DNS反向域名解析之bind

客户端解析不成功

[14:42:08 root@sz-kx-centos8 ~]# dig -t ptr 48.0.31.172.in-addr.arpa
; <<>> DiG 9.11.20-RedHat-9.11.20-5.el8_3.1 <<>> -t ptr 48.0.31.172.in-addr.arpa
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 13979
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
; COOKIE: 14dd778a5f9d54319bc1428f608fa468b7903b67e3fc2b6f (good)
;; QUESTION SECTION:
;48.0.31.172.in-addr.arpa.	IN	PTR

;; AUTHORITY SECTION:
31.172.IN-ADDR.ARPA.	86400	IN	SOA	31.172.IN-ADDR.ARPA. . 0 28800 7200 604800 86400

;; Query time: 1 msec
;; SERVER: 172.31.0.38#53(172.31.0.38)
;; WHEN: Mon May 03 15:21:13 CST 2021
;; MSG SIZE  rcvd: 135

DNS服务端改配置文件

[root@localhost named]# vim /etc/named.rfc1912.zones
zone "0.31.172.in-addr.arpa"{
    type master;
    file "172.31.0.zone";
};

改反向配置文件

[root@localhost named]# vim /var/named/172.31.0.zone
$TTL 1D
@ IN SOA ns1 admin.longxuan.vip.(
                 2021050100  ; serial
                 1D          ; refresh
                 1H          ; retry
                 1W          ; expire
                 3H )        ; minimum
     NS  ns1.longxuan.vip.
48   PTR www.longxuan.vip.
100  PTR app.longge.vip.

改权限并改所属组

[root@localhost named]# chmod 640 172.31.0.zone 
[root@localhost named]# chgrp named 172.31.0.zone 

重启服务

[root@localhost named]# rndc reload
server reload successful

客户端重新验证

[15:21:13 root@sz-kx-centos8 ~]# dig -t ptr 48.0.31.172.in-addr.arpa

; <<>> DiG 9.11.20-RedHat-9.11.20-5.el8_3.1 <<>> -t ptr 48.0.31.172.in-addr.arpa
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 40791
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
; COOKIE: 954097d2ed4bdd438b6d65a3608fa4ea5d07d1cf22eb93ec (good)
;; QUESTION SECTION:
;48.0.31.172.in-addr.arpa.	IN	PTR

;; ANSWER SECTION:
48.0.31.172.in-addr.arpa. 86400	IN	PTR	www.longxuan.vip.

;; AUTHORITY SECTION:
0.31.172.in-addr.arpa.	86400	IN	NS	ns1.longxuan.vip.

;; ADDITIONAL SECTION:
ns1.longxuan.vip.	86400	IN	A	172.31.0.48

;; Query time: 0 msec
;; SERVER: 172.31.0.38#53(172.31.0.38)
;; WHEN: Mon May 03 15:23:23 CST 2021
;; MSG SIZE  rcvd: 145

实验

没有缓存的情况

服务端停止DNS

[root@localhost named]# rndc stop

客户端验证

[15:23:23 root@sz-kx-centos8 ~]# ping www.longxuan.vip
ping: www.longxuan.vip: Name or service not known

启用缓存

# 安装软件
[15:28:14 root@sz-kx-centos8 ~]# yum -y install nscd
# 启动
[15:32:10 root@sz-kx-centos8 ~]# systemctl enable --now nscd

重新验证

DNS服务端启动

[root@localhost named]# systemctl start named

客户端验证

[15:35:13 root@sz-kx-centos8 ~]# ping www.longxuan.vip
PING vip.longxuan.vip (172.31.0.48) 56(84) bytes of data.
64 bytes from www.longxuan.vip (172.31.0.48): icmp_seq=1 ttl=64 time=0.257 ms
64 bytes from www.longxuan.vip (172.31.0.48): icmp_seq=2 ttl=64 time=0.339 ms
64 bytes from www.longxuan.vip (172.31.0.48): icmp_seq=3 ttl=64 time=0.166 ms

DNS服务端停止

[root@localhost named]# rndc stop

客户端再次验证

[15:35:19 root@sz-kx-centos8 ~]# ping www.longxuan.vip
PING vip.longxuan.vip (172.31.0.48) 56(84) bytes of data.
64 bytes from www.longxuan.vip (172.31.0.48): icmp_seq=1 ttl=64 time=0.166 ms
64 bytes from www.longxuan.vip (172.31.0.48): icmp_seq=2 ttl=64 time=0.304 ms
64 bytes from www.longxuan.vip (172.31.0.48): icmp_seq=3 ttl=64 time=0.241 ms
64 bytes from www.longxuan.vip (172.31.0.48): icmp_seq=4 ttl=64 time=0.779 ms

临时清除缓存

[15:43:01 root@sz-kx-centos8 ~]# nscd -i hosts

Ubuntu启动缓存

[root@ubuntu1804 ~]#systemctl status systemd-resolved.service