RHCE(四)--- DNS服务的正反向解析配置
目录
一、提供DNS服务的软件叫bind,服务名是named
二、修改bind主配置文件(/etc/named.conf)
三、正向区域文件的配置(/var/named/named.qq.com)
四、反向区域文件的配置(/var/named/named.192.168.225)
五、重启named服务
六、客户端测试
1、修改DNS为服务器的IP地址
2、正向解析测试
3、反向解析测试
4、如果不能使用nslookup,则需要安装对应软件包
(1)通过rpm查询
(2)通过yum查询(前提配置本地yum源)
5、如果测试无法成功,注意是否关闭防火墙
客户端:192.168.225.130
服务端:192.168.225.140
一、提供DNS服务的软件叫bind,服务名是named
安装bind软件包(这里我已经安装过了)
未安装可通过 yum install bind -y 来安装
[root@server ~]# rpm -q bind
bind-9.11.26-6.el8.x86_64
二、修改bind主配置文件(/etc/named.conf)
[root@server ~]# vim /etc/named.conf
options {
listen-on port 53 { 192.168.225.140; }; //定义监听端口和地址
directory "/var/named"; //定义数据文件目录
allow-query { any; }; //允许任何主机进行查询
};
//正向区域
zone "qq.com" IN { //正向解析qq.com
type master; //主服务器类型
file "named.qq.com"; //区域文件名
};
//反向区域
zone "225.168.192.in-addr.arpa" IN { //反向解析 ip 要反写且要加上.in-addr.arpa
type master;
file "named.192.168.225";
};
//其余配置信息可以删掉
三、正向区域文件的配置(/var/named/named.qq.com)
[root@server ~]# vim /var/named/named.qq.com
$TTL 1D
@ IN SOA @ admin.qq.com. (
2022090100
1D
1H
3D
1D)
@ IN NS dns.qq.com.
dns IN A 192.168.225.140
www IN A 192.168.225.10
en IN A 192.168.225.20
ftp IN A 192.168.225.30
fff IN CNAME ftp //fff 为 ftp.qq.com.的别名
//如果要找 fff.qq.com.可以找ftp.qq.com
四、反向区域文件的配置(/var/named/named.192.168.225)
[root@server ~]# vim /var/named/named.192.168.225
$TTL 1D
@ IN SOA @ admin.qq.com. (
2022090100
1D
1H
3D
1D)
@ IN NS dns.qq.com.
140 IN PTR dns.qq.com.
10 IN PTR www.qq.com.
20 IN PTR en.qq.com.
30 IN PTR ftp.qq.com.
五、重启named服务
[root@server ~]# systemctl restart named
六、客户端测试
1、修改DNS为服务器的IP地址
[root@xixi ~]# vim /etc/resolv.conf
# Generated by NetworkManager
nameserver 192.168.225.140
2、正向解析测试
[root@xixi ~]# nslookup www.qq.com
Server: 192.168.225.140
Address: 192.168.225.140#53
Name: www.qq.com
Address: 192.168.225.10
[root@xixi ~]# nslookup en.qq.com
Server: 192.168.225.140
Address: 192.168.225.140#53
Name: en.qq.com
Address: 192.168.225.20
[root@xixi ~]# nslookup ftp.qq.com
Server: 192.168.225.140
Address: 192.168.225.140#53
Name: ftp.qq.com
Address: 192.168.225.30
[root@xixi ~]# nslookup fff.qq.com
Server: 192.168.225.140
Address: 192.168.225.140#53
fff.qq.com canonical name = ftp.qq.com.
Name: ftp.qq.com
Address: 192.168.225.30
3、反向解析测试
[root@xixi ~]# nslookup 192.168.225.10
10.225.168.192.in-addr.arpa name = www.qq.com.
[root@xixi ~]# nslookup 192.168.225.20
20.225.168.192.in-addr.arpa name = en.qq.com.
[root@xixi ~]# nslookup 192.168.225.30
30.225.168.192.in-addr.arpa name = ftp.qq.com.
4、如果不能使用nslookup,则需要安装对应软件包
(1)通过rpm查询
[root@xixi ~]# whereis nslookup //查询命令路径
nslookup: /usr/bin/nslookup /usr/share/man/man1/nslookup.1.gz
[root@xixi ~]# rpm -qf /usr/bin/nslookup //查询系统文件属于哪个软件包
bind-utils-9.11.26-6.el8.x86_64
(2)通过yum查询(前提配置本地yum源)
[root@xixi ~]# yum provides nslookup
Updating Subscription Management repositories.
Unable to read consumer identity
This system is not registered with an entitlement server. You can use subscription-manager to register.
Repository BaseOS is listed more than once in the configuration
Repository AppStream is listed more than once in the configuration
Last metadata expiration check: 0:09:25 ago on Thu 01 Sep 2022 10:37:37 PM CST.
bind-utils-32:9.11.26-6.el8.x86_64 : Utilities for querying DNS
: name servers
Repo : @System
Matched from:
Filename : /usr/bin/nslookup
bind-utils-32:9.11.26-6.el8.x86_64 : Utilities for querying DNS
: name servers
Repo : AppStream
Matched from:
Filename : /usr/bin/nslookup
5、如果测试无法成功,注意是否关闭防火墙
systemctl stop firewalld