安裝bindphp
一、安裝bind軟件,須要安裝3 個bind、bind-chroot、bind-utilweb
| [root@localhost pub]# yum install -y bind bind-chroot bind-utilstcp
Installed:ide
bind.i686 32:9.8.2-0.17.rc1.el6_4.6 學習
Complete! 測試
|
二、修改配置文件「/etc/named.conf」,追加「forward」網站
| [root@localhost pub]# gedit /etc/named.confspa
options {rest
listen-on port 53 { 127.0.0.1; };code
# listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { localhost; };
recursion yes;
dnssec-enable yes;
dnssec-validation yes;
dnssec-lookaside auto;
/* Path to ISC DLV key */
bindkeys-file "/etc/named.iscdlv.key";
managed-keys-directory "/var/named/dynamic";
forward only;
forwarders{
8.8.8.8;
}
};
|
三、設置防火牆,這裏須要用到53端口。須要開啓tcp和udp的53端口,記得重啓防火牆
| [root@localhost pub]# gedit /etc/sysconfig/iptables
-A INPUT -m state --state NEW -m tcp -p tcp --dport 443 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 53 -j ACCEPT
-A INPUT -m state --state NEW -m udp -p udp --dport 53 -j ACCEPT
[root@localhost phpMyAdmin]# service iptables restart
iptables:將鏈設置爲政策 ACCEPT:filter nat [肯定]
iptables:清除防火牆規則: [肯定]
iptables:正在卸載模塊: [肯定]
iptables:應用防火牆規則: [肯定]
iptables:載入額外模塊:nf_conntrack_ftp [肯定]
[root@localhost phpMyAdmin]#
|
四、啓動服務
| [root@localhost pub]# service named start
啓動named: [肯定]
[root@localhost pub]#
|
五、測試,命令格式「dig 網站@ip」,這裏用迴環地址來測試,看是否能請求成功
| [root@localhost pub]# dig www.baidu.com @127.0.0.1
; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.17.rc1.el6_4.6 <<>> www.baidu.com @127.0.0.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 51491
;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;www.baidu.com. IN A
;; ANSWER SECTION:
www.baidu.com. 1191 IN CNAME www.a.shifen.com.
www.a.shifen.com. 299IN A 14.215.177.38 //這個就是請求到的結果
www.a.shifen.com. 299IN A 14.215.177.39
;; Query time: 3053 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Tue Aug 14 19:02:59 2018
;; MSG SIZE rcvd: 90
|
六、更改配置文件named.conf,讓全部機器均可以使用該服務。
1)將配置文件中的迴環地址改成any,意味着容許任何人使用
| [root@localhost pub]# gedit /etc/named.conf
options {
listen-on port 53 {any; };
# listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { any; };
recursion yes;
dnssec-enable yes;
dnssec-validation yes;
dnssec-lookaside auto;
/* Path to ISC DLV key */
bindkeys-file "/etc/named.iscdlv.key";
managed-keys-directory "/var/named/dynamic";
forward only;
forwarders{
8.8.8.8;
}
};
|
2)找一個其餘ip地址來測試
| [root@localhost pub]# service named restart //重啓服務
中止named: [肯定]
啓動named: [肯定]
[root@localhost pub]# dig www.baidu.com @192.168.0.113
; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.17.rc1.el6_4.6 <<>> www.baidu.com @192.168.0.113
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 37134
;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;www.baidu.com. IN A
;; ANSWER SECTION:
www.baidu.com. 871 IN CNAME www.a.shifen.com.
www.a.shifen.com. 299 IN A 14.215.177.39
www.a.shifen.com. 299 IN A 14.215.177.38
;; Query time: 474 msec
;; SERVER: 192.168.0.113#53(192.168.0.113)
;; WHEN: Tue Aug 14 19:06:19 2018
;; MSG SIZE rcvd: 90
|
