環境: ns1是主dns服務器 hostname:
ns2是從dns服務器
www兩臺主機名叫www的主機
mx1郵件交換服務器
程序包:bind
它的守護進程是 named
服務腳本: /etc/rc.d/init.d/named
主配置文件:/etc/named.conf, /etc/named.rfc1912.zones
區域解析庫文件: /var/named/*.zone 【bind的工作目錄】
bind安裝:
# yum –y install bind
配置文件詳解:
/etc/named.conf
options {} : 全局有效,定義named進程的工作特性
logging {}: 定義bind的日誌功能
zone {}: 定義本地named守護進程負責解析的區域此處zone可以有多個
include “/path/to/somefile”: 把另外一個文件中配置的內容讀取到該文件中
註釋方式:
// : 單行註釋;
/* */: 多行註釋;
小提示:可以通過man named.conf 獲取幫助
# /etc/named.conf詳解
/etc/named.conf內容如下:
//
// named.conf
//
// Provided by Red Hat bind package to configure the ISC BIND named(8) DNS
// server as a caching only nameserver (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
options {
# 表示named監聽在本機的哪個網口的哪個端口上,此處需要注意的是如果更改了默認端口53則
# 用service named reload就不行了,只能restart重讀配置文件
listen-on port 53 { 172.16.3.1; 127.0.0.1; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { any; };
recursion yes;
dnssec-enable no;
dnssec-validation no;
dnssec-lookaside no;
/* Path to ISC DLV key
bindkeys-file "/etc/named.iscdlv.key";
managed-keys-directory "/var/named/dynamic";*/
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
zone "." IN {
type hint;
file "named.ca";
};
zone "topq.com" IN {
type master;
file "topq.com.zone";
};
include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";
可以嘗試源碼安裝bind,但是這種安裝方式沒有bind的服務腳本
分析一下這兩個文件【源碼安裝的時候是沒有這兩個文件的,需要自己創建】:
/var/named/named.localhost 正向解析主機名localhost
/var/named/named.loopback 反向解析127.0.0.1
# 以上兩個文件是在安裝bind的時候默認就有的,是爲了防止有些主機解析 localhost或者反解析127.0.0.1,
# 這兩個名稱比較特殊,localhost表示是本機主機名,127.0.0.1表示是本機迴環地址,如果有主機解析了,也要正確給解析了
緩存名稱服務器:
1、 知道根服務器:named.ca
2、 localhost127.0.0.1 : named.localhost named.loopback
緩存名稱服務器的構建:
注意:在配置之前最好把配置文件都給備份一下,萬一配置不成功還有退路[就算沒有備份也行,也可以用rpm –replacepkgs 安裝一下就行]
#把文件備份到/root/named/ 文件夾中
# mkdir /root/named
# cp /etc/named.* /root/named/
vim /etc/named.conf,修改如下行:
listen-on-v6 port 53 { ::1; }; # 配置監聽的地址,能與外部通信的地址,註釋或者在{}裏面加上需要配置的網卡如: { 172.16.3.1; }【注意要有空格】
allow-query { any; }; # 默認值是localhost,表示只允許本地查詢,這肯定不行,需要設置爲 any ,允許任何主機可以查詢,也可以指定主機可以查詢
dnssec-enable no; # 改爲no
dnssec-validation no; # 改爲no
dnssec-lookaside no; # 改爲no
修改好上述文件之後保存退出
# named-checkconf # 檢查一下有沒有語法錯誤
# service named restart
測試:
在另外一臺主機 172.16.3.3主機:
# dig –t A localhost @172.16.3.3 #有結果
[root@localhost yum.repos.d]# dig -t A localhost @172.16.3.1
; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.30.rc1.el6 <<>> -t A localhost @172.16.3.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 55917
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1
;; QUESTION SECTION:
;localhost. IN A
;; ANSWER SECTION:
localhost. 86400 IN A 127.0.0.1
;; AUTHORITY SECTION:
localhost. 86400 IN NS localhost.
