Use CentOS Bind configure DNS services


First, introduction to DNS
Second, Bind installation
Third, the Bind configuration
Four, Bind configuration files
Five, validation
Six common errors
Seven, to finish
First, introduction to DNS
DNS (Domain Name Service), the domain name resolution services.
History:
1, early computers were young people created by modifying the hosts file on your computer to achieve IP and domain name correspondence.
2, in order to manage and quicker to update to the latest hosts file, download hosts file onto an FTP server.
3, when the explosive growth in the computer, and download the updated hosts file to the FTP server should be United not realistic, so we got multiple domains to manage domain names. Superior domain names only to subordinate domain authorization.
Domain name types:
Root domain
.
/Top level domain a domain
Organizational domain, business organizations domain: com, com.CN, org, gov, edu, net
Country field: CN, HK, TW, JP, KR, IR, IQ, my, us, UK, ru, JP
Reverse domains: in-addr-ARPA
Second-level domain
baidu.com sina.com.cn google.cn 163.com
Example (this description ignores TTL)
User 202.96.128.1 set DNS server: 8.8.8.8, which IP address to get tieba.Baidu.com. Process is as follows:
1, 202.96.128.1, locally there is no query cache, if there is no query to the DNS server.
2, DNS servers 8.8.8.8 Server information, so it will not piggyback on tieba.Baidu.com IP but DNS servers 8.8.8.8: com. address is 1.1.1.1, you’re going to find query.
4, 8.8.8.8 com asked. Similarly, com. not storing tieba.Baidu.com IP for the domain, it returns the information to the DNS servers 8.8.8.8: Baidu.com. The address is 10.10.10.10, and you’re going to find query.
5, the DNS servers 8.8.8.8 Baidu.com. Query addresses tieba.Baidu.com, Baidu.com returns tieba.Baidu.com. IP:12.12.12.12 to the DNS server.
6, the DNS server receives a query results will be cached after the user records the query, and returns query results to the user 202.96 128.1.
<br><br>
Second, Bind installation
Bind(Berkeley Internet Name Domain)
Use yum to install CentOS: yum install bind bind-utils bind-libs portreserve
Portreserve I don’t know what the dependencies installed it
Bind-libs uses the bind library
Bind-utils tools Nslookup,host,dig
Bind is to do name resolution setup package
Third, the Bind configuration
#/Named.conf # modify the listen address and allows the query configuration
listen-on port 53 { 192.168.86.16; }; Set the bind listens on 192.168.86.16:53
allow-query { 192.168.86.0/24; }; Setting allows 192.168.86.0 segments set to the DNS server to query
#/Named.RFC1912.zones # increase the contoso.com domain and reverse resolve 192.168.86.arpa
zone “contoso.com” IN {
type master;
file “contoso.com”; File names must be used with the back create a zone file (under/var/named/)
allow-update { none; };
};
zone “86.168.192.in-addr.arpa” IN {
type master;
file “192.168.86.arpa”; File names must be used with the back create a zone file (under/var/named/)
allow-update { none; };
};
# vim /var/named/contoso.com
$TTL 1800
@IN SOAcontoso.com. admin.contoso.com. (
0; serial
1D; refresh
1H; retry
1W; expire
3H ); minimum
@INNSlinuxdns.contoso.com.
linuxdnsINA192.168.86.16
dc01INA192.168.86.1
dc02INA192.168.86.2
*INA192.168.86.12
# vim /var/named/192.168.86.arpa
$TTL 1800
@IN SOAcontoso.com. admin.contoso.com. (
0; serial
1D; refresh
1H; retry
1W; expire
3H ); minimum
@INNSlinuxdns.contoso.com.
16INPTRlinuxdns.contoso.com.
1INPTRdc01.contoso.com.
2INPTRdc02.contoso.com.
# chown named.named /var/named/192.168.86.arpa /var/named/contoso.com
# /etc/init.d/named start
Four, Bind configuration files
# named-checkconf /etc/named.conf
# named-checkconf /etc/named.rfc1912.zones
# named-checkzone contoso.com /var/named/contoso.com
Five, validation
nslookup linuxdns.contoso.com 192.168.86.16
nslookup dc01.contoso.com 192.168.86.16
nslookup dc02.contoso.com 192.168.86.16
dig linuxdns.contoso.com @192.168.86.16
Common errors in six, troubleshooting
1, bind configuration file, allow-query, and listen-on,
2, the format of zone files and permissions (named file needs to have permissions to read) # named./named/
3, iptables (open port 53) #
4, SELinux (generally set to permissive or disabled) # setenforce 0