分支1-CentOS6.5下 正/反向域名解析之yum安装/编译安装 的教程
本人对DNS的理解:
-->正向解析与反向解析:
1)正向解析:
正向解析是指域名到IP地址的解析过程。
2)反向解析:
反向解析是从IP地址到域名的解析过程;反向解析的作用为服务器的身份验证。
-->主从DNS服务器:
主DNS服务器(Master DNS): 数据库更新由管理员手动完成;
辅助DNS服务器 (SlaveDNS):数据库更新从主服务器或其他辅助DNS服务器那里完成;
注意:如果您感觉内容不理解,那么请到以下分支查看你所需要的内容:
1. 总结 DNS and BIND: http://xiaomazi.blog.51cto.com/5891742/1376225
2. 分支1- 正/反向域名解析之yum与编译安装: http://xiaomazi.blog.51cto.com/5891742/1376228
3. 分支2- 主从DNS服务器: http://xiaomazi.blog.51cto.com/5891742/1376231
4. 分支3- 子域授权、请求转发: http://xiaomazi.blog.51cto.com/5891742/1377087
5. 分支4- ACL 及 view视图: http://xiaomazi.blog.51cto.com/5891742/1377090
一、DNS的常用命令:
1.测试解析命令.
1). dig命令:
# dig [-t type] [-x addr] [name] [@server]
+[no]trace-->(跟踪解析过程)
+[no]recurse-->(是否使用递归的方式)
+[no]tcp -->(是否使用tcp查询,而不使用udp)
+[no]question-->(是否隐藏问题)
+[no]answer-->(是否隐藏答案)
+[no]authority-->(是否隐藏权威段)
+[no]additional-->(是否隐藏附加段)
2). host命令:
# host [-t type] {name} [server]
例子:
[root@localhost ~]# host -t MX xiaoma.com
xiaoma.com mail ishandled by 10mail.xiaoma.com.
[root@localhost ~]#
3). nslookup命令(交互式的命令):
nslookup>
server DNS_SERVER_IP
set q=TYPE
{name}
例子:
[root@localhost ~]# nslookup
> setq=A
> www.xiaoma.com
Server:172.16.17.202
Address:172.16.17.202#53
Name:www.xiaoma.com
Address: 172.16.17.203
>
2.启动/重加载命令:
1).启动命令:
# named -u named
# servcice named start(这个可能会依赖rndc.key的)
2).重载命令:
# service named reload
# killall -1 named
# killall named(关闭)
3.测试语法错误:
# service named configtest
# named-checkconf
# named-checkzone "xiaoma.com" /var/named/xiaoma.com.zone
二、bind的基本使用:
1、正向解析配置:
第一种:手动创建配置文件及区域文件:
前提:
挂载光盘:
[root@xiaoma ~]# mkdir /media/cdrom
[root@xiaoma ~]# mount /dev/cdrom /media/cdrom/
mount: block device /dev/sr0 iswrite-protected, mounting read-only
配置本地yum源:
[root@xiaoma ~]# cd /etc/yum.repos.d/
[root@xiaoma yum.repos.d]# mv CentOS-Base.repo CentOS-Base.repo.bak
[root@xiaoma yum.repos.d]# vim media.repo
[media]
name=media
baseurl=file:///media/cdrom
enabled=1
gpgcheck=0
1).将准备好的bind包安装:
[root@localhost ~]# yum -y install bind
2).注意: 这里没有使用源配置文件,而是手动写配置文件:
[root@localhost etc]# mv /tmp/named.conf /etc/named.conf.origin
3).新建编辑配置文件/etc/named.conf:
⑴编辑/var/named/named.loopback文件(如果是新建的文件要修改其相关属性):
[root@localhost ~]# vim /var/named/named.loopback
$TTL 1D
@ IN SOA @ rname.invalid. (
0; serial
1D; refresh
1H; retry
1W; expire
3H) ; minimum
NS @
A 127.0.0.1
AAAA ::1
PTR localhost.