;; ADDITIONAL SECTION:
localhost. 86400 IN AAAA ::1
;; Query time: 2 msec
;; SERVER: 172.16.3.1#53(172.16.3.1)
;; WHEN: Wed Dec 10 12:01:47 2014
;; MSG SIZE rcvd: 85
配置DNS服務器成爲某區域的主服務器:
xiaodu.com
# vim /etc/named.conf
# 向裏面加入如下語句 加上一個區域
#xiaodu.com 是要設置的域名
zone “xiaodu.com” IN {
# master表示主DNS服務器,slave表示是從服務器,後面會提到,forward表示轉發DNS服務器
type master;
# 位置是在本文件中的directory "/var/named"; 所表示的/var/named/目錄下面創建xiaodu.com.zone文件
file “xiaodu.com.zone”
}
# 保存之後,檢查一下
# named-checkconf /etc/named.conf
# 創建/var/named/xiaodu.com.zone文件
# vim /var/named/xiaodu.com.zone
# 把以下內容加入到xiaodu.com.zone文件中
# 否定應答的TTL值,此處是全局定義
$TTL 600
# 此處是全局定義,後面用@調用,如果主機名後面沒有加小數點也會調用
$ORIGIN xiaodu.com.
# @表示當前區域的名稱,shuai.xiaodu.com表示把xiaodu.com這個域名交給shuai來解析,billshuai.163.com表示結果發送郵箱
@ IN shuai.xiaodu.com billshuai.163.com. (
20141210 # 序列號
1H # 刷新頻率
5M # 重試頻率
3D # 過期時間
3H) # 否定時長,
IN NS shuai # shuai是DNS服務器名,後面要有一個小數點,有一列省略了,可以繼承上面那一行
IN MX 10 mx1 # 郵件交換服務器
shuai IN A 172.16.3.1 # shuai是DNS服務器名,172.16.3.1爲服務器IP地址
mx1 IN A 172.16.3.5 # mx1是郵件服務器名,172.16.3.5爲其IP地址
www IN A 172.16.3.2 # www是要訪問的主機名,172.16.3.2爲該主機的IP地址
www IN A 172.16.3.3 # www也是要訪問的主機名,172.16.3.3爲該主機的IP地址
pop3 IN A 172.16.3.5 # pops是上面郵件服務器的名字,同一個地址可以有兩個名
imap4 IN CNAME pop3 # pops的別名imap4
# 此時查看一下xiaodu.com.zone這個文件權限,是644,爲了保證文件的安全,要設置成其他的用戶沒有訪問權限
[root@shuai named]# ls -l
total 32
drwxrwx--- 2 named named 4096 Dec 8 12:39 data
drwxrwx--- 2 named named 4096 Dec 8 17:44 dynamic
-rw-r----- 1 root named 2075 Apr 23 2014 named.ca
-rw-r----- 1 root named 152 Dec 15 2009 named.empty
-rw-r----- 1 root named 152 Jun 21 2007 named.localhost
-rw-r----- 1 root named 168 Dec 15 2009 named.loopback
drwxrwx--- 2 named named 4096 Oct 15 21:28 slaves
-rw-r--r-- 1 root root 237 Dec 8 17:52 xiaodu.com.zone
[root@shuai named]# chmod 640 xiaodu.com.zone
# 可以看到權限授予好了
[root@shuai named]# ls -l xiaodu.com.zone
-rw-r----- 1 root root 237 Dec 8 17:52 xiaodu.com.zone
# 可以看到運行named進程的用戶是named用戶
[root@shuai named]# ps aux | grep 'named'
named 9818 0.0 2.4 161092 13004 ? Ssl 14:43 0:00 /usr/sbin/named -u named
root 10515 0.0 0.1 103252 832 pts/1 S+ 17:57 0:00 grep named
# 但是xiaodu.com.zone不屬於這個用戶,也不屬於這個組
[root@shuai named]# ls -l xiaodu.com.zone
-rw-r----- 1 root root 237 Dec 8 17:52 xiaodu.com.zone
# 此時可以把xiaodu.com.zone這個文件放在named組裏面,然後進程named就有權限訪問這個文件了
[root@shuai named]# chown :named xiaodu.com.zone
[root@shuai named]# ls -l xiaodu.com.zone
-rw-r----- 1 root named 237 Dec 8 17:52 xiaodu.com.zone
# 檢查主配置文件語法
[root@shuai named]# named-checkconf
# 檢查區域”xiaodu.com”文件/var/named/xiaodu.com.zone有無語法問題
[root@shuai named]# named-checkzone "xiaodu.com" xiaodu.com.zone
xiaodu.com.zone:10: ignoring out-of-zone data (shuai)
zone xiaodu.com/IN: loaded serial 2014121001
OK
# 重讀一下配置文件,不要重啓服務,重讀即可
[root@shuai named]# service named reload
Reloading named: [ OK ]
測試: 下面就該測試了
在172.16.3.3這臺主機上測試
[root@localhost yum.repos.d]# dig -t A www.xiaodu.com @172.16.3.1
; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.30.rc1.el6 <<>> -t A www.xiaodu.com @172.16.3.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 44016
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;www.xiaodu.com. IN A
;; ANSWER SECTION:
www.xiaodu.com. 600 IN A 172.16.3.3
www.xiaodu.com. 600 IN A 172.16.3.2
;; AUTHORITY SECTION:
xiaodu.com. 600 IN NS shuai.
