DNS详解及DNS主从配置(3)

启动 named：                                               [确定]

测试1：解析：

[root@cp1 ~]# dig @192.168.147.137

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.47.rc1.el6_8.4 <<>> @192.168.147.137

; (1 server found)

;; global options: +cmd

;; Got answer:

;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 31526

;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1

;; QUESTION SECTION:

;                   IN      A

;; ANSWER SECTION:

           86400   IN      A       11.11.11.11

;; AUTHORITY SECTION:

123.com.                86400   IN      NS      ns.123.com.

;; ADDITIONAL SECTION:

ns.123.com.             86400   IN      A       192.168.134.128

;; Query time: 15 msec

;; SERVER: 192.168.147.137#53(192.168.147.137)

;; WHEN: Mon Mar 13 23:37:22 2017

;; MSG SIZE  rcvd: 78

测试2：解析bbs.123.com：

[root@cp1 ~]# dig @192.168.147.137 bbs.123.com

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.47.rc1.el6_8.4 <<>> @192.168.147.137 bbs.123.com

; (1 server found)

;; global options: +cmd

;; Got answer:

;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 9966

;; flags: qr aa rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 1, ADDITIONAL: 1

;; QUESTION SECTION:

;bbs.123.com.                   IN      A

;; ANSWER SECTION:

bbs.123.com.            86400   IN      CNAME  

           86400   IN      A       11.11.11.11

;; AUTHORITY SECTION:

123.com.                86400   IN      NS      ns.123.com.

;; ADDITIONAL SECTION:

ns.123.com.             86400   IN      A       192.168.134.128

;; Query time: 1 msec

;; SERVER: 192.168.147.137#53(192.168.147.137)

;; WHEN: Mon Mar 13 23:38:53 2017

;; MSG SIZE  rcvd: 96

测试3：mail.123.com：

[root@cp1 ~]# dig @192.168.147.137 mail.123.com

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.47.rc1.el6_8.4 <<>> @192.168.147.137 mail.123.com

; (1 server found)

;; global options: +cmd

;; Got answer:

;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 41160

;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1

;; QUESTION SECTION:

;mail.123.com.                  IN      A

;; ANSWER SECTION:

mail.123.com.           86400   IN      A       192.168.134.129

;; AUTHORITY SECTION:

123.com.                86400   IN      NS      ns.123.com.

;; ADDITIONAL SECTION:

ns.123.com.             86400   IN      A       192.168.134.128

;; Query time: 0 msec

;; SERVER: 192.168.147.137#53(192.168.147.137)

;; WHEN: Mon Mar 13 23:39:42 2017

;; MSG SIZE  rcvd: 79

测试4：没有配置的mail2解析失败

[root@cp1 ~]# dig @192.168.147.137 mail2.123.com

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.47.rc1.el6_8.4 <<>> @192.168.147.137 mail2.123.com

; (1 server found)

;; global options: +cmd

;; Got answer:

;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 47121

;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:

;mail2.123.com.                 IN      A

;; AUTHORITY SECTION:

123.com.                10800   IN      SOA     123.com. admin.123.com. 2015010901 86400 3600 604800 10800

;; Query time: 9 msec

;; SERVER: 192.168.147.137#53(192.168.147.137)

;; WHEN: Mon Mar 13 23:40:34 2017

;; MSG SIZE  rcvd: 73

 

配置一个反向解析的域：147.168.192.zone

（反解析一般用于企业的邮件服务器，能够反解析出我的域名的IP我才给你发邮件）

编辑主配置文件：

[root@cp1 ~]# vim /etc/named.conf

在最后面添加一个域：

zone "147.168.192.in-addr.arpa" IN {

type master;

file "147.168.192.zone";

};

检查主配置文件是否有错：

[root@cp1 ~]# named-checkconf

编辑对应的zone文件：

[root@cp1 ~]# vim /var/named/147.168.192.zone

$TTL 1D

@       IN SOA  @ admin.123.com. (

2015010901       ; serial

1D      ; refresh

1H      ; retry

1W      ; expire

3H )    ; minimum

IN      NS      ns.123.com.

137     IN      PTR     ns.123.com.

138     IN      PTR     mail.123.com.

检查域配置文件是否有错：

[root@cp1 ~]# named-checkzone "147.168.192" /var/named/147.168.192.zone

zone 147.168.192/IN: loaded serial 2015010901

OK

重启：

[root@cp1 ~]# /etc/init.d/named restart