You cannot see this page without javascript.

2017.01.05 13:39

DNS 설치

조회 수 528 추천 수 0 댓글 0

DNS 설치


 yum -y install bind bind-libs bind-utils bind-chroot

etc/named.conf 수정

 vi etc/named.conf


options {

        version "Unknown";

        allow-transfer { none; };

        allow-recursion { localhost; };

        allow-query-cache { localhost; };

        //listen-on port 53 {; };

        listen-on port 53 { any; };

        //listen-on-v6 port 53 { ::1; };

        directory       "/var/named";

        dump-file       "/var/named/data/cache_dump.db";

        statistics-file "/var/named/data/named_stats.txt";

        memstatistics-file "/var/named/data/named_mem_stats.txt";

        //allow-query     { localhost; };

        allow-query     { any; };



         - If you are building an AUTHORITATIVE DNS server, do NOT enable recursion.

         - If you are building a RECURSIVE (caching) DNS server, you need to enable


         - If your recursive DNS server has a public IP address, you MUST enable access

           control to limit queries to your legitimate users. Failing to do so will

           cause your server to become part of large scale DNS amplification

           attacks. Implementing BCP38 within your network would greatly

           reduce such attack surface


        recursion yes;


        dnssec-enable yes;

        dnssec-validation yes;


        /* Path to ISC DLV key */

        bindkeys-file "/etc/named.iscdlv.key";


        managed-keys-directory "/var/named/dynamic";


        pid-file "/run/named/";

        session-keyfile "/run/named/session.key";


DNS 실행


 service named start

DNS 등록


 vi /etc/named.rfc1912.zones

아래와 같이 추가

zone "com.wxw" IN {
        type master;
        file "";
        allow-update { none; };


레코더 추가

 vi /etc/named/도메인 (예

아래와 같이 추가


@         IN      SOA (
                                        6800    ; serial
                                        1D      ; refresh
                                        1H      ; retry
                                        1W      ; expire
                                        3H )    ; minimum

           IN      NS
           IN      A
ns        IN      A
www     IN      A

DNS 재 시작


 service named restart

DNS 서비스 등록


 chkconfig named on

Who's DragonHaptic