;; Query time: 6 msec
;; SERVER: 172.16.3.1#53(172.16.3.1)
;; WHEN: Wed Dec 10 15:22:20 2014
;; MSG SIZE rcvd: 83
# 再查詢一邊,可以看到ip輪詢了,
[root@localhost yum.repos.d]# dig -t A www.xiaodu.com @172.16.3.1
; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.30.rc1.el6 <<>> -t A www.xiaodu.com @172.16.3.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 53027
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;www.xiaodu.com. IN A
;; ANSWER SECTION:
www.xiaodu.com. 600 IN A 172.16.3.3
www.xiaodu.com. 600 IN A 172.16.3.2
;; AUTHORITY SECTION:
xiaodu.com. 600 IN NS shuai.
;; Query time: 1 msec
;; SERVER: 172.16.3.1#53(172.16.3.1)
;; WHEN: Wed Dec 10 15:32:11 2014
;; MSG SIZE rcvd: 83
# 查看一下SOA記錄的信息
[root@localhost yum.repos.d]# dig -t SOA xiaodu.com @172.16.3.1
; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.30.rc1.el6 <<>> -t SOA xiaodu.com @172.16.3.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 35441
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;xiaodu.com. IN SOA
;; ANSWER SECTION:
xiaodu.com. 600 IN SOA shuai. shuai.xiaodu.com. 2014121001 3600 300 259200 10800
;; AUTHORITY SECTION:
xiaodu.com. 600 IN NS shuai.
;; Query time: 3 msec
;; SERVER: 172.16.3.1#53(172.16.3.1)
;; WHEN: Wed Dec 10 15:28:44 2014
;; MSG SIZE rcvd: 89
# 還可以查看一下MX記錄
[root@localhost yum.repos.d]# dig -t MX xiaodu.com @172.16.3.1
; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.30.rc1.el6 <<>> -t MX xiaodu.com @172.16.3.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 29293
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1
;; QUESTION SECTION:
;xiaodu.com. IN MX
;; ANSWER SECTION:
xiaodu.com. 600 IN MX 10 mx1.xiaodu.com.
;; AUTHORITY SECTION:
xiaodu.com. 600 IN NS shuai.
;; ADDITIONAL SECTION:
mx1.xiaodu.com. 600 IN A 172.16.3.5
;; Query time: 1 msec
;; SERVER: 172.16.3.1#53(172.16.3.1)
;; WHEN: Wed Dec 10 15:34:22 2014
;; MSG SIZE rcvd: 83
# 也可以查看所有的記錄信息
[root@localhost yum.repos.d]# dig -t axfr xiaodu.com @172.16.3.1
; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.30.rc1.el6 <<>> -t axfr xiaodu.com @172.16.3.1
;; global options: +cmd
xiaodu.com. 600 IN SOA shuai. shuai.xiaodu.com. 2014121001 3600 300 259200 10800
xiaodu.com. 600 IN NS shuai.
xiaodu.com. 600 IN MX 10 mx1.xiaodu.com.
imap4.xiaodu.com. 600 IN CNAME pop3.xiaodu.com.
