首页 > 代码库 > DNS和BIND(一)
DNS和BIND(一)
环境: ns1是主dns服务器hostname:ns1
ns2是从dns服务器:ns2
www两台主机名叫www的主机
mx1邮件交换服务器
程序包:bind
它的守护进程是 named
服务脚本:/etc/rc.d/init.d/named
主配置文件:/etc/named.conf, /etc/named.rfc1912.zones
区域解析库文件: /var/named/*.zone 【bind的工作目录】
bind安装:
#yum –y install bind
配置文件详解:
/etc/named.conf
options{} : 全局有效,定义named进程的工作特性
logging{}: 定义bind的日志功能
zone{}: 定义本地named守护进程负责解析的区域à此处zone可以有多个
include“/path/to/somefile”: 把另外一个文件中配置的内容读取到该文件中
注释方式:
//: 单行注释;
/* */: 多行注释;
小提示:可以通过man named.conf 获取帮助
/etc/named.conf内容如下:
//
// named.conf
//
// Provided by Red Hat bind package toconfigure the ISC BIND named(8) DNS
// server as a caching only nameserver (asa localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ forexample named configuration files.
//
options {
listen-on port 53 { 172.16.3.1; 127.0.0.1; }; # 表示named监听在本机的哪个网口的哪个端口上,此处需要注意的是如果更改了默认端口53则用service named reload就不行了,只能restart重读配置文件
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { any; };
recursion yes;
dnssec-enable no;
dnssec-validation no;
dnssec-lookaside no;
/* Path to ISC DLV key
bindkeys-file "/etc/named.iscdlv.key";
managed-keys-directory "/var/named/dynamic";*/
};
logging {
channel default_debug {
file"data/named.run";
severity dynamic;
};
};
zone "." IN {
type hint;
file "named.ca";
};
zone "topq.com" IN {
type master;
file "topq.com.zone";
};
include"/etc/named.rfc1912.zones";
include "/etc/named.root.key";
可以尝试源码安装bind,但是这种安装方式没有bind的服务脚本
分析一下这两个文件【源码安装的时候是没有这两个文件的,需要自己创建】:
/var/named/named.localhost 正向解析主机名localhost
/var/named/named.loopback 反向解析127.0.0.1
以上两个文件是在安装bind的时候默认就有的,是为了防止有些主机解析 localhost或者反解析127.0.0.1,这两个名称比较特殊,localhost表示是本机主机名,127.0.0.1表示是本机回环地址,如果有主机解析了,也要正确给解析了
缓存名称服务器:
1、 知道根服务器:named.ca
2、 localhostà127.0.0.1 : named.localhost named.loopback
缓存名称服务器的构建:
注意:在配置之前最好把配置文件都给备份一下,万一配置不成功还有退路[就算没有备份也行,也可以用rpm –replacepkgs 安装一下就行]
#把文件备份到/root/named/文件夹中
# mkdir /root/named
# cp /etc/named.* /root/named/
vim/etc/named.conf,修改如下行:
listen-on-v6port 53 { ::1; }; # 配置监听的地址,能与外部通信的地址,注释或者在{}里面加上需要配置的网卡如: { 172.16.3.1; }【注意要有空格】
allow-query { any; }; # 默认值是localhost,表示只允许本地查询,这肯定不行,需要设置为 any ,允许任何主机可以查询,也可以指定主机可以查询
dnssec-enableno; # 改为no
dnssec-validation no; # 改为no
dnssec-lookaside no; # 改为no
修改好上述文件之后保存退出
#named-checkconf # 检查一下有没有语法错误
#service named restart
测试:在另外一台主机172.16.3.3主机:
#dig –t A localhost @172.16.3.3 #有结果
[root@localhost yum.repos.d]# dig -t Alocalhost @172.16.3.1
; <<>> DiG9.8.2rc1-RedHat-9.8.2-0.30.rc1.el6 <<>> -t A localhost @172.16.3.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY,status: NOERROR, id: 55917
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1,AUTHORITY: 1, ADDITIONAL: 1
;; QUESTION SECTION:
;localhost. IN A
;; ANSWER SECTION:
localhost. 86400 IN A 127.0.0.1
;; AUTHORITY SECTION:
localhost. 86400 IN NS localhost.
