当前位置:网站首页>DNS domain name resolution protocol
DNS domain name resolution protocol
2022-07-28 15:44:00 【A cat that can't modulate and demodulate】
Catalog
principle
DNS Domain name resolution process :DNS Domain name resolution process _ Blog of cat who can't modulate and demodulate -CSDN Blog
To configure
Check if there is bind Tools , If it doesn't, it's directly yum install
yum install -y bind
View the profile location
rpm -qc bind
Modify area profile , Add forward zone configuration
vim /etc/named.confoptions {
listen-on port 53 { 192.168.150.30; }; # Listening port
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
recursing-file "/var/named/data/named.recursing";
secroots-file "/var/named/data/named.secroots";
allow-query { 192.168.150.0/24; }; Allowed network segment
/*
- If you are building an AUTHORITATIVE DNS server, do NOT enable recursion.
- If you are building a RECURSIVE (caching) DNS server, you need to enable
recursion.
- If your recursive DNS server has a public IP address, you MUST enable access
control to limit queries to your legitimate users. Failing to do so will
cause your server to become part of large scale DNS amplification
attacks. Implementing BCP38 within your network would greatly
reduce such attack surface
continue
vim /etc/named.rfc1912.zones
among :
zone "1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN
It's the dividing line , Upward is forward parsing , Next is reverse parsing
Copy “ Demarcation line ” Configure the above example :
zone "van.com" IN {
type master;
file "van.com.zone";
allow-update { none; };
};
Configure forward zone data file
touch /var/named/van.com.zone
cp -p named.localhost ./van.com.zone
vim /var/named/van.com.zone $TTL 1D
@ IN SOA van.com. admin.van.com. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS van.com.
A 192.168.150.30
AAAA ::1
IN MX 10 mail.vam.com.
WWW IN A 192.168.150.30
mail IN A 192.168.150.222
ftp IN CNAME www
* IN A 192.168.150.200Turn off firewall
systemctl stop firewalld Start the service
systemctl start namedView service status
systemctl status named 边栏推荐
- Heap operation
- Framework customization series (VI) -- shield fallbackhome mobile phone from pop-up during startup and directly enter the launcher
- 软件架构与设计(五)-----以数据为中心的架构
- Among the three "difficult and miscellaneous diseases" of machine learning, causal learning is the breakthrough | Liu Li, Chongqing University
- An article about rsocket protocol
- samba服务器如何配置
- 数据实时反馈技术
- 关于Simulink如何生成模型覆盖率报告
- Learn RX programming from me -- concat
- Monkey stress test
猜你喜欢
![【删除指定数字——leetcode]](/img/16/b40492d8414a363a3a24f00b4afd47.png)
随机推荐
Several slips of X rust, those things that have to be said
2. Self narration of open source GPS project hd-gr GNSS
Differences between two ways of QT creating folders
Voice social system -- improve the audio system industry chain
Rongyun real-time community solution
一波骚操作解决Laya场景编辑器报错问题
Leetcode bracket validity problem
Camera continuous shooting automatic test shell script
How to compress and decompress ramdisk.img
How to configure Samba server
File and directory operations (5)
Late 2021 year-end summary
ECCV 2022 | ssp: a new idea of small sample tasks with self-supporting matching
使用Mock技术帮助提升测试效率的小tips,你知道几个?
Vs usage skills
[delete specified number leetcode]
软件架构与设计(五)-----以数据为中心的架构
Framework customization series (VI) -- shield fallbackhome mobile phone from pop-up during startup and directly enter the launcher
leetcode-括号有效性问题
Huawei has a record number of employees worldwide: 194000, with research and development personnel accounting for nearly 50%