linux 에서 DNS 만 캐 시 하 는 구축
- yum install bind* -y
- yum install bind-chroot -y
- [root@localhost ~]# /etc/init.d/named restart
- Stopping named: [ OK ]
- Generating /etc/rndc.key:^C
- [root@localhost ~]#
- [root@localhost ~]# rndc-confgen -r /dev/urandom -a rndc key
- wrote key file "/etc/rndc.key"
- [root@localhost ~]# /etc/init.d/named restart
- Stopping named: [ OK ]
- Starting named: [ OK ]
- [root@localhost ~]# cd /var/named/
- [root@localhost named]# cp -p named.localhost example.com.zone p
- [root@localhost named]# vim example.com.zone
- $TTL 1D
- @ IN SOA @ cc.163.com. (
- 0 ; serial
- 1D ; refresh
- 1H ; retry
- 1W ; expire
- 3H ) ; minimum
- NS @
- A 192.168.122.22 IP
- www A 1.1.1.1
- aa A 2.2.2.2
- * A 2.2.250.250
- bbs CNAME www ,www.example.com bbs.example.com IP
- [root@localhost named]# vim /var/named/chroot/etc/named.conf
- options {
- listen-on port 53 { 192.168.122.22; }; IP
- listen-on-v6 port 53 { ::1; };
- directory "/var/named";
- dump-file "/var/named/data/cache_dump.db";
- statistics-file "/var/named/data/named_stats.txt";
- memstatistics-file "/var/named/data/named_mem_stats.txt";
- allow-query { any; }; any
- recursion yes;
-
- dnssec-enable yes;
- dnssec-validation yes;
- dnssec-lookaside auto;
- forwarders { 192.168.122.1; }; DNS , 13 DNS , 192.168.122.1 DNS
- /* Path to ISC DLV key */
- bindkeys-file "/etc/named.iscdlv.key";
-
- managed-keys-directory "/var/named/dynamic";
- };
-
- logging {
- channel default_debug {
- file "data/named.run";
- severity dynamic;
- };
- };
-
- zone "." IN {
- type hint;
- file "named.ca";
- };
- zone "example.com"IN{ , include "/etc/named.rfc1912.zones"; ,
- type master;
- file "example.com.zone";
- };
- include "/etc/named.rfc1912.zones";
- include "/etc/named.root.key";
- [root@localhost named]# /etc/init.d/named restart
- Stopping named: [ OK ]
- Starting named: [ OK ]
- [root@localhost named]# cat /etc/resolv.conf DNS
- # Generated by NetworkManager
- nameserver 192.168.122.22
-
- [root@localhost named]# dig aa.example.com , ,selinux
-
- ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.10.rc1.el6 <<>> aa.example.com
- ;; global options: +cmd
- ;; Got answer:
- ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 60551
- ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1
-
- ;; QUESTION SECTION:
- ;aa.example.com. IN A
-
- ;; ANSWER SECTION:
- aa.example.com. 86400 IN A 2.2.2.2
-
- ;; AUTHORITY SECTION:
- example.com. 86400 IN NS example.com.
-
- ;; ADDITIONAL SECTION:
- example.com. 86400 IN A 192.168.122.22
-
- ;; Query time: 1 msec
- ;; SERVER: 192.168.122.22#53(192.168.122.22)
- ;; WHEN: Sat Mar 16 21:37:25 2013
- ;; MSG SIZE rcvd: 78
주종 DNS,
주 DNS 에서
- [root@vm1 named]# vim /var/named/chroot/etc/named.conf
- options {
-
- # listen-on port 53 { 192.168.122.11; }; #
- listen-on-v6 port 53 { ::1; };
- directory "/var/named";
- dump-file "/var/named/data/cache_dump.db";
- statistics-file "/var/named/data/named_stats.txt";
- memstatistics-file "/var/named/data/named_mem_stats.txt";
- allow-query { localhost ; localnets; };
- recursion yes;
-
- dnssec-enable yes;
- dnssec-validation yes;
- dnssec-lookaside auto;
- forwarders { 192.168.122.1; };
- /* Path to ISC DLV key */
- bindkeys-file "/etc/named.iscdlv.key";
-
- managed-keys-directory "/var/named/dynamic";
- };
-
- logging {
- channel default_debug {
- file "data/named.run";
- severity dynamic;
- };
- };
-
- zone "." IN {
- type hint;
- file "named.ca";
- };
- zone "example.com"IN {
- type master;
- file "example.com.zone";
- allow-transfer { 192.168.122.22; }; DNS IP
- also-notify { 192.168.122.22;};
- };
- include "/etc/named.rfc1912.zones";
- include "/etc/named.root.key";
- [root@vm1 named]# /etc/init.d/named restart
- Stopping named: [ OK ]
- Starting named: [ OK ]
DNS 설정, 패키지 설치 후,
- [root@localhost slaves]# cat /etc/named.conf
- //
- // named.conf
- //
- // Provided by Red Hat bind package to configure the ISC BIND named(8) DNS
- // server as a caching only nameserver (as a localhost DNS resolver only).
- //
- // See /usr/share/doc/bind*/sample/ for example named configuration files.
- //
-
- options {
- # listen-on port 53 { 127.0.0.1; };
- listen-on-v6 port 53 { ::1; };
- directory "/var/named";
- dump-file "/var/named/data/cache_dump.db";
- statistics-file "/var/named/data/named_stats.txt";
- memstatistics-file "/var/named/data/named_mem_stats.txt";
- allow-query { localhost;localnets; };
- recursion yes;
-
- dnssec-enable yes;
- dnssec-validation yes;
- dnssec-lookaside auto;
-
- /* Path to ISC DLV key */
- bindkeys-file "/etc/named.iscdlv.key";
-
- managed-keys-directory "/var/named/dynamic";
- };
-
- logging {
- channel default_debug {
- file "data/named.run";
- severity dynamic;
- };
- };
-
- zone "." IN {
- type hint;
- file "named.ca";
- };
-
- include "/etc/named.rfc1912.zones";
- include "/etc/named.root.key";
- zone "example.com"IN {
- type slave;
- masters { 192.168.122.11 ;}; DNS IP
- file "slaves/example.com.zone";
- };
이 내용에 흥미가 있습니까?
현재 기사가 여러분의 문제를 해결하지 못하는 경우 AI 엔진은 머신러닝 분석(스마트 모델이 방금 만들어져 부정확한 경우가 있을 수 있음)을 통해 가장 유사한 기사를 추천합니다:
[CS] HTTP/네트워크 기초 Day-37HTTP를 이용해 주고 받는 메시지를 HTTP 메시지라고 부릅니다. 서버가 리소스를 전달하기 위한 API를 구축해놓아야 클라이언트가 이를 활용할 수 있습니다. HTTP 요청에는 메소드라는 것이 존재합니다. HTTP ...
텍스트를 자유롭게 공유하거나 복사할 수 있습니다.하지만 이 문서의 URL은 참조 URL로 남겨 두십시오.
CC BY-SA 2.5, CC BY-SA 3.0 및 CC BY-SA 4.0에 따라 라이센스가 부여됩니다.