;; ADDITIONAL SECTION:
localhost. 86400 IN AAAA ::1
;; Query time: 2 msec
;; SERVER: 172.16.3.1#53(172.16.3.1)
;; WHEN: Wed Dec 10 12:01:47 2014
;; MSG SIZE rcvd: 85
配置DNS服务器成为某区域的主服务器:
xiaodu.com
# vim /etc/named.conf
# 向里面加入如下语句 # 加上一个区域
zone “xiaodu.com” IN { #xiaodu.com 是要设置的域名
typemaster; # master表示主DNS服务器,slave表示是从服务器,后面会提到,forward表示转发DNS服务器
file“xiaodu.com.zone” # 位置是在本文件中的directory "/var/named"; 所表示的/var/named/目录下面创建xiaodu.com.zone文件
}
# 保存之后,检查一下
# named-checkconf /etc/named.conf
# 创建/var/named/xiaodu.com.zone文件
# vim /var/named/xiaodu.com.zone
# 把一下内容加入到xiaodu.com.zone文件中
$TTL 600 # 否定应答的TTL值,此处是全局定义
$ORIGIN xiaodu.com. # 此处是全局定义,后面用@调用,如果主机名后面没有加小数点也会调用
@ IN shuai.xiaodu.com billshuai.163.com. ( #@表示当前区域的名称,shuai.xiaodu.comà表示把xiaodu.com这个域名交给shuai来解析,billshuai.163.comà表示结果发送邮箱
20141210 # 序列号
1H #刷新频率
5M #重试频率
3D #过期时间
3H) #否定时长,
IN NS shuai #shuai是DNS服务器名,后面要有一个小数点,有一列省略了,可以继承上面那一行
IN MX 10 mx1 #邮件交换服务器
shuai IN A 172.16.3.1 # shuai是DNS服务器名,172.16.3.1为服务器IP地址
mx1 IN A 172.16.3.5 # mx1是邮件服务器名,172.16.3.5为其IP地址
www IN A 172.16.3.2 # www是要访问的主机名,172.16.3.2为该主机的IP地址
www IN A 172.16.3.3 # www也是要访问的主机名,172.16.3.3为该主机的IP地址
pop3 IN A 172.16.3.5 # pops是上面邮件服务器的名字,同一个地址可以有两个名
imap4 IN CNAME pop3 #pops的别名imap4
# 此时查看一下xiaodu.com.zone这个文件权限,是644,为了保证文件的安全,要设置成其他的用户没有访问权限
[root@shuai named]# ls -l
total 32
drwxrwx--- 2 named named 4096 Dec 8 12:39 data
drwxrwx--- 2 named named 4096 Dec 8 17:44 dynamic
-rw-r----- 1 root named 2075 Apr 23 2014 named.ca
-rw-r----- 1 root named 152 Dec 15 2009 named.empty
-rw-r----- 1 root named 152 Jun 21 2007 named.localhost
-rw-r----- 1 root named 168 Dec 15 2009 named.loopback
drwxrwx--- 2 named named 4096 Oct 15 21:28slaves
-rw-r--r-- 1 root root 237 Dec 8 17:52 xiaodu.com.zone
[root@shuai named]# chmod 640xiaodu.com.zone
# 可以看到权限授予好了
[root@shuai named]# ls -l xiaodu.com.zone
-rw-r----- 1 root root 237 Dec 8 17:52 xiaodu.com.zone
# 可以看到运行named进程的用户是named用户
[root@shuai named]# ps aux | grep ‘named‘
named 9818 0.0 2.4 161092 13004 ? Ssl 14:43 0:00 /usr/sbin/named -unamed
root 10515 0.0 0.1 103252 832 pts/1 S+ 17:57 0:00 grep named
# 但是xiaodu.com.zone不属于这个用户,也不属于这个组
[root@shuai named]# ls -l xiaodu.com.zone
-rw-r----- 1 root root 237 Dec 8 17:52 xiaodu.com.zone
# 此时可以把xiaodu.com.zone这个文件放在named组里面,然后进程named就有权限访问这个文件了
[root@shuai named]# chown :namedxiaodu.com.zone
[root@shuai named]# ls -l xiaodu.com.zone
-rw-r----- 1 root named 237 Dec 8 17:52 xiaodu.com.zone
# 检查主配置文件语法
[root@shuai named]# named-checkconf
# 检查区域”xiaodu.com”文件/var/named/xiaodu.com.zone有无语法问题
[root@shuai named]# named-checkzone"xiaodu.com" xiaodu.com.zone
xiaodu.com.zone:10: ignoring out-of-zonedata (shuai)
zone xiaodu.com/IN: loaded serial2014121001
OK
# 重读一下配置文件,不要重启服务,重读即可
[root@shuai named]# service named reload
Reloading named: [ OK ]
测试: 下面就该测试了
在172.16.3.3这台主机上测试
[root@localhost yum.repos.d]# dig -t Awww.xiaodu.com @172.16.3.1
; <<>> DiG9.8.2rc1-RedHat-9.8.2-0.30.rc1.el6 <<>> -t A www.xiaodu.com@172.16.3.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY,status: NOERROR, id: 44016
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 2,AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;www.xiaodu.com. IN A
;; ANSWER SECTION:
www.xiaodu.com. 600 IN A 172.16.3.3
www.xiaodu.com. 600 IN A 172.16.3.2
;; AUTHORITY SECTION:
xiaodu.com. 600 IN NS shuai.
