To install BIND 9.8.2
|
We check ip address with static at eth0. if it doesn't we do it. |
|
# ln -s /etc/sysconfig/network-script/ifcfg-eth0 /root/eth0 # vi /root/eth0 DEVICE=eth0 # service network restart |
|
We do confirm to resolve name through ping. |
|
# ping www.yahoo.com -c 4 |
|
We install packages related bind service through yum server. |
|
# yum -y install bind bind-libs bind-utils |
|
# vi /etc/named.conf |
|
// // named.conf // // Provided by Red Hat bind package to configure the ISC BIND named(8) DNS // server as a caching only nameserver (as a localhost DNS resolver only). // // See /usr/share/doc/bind*/sample/ for example named configuration files. // options { listen-on port 53 { any; }; // listen-on-v6 port 53 { ::1; }; directory "/var/named"; dump-file "/var/named/data/cache_dump.db"; statistics-file "/var/named/data/named_stats.txt"; memstatistics-file "/var/named/data/named_mem_stats.txt"; allow-query { any; }; recursion yes; dnssec-enable yes; dnssec-validation yes; /* Path to ISC DLV key */ bindkeys-file "/etc/named.iscdlv.key"; managed-keys-directory "/var/named/dynamic"; }; logging { channel default_debug { file "data/named.run"; severity dynamic; }; }; zone "." IN { type hint; file "named.ca"; }; include "/etc/named.rfc1912.zones"; include "/etc/named.root.key"; |
|
# vi /etc/named.rfc1912.zones |
|
// named.rfc1912.zones: // // Provided by Red Hat caching-nameserver package // // ISC BIND named zone configuration for zones recommended by // RFC 1912 section 4.1 : localhost TLDs and address zones // (c)2007 R W Franks // // See /usr/share/doc/bind*/sample/ for example named configuration files. // zone "localhost.localdomain" IN { type master; file "named.localhost"; allow-update { none; }; }; zone "localhost" IN { type master; file "named.localhost"; allow-update { none; }; }; type master; file "named.loopback"; allow-update { none; }; }; zone "1.0.0.127.in-addr.arpa" IN { type master; file "named.loopback"; allow-update { none; }; }; zone "0.in-addr.arpa" IN { type master; file "named.empty"; allow-update { none; }; }; zone "kgitbank.local" IN { type master; file "kgitbank.local.db"; }; zone "8.168.192.in-addr.arpa" IN { type master; file "kgitbank.local.rdb"; }; |
|
# cd /var/named # cp -a /var/named/named.empty /var/named/kgitbank.local.db # vi /var/named/kgitbank.local.db |
|
$TTL 1D @ IN SOA @ kgitbank.local. ( 0 ; serial 1D ; refresh 1H ; retry 1W ; expire 3H ) ; minimum NS ns1.kgitbank.local. ns1 A 192.168.8.128 www CNAME lux1.kgitbank.local. |
|
# cd /var/named # cp -a /var/named/named.loopback /var/named/kgitbank.local.rdb # vi /var/named/kgitbank.local.rdb |
|
$TTL 1D @ IN SOA @ kgitbank.local. ( 0 ; serial 1D ; refresh 1H ; retry 1W ; expire 3H ) ; minimum NS ns1.kgitbank.local. ns1 A 192.168.8.128 128 PTR ns.kgitbank.local. |
|
# chkconfig named on |
|
When Name server restart, named daemon will start automatically. |
|
|
|
# iptables -A INPUT -p udp -m udp --dport 53 -j ACCEPT # service iptables save # iptables -L | grep domain |
|
Optional configuration We can control over to query dns server with acl. |
|
# vi /etc/named.conf // See /usr/share/doc/bind*/sample/ for example named configuration files. options { |
|
Cache |
|
# rndc dumpdb -cache # cat /var/named/data/cache_dump.db | grep (U wanna text) ============================================================= # rndc flush # rndc reload |
|
# rndc stats |
|
# more /var/named/data/named_stats.txt |
Reference Site : https://kb.isc.org/article/AA-00851/0/Understanding-views-in-BIND-9-by-example.html