mx1.xiaodu.com. 600 IN A 172.16.3.5
pop3.xiaodu.com. 600 IN A 172.16.3.5
www.xiaodu.com. 600 IN A 172.16.3.2
www.xiaodu.com. 600 IN A 172.16.3.3
xiaodu.com. 600 IN SOA shuai. shuai.xiaodu.com. 2014121001 3600 300 259200 10800
;; Query time: 60 msec
;; SERVER: 172.16.3.1#53(172.16.3.1)
;; WHEN: Wed Dec 10 15:37:11 2014
;; XFR size: 9 records (messages 1, bytes 238)
主DNS服務器中反向解析:
# vim /etc/named.conf
# 比如要對172.16.3.*進行反向解析,則向裏面添加如下語句
zone “3.16.172.in-addr.arpa.” IN {
type master;
file “slaves/3.16.172.in-addr.arpa.zone”;
};
# 然後創建3.16.172.in-addr.arpa.zone文件
# vim /var/named/slaves/3.16.172.in-addr.arpa.zone
# 向裏面添加如下語句
$TTL 600
$ORIGIN 3.16.172.in-addr.arpa.
@ IN SOA shuai.xiaodu.com [email protected] (
1H
5M
5D
1D)
IN NS shuai.xiaodu.com
1 IN PTR shuai.xiaodu.com
2 IN PTR www.baidu.com
5 IN PTR www.qq.com
8 IN PTR www.hao.com
# 保存退出即可然後重讀一下配置文件
# service named reload
檢測:
在172.16.3.3主機上檢測:
[root@stu33 slaves]# dig -t PTR -x 172.16.3.3 @172.16.3.1
; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.30.rc1.el6 <<>> -t PTR -x 172.16.3.3 @172.16.3.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 5094
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1
;; QUESTION SECTION:
;3.3.16.172.in-addr.arpa. IN PTR
;; ANSWER SECTION:
3.3.16.172.in-addr.arpa. 600 IN PTR www.qq.com.
;; AUTHORITY SECTION:
3.16.172.in-addr.arpa. 600 IN NS shuai.xiaodu.com.
;; ADDITIONAL SECTION:
shuai.xiaodu.com. 600 IN A 172.16.3.1
;; Query time: 1 msec
;; SERVER: 172.16.3.1#53(172.16.3.1)
;; WHEN: Wed Dec 10 20:25:50 2014
;; MSG SIZE rcvd: 108
[root@stu33 slaves]# dig -t PTR -x 172.16.3.2 @172.16.3.1
; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.30.rc1.el6 <<>> -t PTR -x 172.16.3.2 @172.16.3.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 26858
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1
;; QUESTION SECTION:
;2.3.16.172.in-addr.arpa. IN PTR
;; ANSWER SECTION:
2.3.16.172.in-addr.arpa. 600 IN PTR www.baidu.com.
;; AUTHORITY SECTION:
3.16.172.in-addr.arpa. 600 IN NS shuai.xiaodu.com.
;; ADDITIONAL SECTION:
shuai.xiaodu.com. 600 IN A 172.16.3.1
;; Query time: 1 msec
;; SERVER: 172.16.3.1#53(172.16.3.1)
;; WHEN: Wed Dec 10 20:26:00 2014
;; MSG SIZE rcvd: 111
配置某DNS服務器爲從服務器
在另外一臺主機 172.16.3.2 主機名:stu33 爲172.16.3.1添加從服務器
# vim /etc/named.conf
# 向裏面加入如下語句(一個域):
zone “xiaodu.com” IN {
type slave;
file “slaves/xiaodu.com.zone”;
masters { 172.16.3.1; };
};
# 重讀一下配置文件
# service named reload
# 可以看到已經產生了區域文件
# ls /var/named/slaves/
xiaodu.com.zone
# 看一下里面的內容
# cat /var/named/slaves/
[root@stu33 slaves]# cat /var/named/slaves/xiaodu.com.zone
$ORIGIN .
$TTL 600 ; 10 minutes
xiaodu.com IN SOA shuai.xiaodu.com.xiaodu.com. shuai.xiaodu.com. (
2014121010 ; serial
3600 ; refresh (1 hour)
300 ; retry (5 minutes)
259200 ; expire (3 days)
10800 ; minimum (3 hours)
)
NS shuai.xiaodu.com.
NS stu33.xiaodu.com.
MX 10 mx1.xiaodu.com.