;; Query time: 6 msec
;; SERVER: 172.16.3.1#53(172.16.3.1)
;; WHEN: Wed Dec 10 15:22:20 2014
;; MSG SIZE rcvd: 83
# 再查询一边,可以看到ip轮询了,
[root@localhost yum.repos.d]# dig -t A www.xiaodu.com@172.16.3.1
; <<>> DiG9.8.2rc1-RedHat-9.8.2-0.30.rc1.el6 <<>> -t A www.xiaodu.com@172.16.3.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY,status: NOERROR, id: 53027
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 2,AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;www.xiaodu.com. IN A
;; ANSWER SECTION:
www.xiaodu.com. 600 IN A 172.16.3.3
www.xiaodu.com. 600 IN A 172.16.3.2
;; AUTHORITY SECTION:
xiaodu.com. 600 IN NS shuai.
;; Query time: 1 msec
;; SERVER: 172.16.3.1#53(172.16.3.1)
;; WHEN: Wed Dec 10 15:32:11 2014
;; MSG SIZE rcvd: 83
# 查看一下SOA记录的信息
[root@localhost yum.repos.d]# dig -t SOAxiaodu.com @172.16.3.1
; <<>> DiG9.8.2rc1-RedHat-9.8.2-0.30.rc1.el6 <<>> -t SOA xiaodu.com@172.16.3.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY,status: NOERROR, id: 35441
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1,AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;xiaodu.com. IN SOA
;; ANSWER SECTION:
xiaodu.com. 600 IN SOA shuai. shuai.xiaodu.com. 2014121001 3600 300259200 10800
;; AUTHORITY SECTION:
xiaodu.com. 600 IN NS shuai.
;; Query time: 3 msec
;; SERVER: 172.16.3.1#53(172.16.3.1)
;; WHEN: Wed Dec 10 15:28:44 2014
;; MSG SIZE rcvd: 89
# 还可以查看一下MX记录
[root@localhost yum.repos.d]# dig -t MXxiaodu.com @172.16.3.1
; <<>> DiG9.8.2rc1-RedHat-9.8.2-0.30.rc1.el6 <<>> -t MX xiaodu.com@172.16.3.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY,status: NOERROR, id: 29293
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1,AUTHORITY: 1, ADDITIONAL: 1
;; QUESTION SECTION:
;xiaodu.com. IN MX
;; ANSWER SECTION:
xiaodu.com. 600 IN MX 10 mx1.xiaodu.com.
;; AUTHORITY SECTION:
xiaodu.com. 600 IN NS shuai.
;; ADDITIONAL SECTION:
mx1.xiaodu.com. 600 IN A 172.16.3.5
;; Query time: 1 msec
;; SERVER: 172.16.3.1#53(172.16.3.1)
;; WHEN: Wed Dec 10 15:34:22 2014
;; MSG SIZE rcvd: 83
# 也可以查看所有的记录信息
[root@localhost yum.repos.d]# dig -t axfrxiaodu.com @172.16.3.1
; <<>> DiG9.8.2rc1-RedHat-9.8.2-0.30.rc1.el6 <<>> -t axfr xiaodu.com@172.16.3.1
;; global options: +cmd
xiaodu.com. 600 IN SOA shuai. shuai.xiaodu.com. 2014121001 3600 300259200 10800
xiaodu.com. 600 IN NS shuai.
xiaodu.com. 600 IN MX 10 mx1.xiaodu.com.
imap4.xiaodu.com. 600 IN CNAME pop3.xiaodu.com.