⑵编辑/var/named/named.localhost文件(如果是新建的文件要修改其相关属性):
[root@localhost ~]# vim /var/named/named.localhost $TTL 1D @ IN SOA @ rname.invalid. ( 0 ; serial 1D ; refresh 1H ; retry 1W ; expire 3H ) ; minimum NS @ A 127.0.0.1 AAAA ::1
⑶编辑/var/named/xiaoma.com.zone文件(手动创建):
[root@localhost named]# chown root:named /var/named/xiaoma.com.zone
[root@localhost named]# chmod 640 /var/named/xiaoma.com.zone
[root@localhost etc]# chown root:named /etc/named.conf
[root@localhost etc]# chmod --reference=/etc/named.conf.origin /etc/named.conf(1)-->注意:这个(1)和(2)是一样的.
[root@localhost etc]# chmod 640 /etc/named.conf(2)
第一:启动时测试: [root@localhost etc]# service named configtest zone localhost/IN: loaded serial 0 zone 1.0.0.127.in-addr.arpa/IN: loaded serial 0 第二:手动测试: [root@localhost etc]# named-checkconf [root@localhost etc]# 区域文件是系统自带的,我这里就没有必要检查语法了吆. root@localhost named]# named-checkzone "xiaoma.com"/var/named/xiaoma.com.zone zone xiaoma.com/IN: loaded serial 2014031301 OK [root@localhost named]#
[root@localhost etc]# service named start-->启动时需要产生随机数. Generating /etc/rndc.key: [root@localhost etc]# --> 如果这里启动不了就使用下面的这个命令:以root的身份启动,启动后以named用户执行. [root@localhost etc]# named -u named
挂载光盘:
[root@xiaoma ~]# mkdir /media/cdrom
[root@xiaoma ~]# mount /dev/cdrom /media/cdrom/
mount: block device /dev/sr0 iswrite-protected, mounting read-only
配置本地yum源:
[root@xiaoma ~]# cd /etc/yum.repos.d/
[root@xiaoma yum.repos.d]# mv CentOS-Base.repo CentOS-Base.repo.bak
[root@xiaoma yum.repos.d]# vim media.repo
[media]
name=media
baseurl=file:///media/cdrom
enabled=1
gpgcheck=0
[root@localhost ~]# yum -y install bind
注意: 这里只是把注释的内容贴出来了: // listen-on port 53 { 127.0.0.1; }; // listen-on-v6 port 53 { ::1; }; // allow-query { localhost; }; // dnssec-enable yes; // dnssec-validation yes; // dnssec-lookaside auto; // bindkeys-file "/etc/named.iscdlv.key"; // managed-keys-directory "/var/named/dynamic"; //include "/etc/named.root.key";
3).修改区域文件/etc/named.rfc1912.zones:
在文章尾部添加:
[root@localhost named]# vim /etc/named.rfc1912.zones
zone "xiaoma.com"{
typemaster;
file"xiaoma.com.zone";
};
[root@localhost named]# chmod 640 /var/named/xiaoma.com.zone
[root@localhost named]# chown root:named /var/named/xiaoma.com.zone
[root@localhost named]# named-checkconf
[root@localhost named]# named-checkzone "xiaoma.com" /var/named/xiaoma.com.zone
[root@localhost named]# named -u named
[root@localhost named]# service named reload
[root@localhost named]# killall -1 named
[root@localhost ~]# dig -t MX xiaoma.com
[root@localhost ~]# dig -t CNAME pop.xiaoma.com
[root@localhost ~]# dig -t MX xiaoma.com
[root@localhost ~]# dig -t CNAME pop.xiaoma.com
[root@localhost ~]# dig -t CNAME ftp.xiaoma.com
[root@localhost ~]# dig -t A www.xiaoma.com
[root@localhost ~]# dig -t NS xiaoma.com
[root@localhost ~]# dig -t NS xiaoma.com @172.16.17.202
[root@localhost ~]# dig -t A mail.xiaoma.com
1).定义区域文件/etc/named.rfc1912.zones:
