一、基础介绍：

正向解析：通过域名查找IP；
反向解析：通过IP查找域名；

一、相关配置文件详解

程序包：yum list all bind*

bind ：服务器
 bind-libs ：相关库
 bind-utils: 客户端

配置文件：

bind-chroot: /var/named/chroot/
 服务启动脚本：/etc/init.d/named
 配置文件：/etc/named.conf /etc/named.rfc1912.zones
主配置文件
 全局配置：options{}；
 日志子系统配置：logging{}；
 区域定义：本机能够为哪些zone进行解析，就要定义哪些zone
 zon"ZONE_NAME"IN {};

二、正向解析haohao.com

1.安装BIND

[root@CentOS7 ~]#yum install bind
[root@CentOS7 ~]#systemctl start named  #启动服务
[root@CentOS7 ~]#systemctl enable named  #设为开机启动

2.配置文件/etc/named.conf

[root@CentOS7 ~]#vim /etc/named.conf 
options {
 13 //  listen-on port 53 { 127.0.0.1; };  #注释//监听到所有的53号端口
 14 //  listen-on-v6 port 53 { ::1; };  #注释//监听到所有的53号端口
 15     directory   "/var/named";  #指定解析库位置，默认查找位置
 16     dump-file   "/var/named/data/cache_dump.db";
 17     statistics-file "/var/named/data/named_stats.txt";
 18     memstatistics-file "/var/named/data/named_mem_stats.txt";
 19 //  allow-query     { localhost; };  #允许谁来查询
31     recursion yes;  #是否进行递归
 33 //  dnssec-enable yes;  #监视安全
 34 //  dnssec-validation yes;  #注释安全
[root@CentOS7 ~]#named-checkconf   #检查配置文件有无错误

3.编辑区域配置
正向：

[root@CentOS7 ~]#vim /etc/named.rfc1912.zones 
25 zone "haohao.com." IN{
 26     type master;
 27     file "haohao.com.zone";  #这个文件指定解析库
 28     allow-update{none;};
 29 };
[root@CentOS7 ~]#named-checkconf   #检查配置文件有无错误

反向：

47 zone "1.168.192.in-addr.arpa" IN {
 48     type master;
 49     file "192.168.1.zone";
 50 };

4.创建解析库
正向：

[root@CentOS7 /var/named]#vim haohao.com.zone                          
  1 $TTL 1D  #定义统一的缓存为1day
  2 @   2D  IN  SOA dns1 admin.haohao.com. ( 
  3                 2017092101 ;serial  #解析库的序列号
  4                 86400      ;refresh  #周期性同步的时间间隔
  5                 1H         ;retry  #重试的时间间隔
  6                 2W        ;expire  #过期时长
  7                 3H )       ;minimum #否定答案的统一缓存时长
  8         NS  dns1
  9 dns1 2D A   192.168.1.107
 10 websrv  A   192.168.1.106
 11 www     CNAME   websrv

反向：

[root@CentOS7 /var/named]#vim /var/named/192.168.1.zone 
  1 $TTL 1D
  2 @   IN  SOA haohao.com. admin.haohao.com. (
  3                         2017092101
  4                         1H
  5                         10M
  6                         3D
  7                         1D )
  8 @   IN  NS  ns1.haohao.com.
  9 1.168.192.in-addr.arpa. IN  PTR www.haohao.com.
 10 1.168.192.in-addr.arpa. IN  PTR bbc.haohao.com.
 11 1.168.192.in-addr.arpa. IN  PTR mail.haohao.com.

5.检查named-checkconf
正向：

[root@CentOS7 /var/named]#named-checkzone "haohao.com" haohao.com.zone 
zone haohao.com/IN: loaded serial 2017092101
OK

反向：

[root@CentOS7 /var/named]#named-checkzone 1.168.192.in-addr.arpa 192.168.1.zone 
zone 1.168.192.in-addr.arpa/IN: loaded serial 2017092101
OK

6.测试
正向：

[root@R1 ~]#dig -t A www.haohao.com

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.62.rc1.el6 <<>> -t A www.haohao.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 12024
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 1, ADDITIONAL: 1  #aa权威解答

;; QUESTION SECTION:  #查询问题
;www.haohao.com.                        IN      A

;; ANSWER SECTION:  #答案回答
www.haohao.com.         86400   IN      CNAME   websrv.haohao.com.
websrv.haohao.com.      86400   IN      A       192.168.1.106

;; AUTHORITY SECTION:  #权威信息DNS服务器的名称
haohao.com.             86400   IN      NS      dns1.haohao.com.

;; ADDITIONAL SECTION:  #补充说明这个DNS服务器地址
dns1.haohao.com.        172800  IN      A       192.168.1.107

;; Query time: 1 msec
;; SERVER: 192.168.1.107#53(192.168.1.107)
;; WHEN: Thu Aug 31 06:41:51 2017
;; MSG SIZE  rcvd: 104

反向：

[root@R1 ~]#dig -x 192.168.1.108 @192.168.1.107

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.62.rc1.el6 <<>> -x 192.168.1.108 @192.168.1.107
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 382
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;108.1.168.192.in-addr.arpa.    IN      PTR

;; AUTHORITY SECTION:
1.168.192.in-addr.arpa. 86400   IN      SOA     haohao.com. admin.haohao.com. 2017092101 3600 600 259200 86400

;; Query time: 1 msec
;; SERVER: 192.168.1.107#53(192.168.1.107)
;; WHEN: Thu Aug 31 06:42:57 2017
;; MSG SIZE  rcvd: 96

测试区域是否完全正常使用

[root@R1 ~]#dig -t AXFR haohao.com @192.168.1.107

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.62.rc1.el6 <<>> -t AXFR haohao.com @192.168.1.107
;; global options: +cmd
haohao.com.             172800  IN      SOA     dns1.haohao.com. admin.haohao.com. 2017092101 86400 3600 1209600 10800
haohao.com.             86400   IN      NS      dns1.haohao.com.
dns1.haohao.com.        172800  IN      A       192.168.1.107
websrv.haohao.com.      86400   IN      A       192.168.1.106
www.haohao.com.         86400   IN      CNAME   websrv.haohao.com.
haohao.com.             172800  IN      SOA     dns1.haohao.com. admin.haohao.com. 2017092101 86400 3600 1209600 10800
;; Query time: 1 msec
;; SERVER: 192.168.1.107#53(192.168.1.107)
;; WHEN: Thu Aug 31 06:49:02 2017
;; XFR size: 6 records (messages 1, bytes 182)