Linux服务器---安装bind
生活随笔
收集整理的這篇文章主要介紹了
Linux服务器---安装bind
小編覺得挺不錯的,現(xiàn)在分享給大家,幫大家做個參考.
安裝bind
1、安裝bind軟件,需要安裝3?個bind、bind-chroot、bind-util
??????[root@localhost?pub]#?yum?install?-y?bind?bind-chroot?bind-utils
??????Installed:
????????bind.i686?32:9.8.2-0.17.rc1.el6_4.6??????????????????????????????????????????????????????????????????????????????????????
??????Complete!?
2、修改配置文件“/etc/named.conf”,追加“forward”
??????[root@localhost?pub]#?gedit?/etc/named.conf
??????options?{
??????listen-on?port?53?{?127.0.0.1;?};
??????#??????listen-on-v6?port?53?{?::1;?};
??????directory? "/var/named";
??????dump-file? "/var/named/data/cache_dump.db";
??????????????statistics-file?"/var/named/data/named_stats.txt";
??????????????memstatistics-file?"/var/named/data/named_mem_stats.txt";
??????allow-query?????{?localhost;?};
??????recursion?yes;
??????dnssec-enable?yes;
??????dnssec-validation?yes;
??????dnssec-lookaside?auto;
??????/*?Path?to?ISC?DLV?key?*/
??????bindkeys-file?"/etc/named.iscdlv.key";
??????managed-keys-directory?"/var/named/dynamic";
??????forward?only;
??????forwarders{
?????? 8.8.8.8;
??????}
??????};
3、設(shè)置防火墻,這里需要用到53端口。需要開啟tcp和udp的53端口,記得重啟防火墻?
??????[root@localhost?pub]#?gedit?/etc/sysconfig/iptables
??????-A?INPUT?-m?state?--state?NEW?-m?tcp?-p?tcp?--dport?443?-j?ACCEPT
??????-A?INPUT?-m?state?--state?NEW?-m?tcp?-p?tcp?--dport?53?-j?ACCEPT
??????-A?INPUT?-m?state?--state?NEW?-m?udp?-p?udp?--dport?53?-j?ACCEPT
??????[root@localhost?phpMyAdmin]#?service?iptables?restart
??????iptables:將鏈設(shè)置為政策?ACCEPT:filter?nat????????????????[確定]
??????iptables:清除防火墻規(guī)則:?????????????????????????????????[確定]
??????iptables:正在卸載模塊:???????????????????????????????????[確定]
??????iptables:應(yīng)用防火墻規(guī)則:?????????????????????????????????[確定]
??????iptables:載入額外模塊:nf_conntrack_ftp???????????????????[確定]
??????[root@localhost?phpMyAdmin]#?
4、啟動服務(wù)
??????[root@localhost?pub]#?service?named?start
??????啟動?named:???????????????????????????????????????????????[確定]
??????[root@localhost?pub]#?
5、測試,命令格式“dig?網(wǎng)站?@ip”,這里用回環(huán)地址來測試,看是否能請求成功
??????[root@localhost?pub]#?dig?www.baidu.com?@127.0.0.1
??????;?<<>>?DiG?9.8.2rc1-RedHat-9.8.2-0.17.rc1.el6_4.6?<<>>?www.baidu.com?@127.0.0.1
??????;;?global?options:?+cmd
??????;;?Got?answer:
??????;;?->>HEADER<<-?opcode:?QUERY,?status:?NOERROR,?id:?51491
??????;;?flags:?qr?rd?ra;?QUERY:?1,?ANSWER:?3,?AUTHORITY:?0,?ADDITIONAL:?0
??????;;?QUESTION?SECTION:
??????;www.baidu.com. IN A
??????;;?ANSWER?SECTION:
??????www.baidu.com. 1191 IN CNAME www.a.shifen.com.
