前往小程序,Get更优阅读体验!
立即前往
首页
学习
活动
专区
工具
TVP
发布
社区首页 >专栏 >Centos 7安装unbound

Centos 7安装unbound

作者头像
py3study
发布2018-08-02 14:59:40
2.5K0
发布2018-08-02 14:59:40
举报
文章被收录于专栏:python3

1.关闭firewall:

#停止firewall

systemctl stop firewalld.service

#禁止firewall开机启动

systemctl disable firewalld.service

2.永久关闭

vi /etc/selinux/config

将SELINUX=enforcing改为SELINUX=disabled 

设置后需要重启才能生效

下面开始正式安装unbound

3.安装unbound

yum -y install unbound

清理缓存

yum clean all

重启服务

systemctl restart unbound  

设置开机启动

systemctl enable unbound

4.备份配置文件

cd /etc/unbound/

mv unbound.conf unbound.conf.bak

5.编辑配置文件

vim unbound.conf

注释的地方,全部被我删除了!

完整内容如下:

server:

verbosity: 1

statistics-interval: 0

statistics-cumulative: no

extended-statistics: yes

num-threads: 2

#监听地址

interface: 0.0.0.0

interface-automatic: no

#让所有主机能够向本机查询DNS

access-control: 0.0.0.0/0 allow

chroot: ""

#安全起见,禁用服务用户(DNS 的服务用户为 unbound)

username: ""

directory: "/etc/unbound"

log-time-ascii: yes

pidfile: "/var/run/unbound/unbound.pid"

harden-glue: yes

harden-dnssec-stripped: yes

harden-below-nxdomain: yes

harden-referral-path: yes

use-caps-for-id: no

unwanted-reply-threshold: 10000000

prefetch: yes

prefetch-key: yes

rrset-roundrobin: yes

minimal-responses: yes

trusted-keys-file: /etc/unbound/keys.d/*.key

auto-trust-anchor-file: "/var/lib/unbound/root.key"

val-clean-additional: yes

val-permissive-mode: no

val-log-level: 1

include: /etc/unbound/local.d/*.conf

remote-control:

control-enable: yes

server-key-file: "/etc/unbound/unbound_server.key"

server-cert-file: "/etc/unbound/unbound_server.pem"

control-key-file: "/etc/unbound/unbound_control.key"

control-cert-file: "/etc/unbound/unbound_control.pem"

include: /etc/unbound/conf.d/*.conf

6.验证配置文件是否正确

unbound-checkconf

提示以下内容,就说明没有错误

unbound-checkconf: no errors in /etc/unbound/unbound.conf

重启unbound服务

systemctl restart unbound

7.查看监听端口,53号端口是否存在

[root@localhost unbound]# netstat -tunlp |grep unbound

tcp        0      0 0.0.0.0:53              0.0.0.0:*               LISTEN      2382/unbound        

tcp        0      0 127.0.0.1:8953          0.0.0.0:*               LISTEN      2382/unbound        

tcp6       0      0 ::1:8953                :::*                    LISTEN      2382/unbound        

udp        0      0 0.0.0.0:53              0.0.0.0:*                           2382/unbound  

8.创建新的配置文件,这里以example.com为例:

vim /etc/unbound/local.d/example.conf

内容如下:

local-zone: "example.com." static

local-data: "example.com. 86400 IN SOA ns.example.com. root 1 1D 1H 1W 1H"

local-data: "ns.example.com. IN A 192.168.10.10"

local-data: "linuxprobe.example.com. IN A 192.168.10.10"

local-data-ptr: "192.168.10.10 ns.example.com."

local-data-ptr: "192.168.10.10 linuxprobe.example.com."

9.编辑本机网卡配置文件

vim /etc/sysconfig/network-scripts/ifcfg-eth0

主要配置如下:

.....

#系统启动时激活网卡

ONBOOT=yes

#静态IP地址

IPADDR="192.168.78.133"

#子网掩码

PREFIX="24"

#网关地址

GATEWAY="192.168.78.2"

#DNS地址,指向本机

DNS1=192.168.78.133

重启网络服务

systemctl restart network

10.安装解析工具

yum install -y bind-utils

测试解析

[root@localhost ~]# nslookup 

> linuxprobe.example.com.

Server:192.168.78.133

Address:192.168.78.133#53

Name:linuxprobe.example.com

Address: 192.168.10.10

> exit

域名解析正确!!!

本文参与 腾讯云自媒体同步曝光计划,分享自作者个人站点/博客。
原始发表:2017/11/22 ,如有侵权请联系 cloudcommunity@tencent.com 删除

本文分享自 作者个人站点/博客 前往查看

如有侵权,请联系 cloudcommunity@tencent.com 删除。

本文参与 腾讯云自媒体同步曝光计划  ,欢迎热爱写作的你一起参与!

评论
登录后参与评论
0 条评论
热度
最新
推荐阅读
领券
问题归档专栏文章快讯文章归档关键词归档开发者手册归档开发者手册 Section 归档