$ORIGIN xiaodu.com.
imap4 CNAME pop3
mx1 A 172.16.3.5
pop3 A 172.16.3.5
shuai A 172.16.3.1
stu33 A 172.16.3.2
test A 172.16.3.14
wjs A 172.16.3.12
www A 172.16.3.2
A 172.16.3.3
當主DNS服務器中的域更新的時候把更新推送到從DNS服務器區域配置文件:
在172.16.3.1上:
# vim /var/named/xiaodu.com
# 添加一行 test IN A 172.16.3.13
# 必須要更改序列號 20141010-20141011
# 保存
# 重讀bind配置文件
# service named reload
# 查看系統日誌,看推送情況
[root@shuai named]# tail /var/log/messages
Dec 10 21:27:54 localhost named[9818]: reloading zones succeeded
Dec 10 21:27:54 localhost named[9818]: zone 3.16.172.in-addr.arpa/IN: zone serial (2014121005) unchanged. zone may fail to transfer to slaves.
Dec 10 21:27:54 localhost named[9818]: zone 3.16.172.in-addr.arpa/IN: loaded serial 2014121005
Dec 10 21:27:54 localhost named[9818]: zone 3.16.172.in-addr.arpa/IN: sending notifies (serial 2014121005)
Dec 10 21:27:54 localhost named[9818]: zone xiaodu.com/IN: loaded serial 2014121011
Dec 10 21:27:54 localhost named[9818]: zone xiaodu.com/IN: sending notifies (serial 2014121011)
Dec 10 21:27:55 localhost named[9818]: client 172.16.3.2#34984: transfer of 'xiaodu.com/IN': AXFR-style IXFR started
Dec 10 21:27:55 localhost named[9818]: client 172.16.3.2#34984: transfer of 'xiaodu.com/IN': AXFR-style IXFR ended
Dec 10 21:27:55 localhost named[9818]: client 172.16.3.2#30071: received notify for zone 'xiaodu.com'
# 也可以去從服務器172.16.3.2去查看:
# cat /var/named/slaves/xiaodu.com
[root@stu33 slaves]# cat /var/named/slaves/xiaodu.com.zone
$ORIGIN .
$TTL 600 ; 10 minutes
xiaodu.com IN SOA shuai.xiaodu.com.xiaodu.com. shuai.xiaodu.com. (
2014121011 ; serial
3600 ; refresh (1 hour)
300 ; retry (5 minutes)
259200 ; expire (3 days)
10800 ; minimum (3 hours)
)
NS shuai.xiaodu.com.
NS stu33.xiaodu.com.
MX 10 mx1.xiaodu.com.
$ORIGIN xiaodu.com.
est A 172.16.3.14
imap4 CNAME pop3
mx1 A 172.16.3.5
pop3 A 172.16.3.5
shuai A 172.16.3.1
stu33 A 172.16.3.2
wjs A 172.16.3.12
www A 172.16.3.2
A 172.16.3.3
從服務器中反向解析:
在172.16.3.2主機上:
# vim /etc/named.conf
# 向/etc/named.conf中加入如下內容:
zone “3.16.172.in-addr.arpa” IN {
type slave;
file “slaves/3.16.172.in-addr.arpa.zone”;
masters { 172.16.3.1; };
};
# 保存
# 檢查一下語法
[root@stu33 slaves]# named-checkzone "3.16.172.in-addr.arpa" /var/named/slaves/3.16.172.in-addr.arpa.zone
zone 3.16.172.in-addr.arpa/IN: loaded serial 2014121005
OK
# 可以看出沒有語法錯誤
# 讓bind重讀配置文件
# service named reload
# 可以查看一下里面的內容
[root@stu33 slaves]# cat /var/named/slaves/3.16.172.in-addr.arpa.zone
$ORIGIN .
$TTL 600 ; 10 minutes
3.16.172.in-addr.arpa IN SOA shuai.xiaodu.com. billshuai.163.com. (
2014121005 ; serial
3600 ; refresh (1 hour)
300 ; retry (5 minutes)
259200 ; expire (3 days)
172800 ; minimum (2 days)
)
NS shuai.xiaodu.com.
NS stu33.xiaodu.com.
$ORIGIN 3.16.172.in-addr.arpa.
