centos7--DNS正（反）向解析

#关闭防火墙和selinux
[root@ c7-41 ~] systemctl stop firewalld
[root@ c7-41 ~] setenforce 0

1，在主机A 服务端上安装DNS服务

[root@ c7-41 ~] yum -y install bind bind-utils bind-libs bind-chroot

2，修改配置

[root@ c7-41 ~] vim /etc/named.conf # 修改主配置文件
[root@ c7-41 ~] cat /etc/named.conf |sed -n '12,21p'
options {
	listen-on port 53 { any; }; #修改为any
	listen-on-v6 port 53 { ::1; };
	directory 	"/var/named";
	dump-file 	"/var/named/data/cache_dump.db";
	statistics-file "/var/named/data/named_stats.txt";
	memstatistics-file "/var/named/data/named_mem_stats.txt";
	recursing-file  "/var/named/data/named.recursing";
	secroots-file   "/var/named/data/named.secroots";
	allow-query     { any; }; #修改为any

[root@ c7-41 ~] vim /etc/named.rfc1912.zones # 修改区域配置文件
[root@ c7-41 ~] cat /etc/named.rfc1912.zones|sed -n '43,53p' 
zone "haha.com" IN { # 正向解析
        type master;
        file "haha.com.zone";
        allow-update { none; };
};

zone "0.0.10.in-addr.arpa" IN { # 反向解析
        type master;
        file "hehe.com.arpa";
        allow-update { none; };
};

#复制数据配置文件
[root@ c7-41 ~] cd /var/named/
[root@ c7-41 named] ls
chroot  dynamic   named.empty      named.loopback
data    named.ca  named.localhost  slaves  
[root@ c7-41 named] cp -p named.localhost haha.com.zone
[root@ c7-41 named] cp -p named.localhost hehe.com.arpa

#编辑正向解析
[root@ c7-41 named] vim haha.com.zone
[root@ c7-41 named] cat haha.com.zone 
$TTL 1D
@	IN SOA	haha.com. admin.haha.com. (
					0	; serial
					1D	; refresh
					1H	; retry
					1W	; expire
					3H )	; minimum
	NS	haha.com.
	A	10.0.0.41
	AAAA	::1
www     IN      A	10.0.0.41

#编辑反向解析
[root@ c7-41 named] vim hehe.com.arpa 
[root@ c7-41 named] cat hehe.com.arpa 
$TTL 1D
@	IN SOA	hehe.com. admin.hehe.com. (
					0	; serial
					1D	; refresh
					1H	; retry
					1W	; expire
					3H )	; minimum
	NS	hehe.com
	A	10.0.0.41
	AAAA	::1
41	IN      PTR	www.hehe.com

3，配置网卡并重启，再启动DNS服务

[root@ c7-41 named] vim /etc/sysconfig/network-scripts/ifcfg-ens33 
[root@ c7-41 named] cat /etc/sysconfig/network-scripts/ifcfg-ens33 
TYPE=Ethernet
PROXY_METHOD=none
BROWSER_ONLY=no
BOOTPROTO=static
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
NAME=ens33
DEVICE=ens33
ONBOOT=yes
IPADDR=10.0.0.41
NETMASK=255.255.255.0
GATEWAY=10.0.0.254
DNS1=10.0.0.41  # 添加dns

[root@ c7-41 ~] systemctl restart network 

[root@ c7-41 named] systemctl start named  #启动DNS

4，在主机B 客户端上安装DNS服务，并配置网卡

[root@ c7-42 ~] yum -y install bind-chroot bind-libs bind-utils

[root@ c7-42 ~] vim /etc/sysconfig/network-scripts/ifcfg-ens33
[root@ c7-42 ~] cat /etc/sysconfig/network-scripts/ifcfg-ens33
TYPE=Ethernet
PROXY_METHOD=none
BROWSER_ONLY=no
BOOTPROTO=static
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
NAME=ens33
DEVICE=ens33
ONBOOT=yes
IPADDR=10.0.0.42
NETMASK=255.255.255.0
GATEWAY=10.0.0.254
DNS1=10.0.0.41
[root@ c7-42 ~] systemctl restart network #重启网卡

5，启动客户端 DNS服务，并测试解析服务

[root@ c7-42 ~] systemctl start named

[root@ c7-42 ~] nslookup www.haha.com #测试正向解析
Server:		10.0.0.41
Address:	10.0.0.41#53

Name:	www.haha.com
Address: 10.0.0.41

[root@ c7-42 ~] nslookup #反向解析
> 10.0.0.41
41.0.0.10.in-addr.arpa	name = www.hehe.com.

[root@ c7-42 ~] nslookup 10.0.0.41 #也可以
41.0.0.10.in-addr.arpa	name = www.hehe.com.