操作系统:三期及以上中科方德
CPU类型:Hygon
旧的Windows的DNS服务器未开启反向解析,只有正向解析,准备将DNS服务器从Windows系统过度到中科方德服务器上。
解决目标平台上使用 dns 服务,满足服务器系统使用域名解析的需求。
root#????????rpm -qa |grep bind
bind-9.11.4-26.P2.nfs.x86_64
bind-libs-lite-9.11.4-26.P2.nfs.x86_64
bind-libs-9.11.4-26.P2.nfs.x86_64
bind-utils-9.11.4-26.P2.nfs.x86_64
bind-license-9.11.4-26.P2.nfs.noarch
bind-chroot-9.11.4-26.P2.x86_64
bind-export-9.11.4-26.P2.nfs.x86_64
[root@csdn]#???????cp -p /etc/named.conf? /etc/named.conf.bak0
[root@csdn]#???????cp -p /etc/resolv.conf? /etc/resolv.conf.bak0
[root@csdn]#???????cp -rp /var/named /var/named.bak0
[root@csdn]#???????cp -p /var/named/named.localhost? csdn.net.zone? ? ? ? //如csdn.net域,有几个主要区域就复制几个
[root@csdn]#??????? vim? /etc/named.conf
//
// named.conf
//
// Provided by Red Hat bind package to configure the ISC BIND named(8) DNS
// server as a caching only nameserver (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.?
options {
? ? ? ? listen-on port 53 { any; }; ? ??? ?//允许本地所有网络接口监听UDP?53端口
# ? ? ? ?listen-on-v6 port 53 { ::1; };?? ?//我这里没开启IPv6地址,就注释掉了。
? ? ? ? directory ? ? ? "/var/named";
? ? ? ? dump-file ? ? ? "/var/named/data/cache_dump.db";
? ? ? ? statistics-file "/var/named/data/named_stats.txt"; ?//统计档案、文件
? ? ? ? memstatistics-file "/var/named/data/named_mem_stats.txt"; ?//分配统计目录
? ? ? ? recursing-file ?"/var/named/data/named.recursing";
? ? ? ? secroots-file ? "/var/named/data/named.secroots";
? ? ? ? allow-query ? ? { any; }; ? //允许某个网段的用户查询,可以写any或地址段如192.0.0.0/8。
? ? ????forwarders ????{ 8.8.8.8; };?//其他的转发器地址,比如上级域名解析服务器地址,没有就不需要添加这一条。?? ?/*?
? ? ? ? ?- If you are building an AUTHORITATIVE DNS server, do NOT enable recursion.
? ? ? ? ?- If you are building a RECURSIVE (caching) DNS server, you need to enable?
? ? ? ? ? ?recursion.?
? ? ? ? ?- If your recursive DNS server has a public IP address, you MUST enable access?
? ? ? ? ? ?control to limit queries to your legitimate users. Failing to do so will
? ? ? ? ? ?cause your server to become part of large scale DNS amplification?
? ? ? ? ? ?attacks. Implementing BCP38 within your network would greatly
? ? ? ? ? ?reduce such attack surface?
? ? ? ? */
? ? ? ? recursion yes; ? ?//允许递归
?
? ? ? ? dnssec-enable yes;
? ? ? ? dnssec-validation no;?? ?//禁用DNS自动检测功能,使DNS能缓存外部信息到本机?? ?managed-keys-directory "/var/named/dynamic";
?
? ? ? ? pid-file "/run/named/named.pid";
? ? ? ? session-keyfile "/run/named/session.key";
?? ?/* https://fedoraproject.org/wiki/Changes/CryptoPolicy */
?? ?include "/etc/crypto-policies/back-ends/bind.config";};
?
logging { ? ? ? ? ? ? ?//指定日志记录分类和他们的目标位置
? ? ? ? channel default_debug {
? ? ? ? ? ? ? ? file "data/named.run";
? ? ? ? ? ? ? ? severity dynamic;
? ? ? ? };
};
?
zone "." IN {
? ? ? ? type hint;
? ? ? ? file "named.ca"; ? ? ? ? ? ? ? ? ? ? ? ??
};zone "csdn.net" IN {????????????????//区域配置内容
? ? ? ? type master;? ? ? ? ? ? ? ? //主名称服务器
? ? ? ? file "csdn.net.zone";? ? ? ? ? ? ? ? //
};? ? ? ? ? ? ? ? ? ?
include "/etc/named.rfc1912.zones"; ? ? ?//包含其他的配置文件
include "/etc/named.root.key"; ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ???
[root@csdn]#????????vim?/etc/resolv.conf
#Generated by NetworkManager
nameserver? ?192.168.1.1? ? ? ? ? ? ? ? //这里填写服务器IPv4地址
domain? ? ? ?localdomain
search? ? ? ? localdomain
[root@csdn]#????????vim /var/named/csdn.net.zone? ? ? ??
$TTL? 1D
@ ? ? ? IN SOA ? ns.csdn.net. root. ?(
? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ??????0 ? ? ? ? ? ; serial
? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? 1D ? ? ?; refresh
? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? 1H ? ? ?; retry
? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? 1W ? ? ?; expire
? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? 3H ) ? ?; minimum
@ ? ? ?IN ? ? ? NS ? ? ?ns.csdn.net.
ns ? ? ?IN ? ? ?A ? ? ? 192.168.1.1? ? ? ? //服务器IP地址
mail? ? ? ? IN? ? ? ? A? ? ? ? 192.168.1.1csdn.net.? ? ? ? IN? ? ? ? MX? ? ? ? 5? ? ? ? mail.csdn.net? ? ? ?
www? ? ? ? IN? ? ? ? A? ? ? ? 192.168.1.1? ? ? ? //服务器IP地址
[root@csdn]#? ? ? ? cd?/var/named
[root@csdn]# ? ? ? chown named.named *? ? ? ? //文件赋权
[root@csdn]# ll
total 24
drwxr-x--- 7 named named ? 61 Jun 23 10:55 chroot
drwxrwx--- 2 named named ? 23 Jun 23 10:57 data
drwxrwx--- 2 named named ? 60 Jun 23 17:28 dynamic
-rw-r----- 1 named named 2253 Apr ?5 ?2018 named.ca
-rw-r----- 1 named named ?152 Dec 15 ?2009 named.empty
-rw-r----- 1 named named ?152 Jun 23 11:58 named.localhost
-rw-r----- 1 named named ?168 Dec 15 ?2009 named.loopback
-rw-r----- 1 named named ?271 Jun 23 14:13 csdn.net.zone
drwxrwx--- 2 named named ? ?6 Feb 25 ?2019 slaves
[root@csdn]# ????????systemctl restart named? ? ? ? //重启服务
[root@csdn]# ????????systemctl enable --now named? ? ? ? //开机自启动
[root@csdn]# ????????nslookup? www.csdn.net
[root@csdn]# ????????dig? www.csdn.net
https://blog.csdn.net/jks212454/article/details/118146815
linux下的DNS服务器部署(详细)_linux配置dns-CSDN博客Linux设备配置DNS服务器,实现正向解析和反向解析,实现DNS主从服务器同步,实现批量域名正/反向解析_linux c dns 解析-CSDN博客