DNS domain name system is a service of Internet. As a distributed database which maps domain name and IP address, it can make people access the Internet more easily. DNS uses TCP and UDP port 53
DNS server master-slave replication, subdomain authorization
Main server: 10.120.123.13
Slave server: 10.120.123.250
Sub server: 10.120.123.251
Master configuration file of slave server / etc/named.conf
options {
listen-on port 53 { 10.120.123.250; }; //Define listening port and listening ip
//Listen-on-v6 port 53 {:: 1;}; / / disable IPv6 query
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
recursing-file "/var/named/data/named.recursing";
secroots-file "/var/named/data/named.secroots";
allow-query { any; };
recursion yes; //Allow recursion
dnssec-enable no; //Turn off DNS Security related
dnssec-validation no; //Turn off DNS Security related
bindkeys-file "/etc/named.iscdlv.key";
managed-keys-directory "/var/named/dynamic";
pid-file "/run/named/named.pid";
session-keyfile "/run/named/session.key";
};
logging { //Log related configuration
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
zone "." IN { //Define root area
type hint;
file "named.ca";
};
include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";Resolve the library file from the server definition area / etc/named.rfc1912.zones
zone "test.com" IN {
type slave; //Define service type slave
file "slaves/test.com.zone";
masters { 10.120.123.13; }; //Define primary server address
masterfile-format text; //Define the format to solve the server area file disorder
};
zone "123.120.10.in-addr.arpa" IN {
type slave; //Define service type slave
file "slaves/10.120.123.zone";
masters { 10.120.123.13; }; //Define primary server address
masterfile-format text; //Define the format to solve the server area file disorder
};Main server region resolution library file (/ var/named/test.com.zone): add NS record
$TTL 3600
$ORIGIN test.com.
@ IN SOA ns1.test.com. dnsadmin.test.com. (
2019010818
1H
10M
3D
1D )
IN NS ns1
IN NS ns2 //from server
IN MX 10 mx1
IN MX 20 mx2
ns1 IN A 10.120.123.13
ns2 IN A 10.120.123.250 //from server
mx1 IN A 10.120.123.252
mx2 IN A 10.120.123.253
www IN A 10.120.123.254
web IN CNAME www
ops IN NS ns1.ops //Subdomain authorization
ns1.ops IN A 10.120.123.251
$TTL 3600
$ORIGIN 123.120.10.in-addr.arpa.
@ IN SOA ns1.test.com. nsadmin.test.com. (
2019010802
1H
10M
3D
12H )
IN NS ns1.test.com.
IN NS ns2.test.com. //from server
13 IN PTR ns1.test.com.
250 IN PTR ns2.test.com. //from server
252 IN PTR mx1.test.com.
253 IN PTR mx2.test.com.
254 IN PTR www.test.com.Sub domain region resolution library file (/ var/named/ops.test.com.zone)
$TTL 3600
$ORIGIN ops.test.com.
@ IN SOA ns1.ops.test.com. nsadmin.ops.test.com. (
2019022401
1H
10M
1D
2H )
IN NS ns1
ns1 IN A 10.120.123.251
www IN A 10.120.123.251Master server reloads master configuration
rndc reload
Start service from server
systemctl restart named.service
Test from server
Full zone transfer dig -t axfr test.com @10.120.123.13 Forward analysis dig -t A www.test.com @10.120.123.250 Backward analysis dig -x 10.120.123.13 @10.120.123.250
Subdomain testing
dig www.ops.test.com @10.120.123.13 //main dig www.ops.test.com @10.120.123.250 //from dig www.ops.test.com @10.120.123.251 //son