DNS Service Setup

1, DNS software information

Software name: bind
Service Name: named
Software port:
UDP 53 data synchronization (domain name resolution)
TCP 53 data synchronization (master-slave synchronization)
Profile:
1. Master profile:

/etc/named.conf(Master profile, controlling server operating parameters)


2. Regional profile:

/etc/named.rfc1912.zones(Save the domain and network segment to be resolved) 


3. Data profile:

/var/named/name.locahost		(Forward resolve file, domain name resolve to IP)
/var/named/name.loopback		(Reverse parsing files, IP Resolve to domain name)


Record type:

typeexplain
AAddress record, a record used to specify the IPv4 address of the domain name
CNAMETo point a domain name to another domain name and provide an ip address by another domain name, you need to add a CNAME record
AAAAAddress record, which is used to specify the IPv6 address of the domain name
NSDomain name server records. If you need to give the subdomain name to other DNS service providers for resolution, you need to add NS records.
MX3Mail exchange records. If you need to set the mailbox so that the mailbox can receive mail, you need to add MX records.
TXTAnything can be filled in. The length limit is 255. Most TXT records are used for SPF (anti spam)

2, Establishment of DNS basic functions

Experimental steps

DNS server
1. Install DNS software

yum -y install bind

2. Modify the master configuration file

vim /etc/named.conf

3. Modify area configuration file

vim  /etc/named.rfc1912.zones

First, back up the regional files and delete the redundant templates, leaving only one forward and one reverse

4. Modify forward data parsing file

cp  -a  /var/named/named.localhost  yt.localhost             #Copy generated forward resolution file
vim  /var/named/yt.localhost


5. Modify the reverse data parsing file

cp  -a  /var/named/named.loopbback  yt.loopback            #Copy generated reverse parse file 
vim  /var/named/yt.loopback 


6. Start DNS Service

systemctl start named


7. Verify whether it is opened successfully

netstat -anup |grep :53


8. Tester configuration DNS1

vim  /etc/sysconfig/network-scripts/ifcfg-eth0
ifdown  eth0  &&  ifup  eth0		#Restart the network card

Test:

nslookup  192.168.78.1             
nslookup  dns.youte1.com        

3, DNS master-slave service setup

Experimental preparation

The servernetwork cardIP address
DHCP serverVMnet1192.168.78.35
from serverVMnet1192.168.48.36
ClientVMnet1192.168.78.31

Experimental steps

master server

  1. Install DNS software
yum -y install bind

2. Modify the master configuration file

vim /etc/named.conf


3. Modify area configuration file

vim /etc/named.rfc1912.zones
zone "Domain name to resolve to" IN {
		type master;
		file "Forward data profile name";
		allow-transfer { from server ip; };
		#Add real-time synchronization configuration
		allow-update { from server ip; };
		also-notify { from server ip; };
}

4. Modify data file

cp  -a  /var/named/named.localhost  yt.localhost      #Copy generated forward resolution file     		
vim  /var/named/yt.localhost     

5. Start or restart DNS Service

systemtl start named

from server
6. Install DNS software

yum -y install bind

7. Modify the master configuration file

vim /etc/named.conf


8. Modify area configuration file

vim  /etc/named.rfc1912.zones

9. Start service
After starting the service, the recorded information of the master server will be automatically synchronized to the / var/named/slaves directory

Test:
The network card of the tester is set to slave server: DNS=192.168.78.36
1. View DNS server: / etc/resolv.conf
2. Command: nslookup ww.youte1.com
3. Browser Test: install httpd and test
4. Close the main server test (with time limit)

4, DNS cache service setup

Experimental preparation

The servernetwork cardIP address
DHCP serverVMnet1192.168.78.35
from serverVMnet1192.168.48.36
ClientVMnet1192.168.78.31

Experimental steps

DNS server:
1. Install DNS software
2. Modify the master configuration file
3. Modify area configuration file
4. Modify data file
5. Start DNS Service
Buffer:
6. Install software

yum -y install dnsmasq

7. Modify cache configuration file

vim  /etc/dnsmasq.conf 
domain=field 			#Domain to be resolved
server=ip				#Primary DNS server IP
cache-size=15000		#Number of declared cache entries

8. Start service
Because the service has been installed by default, you should first kill this process and completely shut down pkill dnsmasq

pkill dnsmasq
systemctl start dnsmasq

Test:
Fill in the ip address of the DNS cache server on the test machine
1. Resolve a domain name: nslookup www.youte1.com
2. Turn off the DNS server, and the domain names resolved by the primary server can still be resolved, and those not cached cannot be resolved
After resolving the domain name (non authoritative answer), resolve another domain name
3. Clear DNS cache on client side: yum -y install nscd
systemctl start nscd
nscd -i hosts

5, Intelligent DNS construction (separation and resolution)

Experimental preparation

The servernetwork cardIP addressgatewayDNS1
DNS serverVMnet1192.168.78.35
DNS serverVMnet2192.168.136.35
apache server VMnet1192.168.78.36
apache server VMnet2192.168.136.36
Intranet testerVMnet1192.168.78.33192.168.78.35192.168.78.35
Extranet testerVMnet2192.168.136.33192.168.136.35192.168.136.35

Experimental steps

web server:
1. Install httpd service

yum -y install httpd

2. Write test interface

echo "test pages~" > var/www/html/index.html

3. Start service

systemctl start httpd

4. Test visit

curl  localhost 

DNS server:
5. Install dns package

yum -y install bind 

6. Modify the master configuration file

vim /etc/named.conf  



7. Configure regional files

cp -a /etc/named.rfc1912.zones /etc/lan.zones
vim /etc/lan.zones 

cp -a /etc/named.rfc1912.zones /etc/wan.zones  
vim /etc/wan.zones


8. Configuration data file

cd /var/named                		        #Enter data file directory
cp -a named.localhost  yt.lan 		#Copy intranet data file
cp -a named.localhost  yt.wan             #Copy Internet data file
vim  yt.lan

vim yt.wan


9. Start service

systemctl restart named

10. Check the startup

netstat -anup |grep :53


11. Enable routing forwarding (internal and external network segments can communicate)

vim /etc/sysctl.conf

sysctl -p

Test:
Intranet tester: Test parsing function and web page function

Extranet tester: Test parsing function and web page function

Tags: Linux

Posted on Thu, 30 Sep 2021 18:04:53 -0400 by jwang