架构师成长之路6.2 DNS配置文件
点击返回架构师成长之路html
架构师成长之路6.2 DNS 配置文件
- /etc/hosts 主机的一个文件列表 ,添加记录如:111.13.100.92 www.baidu.com
对于简单的主机名解析(点分表示法),默认在请求DNS或NIS网络域名服务器前,/etc/named.conf 一般会告诉程序先查看此文件。git
- /etc/resolv.conf 转换程序配置文件
在配置程序请求BIND域名查询服务查询主机名时,必须告诉程序使用哪一个域名服务器和IP地址来完成这个任务数据库
- /etc/named.conf BIND主文件
设置通常的name参数,指向该服务器使用的域数据库的信息源缓存
- /var/named/named.ca 根域名配置服务器指向文件
指向根域名配置服务器,用于告诉缓存服务器初始化服务器
- /var/named/localhost.zone localhost区正向域名解析文件
用于将本地IP地址(127.0.0.1)转换为本地回送IP地址(127.0.0.1)网络
- /var/named/name.local localhost区反向域名解析文件
用于将localhost名字转换为本地回送IP地址(127.0.0.1)session
- /etc/named.rfc1912.zones 区块设置文件
//
// named.conf
//
// Provided by Red Hat bind package to configure the ISC BIND named(8) DNS
// server as a caching only nameserver (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
// See the BIND Administrator's Reference Manual (ARM) for details about the
// configuration located in /usr/share/doc/bind-{version}/Bv9ARM.html
options {
listen-on port 53 { 127.0.0.1; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
recursing-file "/var/named/data/named.recursing";
secroots-file "/var/named/data/named.secroots";
allow-query { localhost; };
/*
- If you are building an AUTHORITATIVE DNS server, do NOT enable recursion.
- If you are building a RECURSIVE (caching) DNS server, you need to enable recursion.
- If your recursive DNS server has a public IP address, you MUST enable access
control to limit queries to your legitimate users. Failing to do so will
cause your server to become part of large scale DNS amplification
attacks. Implementing BCP38 within your network would greatly
reduce such attack surface
*/
recursion yes;
dnssec-enable yes;
dnssec-validation yes;
/* Path to ISC DLV key */
bindkeys-file "/etc/named.iscdlv.key";
managed-keys-directory "/var/named/dynamic";
pid-file "/run/named/named.pid";
session-keyfile "/run/named/session.key";
};
logging {
channel default_debug {
};
zone "." IN {
type hint;
file "named.ca";
};
include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";
; <<>> DiG 9.9.4-RedHat-9.9.4-38.el7_3.2 <<>> +bufsize=1200 +norec @a.root-servers.net ; (2 servers found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 17380 ;; flags: qr aa; QUERY: 1, ANSWER: 13, AUTHORITY: 0, ADDITIONAL: 27 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 1472 ;; QUESTION SECTION: ;. IN NS ;; ANSWER SECTION: . 518400 IN NS a.root-servers.net. . 518400 IN NS b.root-servers.net. . 518400 IN NS c.root-servers.net. . 518400 IN NS d.root-servers.net. . 518400 IN NS e.root-servers.net. . 518400 IN NS f.root-servers.net. . 518400 IN NS g.root-servers.net. . 518400 IN NS h.root-servers.net. . 518400 IN NS i.root-servers.net. . 518400 IN NS j.root-servers.net. . 518400 IN NS k.root-servers.net. . 518400 IN NS l.root-servers.net. ;; ADDITIONAL SECTION: a.root-servers.net. 3600000 IN A 198.41.0.4 a.root-servers.net. 3600000 IN AAAA 2001:503:ba3e::2:30 b.root-servers.net. 3600000 IN A 192.228.79.201 b.root-servers.net. 3600000 IN AAAA 2001:500:84::b c.root-servers.net. 3600000 IN A 192.33.4.12 c.root-servers.net. 3600000 IN AAAA 2001:500:2::c d.root-servers.net. 3600000 IN A 199.7.91.13 d.root-servers.net. 3600000 IN AAAA 2001:500:2d::d e.root-servers.net. 3600000 IN A 192.203.230.10 e.root-servers.net. 3600000 IN AAAA 2001:500:a8::e f.root-servers.net. 3600000 IN A 192.5.5.241 f.root-servers.net. 3600000 IN AAAA 2001:500:2f::f g.root-servers.net. 3600000 IN A 192.112.36.4 g.root-servers.net. 3600000 IN AAAA 2001:500:12::d0d h.root-servers.net. 3600000 IN A 198.97.190.53 h.root-servers.net. 3600000 IN AAAA 2001:500:1::53 i.root-servers.net. 3600000 IN A 192.36.148.17 i.root-servers.net. 3600000 IN AAAA 2001:7fe::53 j.root-servers.net. 3600000 IN A 192.58.128.30 j.root-servers.net. 3600000 IN AAAA 2001:503:c27::2:30 k.root-servers.net. 3600000 IN A 193.0.14.129 k.root-servers.net. 3600000 IN AAAA 2001:7fd::1 l.root-servers.net. 3600000 IN A 199.7.83.42 l.root-servers.net. 3600000 IN AAAA 2001:500:9f::42 m.root-servers.net. 3600000 IN A 202.12.27.33 m.root-servers.net. 3600000 IN AAAA 2001:dc3::35 ;; Query time: 18 msec ;; SERVER: 198.41.0.4#53(198.41.0.4) ;; WHEN: Po kvě 22 10:14:44 CEST 2017 ;; MSG SIZE rcvd: 811
......架构
相关文章
- 1. 架构师成长之路
- 2. ****-软件架构师成长之路-Java
- 3. 软件架构师成长之路
- 4. 如何成为一名架构师,架构师成长之路
- 5. 架构师成长之路之限流
- 6. 前端架构师成长之路
- 7. 系统架构师成长之路(一)
- 8. 架构师成长之路6.1 DNS理论
- 9. WEB架构师成长之路
- 10. Android 架构师成长之路
- 更多相关文章...
- • Maven 构建配置文件 - Maven教程
- • MyBatis配置文件详解 - MyBatis教程
- • IDEA下SpringBoot工程配置文件没有提示
- • IntelliJ IDEA 代码格式化配置和快捷键
相关标签/搜索
每日一句
-
每一个你不满意的现在,都有一个你没有努力的曾经。
最新文章
- 1. 升级Gradle后报错Gradle‘s dependency cache may be corrupt (this sometimes occurs
- 2. Smarter, Not Harder
- 3. mac-2019-react-native 本地环境搭建(xcode-11.1和android studio3.5.2中Genymotion2.12.1 和VirtualBox-5.2.34 )
- 4. 查看文件中关键字前后几行的内容
- 5. XXE萌新进阶全攻略
- 6. Installation failed due to: ‘Connection refused: connect‘安卓studio端口占用
- 7. zabbix5.0通过agent监控winserve12
- 8. IT行业UI前景、潜力如何?
- 9. Mac Swig 3.0.12 安装
- 10. Windows上FreeRDP-WebConnect是一个开源HTML5代理,它提供对使用RDP的任何Windows服务器和工作站的Web访问
欢迎关注本站公众号,获取更多信息
相关文章
- 1. 架构师成长之路
- 2. ****-软件架构师成长之路-Java
- 3. 软件架构师成长之路
- 4. 如何成为一名架构师,架构师成长之路
- 5. 架构师成长之路之限流
- 6. 前端架构师成长之路
- 7. 系统架构师成长之路(一)
- 8. 架构师成长之路6.1 DNS理论
- 9. WEB架构师成长之路
- 10. Android 架构师成长之路