mx1.xiaodu.com. 600 IN A 172.16.3.5
pop3.xiaodu.com. 600 IN A 172.16.3.5
www.xiaodu.com. 600 IN A 172.16.3.2
www.xiaodu.com. 600 IN A 172.16.3.3
xiaodu.com. 600 IN SOA shuai. shuai.xiaodu.com. 2014121001 3600 300259200 10800
;; Query time: 60 msec
;; SERVER: 172.16.3.1#53(172.16.3.1)
;; WHEN: Wed Dec 10 15:37:11 2014
;; XFR size: 9 records (messages 1, bytes238)
主DNS服务器中反向解析:
# vim /etc/named.conf
# 比如要对172.16.3.*进行反向解析,则向里面添加如下语句
zone “3.16.172.in-addr.arpa.” IN {
typemaster;
file“slaves/3.16.172.in-addr.arpa.zone”;
};
# 然后创建3.16.172.in-addr.arpa.zone文件
# vim/var/named/slaves/3.16.172.in-addr.arpa.zone
# 向里面添加如下语句
$TTL 600
$ORIGIN 3.16.172.in-addr.arpa.
@ IN SOA shuai.xiaodu.com billshuai@163.com (
1H
5M
5D
1D)
IN NS shuai.xiaodu.com
1 IN PTR shuai.xiaodu.com
2 IN PTR www.baidu.com
5 IN PTR www.qq.com
8 IN PTR www.hao.com
# 保存退出即可然后重读一下配置文件
# service named reload
检测:
在172.16.3.3主机上检测:
[root@stu33 slaves]# dig -t PTR -x172.16.3.3 @172.16.3.1
; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.30.rc1.el6<<>> -t PTR -x 172.16.3.3 @172.16.3.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY,status: NOERROR, id: 5094
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1,AUTHORITY: 1, ADDITIONAL: 1
;; QUESTION SECTION:
;3.3.16.172.in-addr.arpa. IN PTR
;; ANSWER SECTION:
3.3.16.172.in-addr.arpa. 600 IN PTR www.qq.com.
;; AUTHORITY SECTION:
3.16.172.in-addr.arpa. 600 IN NS shuai.xiaodu.com.
;; ADDITIONAL SECTION:
shuai.xiaodu.com. 600 IN A 172.16.3.1
;; Query time: 1 msec
;; SERVER: 172.16.3.1#53(172.16.3.1)
;; WHEN: Wed Dec 10 20:25:50 2014
;; MSG SIZE rcvd: 108
[root@stu33 slaves]# dig -t PTR -x172.16.3.2 @172.16.3.1
; <<>> DiG9.8.2rc1-RedHat-9.8.2-0.30.rc1.el6 <<>> -t PTR -x 172.16.3.2@172.16.3.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY,status: NOERROR, id: 26858
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1,AUTHORITY: 1, ADDITIONAL: 1
;; QUESTION SECTION:
;2.3.16.172.in-addr.arpa. IN PTR
;; ANSWER SECTION:
2.3.16.172.in-addr.arpa. 600 IN PTR www.baidu.com.
;; AUTHORITY SECTION:
3.16.172.in-addr.arpa. 600 IN NS shuai.xiaodu.com.
;; ADDITIONAL SECTION:
shuai.xiaodu.com. 600 IN A 172.16.3.1
;; Query time: 1 msec
;; SERVER: 172.16.3.1#53(172.16.3.1)
;; WHEN: Wed Dec 10 20:26:00 2014
;; MSG SIZE rcvd: 111
配置某DNS服务器为从服务器
在另外一台主机 172.16.3.2 主机名:stu33 为172.16.3.1添加从服务器
# vim /etc/named.conf
# 向里面加入如下语句(一个域):
zone “xiaodu.com” IN {
typeslave;
file“slaves/xiaodu.com.zone”;
masters{ 172.16.3.1; };
};
# 重读一下配置文件
# service named reload
# 可以看到已经产生了区域文件
# ls /var/named/slaves/
xiaodu.com.zone
# 看一下里面的内容
# cat /var/named/slaves/
[root@stu33 slaves]# cat/var/named/slaves/xiaodu.com.zone
$ORIGIN .
$TTL 600 ;10 minutes
xiaodu.com INSOA shuai.xiaodu.com.xiaodu.com.shuai.xiaodu.com. (
2014121010; serial
3600 ; refresh (1 hour)
300 ; retry (5 minutes)
259200 ; expire (3 days)
10800 ; minimum (3 hours)
)
NS shuai.xiaodu.com.
NS stu33.xiaodu.com.
MX 10 mx1.xiaodu.com.
