首页 » Linux基础 » 搭建私有DNS根服务器,模拟互联网DNS解析全过程

搭建私有DNS根服务器,模拟互联网DNS解析全过程

 

准备工作:准备四台DNS服务器,一台客户机,分别用一下IP:

1.客户机 192.168.182.218
2.转发的缓存DNS服务器192.168.182.214
3.迭代查询的DNS服务器192.168.182.215
4.根服务器和.com服务器 apt.com服务器192.168.182.217
5.二级DNS服务器hbp.com192.168.182.216

依次配置DNS服务器:

第一步:配置二级DNS服务器,named.conf文件如下:


options {
 listen-on port 53 { any; };
 directory "/var/named";
 dump-file "/var/named/data/cache_dump.db";
 statistics-file "/var/named/data/named_stats.txt";
 memstatistics-file "/var/named/data/named_mem_stats.txt";
 allow-query { any; };
 /*recursion yes;

 dnssec-enable yes;
 dnssec-validation yes;
 dnssec-lookaside auto;

 Path to ISC DLV key */
 bindkeys-file "/etc/named.iscdlv.key";

 managed-keys-directory "/var/named/dynamic";
};

logging {
 channel default_debug {
 file "data/named.run";
 severity dynamic;
 };
};
zone "hbp.com" IN {
 type master;
 file "hbp.com.zone";
};

include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";

hbp.com.zone配置如下:


[root@localhost ~]# cat /var/named/hbp.com.zone
$TTL 1D
@ IN SOA @ rname.invalid. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
@ IN NS ns.hbp.com.
ns A 192.168.182.213
www A 192.168.200.100
oa A 192.168.200.253
[root@localhost ~]#

第二步:配置根DNS服务器,同时作为.com服务器和apt.com服务器,named.conf配置如下:


options {
listen-on port 53 { any; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { any; };

/* Path to ISC DLV key */
bindkeys-file "/etc/named.iscdlv.key";
recursion no;
managed-keys-directory "/var/named/dynamic";
};
logging {
channel default_debug{
file "data/named.run";
severity dynamic;
};
};

zone "." IN {
type master;
file ".zone";
};
zone "com" IN {
type master;
file ".com.zone";
};
zone "apt.com" IN {
type master;
file "apt.com.zone";
};

zone配置文件如下:

.zone配置:


$TTL 1D
@ IN SOA @ rname.invalid. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
@ IN NS gen.
gen. IN A 192.168.182.217
com. IN NS gen.

.com.zone配置如下:

$TTL 1D
@ IN SOA @ rname.invalid. (
 0 ; serial
 1D ; refresh
 1H ; retry
 1W ; expire
 3H ) ; minimum
@ IN NS com.
com. A 192.168.182.217
hbp.com. IN NS ns.hbp.com.
ns.hbp.com. A 192.168.182.216 
apt.com. IN NS ns.apt.com.
ns.apt.com. A 192.168.182.217

apt.com.zone配置如下:

$TTL 1D
@ IN SOA @ rname.invalid. (
 0 ; serial
 1D ; refresh
 1H ; retry
 1W ; expire
 3H ) ; minimum
@ IN NS ns.apt.com.
ns.apt.com. A 192.168.182.217
www A 115.115.115.115

第三步,配置迭代DNS服务器,配置文件如下:
named.conf配置文件如下:


options {
 directory "/var/named";
};

logging {
 channel default_debug {
 file "data/named.run";
 severity dynamic;
 };
};

zone "." IN {
 type hint;
 file "named.ca";
};

这里修改named.ca文件,指向我们模拟的根DNS服务器,配置文件如下:

; <<>> DiG 9.9.4-P2-RedHat-9.9.4-12.P2 <<>> +norec NS . @a.root-servers.net
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 26229
;; flags: qr aa; QUERY: 1, ANSWER: 13, AUTHORITY: 0, ADDITIONAL: 24

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1472
;; QUESTION SECTION:
;. IN NS

;; ANSWER SECTION:
. 518400 IN NS gen.

;; ADDITIONAL SECTION:
gen. 518400 IN A 192.168.182.217

;; Query time: 58 msec
;; SERVER: 198.41.0.4#53(198.41.0.4)
;; WHEN: Wed Apr 23 14:52:37 CEST 2014
;; MSG SIZE rcvd: 727

第四步,配置缓存DNS服务器,配置文件如下:
named.conf文件:

options {
 directory "/var/named";
 dump-file "/var/named/data/cache_dump.db";
 statistics-file "/var/named/data/named_stats.txt";
 
 memstatistics-file "/var/named/data/named_mem_stats.txt";
 forwarders{192.168.182.215;};

 /* Path to ISC DLV key */
 bindkeys-file "/etc/named.iscdlv.key";

 managed-keys-directory "/var/named/dynamic";
};

第五步,重启所有服务器的named服务,将客户机的DNS设置为缓存DNS服务器的IP地址,在客户机上测试解析,效果如图:

               双击图片查看大图

以上实验模拟了互联网中DNS解析的全过程,从客户机到DNS缓存服务器,到公共DNS服务器,到根DNS服务器,再到权威DNS服务器,实现了私有DNS根服务器的的搭建。

原文链接:搭建私有DNS根服务器,模拟互联网DNS解析全过程,转载请注明来源!

0