[root@localhost ~]# vim /etc/named.rfc1912.zones
zone "17.16.172.in-addr.arpa"{
typemaster;
file"172.16.17.zone";
};
复制文件保持属组及权限: [root@localhost named]# cp -p xiaoma.com.zone 172.16.17.zone
[root@localhost named]# dig -x 172.16.17.204
[root@localhost named]# dig -x 172.16.17.203
挂载光盘:
[root@xiaoma ~]# mkdir /media/cdrom
[root@xiaoma ~]# mount /dev/cdrom /media/cdrom/
mount: block device /dev/sr0 iswrite-protected, mounting read-only
配置本地yum源:
[root@xiaoma ~]# cd /etc/yum.repos.d/
[root@xiaoma yum.repos.d]# mv CentOS-Base.repo CentOS-Base.repo.bak
[root@xiaoma yum.repos.d]# vim media.repo
[media]
name=media
baseurl=file:///media/cdrom
enabled=1
gpgcheck=0
安装开发包组:
[root@xiaoma ~]# yum grouplist | grep Development
Desktop Platform Development
Development tools
Server Platform Development
[root@xiaoma ~]# yum -y groupinstall "Server Platform Development" "Desktop Platform Development" "Development tools"
1、下载源代码,编译安装:
1).将准备好的源码包解压并编译安装:
[root@xiaoma tmp]# tar xf bind-9.9.5.tar.gz [root@xiaoma tmp]# cd bind-9.9.5 [root@xiaoma bind-9.9.5]# ./configure --prefix=/usr/local/bind9 --sysconfdir=/etc/named/ --enable-threads --enable-epoll --disable-chroot root@xiaoma bind-9.9.5]# make root@xiaoma bind-9.9.5]# make install
2.创建主配置文件/etc/named/named.conf:
3.创建区域数据文件:
① 创建/var/named/named.ca :
[root@xiaoma ~]# mkdir /var/named
[root@xiaoma ~]# cd /var/named/
[root@xiaoma named]# dig -t NS . @172.16.0.1 > named.ca
② 创建/var/named/named.loopback
:
[root@xiaoma named]# vim named.loopback
$TTL 86400
@ IN SOA localhost. admin.localhost. (
2014031101
2H
10M
7D
1D)
IN NS localhost.
1IN PTR localhost.
③ 创建/var/named/named.localhost :
[root@xiaoma named]# vim named.localhost
$TTL 86400
@ IN SOA localhost. admin.localhost. (
2014031101
2H
10M
7D
1D)
IN NS localhost.
localhost. IN A 127.0.0.1
④然后创建/var/named/xiaoma.com.zone
文件:
[root@xiaoma named]# vim /var/named/xiaoma.com.zone
$TTL 86400
@ IN SOA dns.xiaoma.com. dnsadmin.xiaoma.com. (
2014031101
2H
10M
3D
1D)
IN NS dns
IN MX 10mail
dns IN A 172.16.17.202
mail IN A 172.16.17.202
www IN A 172.16.17.1
4.创建系统用户,且测试启动:
① 创建用户:
[root@xiaoma ~]# groupadd -g 53 -r named
[root@xiaoma ~]# useradd -g named -r named
[root@xiaoma ~]# id named
uid=496(named) gid=53(named) groups=53(named)
[root@xiaoma ~]# ls /home/
② 赋予相应属性:
[root@xiaoma named]# chmod 640 /etc/named/named.conf /var/named/*
[root@xiaoma named]# chown root:named /etc/named/* /var/named/*
③ 设置PATH变量:
[root@xiaoma named]# echo 'export PATH=/usr/local/bind9/bin:/usr/local/bind9/sbin:$PATH' > /etc/profile.d/named.sh
[root@xiaoma named]# cat /etc/profile.d/named.sh
[root@xiaoma named]# source /etc/profile.d/named.sh
④ 检查语法:
[root@xiaoma ~]# named-checkconf
[root@xiaoma ~]# named-checkzone "0.0.127.in-addr.arpa" /var/named/named.loopback
zone 0.0.127.in-addr.arpa/IN: loaded serial 2014031101
OK
[root@xiaoma ~]# named-checkzone "localhost" /var/named/named.localhost
