ImageVerifierCode 换一换
格式:DOCX , 页数:14 ,大小:19.95KB ,
资源ID:23622631      下载积分:3 金币
快捷下载
登录下载
邮箱/手机:
温馨提示:
快捷下载时,用户名和密码都是您填写的邮箱或者手机号,方便查询和重复下载(系统自动生成)。 如填写123,账号就是123,密码也是123。
特别说明:
请自助下载,系统不会自动发送文件的哦; 如果您已付费,想二次下载,请登录后访问:我的下载记录
支付方式: 支付宝    微信支付   
验证码:   换一换

加入VIP,免费下载
 

温馨提示:由于个人手机设置不同,如果发现不能下载,请复制以下地址【https://www.bdocx.com/down/23622631.html】到电脑端继续下载(重复下载不扣费)。

已注册用户请登录:
账号:
密码:
验证码:   换一换
  忘记密码?
三方登录: 微信登录   QQ登录  

下载须知

1: 本站所有资源如无特殊说明,都需要本地电脑安装OFFICE2007和PDF阅读器。
2: 试题试卷类文档,如果标题没有明确说明有答案则都视为没有答案,请知晓。
3: 文件的所有权益归上传用户所有。
4. 未经权益所有人同意不得将文件中的内容挪作商业或盈利用途。
5. 本站仅提供交流平台,并不能对任何下载内容负责。
6. 下载文件中如有侵权或不适当内容,请与我们联系,我们立即纠正。
7. 本站不保证下载资源的准确性、安全性和完整性, 同时也不承担用户因使用这些下载资源对自己和他人造成任何形式的伤害或损失。

版权提示 | 免责声明

本文(centos7安装dnsserver傻瓜操作指南.docx)为本站会员(b****7)主动上传,冰豆网仅提供信息存储空间,仅对用户上传内容的表现方式做保护处理,对上载内容本身不做任何修改或编辑。 若此文所含内容侵犯了您的版权或隐私,请立即通知冰豆网(发送邮件至service@bdocx.com或直接QQ联系客服),我们立即给予删除!

centos7安装dnsserver傻瓜操作指南.docx

1、centos7安装dnsserver傻瓜操作指南第一步:安装bind-chrootrootlocalhost named# yum install y bind bind-chroot bind-utils 效果如下rootlocalhost # yum install y bind bind-chroot bind-utilsLoaded plugins: fastestmirror, langpacksRepodata is over 2 weeks old. Install yum-cron? Or run: yum makecache fastbase | kB 00:00:00 ex

2、tras | kB 00:00:00 updates | kB 00:00:00 (1/2): extras/7/x86_64/primary_db | 117 kB 00:00:00 (2/2): updates/7/x86_64/primary_db | MB 00:00:01 Determining fastest mirrors * base: * extras: * updates: Dependencies- Running transaction check- Package 32: will be installed- Processing Dependency: bind-l

3、ibs = 32: for package: 32: Package 32: will be installed- Package 32: will be updated- Package 32: will be an update- Running transaction check- Package 32: will be updated- Package 32: will be an update- Processing Dependency: bind-license = 32: for package: 32: Running transaction check- Package 3

4、2: will be updated- Processing Dependency: bind-license = 32: for package: 32: Package 32: will be an update- Running transaction check- Package 32: will be updated- Package 32: will be an update- Finished Dependency ResolutionDependencies Resolved= Package Arch Version Repository Size=Installing: b

5、ind x86_64 32: updates M bind-chroot x86_64 32: updates 82 kUpdating: bind-utils x86_64 32: updates 199 kUpdating for dependencies: bind-libs x86_64 32: updates M bind-libs-lite x86_64 32: updates 713 k bind-license noarch 32: updates 80 kTransaction Summary=Install 2 PackagesUpgrade 1 Package (+3 D

6、ependent packages)Total download size: MIs this ok y/d/N: yDownloading packages:updates/7/x86_64/prestodelta | 297 kB 00:00:05 Delta RPMs reduced M of updates to 307 k (82% saved)(1/6): | 139 kB 00:00:00 (2/6): | 168 kB 00:00:00 warning: /var/cache/yum/x86_64/7/updates/packages/ Header V3 RSA/SHA256

7、 Signature, key ID f4a80eb5: NOKEYPublic key for is not installed(3/6): | 82 kB 00:00:00 (4/6): | 80 kB 00:00:00 (5/6): | 199 kB 00:00:00 (6/6): | MB 00:00:00 Finishing delta rebuilds of 2 package(s) M)-Total MB/s | MB 00:00:01 Retrieving key from GPG key 0xF4A80EB5: Userid : CentOS-7 Key (CentOS 7