1 PTR shuai.xiaodu.com.
2 PTR stu33.xiaodu.com.
PTR www.baidu.com.
3 PTR www.qq.com.
6 PTR www.hao.com
7 PTR www.123.com
8 PTR www.77.com
[root@stu33 slaves]#
檢查:
# 可以看到不能解析?咋回事??
[root@localhost ~]# dig -t PTR -x 172.16.3.7 @172.16.3.2
; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.30.rc1.el6 <<>> -t PTR -x 172.16.3.7 @172.16.3.2
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 52734
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; WARNING: recursion requested but not available
;; QUESTION SECTION:
;7.3.16.172.in-addr.arpa. IN PTR
;; Query time: 1 msec
;; SERVER: 172.16.3.2#53(172.16.3.2)
;; WHEN: Wed Dec 10 21:40:29 2014
;; MSG SIZE rcvd: 41
# 查看一下bind配置文件/etc/named.conf
# 可以看到
allow-query { any; }; 這一行原來是local把它改爲any就行了,這樣就允許任何主機對它進行解析查詢了;
命令:
named-checkconf: 檢查bind主配置文件是否語法錯誤【好處是不用重啓bind程序就能檢查到主配置文件有語法錯誤】
eg:
我這裏vim /etc/named.conf,故意把產生一個錯誤,
然後執行 # named-checkconf
[root@shuai named]# named-checkconf
/etc/named.conf:30: missing ';' before 'logging'
dig : 查詢域名的記錄內容或者迭代過程等。
dig –t type name
# 從本機上記錄的默認的DNS服務器上去查找www.qq.com對應的A記錄
[root@localhost yum.repos.d]# dig -t A www.qq.com
; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.30.rc1.el6 <<>> -t A www.qq.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 19649
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 5
;; QUESTION SECTION:
;www.qq.com. IN A
;; ANSWER SECTION:
www.qq.com. 123 IN A 61.135.157.156
;; AUTHORITY SECTION:
www.qq.com. 60368 IN NS ns-cnc2.qq.com.
www.qq.com. 60368 IN NS ns-cnc1.qq.com.
;; ADDITIONAL SECTION:
ns-cnc1.qq.com. 66609 IN A 61.135.167.182
ns-cnc1.qq.com. 66609 IN A 125.39.127.27
ns-cnc1.qq.com. 66609 IN A 175.155.119.229
ns-cnc2.qq.com. 2018 IN A 124.89.103.51
ns-cnc2.qq.com. 2018 IN A 125.39.207.20
;; Query time: 1 msec
;; SERVER: 172.16.0.1#53(172.16.0.1)
;; WHEN: Wed Dec 10 15:55:09 2014
;; MSG SIZE rcvd: 168
dig –t type name @SERVER
# 從指定主機172.16.3.4上面查找www.qq.com 對應的A記錄
# dig –t A www.qq.com @172.16.3.4
dig –t type name @SERVER +trace 查詢name時的名稱迭代過程
# 從默認DNS上面去查找www.qq.com對應的A記錄,並返回迭代過程
# dig –t A www.qq.com +trace #
dit –t type name +RE
host: 查詢域名對應的記錄內容
eg:
# 查詢在172.16.3.1上www.xiaodu.com 對應的記錄內容
[root@localhost yum.repos.d]# host -t A www.xiaodu.com 172.16.3.1
Using domain server:
Name: 172.16.3.1
Address: 172.16.3.1#53
Aliases:
www.xiaodu.com has address 172.16.3.3
www.xiaodu.com has address 172.16.3.2
nslookup: 查詢域名對應的記錄內容
# 下面是交互式,# 是註釋
[root@shuai named]# nslookup
> server 172.16.3.1 # server是關鍵字,用來設定從172.16.3.1查詢記錄內容
Default server: 172.16.3.1
Address: 172.16.3.1#53
> set q=A # 設置查詢A的記錄內容
> www.xiaodu.com # 域名
Server: 172.16.3.1
Address: 172.16.3.1#53
Name: www.xiaodu.com
Address: 172.16.3.2
Name: www.xiaodu.com
Address: 172.16.3.3DNS和BIND(一)
發表評論
所有評論
還沒有人評論,想成為第一個評論的人麼? 請在上方評論欄輸入並且點擊發布.