關閉服務器防火牆,關閉服務器保護機制
[root@localhost ~]# iptables -F
[root@localhost ~]# systemctl stop firewalld
[root@localhost ~]# setenforce 0
確定服務器可以上網
[root@localhost ~]# ping www.baidu.com
安裝bind bind-libs bind-utils軟件
[root@localhost ~]# yum -y install bind bind-libs bind-utils
[root@localhost ~]# rpm -qa | grep ^bind
bind-utils-9.9.4-61.el7.x86_64
bind-libs-9.9.4-61.el7.x86_64
bind-9.9.4-61.el7.x86_64
備份下,避免出現錯誤
[root@localhost ~]# cp /etc/named.conf /etc/named.conf.bak
方法一:在頂級域名查找(服務器ip192.168.200.21),如果要配置DNS主源服務器則採用這個
[root@localhost ~]# vim /etc/named.conf
options {
listen-on port 53 { 192.168.200.21; }; 監控端口和地址
directory "/var/named"; 文件存放位置
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { 192.168.200.0/24; };允許使用的本DNS網段
recursion yes;
};
zone "." IN { 向 頂級域. 的區域
type hint; 類型
file "named.ca";
};
[root@localhost ~]# ls -l /var/named/named.ca
-rw-r----- 1 root named 2281 5月 22 2017 /var/named/named.ca
[root@localhost ~]# named-checkconf /etc/named.conf
[root@localhost ~]# systemctl start named
方法二:在當地的較進的緩存域名查找:
[root@localhost ~]# vim /etc/named.conf
options {
listen-on port 53 { 192.168.200.21; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { 192.168.200.0/24; };
recursion yes;
forwarders { 202.102.128.68; };(山東菏澤聯通DNS)
};
[root@localhost ~]# named-checkconf /etc/named.conf
[root@localhost ~]# systemctl start named