8、Official Signing Key) Fingerprint: 6341 ab27 53d7 8a78 a7c2 7bb1 24c6 a8a7 f4a8 0eb5 Package : (anaconda) From : /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7Is this ok y/N: yRunning transaction checkRunning transaction testTransaction test succeededRunning transaction Updating : 32: 1/10 Updating : 32: 2/1

9、0 Installing : 32: 3/10 Installing : 32: 4/10 Updating : 32: 5/10 Updating : 32: 6/10 Cleanup : 32: 7/10 Cleanup : 32: 8/10 Cleanup : 32: 9/10 Cleanup : 32: 10/10 Verifying : 32: 1/10 Verifying : 32: 2/10 Verifying : 32: 3/10 Verifying : 32: 4/10 Verifying : 32: 5/10 Verifying : 32: 6/10 Verifying :

10、 32: 7/10 Verifying : 32: 8/10 Verifying : 32: 9/10 Verifying : 32: 10/10 Installed: 32: 32: Updated: 32: Dependency Updated: 32: 32: 32: Complete!第二步:修改 文件 配置文件是 /etc/ 文件。【不是 /var/named/chroot/var/named/ 文件。】 - If you are building a RECURSIVE (caching) DNS server, you need to enable recursion. - If

11、 your recursive DNS server has a public IP address, you MUST enable access control to limit queries to your legitimate users. Failing to do so will cause your server to become part of large scale DNS amplification attacks. Implementing BCP38 within your network would greatly reduce such attack surfa

12、ce */recursion yes;dnssec-enable yes;dnssec-validation yes;dnssec-lookaside auto;/* Path to ISC DLV key */bindkeys-file /etc/;managed-keys-directory /var/named/dynamic;pid-file /run/named/;session-keyfile /run/named/;logging channel default_debug file data/; severity dynamic; ;zone . IN type hint;fi

13、le ;zone INtype master;file ;zone IN type master;file ; 这部分为我实验的时候增加的内容。 需要注意的是这里涉及了 两个文件: 这两个文件位于: /var/named 目录下。include /etc/;include /etc/;第三步:增加 Zone 文件,并对zone 文件授权。实验域名: 网络地址 : /24 在/var/named目录下, 有两个文件可供模版进行修改:和rootlocalhost named# lltotal 16drwxr-x-. 7 root named 56 Nov 15 15:36 chrootdrwxrw

14、x-. 2 named named 6 Sep 3 18:35 datadrwxrwx-. 2 named named 6 Sep 3 18:35 dynamic-rw-r-. 1 root named 2076 Jan 28 2021 -rw-r-. 1 root named 152 Dec 15 2021 -rw-r-. 1 root named 152 Jun 21 2021 -rw-r-. 1 root named 168 Dec 15 2021 drwxrwx-. 2 named named 6 Sep 3 18:35 slavesrootlocalhost named# rootl

15、ocalhost named# cp named# cp 【其实,文件可以随意,没有明确的强制要求】$TTL 1DIN SOA . ( 0; serial 1D; refresh 1H; retry 1W; expire 3H ); minimumNSAAAAA:1oa IN A fs IN A 1DIN SOA . ( 0; serial 1D; refresh 1H; retry 1W; expire 3H ); minimumNSAAAAA:1PTRlocalhost.5 IN PTR IN PTR 关于两个文件的拥有者的修改,在实验的时候,忘了对这两文件的拥有者的修改,一度让我陷入崩溃

16、,系统一直提示找不到该文件。若是是在图形界面下,操作很简单。 命令行的方式 也很容易:chown named:named zone_filerootlocalhost named# chown named:named *rootlocalhost named# ls .* named# ll -all total 32drwxr-x-. 6 root named 4096 Nov 15 16:33 .drwxr-xr-x. 23 root root 4096 Nov 15 15:36 .-rw-r-. 1 named named 220 Nov 15 16:33 1 named named 1

17、94 Nov 15 16:33 7 root named 56 Nov 15 15:36 chrootdrwxrwx-. 2 named named 6 Sep 3 18:35 datadrwxrwx-. 2 named named 6 Sep 3 18:35 dynamic-rw-r-. 1 root named 2076 Jan 28 2013 -rw-r-. 1 root named 152 Dec 15 2009 -rw-r-. 1 root named 152 Jun 21 2007 -rw-r-. 1 root named 168 Dec 15 2009 drwxrwx-. 2 n