$ORIGIN xiaodu.com.
imap4 CNAME pop3
mx1 A 172.16.3.5
pop3 A 172.16.3.5
shuai A 172.16.3.1
stu33 A 172.16.3.2
test A 172.16.3.14
wjs A 172.16.3.12
www A 172.16.3.2
A 172.16.3.3
当主DNS服务器中的域更新的时候把更新推送到从DNS服务器区域配置文件:
在172.16.3.1上:
# vim /var/named/xiaodu.com
# 添加一行 test IN A 172.16.3.13
# 必须要更改序列号 20141010-à20141011
# 保存
# 重读bind配置文件
# service named reload
# 查看系统日志,看推送情况
[root@shuai named]# tail /var/log/messages
Dec 10 21:27:54 localhost named[9818]:reloading zones succeeded
Dec 10 21:27:54 localhost named[9818]: zone3.16.172.in-addr.arpa/IN: zone serial (2014121005) unchanged. zone may fail totransfer to slaves.
Dec 10 21:27:54 localhost named[9818]: zone3.16.172.in-addr.arpa/IN: loaded serial 2014121005
Dec 10 21:27:54 localhost named[9818]: zone3.16.172.in-addr.arpa/IN: sending notifies (serial 2014121005)
Dec 10 21:27:54 localhost named[9818]: zonexiaodu.com/IN: loaded serial 2014121011
Dec 10 21:27:54 localhost named[9818]: zonexiaodu.com/IN: sending notifies (serial 2014121011)
Dec 10 21:27:55 localhost named[9818]:client 172.16.3.2#34984: transfer of ‘xiaodu.com/IN‘: AXFR-style IXFR started
Dec 10 21:27:55 localhost named[9818]:client 172.16.3.2#34984: transfer of ‘xiaodu.com/IN‘: AXFR-style IXFR ended
Dec 10 21:27:55 localhost named[9818]:client 172.16.3.2#30071: received notify for zone ‘xiaodu.com‘
# 也可以去从服务器172.16.3.2去查看:
# cat /var/named/slaves/xiaodu.com
[root@stu33 slaves]# cat/var/named/slaves/xiaodu.com.zone
$ORIGIN .
$TTL 600 ;10 minutes
xiaodu.com INSOA shuai.xiaodu.com.xiaodu.com.shuai.xiaodu.com. (
2014121011; serial
3600 ; refresh (1 hour)
300 ; retry (5 minutes)
259200 ; expire (3 days)
10800 ; minimum (3 hours)
)
NS shuai.xiaodu.com.
NS stu33.xiaodu.com.
MX 10 mx1.xiaodu.com.
$ORIGIN xiaodu.com.
est A 172.16.3.14
imap4 CNAME pop3
mx1 A 172.16.3.5
pop3 A 172.16.3.5
shuai A 172.16.3.1
stu33 A 172.16.3.2
wjs A 172.16.3.12
www A 172.16.3.2
A 172.16.3.3
从服务器中反向解析:
在172.16.3.2主机上:
# vim /etc/named.conf
# 向/etc/named.conf中加入如下内容:
zone “3.16.172.in-addr.arpa” IN {
typeslave;
file“slaves/3.16.172.in-addr.arpa.zone”;
masters{ 172.16.3.1; };
};
# 保存
# 检查一下语法
[root@stu33 slaves]# named-checkzone"3.16.172.in-addr.arpa" /var/named/slaves/3.16.172.in-addr.arpa.zone
zone 3.16.172.in-addr.arpa/IN: loadedserial 2014121005
OK
# 可以看出没有语法错误
# 让bind重读配置文件
# service named reload
# 可以查看一下里面的内容
[root@stu33 slaves]# cat/var/named/slaves/3.16.172.in-addr.arpa.zone
$ORIGIN .
$TTL 600 ;10 minutes
3.16.172.in-addr.arpa IN SOA shuai.xiaodu.com.billshuai.163.com. (
2014121005; serial
3600 ; refresh (1 hour)
300 ; retry (5 minutes)
259200 ; expire (3 days)
172800 ; minimum (2 days)
)
NS shuai.xiaodu.com.
NS stu33.xiaodu.com.
$ORIGIN 3.16.172.in-addr.arpa.
1 PTR shuai.xiaodu.com.
2 PTR stu33.xiaodu.com.
PTR www.baidu.com.
