名詞與用途
A:用來解析IP位址,將HostName對應到某個IP。
CNAME:將HostName對應某個網域。
MX:郵件伺服交換記錄,對應郵件伺服器使用。
TXT:文件記錄,這幾乎用不到,特殊用途。
SRV:資源記錄,一樣用不到,特殊用途。
AAAA:等同A記錄,只不過A是IPv4,而AAAA是IPv6。
NS:Name Server,指定你的DNS要交由哪個NS進行解析。
設定DNS主機
/etc/mend.conf ----------------------------------------------
acl dns-alliow {
8.8.8.8/32;
168.95.1.1/32;
168.95.192.1/32;
139.175.55.244/32;
};
acl good-guys {
192.168.100.0/24;
172.20.1.0/24;
210.244.49.128/25;
};
acl forwarding-dns {
168.95.1.1/32;
168.95.192.1/32;
139.175.55.244/32;
};
//
// named.conf
//
// Provided by Red Hat bind package to configure the ISC BIND named(8) DNS
// server as a caching only nameserver (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
options {
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
//當別人查詢您的BIND版本時顯示的內容
version "None of your business";
//no:僅僅回答自己管理的zone解析以及根主機資訊
//yes:不僅回答自己管理的zone解析,還幫忙向其他Server詢問
recursion yes;
//同意誰用你的 DNS 去探查別人的 DNS 主機
allow-recursion {
good-guys;
dns-alliow;
};
dnssec-enable yes;
dnssec-validation yes;
dnssec-lookaside auto;
/* Path to ISC DLV key */
bindkeys-file "/etc/named.iscdlv.key";
managed-keys-directory "/var/named/dynamic";
//所有對外的 DNS 查詢都會先送到你所指定的代詢伺服器
forwarders {
168.95.1.1;
168.95.192.1;
139.175.55.244;
};
//只回應列表 IP 的查詢要求 (ex. 可以用 nslookup 將 server 指向我來進行查尋動作)
allow-query {
any;
};
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
zone "." IN {
type hint;
file "named.ca";
};
include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";
key rndc-key {
algorithm hmac-md5;
secret "ZfZjLWzYVneEWbNOBU7kiQ==";
};
controls {
inet 127.0.0.1 port 953 allow { 127.0.0.1; } keys { rndc-key; };
};
zone "techlife.com.tw" {
type master;
file "/var/named/techlife.com.tw.hosts";
};
zone "universe.com.tw" {
type master;
file "/var/named/universe.com.tw.hosts";
};
zone "nicehouse.com.tw" {
type master;
file "/var/named/nicehouse.com.tw.hosts";
};
設定Zone
網域 1
網域 1
/var/named/techlife.com.tw ----------------------------------------------
$ttl 38400
techlife.com.tw. IN SOA techlife.com.tw. leon_chen.techlife.com.tw. (
1415250978
10800
3600
604800
38400 )
techlife.com.tw. IN NS dns2.techlife.com.tw.
dns2.techlife.com.tw. IN A 210.244.49.171
techlife.com.tw. IN MX 5 techlife.com.tw.
techlife.com.tw. IN A 210.244.49.170
adv.techlife.com.tw. IN MX 5 adv.techlife.com.tw.
adv.techlife.com.tw. IN A 210.244.49.170
www.techlife.com.tw. IN A 210.244.49.247
網域 2
$ttl 38400
@ IN SOA dns2.universe.com.tw. leon_chen.universe.com.tw. (
1417573023
10800
3600
604800
38400 )
universe.com.tw. IN NS dns2.universe.com.tw.
dns2.universe.com.tw. IN A 210.244.49.171
universe.com.tw. IN MX 5 universe.com.tw.
universe.com.tw. IN A 210.244.49.170
www.universe.com.tw. IN A 210.244.49.224
pop3.universe.com.tw. IN A 210.244.49.170
smtp.universe.com.tw. IN A 210.244.49.170
網域 3
$ttl 38400
nicehouse.com.tw. IN SOA dns2.universe.com.tw. leon_chen.universe.com.tw (
1426211552
10800
3600
604800
38400 )
nicehouse.com.tw. IN NS dns2.nicehouse.com.tw.
dns2.nicehouse.com.tw. IN A 210.244.49.171
www.nicehouse.com.tw. IN A 210.244.49.197
檢查DNS設定
Windows or Linux 下執行
nslookup
用哪一台DNS查
server 172.20.1.170
查詢MX紀錄
set type=mx
universe.com.tw
查詢A紀錄
set q=a
www.universe.com.tw
server 172.20.1.170
查詢MX紀錄
set type=mx
universe.com.tw
查詢A紀錄
set q=a
www.universe.com.tw
