to use this DNS server. It is recommended to delete it. Deleting this line will respond to all client queries by default. Request After the
modification is completed, press Esc, enter ":wq", save and exit
2. Configure named.rfc1912.zones
cd /etc
vim named.rfc1912.zones
Modify after entering (the red box is the added content) After the
modification is completed, press ESC, enter ":wq", save and exit
3. Configure execesoft.com.zone
We can copy one from the template and modify it
cp /var/named/named.empty /var/named/csdn.com.zone
vim /var/named/csdn.com.zone
Modify the content as the following figure. After the
modification is completed, press ESC, enter ":wq", save and exit
4. Modify permissions and groups
Note: The file of csdn.com.zone must be under the named group
[root@localhost etc]# cd /var/named/
[root@localhost named]# chgrp named csdn.com.zone
[root@localhost named]# chmod 640 csdn.com.zone
[root@localhost named]# ll
-rw-r-----. 1 root named 213 7月 2415:24 csdn.com.zone
5. Turn off the firewall
[root@localhost named]# firewall-cmd --remove-port=53/tcp --permanent
Warning: NOT_ENABLED: 53:tcp
success
[root@localhost named]# firewall-cmd --remove-port=53/udp --permanent
Warning: NOT_ENABLED: 53:udp
success
6. Modify the /etc/resolv.conf file
vim /etc/resolv.conf
Modify the nameserver IP address in the picture to be the IP address of the machine. Mine is 192.168.60.138.
If you don’t remember, you can open another terminal and enter ifconfig to check your IP address.
7. Whether the test is successful
Finally, the service must be restarted and tested
# systemctl restart named
# nslookup
# server
Then proceed to the test. The
forward analysis is complete!
Three, reverse analysis configuration
1. Modify the configuration file, /etc/named.rfc1912.zones
vim /etc/named.rfc1912.zones
2. Modify /var/named/60.168.192.zone
Similarly, we can copy a copy from the sample
[root@localhost ~]# cp /var/named/named.empty /var/named/60.168.192.zone
[root@localhost ~]# vim /var/named/60.168.192.zone
Press ESC, input ":wq", save and exit
3. Group and change permissions in the same way
[root@localhost ~]# cd /var/named/
[root@localhost named]# chgrp named 60.168.192.zone
[root@localhost named]# chmod 640 60.168.192.zone
[root@localhost named]# ll
总用量 24
-rw-r-----. 1 root named 240 7月 24 17:40 60.168.192.zone
4. Restart and test
[root@localhost named]# systemctl restart named
[root@localhost named]# nslookup
> server
This shows that the reverse analysis has been successful!