DNS在日常網絡應用中無處不在,當你打開新浪、百度、人人時,其實你已經在使用DNS了。
首先,我們來了解下什麼是DNS:
域名系統(英文:Domain Name System,縮寫:DNS)是網際網路的一項服務。它作為将域名和IP位址互相映射的一個分布式資料庫,能夠使人更友善的通路網際網路。DNS 使用TCP和UDP端口53。
——摘自維基百科
DNS(Domain Name System,域名系統),網際網路上作為域名和IP位址互相映射的一個分布式資料庫,能夠使使用者更友善的通路網際網路,而不用去記住能夠被機器直接讀取的IP數串。
——摘自百度百科
簡單點來說,DNS所做的事就是當你在浏覽器位址欄上通路諸如www.baidu.com這類域名時将其映射為對應的ip位址,進而通過ip對相應伺服器發送請求指令。
好了,下面進入正題,部落客将手把手帶大家搭建一個屬于自己的DNS伺服器。
前提條件:一台有固定公網IP的裝有Linux系統的機器。
CentOS 6:
1.安裝bind
bind是一款開放源碼的DNS伺服器軟體,可使用yum -y install bind 安裝。
2.配置主配置檔案/etc/named.conf
在原有named.conf檔案基礎上修改如下:
listen-on port 53 {any; };
allow-query { any; };
//listen-on-v6 port 53 { ::1; };
3.配置/etc/named.rfc1912.zones
配置這步之前,我們要了解/etc/named.rfc1912.zones與第二步的/etc/named.conf關系。
細心的你不難發現,在named.conf下面有一行:
include "/etc/named.rfc1912.zones";
include為引用,即/etc/named.conf檔案中引用到了/etc/named.conf檔案,其實也就相當于一個比較大的檔案被按照各自特有功能分割開來,而又由引用互相緊密聯系在一起,這樣做的好處顯而易見,在查找、修改相應功能時會清晰、快速不少。
部落客named.conf檔案中引用如下:
include "/etc/named.rfc1912.zones";
如果你的named.conf中沒有找到這行,反而找到如下字樣:
include "/etc/named.xxx.zones";
那麼接下來你要配置的就不是/etc/named.rfc1912.zones,而是/etc/named.xxx.zones了。
下面我們已named.rfc1912.zones檔案為例,添加對dota.net域名的解析
在named.rfc1912.zones中添加如下配置:
zone "dota.net" IN { #本地正解定義
type master; #類型為master
file "dota.net.zone";#正解檔案名
};
4.建立正解解析檔案
在過程3中我們配置了
file "dota.net.zone";#正解檔案名
接下來我們就要建立dota.net.zone檔案來對dota.net域名進行具體解析
4.1進入/var/named/檔案夾下
4.2建立名為dota.net.zone檔案
4.3打開dota.net.zone檔案并配置内容如下:
$TTL 86400
@ IN SOA localhost. root.localhost(
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
@ IN NS www.dota.net.
www IN A 111.111.111.111
即可将www.dota.net域名映射至IP 111.111.111.111
CentOS 5:
In Redhat Enterprise linux or Centos 5 There will be no default named .conf file in /etc directory. We Need to copy sample configuration files from /usr/share/doc/bind-9.3.4/sample/etc/ to /etc directory by using the following command.
cp /usr/share/doc/bind-9.3.4/sample/etc/* /etc/
Copy zone files to /var/named directory from /usr/share/doc/bind-9.3.4/sample/var/named.
cp -a /usr/share/doc/bind-9.X/sample/var/named/* /var/named
We need to create the dns keygen using following command
dns-keygen
a7oGexQBd93D3cyIJWxw6kZxEPCS2O7LvqM6SiT4z2RteBZPgjmdYlTfdGpy
We need to insert the keygen in /etc/named.conf file
vi /etc/named.conf
key ddns_key
{
algorithm hmac-md5;
secret a7oGexQBd93D3cyIJWxw6kZxEPCS2O7LvqM6SiT4z2RteBZPgjmdYlTfdGpy;
};
Open up /etc/named.conf file, enter zone details as per domain requirements. The following file edited to minimal configuration, this is enough to run a DNS Server. You can copy and use it for your server also.
vi /etc/named.conf
options
{
directory “/var/named”; // the default
dump-file “data/cache_dump.db”;
statistics-file “data/named_stats.txt”;
memstatistics-file “data/named_mem_stats.txt”;
};
logging
{
channel default_debug {
file “data/named.run”;
severity dynamic;
};
};
zone “itzgeek.com” IN { —–> Name of the Zone
type master;
file “itzgeek.com“; —–> Name of the file where Zone Saved
allow-update { none; };
};
zone “4.65.10.reverse” IN { —–> Name of the Zone
type master;
file “4.65.10.reverse “; —–> Name of the file where Zone Saved
allow-update { none; };
};
key ddns_key
{
algorithm hmac-md5;
secret a7oGexQBd93D3cyIJWxw6kZxEPCS2O7LvqM6SiT4z2RteBZPgjmdYlTfdGpy ;
};
Create a zone file called itzgeek.com for forward zone under /var/named directory. All domain names should end with dot (.).
There are some special keywords for Zone Files
A – A record
NS – Name Server
MX – Mail for Exchange
CN – Canonical Name
vi /var/named/itzgeek.com
$TTL 86400
@ IN SOA itzgeek.com. [email protected]. (
24211201 ; serial (d. adams)
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum
IN NS itzgeek.com.
IN A 10.65.4.55
ns1 IN A 10.65.4.56
server IN A 10.65.4.56
www IN A 10.65.4.56
mail IN A 10.65.4.56
itzgeek.com. IN MX 10 mail.itzgeek.com.
Create a zone file called itzgeek.com for forward zone under /var/named directory, create reverse pointer to the above forward zone entries.
PTR – Pointer
SOA – Start of Authority
vi /var/named/10.65.4.reverse
$TTL 86400
@ IN SOA itzgeek.com. [email protected]. (
1997022700 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS itzgeek.com.
55 IN PTR itzgeek.com.
56 IN PTR server.itzgeek.com.
56 IN PTR mail.itzgeek.com.
56 IN PTR www.itzgeek.com.
56 IN PTR ns1.itzgeek.com.
Restart the service using the following command
# service named restart
Simply test the server using command to check forward zone.
# host itzgeek.com
itzgeek.com has address 10.65.4.55
itzgeek.com mail is handled by 10 mail.itzgeek.com
This is for the reverse zone
# host 10.65.4.55
55.4.65.10.in.addr.arpa domain name pointer itzgeek.com.
These above command are good enough to check the DNS. To know more about DNS resolving details we can use Dig or Nslookup
Search Term:
Configure DNS on CentOS 5 / RHEL 5 ,Configure DNS on CentOS 5 / RHEL 5, Configure DNS on CentOS 5, Configure DNS on CentOS, Configure DNS on linux, Configure DNS on RHEL 5 , Configure DNS on RHEL , Configure DNS on CentOS , Configure DNS on CentOS 5, Configure DNS on CentOS 5 / RHEL 5
Read more: http://www.itzgeek.com/how-tos/linux/centos-how-tos/how-to-configure-dns-server-on-centos-5-rhel-5.html#ixzz3MybU6k6c
© 2014 ITzGeek. All rights reserved.
5.開啟服務
service named start
PS:由于時間有限,今日就到這裡,未來兩三天将會對DNS反解、轉發器,DNS服務相關注意事項及常見問題解答與大家分享。歡迎大家留言一起讨論交流,有不正确的地方也請指出,謝謝。