3 PTR www.qq.com.
6 PTR www.hao.com
7 PTR www.123.com
8 PTR www.77.com
[root@stu33 slaves]#
检查:
# 可以看到不能解析?咋回事??
[root@localhost ~]# dig -t PTR -x172.16.3.7 @172.16.3.2
; <<>> DiG9.8.2rc1-RedHat-9.8.2-0.30.rc1.el6 <<>> -t PTR -x 172.16.3.7@172.16.3.2
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY,status: REFUSED, id: 52734
;; flags: qr rd; QUERY: 1, ANSWER: 0,AUTHORITY: 0, ADDITIONAL: 0
;; WARNING: recursion requested but notavailable
;; QUESTION SECTION:
;7.3.16.172.in-addr.arpa. IN PTR
;; Query time: 1 msec
;; SERVER: 172.16.3.2#53(172.16.3.2)
;; WHEN: Wed Dec 10 21:40:29 2014
;; MSG SIZE rcvd: 41
# 查看一下bind配置文件/etc/named.conf
# 可以看到
allow-query { any; }; 这一行原来是local把它改为any就行了,这样就允许任何主机对它进行解析查询了;
命令:
named-checkconf:检查bind主配置文件是否语法错误【好处是不用重启bind程序就能检查到主配置文件有语法错误】
eg:
我这里vim /etc/named.conf,故意把产生一个错误,
然后执行 # named-checkconf
[root@shuai named]# named-checkconf
/etc/named.conf:30: missing ‘;‘ before‘logging‘
dig: 查询域名的记录内容或者迭代过程等。
dig–t type name
# 从本机上记录的默认的DNS服务器上去查找www.qq.com对应的A记录
[root@localhost yum.repos.d]# dig -t Awww.qq.com
; <<>> DiG9.8.2rc1-RedHat-9.8.2-0.30.rc1.el6 <<>> -t A www.qq.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY,status: NOERROR, id: 19649
;; flags: qr rd ra; QUERY: 1, ANSWER: 1,AUTHORITY: 2, ADDITIONAL: 5
;; QUESTION SECTION:
;www.qq.com. IN A
;; ANSWER SECTION:
www.qq.com. 123 IN A 61.135.157.156
;; AUTHORITY SECTION:
www.qq.com. 60368 IN NS ns-cnc2.qq.com.
www.qq.com. 60368 IN NS ns-cnc1.qq.com.
;; ADDITIONAL SECTION:
ns-cnc1.qq.com. 66609 IN A 61.135.167.182
ns-cnc1.qq.com. 66609 IN A 125.39.127.27
ns-cnc1.qq.com. 66609 IN A 175.155.119.229
ns-cnc2.qq.com. 2018 IN A 124.89.103.51
ns-cnc2.qq.com. 2018 IN A 125.39.207.20
;; Query time: 1 msec
;; SERVER: 172.16.0.1#53(172.16.0.1)
;; WHEN: Wed Dec 10 15:55:09 2014
;; MSG SIZE rcvd: 168
dig–t type name @SERVER
#从指定主机172.16.3.4上面查找www.qq.com 对应的A记录
#dig –t A www.qq.com @172.16.3.4
dig–t type name @SERVER +trace 查询name时的名称迭代过程
#从默认DNS上面去查找www.qq.com对应的A记录,并返回迭代过程
# dig –t A www.qq.com+trace #
dit–t type name +RE
host: 查询域名对应的记录内容
eg:
# 查询在172.16.3.1上www.xiaodu.com 对应的记录内容
[root@localhost yum.repos.d]# host -t Awww.xiaodu.com 172.16.3.1
Using domain server:
Name: 172.16.3.1
Address: 172.16.3.1#53
Aliases:
www.xiaodu.com has address 172.16.3.3
www.xiaodu.com has address 172.16.3.2
nslookup: 查询域名对应的记录内容
# 下面是交互式,# 是注释
[root@shuai named]# nslookup
> server 172.16.3.1 # server是关键字,用来设定从172.16.3.1查询记录内容
Default server: 172.16.3.1
Address: 172.16.3.1#53
> set q=A # 设置查询A的记录内容
> www.xiaodu.com # 域名
Server: 172.16.3.1
Address: 172.16.3.1#53
Name: www.xiaodu.com
Address: 172.16.3.2
Name: www.xiaodu.com
Address: 172.16.3.3本文出自 “那你魔鬼” 博客,请务必保留此出处http://599184429.blog.51cto.com/5147223/1588919
DNS和BIND(一)
声明:以上内容来自用户投稿及互联网公开渠道收集整理发布,本网站不拥有所有权,未作人工编辑处理,也不承担相关法律责任,若内容有误或涉及侵权可进行投诉: 投诉/举报 工作人员会在5个工作日内联系你,一经查实,本站将立刻删除涉嫌侵权内容。