Build DNS server in Intranet

Posted by steelmanronald06 on Tue, 28 Dec 2021 19:45:12 +0100

Build DNS server in Intranet

DNS:Domain Name Service, domain name resolution service

Listening port: udp/53, tcp/53

Application: bind

Root domain:

Primary domain:

Organization domain: com, .org, .net, .mil, .edu, .gov, .info, .cc, .me, .tv

Country domain: cn, .us, .uk, .jp, .tw, .hk, .iq, .ir

Reverse domain: in-addr.arpa

DNS record type: the DNS domain name database consists of resource records and zone file instructions.

SOA records: records of the initial authorization authority. SOA notes indicate who is the primary name server in many NS (name server) records and does not participate in functions, but cannot be missing.

NS record: domain authorization record. When the request reaches the root domain, the corresponding domain is found through the NS record.

A record: after reaching the domain through NS records, such as access www.baidu.com, via NS we found Baidu COM, you need to find www through A record.

MX: point all mail server addresses under the domain to the mail server.

AAAA record: A record processing IPV4, AAAA processing IPV6.

PTR record: reverse resolution, resolving IP to domain name.

CNAME: alias record, allowing multiple names to be mapped to another domain name. For example, when we ping Baidu, we can find that the return is actually www.a.shifen.com This domain name returns. All www.baidu.com It's actually an alias.

Install dns service and configure

[root@jhr-hub ~]# yum -y install bind-utils bind bind-devel bind-libs


[root@jhr-hub ~]# vim /etc/named.rfc1912.zones
[root@jhr-hub ~]# 
[root@jhr-hub ~]# 
[root@jhr-hub ~]# 
[root@jhr-hub ~]# tail -n 10 /etc/named.rfc1912.zones


zone "chenby.cn" IN {     
        type master;
        file "chenby.cn.zone";  
};
[root@jhr-hub ~]# 


[root@jhr-hub ~]# cd /var/named/
[root@jhr-hub named]# ls
data  dynamic  named.ca  named.empty  named.localhost  named.loopback  pakho.zone  slaves
[root@jhr-hub named]# 
[root@jhr-hub named]# cp named.localhost chenby.cn.zone
[root@jhr-hub named]# 
[root@jhr-hub named]# chown named.named chenby.cn.zone
[root@jhr-hub named]# 
[root@jhr-hub named]# vim chenby.cn.zone
[root@jhr-hub named]#
Copy code

Check configuration file

[root@jhr-hub named]# named-checkconf /etc/named.conf
[root@jhr-hub named]# 
[root@jhr-hub named]# 
[root@jhr-hub named]# named-checkzone chenby.cn /var/named/chenby.cn.zone 
zone chenby.cn/IN: loaded serial 0
OK
[root@jhr-hub named]#
Copy code

Start the service and set the startup self startup

[root@jhr-hub named]# systemctl restart named
[root@jhr-hub named]# 
[root@jhr-hub named]# systemctl enable named
Created symlink from /etc/systemd/system/multi-user.target.wants/named.service to /usr/lib/systemd/system/named.service.
[root@jhr-hub named]# 


Is the test feasible

[root@jhr-hub named]# dig @3.7.191.1 www.chenby.cn


; <<>> DiG 9.11.4-P2-RedHat-9.11.4-26.P2.el7_9.7 <<>> @3.7.191.1 www.chenby.cn
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 5275
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 3


;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;www.chenby.cn.                 IN      A


;; ANSWER SECTION:
www.chenby.cn.          86400   IN      A       3.7.191.1


;; AUTHORITY SECTION:
chenby.cn.              86400   IN      NS      chenby.cn.


;; ADDITIONAL SECTION:
chenby.cn.              86400   IN      A       127.0.0.1
chenby.cn.              86400   IN      AAAA    ::1


;; Query time: 0 msec
;; SERVER: 3.7.191.1#53(3.7.191.1)
;; WHEN: Thu Dec 09 14:44:51 CST 2021
;; MSG SIZE  rcvd: 116


[root@jhr-hub named]#
Copy code

Appendix:

1.name.conf file details

options {
listen-on port 53 { 127.0.0.1; };      //Set the listening port and IP address of the named server
listen-on-v6 port 53 { ::1; };
directory       "/var/named";    //Set the default storage address of regional database files
dump-file       "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";


allow-query     { any; };   //Allow DNS query clients
allow-query-cache { any; };
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
view localhost_resolver {
match-clients      { any; };
match-destinations { any; };
recursion yes;                  //Set allow recursive queries
include "/etc/named.rfc1912.zones";
};
Copy code

2. Regional configuration file / etc / named rfc1912. zones

zone "." IN {    //The root domain is defined
type hint;       //Define the server type as hint
file "named.ca";  //Defines the profile name of the root domain
};


zone "localdomain" IN {   //Define forward DNS zones
type master;              //Define area type
file "localdomain.zone";  //Set the corresponding forward area address database file
allow-update { none; };   //Set the client address that allows dynamic updates (none is prohibited)
};


zone "localhost" IN {
type master;
file "localhost.zone";
allow-update { none; };
};


zone "0.0.127.in-addr.arpa" IN {   //Set reverse DNS zone
type master;
file "named.local";
allow-update { none; };
};
Copy code

3. Root domain configuration file named ca

The root domain configuration file sets the domain name database of the root domain, including the information of 13 DNS servers in the root domain. This file is the same in almost all systems, and users do not need to modify it.

4. Forward domain name resolution database file

$TTL 600
@        IN   SOA    dns.cwlinux.com   dnsadmin.cwlinux.com. (//SOA field
                          2015031288   //Version number synchronization once + 1
                             1H        //Update time
                             2M        // Update failed, retry update time
                             2D        // How long does this DNS expire after the update fails
                             1D        //Unable to resolve the time when the request will not be replied
)
         IN    NS   dns            //There are two domain name servers
         IN    NS   ns2
         IN    MX  10 mial        // Define the mail server. 10 refers to priority 0-99. The smaller the number, the higher the priority
ns2      IN    A    192.168.1.113  //ip address of ns2 domain name server
dns      IN    A    192.168.1.10   //ip address of dns domain name server
mail     IN    A    192.168.1.111   //ip address of mail server
www      IN    A    192.168.1.112   //www.cwlinux. ip address of COM
pop      IN   CNAME  mail         //The official name of pop is mail
ftp      IN   CNAME  www         //The official name of ftp is www
 Copy code

5. Reverse domain name resolution database file

$TTL 600
@         IN   SOA    dns.cwlinux.com.   dnsadmin.cwlinux.com. (
                             2014031224
                             1H
                             2M
                             2D
                             1D
)
         IN   NS      dns.cwlinux.com.
10       IN   PTR     dns.cwlinux.com.     //Reverse parse PTR format
111       IN   PTR     mail.cwlinux.com.
112       IN   PTR     www.cwlinux.com.
//The domain has been declared, 192.168 1) so we only need to enter 10, which means 192.168 1.10jc
 Copy code

Linux operation and maintenance Communication Community

Linux operation and maintenance exchange community, Internet news and technology exchange.

71 original content

official account

blog.csdn.net/qq\_3392175...

my.oschina.net/u/3981543

www.zhihu.com/people/chen...

segmentfault.com/u/hppyvyv6/...

juejin.cn/user/331578...

space.bilibili.com/352476552/a...

cloud.tencent.com/developer/c...

Zhihu, CSDN, open source China, Sifu, Nuggets, BiliBili, Tencent cloud

Topics: DNS network server Cloud Server