zone localhost/IN: loaded serial 2014031101
OK
[root@xiaoma named]# named-checkzone "xiaoma.com" xiaoma.com.zone
zone xiaoma.com/IN: loaded serial 2014031101
OK
[root@xiaoma ~]# killall -1 named
⑤ 测试启动并查看端口:
[root@xiaoma named]# named -u named
[root@xiaoma named]# ss -tunl
⑥测试解析A记录:
[root@localhost named]# dig -t A www.xiaoma.com @172.16.17.202 ; <<>> DiG 9.9.5<<>> -t A www.xiaoma.com @172.16.17.202 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 49273 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ;; QUESTION SECTION: ;www.xiaoma.com. IN A ;; ANSWER SECTION: www.xiaoma.com. 86400IN A 172.16.17.1 ;; AUTHORITY SECTION: xiaoma.com. 86400IN NS dns.xiaoma.com. ;; ADDITIONAL SECTION: dns.xiaoma.com. 86400IN A 172.16.17.202 ;; Query time: 0msec ;; SERVER: 172.16.17.202#53(172.16.17.202) ;; WHEN: Fri Mar 0701:37:43CST 2014 ;; MSG SIZE rcvd: 93 [root@localhost named]#
5.提供服务脚本,并赋予权限:
1).脚本:
[root@xiaoma ~]# vim /etc/rc.d/init.d/named #!/bin/bash # # description: named daemon # chkconfig: - 25 80 # pidFile=/usr/local/bind9/var/run/named.pid lockFile=/var/lock/subsys/named confFile=/etc/named/named.conf [ -r /etc/rc.d/init.d/functions] && . /etc/rc.d/init.d/functions start() { if[ -e $lockFile ]; then echo"named is already running..." exit0 fi echo-n "Starting named:" daemon --pidfile "$pidFile"/usr/local/bind9/sbin/named-u named -c "$confFile" RETVAL=$? echo if[ $RETVAL -eq0 ]; then touch$lockFile return$RETVAL else rm-f $lockFile $pidFile return1 fi } stop() { if[ ! -e $lockFile ]; then echo"named is stopped." # exit 0 fi echo-n "Stopping named:" killproc named RETVAL=$? echo if[ $RETVAL -eq0 ];then rm-f $lockFile $pidFile return0 else echo"Cannot stop named." failure return1 fi } restart() { stop sleep2 start } reload() { echo-n "Reloading named: " killproc named -HUP #killall -HUP named RETVAL=$? echo return$RETVAL } status() { ifpidof named &> /dev/null; then echo-n "named is running..." success echo else echo-n "named is stopped..." success echo fi } usage() { echo"Usage: named {start|stop|restart|status|reload}" } case$1 in start) start ;; stop) stop ;; restart) restart ;; status) status ;; reload) reload ;; *) usage exit4 ;; esac
2).赋予相应属性:
[root@xiaoma ~]# chkconfig --add named
[root@xiaoma ~]# chkconfig --list named
named 0:off 1:off 2:off 3:off 4:off 5:off 6:off
[root@xiaoma ~]# killall named -->关闭named
[root@xiaoma ~]# chmod +x /etc/rc.d/init.d/named
[root@xiaoma ~]# service named start
Starting named: [ OK ]
A smile is the most beautiful language!!!
以本人的理解而写出博客,如若有错误,欢迎指出.
---->小马子
转载于:https://blog.51cto.com/xiaomazi/1376228
分支1-CentOS6.5下 正/反向域名解析之yum安装/编译安装 的教程相关推荐
- mysql5.5.8编译安装_Mysql应用linux下mysql 5.5.8 源码编译安装
<MysqL应用linux下MysqL 5.5.8 源码编译安装>要点: 本文介绍了MysqL应用linux下MysqL 5.5.8 源码编译安装,希望对您有用.如果有疑问,可以联系我们. ...
- centos6.7下snort2.9.9.0+base+barnyard2的安装
0x01 YUM源准备 阿里云Linux安装镜像源地址:http://mirrors.aliyun.com/ 第一步:备份原镜像文件 mv /etc/yum.repos.d/CentOS-Base.r ...
