RHCE7认证学习笔记:DNS管理与配置
一、根域.服务器
二、DNS查询的类型
1、递归:客户端向DNS服务器请求解析服务,服务器必须回应;
2、迭代:DNS服务器向多台其他的DNS服务器进行查询得到结果
DNS服务器可以设置ACL允许向其查询的范围或者设置允许递归查询的服务器;
三、使用unbound包配置DNS服务器
RHEL6中使用Bind配置DNS,RHEL7中推荐使用unbound
安装unbound包:
[root@linuxidc ~]# yum install unbound\* -y
配置/etc/unbound/unbound文件参数,配置zone区域
参数:
access-control: 0.0.0.0/0 allow
include: /etc/unbound/local.d/*.conf
interface: 0.0.0.0
interface-automatic: no
domain-insecure: "example.com"
local-zone:
1 local-zone: "sg.com." static
2 local-data:"sg.com. 86400 IN SOA ns.sg.com. admin.sg.com 200 3600 1800 7200 86400"
3 local-data:"ns.sg.com. IN A 10.35.89.32"
4 local-data: "www.sg.com. IN A 10.35.89.33"
5 local-data: "ftp.sg.com. IN A 10.35.89.31"
6 local-data:"sg.com. IN MX 5 mail.sg.com."
7 local-data:"mail.sg.com. IN A 10.35.89.32"
8 local-data-ptr: "10.35.89.33 www.sg.com"
9 local-data-ptr: "10.35.89.31 ftp.sg.com"
forward-zone
forward-zone:
name: "example.com"
forward-addr: 192.0.2.68
forward-addr: 192.0.2.73@5355 # forward to port 5355.
forward-first: no
stub-zone:
stub-zone:
name: "example.com"
stub-addr: 192.0.2.68
stub-prime: "no"