安装bind

yum install bind-chroot bind-utils

# 开机启动
systemctl enable named-chroot

配置bind

> cat /etc/named.conf
options {
    listen-on port 53 { any; };  # 监听任何ip对53端口的请求
    listen-on-v6 port 53 { ::1; };
    directory   "/var/named";
    dump-file   "/var/named/data/cache_dump.db";
    statistics-file "/var/named/data/named_stats.txt";
    memstatistics-file "/var/named/data/named_mem_stats.txt";
    allow-query     { any; }; # 接收任何来源查询dns记录

    recursion yes;

    dnssec-enable yes;
    dnssec-validation yes;

    bindkeys-file "/etc/named.iscdlv.key";

    managed-keys-directory "/var/named/dynamic";

    pid-file "/run/named/named.pid";
    session-keyfile "/run/named/session.key";
};

logging {
        channel default_debug {
                file "data/named.run";
                severity dynamic;
        };
};

zone "." IN {
    type hint;
    file "named.ca";
};

include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";

添加正向解析域

vim /etc/named.rfc1912.zones
zone "ooxx.com" IN {
    type master;
    file "ooxx.com.zone";
};

添加反向解析域

vim /etc/named.rfc1912.zones
zone "1.1.1.in-addr.arpa" IN {
    type master;
    file "1.1.1.zone";
};

> cat /var/named/ooxx.com.zone 
$TTL 1D
@   IN  SOA ooxx.com.   admin.ooxx.com. (
            0   ; serial  
            1D  ; refresh  # 主从刷新时间
            1H  ; retry  # 主从通讯失败后重试间隔
            1W  ; expire  # 缓存过期时间
            3H )    ; minimum  # 没有TTL定义时的最小生存周期
        NS  ns1.ooxx.com.
        NS  ns2.ooxx.com.
        A   127.0.0.1
        AAAA    ::1
        MX  10 mx.ooxx.com.
ttl IN  A   1.1.1.22
www     IN  A   1.1.1.33   
bbs IN  CNAME   www
mx  IN  A   1.1.1.66
ns1 IN  A   1.1.1.11
ns2 IN  A   1.1.1.11

> cat /var/named/1.1.1.zone 
$TTL 1D
@       IN      SOA     ooxx.com. admin.ooxx.com. (
                         0
                         2H
                         10M
                         7D
                         1D )
        NS  ttl.ooxx.com.
        A   127.0.0.1
        AAAA    ::1
22  IN      PTR     ooxx.com
33  IN      PTR     www.ooxx.com.
11  IN      PTR     ns1.ooxx.com.
11  IN      PTR     ns2.ooxx.com.
66  IN      PTR     mx.ooxx.com.

启动bind

systemctl start named-chroot

检查配置

> named-checkzone "ooxx.com" /var/named/ooxx.com.zone
zone ooxx.com/IN: loaded serial 0
OK

本地测试解析

将本机的DNS修改为1.1.1.11(上面的dns服务器地址)， 打开cmd

查询 ooxx.com 的dns记录

C:\Users\Administrator>nslookup -qt=A ooxx.com
服务器:  UnKnown
Address:  1.1.1.11

名称:    ooxx.com
Addresses:  127.0.0.1
          1.1.1.22

查询 www.ooxx.com 的dns记录

C:\Users\Administrator>nslookup -qt=A www.ooxx.com
服务器:  UnKnown
Address:  1.1.1.11

名称:    www.ooxx.com
Address:  1.1.1.33

C:\Users\Administrator>nslookup bbs.ooxx.com
服务器:  ns1.ooxx.com
Address:  1.1.1.11

名称:    www.ooxx.com
Address:  1.1.1.33
Aliases:  bbs.ooxx.com


C:\Users\Administrator>nslookup mx.ooxx.com
服务器:  ns1.ooxx.com
Address:  1.1.1.11

名称:    mx.ooxx.com
Address:  1.1.1.66