??????www.a.shifen.com. 299 IN A 14.215.177.38??????//這個就是請求到的結(jié)果
??????www.a.shifen.com. 299 IN A 14.215.177.39
??????;;?Query?time:?3053?msec
??????;;?SERVER:?127.0.0.1#53(127.0.0.1)
??????;;?WHEN:?Tue?Aug?14?19:02:59?2018
??????;;?MSG?SIZE??rcvd:?90
6、更改配置文件named.conf,讓所有機器都可以使用該服務(wù)。
1)將配置文件中的回環(huán)地址改為any,意味著允許任何人使用
??????[root@localhost?pub]#?gedit?/etc/named.conf
??????options?{
??????listen-on?port?53?{any;?};
??????# listen-on-v6?port?53?{?::1;?};
??????directory? "/var/named";
??????dump-file? "/var/named/data/cache_dump.db";
??????????????statistics-file?"/var/named/data/named_stats.txt";
??????????????memstatistics-file?"/var/named/data/named_mem_stats.txt";
??????allow-query?????{?any;?};
??????recursion?yes;
??????dnssec-enable?yes;
??????dnssec-validation?yes;
??????dnssec-lookaside?auto;
??????/*?Path?to?ISC?DLV?key?*/
??????bindkeys-file?"/etc/named.iscdlv.key";
??????managed-keys-directory?"/var/named/dynamic";
??????forward?only;
??????forwarders{
?????? ??????8.8.8.8;
??????}
??????};
2)找一個其他ip地址來測試
??????[root@localhost?pub]#?service?named?restart???//重啟服務(wù)
??????停止?named:???????????????????????????????????????????????[確定]
??????啟動?named:???????????????????????????????????????????????[確定]
??????[root@localhost?pub]#?dig?www.baidu.com?@192.168.0.113
??????;?<<>>?DiG?9.8.2rc1-RedHat-9.8.2-0.17.rc1.el6_4.6?<<>>?www.baidu.com?@192.168.0.113
??????;;?global?options:?+cmd
??????;;?Got?answer:
??????;;?->>HEADER<<-?opcode:?QUERY,?status:?NOERROR,?id:?37134
??????;;?flags:?qr?rd?ra;?QUERY:?1,?ANSWER:?3,?AUTHORITY:?0,?ADDITIONAL:?0
??????;;?QUESTION?SECTION:
??????;www.baidu.com. IN A
??????;;?ANSWER?SECTION:
??????www.baidu.com. 871 IN CNAME www.a.shifen.com.
??????www.a.shifen.com. 299 IN A 14.215.177.39
??????www.a.shifen.com. 299 IN A 14.215.177.38
??????;;?Query?time:?474?msec
??????;;?SERVER:?192.168.0.113#53(192.168.0.113)
??????;;?WHEN:?Tue?Aug?14?19:06:19?2018
??????;;?MSG?SIZE??rcvd:?90
1、安裝bind軟件,需要安裝3?個bind、bind-chroot、bind-util
??????[root@localhost?pub]#?yum?install?-y?bind?bind-chroot?bind-utils
??????Installed:
????????bind.i686?32:9.8.2-0.17.rc1.el6_4.6??????????????????????????????????????????????????????????????????????????????????????
??????Complete!?
2、修改配置文件“/etc/named.conf”,追加“forward”
??????[root@localhost?pub]#?gedit?/etc/named.conf
??????options?{
??????listen-on?port?53?{?127.0.0.1;?};
??????#??????listen-on-v6?port?53?{?::1;?};
??????directory? "/var/named";
??????dump-file? "/var/named/data/cache_dump.db";
??????????????statistics-file?"/var/named/data/named_stats.txt";
??????????????memstatistics-file?"/var/named/data/named_mem_stats.txt";
??????allow-query?????{?localhost;?};
??????recursion?yes;
??????dnssec-enable?yes;
??????dnssec-validation?yes;
??????dnssec-lookaside?auto;
??????/*?Path?to?ISC?DLV?key?*/
??????bindkeys-file?"/etc/named.iscdlv.key";
??????managed-keys-directory?"/var/named/dynamic";
??????forward?only;
??????forwarders{
?????? 8.8.8.8;
??????}
??????};
3、設(shè)置防火墻,這里需要用到53端口。需要開啟tcp和udp的53端口,記得重啟防火墻?
??????[root@localhost?pub]#?gedit?/etc/sysconfig/iptables
??????-A?INPUT?-m?state?--state?NEW?-m?tcp?-p?tcp?--dport?443?-j?ACCEPT
??????-A?INPUT?-m?state?--state?NEW?-m?tcp?-p?tcp?--dport?53?-j?ACCEPT
??????-A?INPUT?-m?state?--state?NEW?-m?udp?-p?udp?--dport?53?-j?ACCEPT
??????[root@localhost?phpMyAdmin]#?service?iptables?restart
??????iptables:將鏈設(shè)置為政策?ACCEPT:filter?nat????????????????[確定]
??????iptables:清除防火墻規(guī)則:?????????????????????????????????[確定]
??????iptables:正在卸載模塊:???????????????????????????????????[確定]
??????iptables:應(yīng)用防火墻規(guī)則:?????????????????????????????????[確定]
??????iptables:載入額外模塊:nf_conntrack_ftp???????????????????[確定]
??????[root@localhost?phpMyAdmin]#?
