一、基礎(chǔ)介紹：

正向解析：通過(guò)域名查找IP；
反向解析：通過(guò)IP查找域名；

一、相關(guān)配置文件詳解

程序包：yum list all bind*

bind ：服務(wù)器
?bind-libs ：相關(guān)庫(kù)
?bind-utils: 客戶端

配置文件：

bind-chroot: /var/named/chroot/
?服務(wù)啟動(dòng)腳本：/etc/init.d/named
?配置文件：/etc/named.conf /etc/named.rfc1912.zones
主配置文件
?全局配置：options{}；
?日志子系統(tǒng)配置：logging{}；
?區(qū)域定義：本機(jī)能夠?yàn)槟男﹝one進(jìn)行解析，就要定義哪些zone
?zon"ZONE_NAME"IN {};

二、正向解析haohao.com

1.安裝BIND

[root@CentOS7 ~]#yum install bind
[root@CentOS7 ~]#systemctl start named  #啟動(dòng)服務(wù)
[root@CentOS7 ~]#systemctl enable named  #設(shè)為開機(jī)啟動(dòng)

2.配置文件/etc/named.conf

[root@CentOS7 ~]#vim /etc/named.conf 
options {
 13 //  listen-on port 53 { 127.0.0.1; };  #注釋//監(jiān)聽到所有的53號(hào)端口
 14 //  listen-on-v6 port 53 { ::1; };  #注釋//監(jiān)聽到所有的53號(hào)端口
 15     directory   "/var/named";  #指定解析庫(kù)位置，默認(rèn)查找位置
 16     dump-file   "/var/named/data/cache_dump.db";
 17     statistics-file "/var/named/data/named_stats.txt";
 18     memstatistics-file "/var/named/data/named_mem_stats.txt";
 19 //  allow-query     { localhost; };  #允許誰(shuí)來(lái)查詢
31     recursion yes;  #是否進(jìn)行遞歸
 33 //  dnssec-enable yes;  #監(jiān)視安全
 34 //  dnssec-validation yes;  #注釋安全
[root@CentOS7 ~]#named-checkconf   #檢查配置文件有無(wú)錯(cuò)誤

3.編輯區(qū)域配置
正向：

[root@CentOS7 ~]#vim /etc/named.rfc1912.zones 
25 zone "haohao.com." IN{
 26     type master;
 27     file "haohao.com.zone";  #這個(gè)文件指定解析庫(kù)
 28     allow-update{none;};
 29 };
[root@CentOS7 ~]#named-checkconf   #檢查配置文件有無(wú)錯(cuò)誤

反向：

47 zone "1.168.192.in-addr.arpa" IN {
 48     type master;
 49     file "192.168.1.zone";
 50 };

4.創(chuàng)建解析庫(kù)
正向：

[root@CentOS7 /var/named]#vim haohao.com.zone                          
  1 $TTL 1D  #定義統(tǒng)一的緩存為1day
  2 @   2D  IN  SOA dns1 admin.haohao.com. ( 
  3                 2017092101 ;serial  #解析庫(kù)的序列號(hào)
  4                 86400      ;refresh  #周期性同步的時(shí)間間隔
  5                 1H         ;retry  #重試的時(shí)間間隔
  6                 2W        ;expire  #過(guò)期時(shí)長(zhǎng)
  7                 3H )       ;minimum #否定答案的統(tǒng)一緩存時(shí)長(zhǎng)
  8         NS  dns1
  9 dns1 2D A   192.168.1.107
 10 websrv  A   192.168.1.106
 11 www     CNAME   websrv

反向：

[root@CentOS7 /var/named]#vim /var/named/192.168.1.zone 
  1 $TTL 1D
  2 @   IN  SOA haohao.com. admin.haohao.com. (
  3                         2017092101
  4                         1H
  5                         10M
  6                         3D
  7                         1D )
  8 @   IN  NS  ns1.haohao.com.
  9 1.168.192.in-addr.arpa. IN  PTR www.haohao.com.
 10 1.168.192.in-addr.arpa. IN  PTR bbc.haohao.com.
 11 1.168.192.in-addr.arpa. IN  PTR mail.haohao.com.

5.檢查named-checkconf
正向：

[root@CentOS7 /var/named]#named-checkzone "haohao.com" haohao.com.zone 
zone haohao.com/IN: loaded serial 2017092101
OK

反向：

[root@CentOS7 /var/named]#named-checkzone 1.168.192.in-addr.arpa 192.168.1.zone 
zone 1.168.192.in-addr.arpa/IN: loaded serial 2017092101
OK

6.測(cè)試
正向：

[root@R1 ~]#dig -t A www.haohao.com

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.62.rc1.el6 <<>> -t A www.haohao.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 12024
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 1, ADDITIONAL: 1  #aa權(quán)威解答

;; QUESTION SECTION:  #查詢問(wèn)題
;www.haohao.com.                        IN      A

;; ANSWER SECTION:  #答案回答
www.haohao.com.         86400   IN      CNAME   websrv.haohao.com.
websrv.haohao.com.      86400   IN      A       192.168.1.106

;; AUTHORITY SECTION:  #權(quán)威信息DNS服務(wù)器的名稱
haohao.com.             86400   IN      NS      dns1.haohao.com.

;; ADDITIONAL SECTION:  #補(bǔ)充說(shuō)明這個(gè)DNS服務(wù)器地址
dns1.haohao.com.        172800  IN      A       192.168.1.107

;; Query time: 1 msec
;; SERVER: 192.168.1.107#53(192.168.1.107)
;; WHEN: Thu Aug 31 06:41:51 2017
;; MSG SIZE  rcvd: 104

反向：

[root@R1 ~]#dig -x 192.168.1.108 @192.168.1.107

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.62.rc1.el6 <<>> -x 192.168.1.108 @192.168.1.107
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 382
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;108.1.168.192.in-addr.arpa.    IN      PTR

;; AUTHORITY SECTION:
1.168.192.in-addr.arpa. 86400   IN      SOA     haohao.com. admin.haohao.com. 2017092101 3600 600 259200 86400

;; Query time: 1 msec
;; SERVER: 192.168.1.107#53(192.168.1.107)
;; WHEN: Thu Aug 31 06:42:57 2017
;; MSG SIZE  rcvd: 96

測(cè)試區(qū)域是否完全正常使用

[root@R1 ~]#dig -t AXFR haohao.com @192.168.1.107

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.62.rc1.el6 <<>> -t AXFR haohao.com @192.168.1.107
;; global options: +cmd
haohao.com.             172800  IN      SOA     dns1.haohao.com. admin.haohao.com. 2017092101 86400 3600 1209600 10800
haohao.com.             86400   IN      NS      dns1.haohao.com.
dns1.haohao.com.        172800  IN      A       192.168.1.107
websrv.haohao.com.      86400   IN      A       192.168.1.106
www.haohao.com.         86400   IN      CNAME   websrv.haohao.com.
haohao.com.             172800  IN      SOA     dns1.haohao.com. admin.haohao.com. 2017092101 86400 3600 1209600 10800
;; Query time: 1 msec
;; SERVER: 192.168.1.107#53(192.168.1.107)
;; WHEN: Thu Aug 31 06:49:02 2017
;; XFR size: 6 records (messages 1, bytes 182)