# DNS常用的资源记录及说明
SOA(起始授权机构)        定义了该域中的权威名称服务器
NS(名称服务器)        表示某区域的权威服务器和SQA中指定的该区域的主要服务器和辅助服务器
A(主机)            列出了区域中的FQDN(完全合格的域名)到IP地址的映射
PTR(指针)            IP-->FQDN
MX                    邮件交换器记录,为指定的邮件交换主机提供消息路由
SRV(服务)            列出了正在提供特定服务的服务器
CNAME(别名)        将多个名称映射到同一台计算机上,便于用户访问

主DNS

 1 # yum install bind* -y
 2 # vim /etc/named.conf
 3 option {
 4     listen-on port 53 { 127.0.0.1: };        //监听地址和端口,删除本行默认监听所有端口的UDP服务
 5     listen-on-v6 port 53 { ::1:};
 6     directory "var/named";                    //区域数据文件的默认存放位置
 7     dump-file "var/named/data/cache_dump.db";            //缓存数据库文件位置
 8     statistics-file "/var/named/data/named/stats.txt";    //状态统计文件的位置
 9     memstatistics-file "/var/named/data/named-mem_stats.txt";
10     allow-query { localhost; };                //允许使用本DNS服务器的网段,删除本行默认响应所有客户机请求
11     recursion yes;
12     
13     dnssec-enable yes;
14     dnssec-validation yes;
15     
16     /* Path to ISC DLV key */
17     bindkeys-file "/etc/named.iscdlv.key";
18     
19     managed-keys-directory "/var/named/dynamic";
20     
21     pid-file "/run/named/named.pid";
22     session-keyfile "/run/named/session.key";
23 }
24 
25 zone "example.com" in {                    //正向解析
26     type master;
27     file "example.com.zone";
28     allow-transfer {172.25.250.250:};    //允许下载的从服务器地址
29 };
30 zone "250.25.172.in-addr.arpa" in {        //反向解析
31     type master;
32     file "172.25.250.arpa";
33 }
34 # cd /var/named
35 # vim example.com.zone
36 //命令行模式下执行如下命令可以导入配置文件模板
37 :r /var/named/named.localhost
38 $TTL 1D        //有效解析记录的生存周期
39 @ IN SOA example.com. admin.example.com (    //SOA标记、域名、管理邮箱
40     0        ; serial        //更新序列号,可以是10以内的整数(; serial是注释)
41     1D        ; refresh        
42     1H        ; retry            //;后面的字符是注释信息
43     1W        ; expire        //从“1D”到”3H“以此为:书信时间,重新下载地址数据的间隔;重试延时,下载失败后的重试间隔;失败时间,超过该时间仍无法下载则放弃下载;无效解析记录的生存周期
44     3H     )    ; minimum        
45 @    IN    NS    content.example.com.        //域名服务器,在下面的主机记录中必须有本欲名服务器的对应记录
46 content    IN    A    172.25.250.254
47 servera    IN    A    172.25.250.10
48 serverb    IN    A    172.25.250.20        //主机记录
49 # vim 172.25.250.arqa
50 //导入刚才配置的正向解析
51 :r /var/named/example.com.zone
52 $TTL 1D        
53 @ IN SOA example.com. admin.example.com (    
54     0        ; serial        
55     1D        ; refresh        
56     1H        ; retry            
57     1W        ; expire        
58     3H     )    ; minimum        
59 @    IN    NS    content.example.com.
60 254    IN    PTR    content.example.com.
61 10    IN    PTR    servera.example.com.
62 20    IN    PTR    serverb.example.com.
63 # named-checkconf -z /etc/named.conf    //检查配置文件
64 # systemctl start named
65 # systemctl enable named
66 # windows客户机验证    nslookup

从DNS

 1 # yum install bind* -y
 2 # vim /etc/named.conf
 3 option {
 4     listen-on port 53 { 127.0.0.1: };        //删除本行
 5     listen-on-v6 port 53 { ::1:};
 6     directory "var/named";                    
 7     dump-file "var/named/data/cache_dump.db";    
 8     statistics-file "/var/named/data/named/stats.txt";    
 9     memstatistics-file "/var/named/data/named-mem_stats.txt";
10     allow-query { localhost; };                //删除本行
11     recursion yes;
12     
13     dnssec-enable yes;
14     dnssec-validation yes;
15     
16     /* Path to ISC DLV key */
17     bindkeys-file "/etc/named.iscdlv.key";
18     
19     managed-keys-directory "/var/named/dynamic";
20     
21     pid-file "/run/named/named.pid";
22     session-keyfile "/run/named/session.key";
23 }
24 
25 zone "example.com" in {                    //正向解析,类型为从区域
26     type slave;
27     masters { 172.25.250.254; };        //指定主服务器地址
28     file "slaves/example.com.zone";        //下载的文件保存到slaves下
29 };
30 zone "250.25.172.in-addr.arpa" in {        //反向解析
31     type slave;
32     masters { 172.25.250.254; };
33     file "slaves/172.25.250.arpa";
34 }
35 # cd /var/named
36 # systemctl start named
37 # systemctl enable named
38 # windows客户机验证    nslookup