- linux安装Git依赖的包出错,Centos6.7安装编译安装最新Git2.10.1
到 Git官网发现,git版本已经是Git2.10.1了,绝对安装最新的版本,所以我们必须采用编译安装,测试环境本地 Centos6.7,小编已经完成测试成功,在make安装时出现了错误提示,已经完美 ...
- centos7下搭建lnmp环境包含yum源直接安装和源码编译安装,以及php5.3和php7.6版本
LNMP环境的搭建 一.yum源直接搭建 1.安装epel源 2.安装mariadb 初始化mariadb 3.安装php模块 配置php-fpm 3.安装nginx 配置nginx 4.测试环境是否 ...
- Ubuntu20.04或18.04下PX4(pixhawk)源码编译环境配置教程,及构建代码各种错误解决办法
在 Ubuntu Linux 18.04 和 20.04 上设置 PX4 开发环境,可参考此教程或官方教程Ubuntu Development Environment | PX4 User Guide ...
- linux安装编译安装 ffmpeg,解决linux下ffmpeg压缩的mp4无法在网页播放问题
ffmpeg官网下载页面:http://www.ffmpeg.org/download.html github下载页面 https://github.com/FFmpeg/FFmpeg/releas ...
- CentOS 下安装编译安装MeMcached
下载最新的 memcached http://www.memcached.org/ 1.4.15 # tar -xvf memcached-1.4.15.tar.gz cd memcached-1.4 ...
- CentOS6.5下安装mongodb
MongoDB是目前最常用的NoSQL-非关系型数据库. 本文将介绍在CentOS下如何通过yum安装MongoDB. 1.首先在CentOS6.5下,编辑Mongo的yum源: 在/etc/yum. ...
- Elam的caffe笔记之配置篇(一):CentOS6.5编译安装gcc4.8.2
配置要求: 系统:centos6.5 目标:基于CUDA8.0+Opencv3.1+Cudnnv5.1+python3.6接口的caffe框架 gcc是linux编译安装必备的编译器 CentOS6. ...
最新文章
- UNICODE与UTF-8的转换
- myeclipse 自动生成注释
- mysql 修复表 阿里云_MySql数据表修复方法-阿里云开发者社区
- 网络知识入门:路由器基础知识全接触
- 十大面试问题解惑,秒杀一切HR、技术面试。iOS程序员必读!
- 洛谷2017-2月月赛
- 预培训个人项目(地铁线路规划)
- MFC 教程【4_消息映射的实现】
- USB 2.0 Spec 微缩版
- 什么是自动化测试?为什么要自动化测试?怎么做?
- python毕业设计作品基于django框架 校园失物招领系统毕设成品(6)开题答辩PPT
- 计算机论文3000字文献,计算机学术论文3000字计算机学术毕业论文范文模板.pdf
- MySQL数据备份与IDE工具介绍
- 【关系模型相关概念】小楼一夜听春雨——数据库学习之路(3)
- 证券交易系统术语介绍
- 解决win10微软应用商店打不开的问题
- 卷积神经网络通俗易懂理解
- 哈霍兰服务器修改WCL记录,魔兽世界:怀旧服哈霍兰服务器再创纪录,最强“刷子”六天刷出420万荣誉...
- GAN之野狼DiscoGAN
- PopupMenu弹出位置的控制
热门文章
- 「luogu3704」[SDOI2017]数字表格
- C++入门经典-例4.7-变量的作用域
- quick cocos2d-x 使用CCTableView 例子
- C#DataGrdviewl加入checkBox全选删除
- C# String部分方法的例子StringBuilder的简单介绍
- solidworks api二次开发实例详解_Solidworks开发语言对比及分析
- slice_input_producer在2.0版本里怎么用_用Gan生成一维数据(附代码)
- 成都郫县php开发学校_成都各区九年制学校、十二年制学校汇总
- android n进入分屏代码分析_智慧分屏为“何物”?华为MatePad Pro解锁便捷又高效的新姿势...
- spark数据查询语句select_sparksql语句