18、amed named 6 Sep 3 18:35 slavesChown 使用帮助chmod -cfhvR -help -version user:group file.参数描述user 新的档案拥有者的使用者 IDgroup 新的档案拥有者的使用者群体(group)-c 若该档案拥有者确实已经更改,才显示其更改动作-f 若该档案拥有者无法被更改也不要显示错误讯息-h 只对于连结(link)进行变更,而非该 link 真正指向的档案-v 显示拥有者变更的详细资料-R 对目前目录下的所有档案与子目录进行相同的拥有者变更(即以递回的方式逐个变更)例子.53Nov 15 16:39:57 named

19、31691: error (network unreachable) resolving p.53Nov 15 16:39:57 named31691: error (network unreachable) resolving n.53Nov 15 16:39:57 named31691: error (network unreachable) resolving n.53Nov 15 16:39:57 named31691: error (network unreachable) resolving n.53Nov 15 16:39:57 named31691: error (networ

20、k unreachable) resolving p.53Nov 15 16:39:57 named31691: error (network unreachable) resolving p.53Nov 15 16:39:57 named31691: error (network unreachable) resolving p.53Nov 15 16:39:57 named31691: error (network unreachable) resolving p.53Nov 15 16:39:57 named31691: error (network unreachable) resol

21、ving p.53Hint: Some lines were ellipsized, use -l to show in full.rootlocalhost named# 停止: #systemctl stop named重启: #systemctl restart named简单诊断方式:1 #systemctl statu namednamed如果无法启动,就会有提示启动失败,这个命令可以查询失败的原因。rootlocalhost # systemctl status named - Berkeley Internet Name Domain (DNS) Loaded: loaded (

22、/usr/lib/systemd/system/; enabled) Active: active (running) since Sun 2015-11-15 14:10:07 CST; 2h 4min ago Process: 14597 ExecReload=/bin/sh -c /usr/sbin/rndc reload /dev/null 2&1 | /bin/kill -HUP $MAINPID (code=exited, status=0/SUCCESS) Process: 1828 ExecStart=/usr/sbin/named -u named $OPTIONS (cod

23、e=exited, status=0/SUCCESS) Process: 1374 ExecStartPre=/usr/sbin/named-checkconf -z /etc/ (code=exited, status=0/SUCCESS) Main PID: 1844 (named) CGroup: / 1844 /usr/sbin/named -u namedNov 15 16:10:07 named1844: error (network unreachable.Nov 15 16:10:07 named1844: error (network unreachable.Nov 15 1

24、6:10:07 named1844: error (network unreachable.Nov 15 16:10:07 named1844: error (network unreachable.Nov 15 16:10:07 named1844: error (network unreachable.Nov 15 16:10:07 named1844: error (network unreachable.Nov 15 16:10:08 named1844: error (network unreachable.Nov 15 16:10:08 named1844: error (netw

25、ork unreachable.Nov 15 16:10:09 named1844: error (network unreachable.Nov 15 16:10:09 named1844: error (network unreachable.Hint: Some lines were ellipsized, use -l to show in full.2 #netstat -atulpn 查询端口是否开发,DNS 的端口是53.rootlocalhost # netstat -atulpnActive Internet connections (servers and establis

26、hed)Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 :53 :* LISTEN 1844/named tcp 0 0 :53 :* LISTEN 1844/named tcp 0 0 :22 :* LISTEN 1369/sshd tcp 0 0 :631 :* LISTEN 13631/cupsd tcp 0 0 :25 :* LISTEN 2461/master tcp 0 0 :953 :* LISTEN 1844/named tcp6 0 0 :53 :* LISTEN

27、 1844/named tcp6 0 0 :22 :* LISTEN 1369/sshd tcp6 0 0 :1:631 :* LISTEN 13631/cupsd tcp6 0 0 :1:25 :* LISTEN 2461/master tcp6 0 0 :1:953 :* LISTEN 1844/named udp 0 0 :53 :* 1844/named udp 0 0 :53 :* 1844/named udp 0 0 :68 :* 14556/dhclient udp 0 0 :123 :* 764/chronyd udp 0 0 :55425 :* 14556/dhclient udp 0 0 :5353 :* 760/avahi-daemon: r udp 0 0 :323 :* 764/chronyd udp 0 0 :41330 :* 760/avahi-daemon: r udp6 0 0 :53 :* 1844/named udp6 0 0 :123 :* 764/chronyd udp6 0 0 :1:323 :* 764/chronyd udp6 0 0 :62031 :* 14556/dhclient第五步:测试(linux上用dig测试;windows客户端nslookup 测试)

copyright@ 2008-2022 冰豆网网站版权所有

经营许可证编号:鄂ICP备2022015515号-1