4、啟動服務(wù)
??????[root@localhost?pub]#?service?named?start
??????啟動?named:???????????????????????????????????????????????[確定]
??????[root@localhost?pub]#?
5、測試,命令格式“dig?網(wǎng)站?@ip”,這里用回環(huán)地址來測試,看是否能請求成功
??????[root@localhost?pub]#?dig?www.baidu.com?@127.0.0.1
??????;?<<>>?DiG?9.8.2rc1-RedHat-9.8.2-0.17.rc1.el6_4.6?<<>>?www.baidu.com?@127.0.0.1
??????;;?global?options:?+cmd
??????;;?Got?answer:
??????;;?->>HEADER<<-?opcode:?QUERY,?status:?NOERROR,?id:?51491
??????;;?flags:?qr?rd?ra;?QUERY:?1,?ANSWER:?3,?AUTHORITY:?0,?ADDITIONAL:?0
??????;;?QUESTION?SECTION:
??????;www.baidu.com. IN A
??????;;?ANSWER?SECTION:
??????www.baidu.com. 1191 IN CNAME www.a.shifen.com.
??????www.a.shifen.com. 299 IN A 14.215.177.38??????//這個就是請求到的結(jié)果
??????www.a.shifen.com. 299 IN A 14.215.177.39
??????;;?Query?time:?3053?msec
??????;;?SERVER:?127.0.0.1#53(127.0.0.1)
??????;;?WHEN:?Tue?Aug?14?19:02:59?2018
??????;;?MSG?SIZE??rcvd:?90
6、更改配置文件named.conf,讓所有機器都可以使用該服務(wù)。
1)將配置文件中的回環(huán)地址改為any,意味著允許任何人使用
??????[root@localhost?pub]#?gedit?/etc/named.conf
??????options?{
??????listen-on?port?53?{any;?};
??????# listen-on-v6?port?53?{?::1;?};
??????directory? "/var/named";
??????dump-file? "/var/named/data/cache_dump.db";
??????????????statistics-file?"/var/named/data/named_stats.txt";
??????????????memstatistics-file?"/var/named/data/named_mem_stats.txt";
??????allow-query?????{?any;?};
??????recursion?yes;
??????dnssec-enable?yes;
??????dnssec-validation?yes;
??????dnssec-lookaside?auto;
??????/*?Path?to?ISC?DLV?key?*/
??????bindkeys-file?"/etc/named.iscdlv.key";
??????managed-keys-directory?"/var/named/dynamic";
??????forward?only;
??????forwarders{
?????? ??????8.8.8.8;
??????}
??????};
2)找一個其他ip地址來測試
??????[root@localhost?pub]#?service?named?restart???//重啟服務(wù)
??????停止?named:???????????????????????????????????????????????[確定]
??????啟動?named:???????????????????????????????????????????????[確定]
??????[root@localhost?pub]#?dig?www.baidu.com?@192.168.0.113
??????;?<<>>?DiG?9.8.2rc1-RedHat-9.8.2-0.17.rc1.el6_4.6?<<>>?www.baidu.com?@192.168.0.113
??????;;?global?options:?+cmd
??????;;?Got?answer:
??????;;?->>HEADER<<-?opcode:?QUERY,?status:?NOERROR,?id:?37134
??????;;?flags:?qr?rd?ra;?QUERY:?1,?ANSWER:?3,?AUTHORITY:?0,?ADDITIONAL:?0
??????;;?QUESTION?SECTION:
??????;www.baidu.com. IN A
??????;;?ANSWER?SECTION:
??????www.baidu.com. 871 IN CNAME www.a.shifen.com.
??????www.a.shifen.com. 299 IN A 14.215.177.39
??????www.a.shifen.com. 299 IN A 14.215.177.38
??????;;?Query?time:?474?msec
??????;;?SERVER:?192.168.0.113#53(192.168.0.113)
??????;;?WHEN:?Tue?Aug?14?19:06:19?2018
??????;;?MSG?SIZE??rcvd:?90
總結(jié)
以上是生活随笔為你收集整理的Linux服务器---安装bind的全部內(nèi)容,希望文章能夠幫你解決所遇到的問題。
- 上一篇: Rust 1.31正式发布,首次引入Ru
- 下一篇: linux 其他常用命令