Server上配置
//安装
yum bind9

//配置文件

cd /var/named

cp –p named.localhost qq.com

$TTL 1D

@ IN SOA @ rname.invalid. (

0 ; serial 1 ; serial à 改为1同步下面的

1D ; refresh

1H ; retry

1W ; expire

3H ) ; minimum

qq.com. (@) NS workstation.qq.com. (workstation)

workstation A 127.25.0.9

www A 1.1.1.1

ftp A 2.2.2.2

@ MX mail.qq.com. 邮件服务器的配置

Mail A 4.4.4.4

AAAA ::1

RPT localhost à 反向指针追踪ip地址

vim /etc/ named.conf

// listen-on port 53 any

Cache-query (any)

Forward-only {172.25.0.9} à 缓存下一个DNS的server

recursion yes;

zone "qq.com" {

type master; (slave)

file “qq.com”;

};

------------------
options {
listen-on port 53 { 127.0.0.1; 192.168.192.77; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named.stats";
memstatistics-file "/var/named/data/named_mem.stats";
allow-query { localhost; };
recursion yes;

dnssec-enable no;
dnssec-validation no;
dnssec-lookaside auto;

/* Path to ISC DLV key */
bindkeys-file "/etc/named.iscdlv.key";

managed-keys-directory "/var/named/dynamic";

forward only;
forwarders { 192.168.192.2; };
allow-recursion { 127.0.0.1; 192.168.192.0/24; };
allow-recursion-on { any; };
};

logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};

zone "." IN {
type hint;
file "named.ca";
};

include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";

################# FORWARD ZONE ##################
zone "dktetrix.net" {
type forward;
forward first;
forwarders { 10.8.76.2; 10.8.76.3; 10.9.76.2; 10.9.76.3; 172.25.252.10; 172.25.252.11; 172.26.43.19; };
};

zone "hosting.eu" {
type forward;
forward first;
forwarders { 10.8.76.2; 10.8.76.3; 10.9.76.2; 10.9.76.3; 172.25.252.10; 172.25.252.11; 172.26.43.19; };
};

zone "oxy-net.org" {
type forward;
forward first;
forwarders { 10.8.76.2; 10.8.76.3; 10.9.76.2; 10.9.76.3; 172.25.252.10; 172.25.252.11; 172.26.43.19; };
};
############# ENF OF FORWARD ZONE ###############

//配置完，重启生效

systemctl restart named

name-checkconf qq.com

//开启防火墙，允许53端口

Firewall –cmd –permanent –add-port=53/udp

yum install telnet

Client上配置

/etc/resolv.conf
options timeout:5 attempts:1 rotate
; generated by /sbin/dhclient-script
search cn-north-1.compute.internal
search cube-net.org
nameserver 192.168.192.77
nameserver 192.168.192.195

Trouble-shooting
while true; do curl -s -o /dev/null -w "Connect: %{time_connect} DNS: %{time_namelookup} TTFB: %{time_starttransfer} Total time: %{time_total} Size: %{size_download} \n" -H 'Host: www.cnprfront.epay-net.org' <http://www.cnprfront.epay-net.org'> http://cnprfront.epay-net.org;done

[ERROR]com.oxit.easypay.services.impl.AppClientServiceImpl AppClientService.notificationTransactionResultV2Rest buy-cnpr.cube-net.pub

java.net.UnknownHostException: buy-cnpr.cube-net.pub

Solution：

Change timeout time from 1 to 5 in file /etc/resolv.conf
options timeout:5 attempts:1 rotate

查看DNS纪录
root@cnpradm01:/var/named/chroot/etc# dig cnpradm01.cube-net.org

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.37.rc1.el6_7.5 <<>> cnpradm01.cube-net.org
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 17646
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 13, ADDITIONAL: 0

;; QUESTION SECTION:
;cnpradm01.cube-net.org. IN A

;; ANSWER SECTION:
cnpradm01.cube-net.org. 3341 IN A 192.168.192.77

;; AUTHORITY SECTION:
. 1380 IN NS a.root-servers.net.
. 1380 IN NS i.root-servers.net.
. 1380 IN NS k.root-servers.net.
. 1380 IN NS b.root-servers.net.
. 1380 IN NS h.root-servers.net.
. 1380 IN NS l.root-servers.net.
. 1380 IN NS j.root-servers.net.
. 1380 IN NS d.root-servers.net.
. 1380 IN NS e.root-servers.net.
. 1380 IN NS g.root-servers.net.
. 1380 IN NS f.root-servers.net.
. 1380 IN NS c.root-servers.net.
. 1380 IN NS m.root-servers.net.

;; Query time: 0 msec
;; SERVER: 192.168.192.77#53(192.168.192.77)
;; WHEN: Sun Jul 24 12:04:24 2016
;; MSG SIZE rcvd: 267

root@cnpradm01:/var/named/chroot/etc# nslookup cnpradm01.cube-net.org
Server: 192.168.192.77
Address: 192.168.192.77#53

Non-authoritative answer:
Name: cnpradm01.cube-net.org
Address: 192.168.192.77

root@cnpradm01:/home/fzou# traceroute www.baidu.com
traceroute to www.baidu.com (220.181.112.244), 30 hops max, 60 byte packets
1 ec2-54-223-0-2.cn-north-1.compute.amazonaws.com.cn (54.223.0.2) 0.274 ms ec2-54-223-0-6.cn-north-1.compute.amazonaws.com.cn (54.223.0.6) 0.290 ms 0.274 ms
2 54.222.1.90 (54.222.1.90) 2.118 ms 54.222.0.128 (54.222.0.128) 1.913 ms 54.222.1.34 (54.222.1.34) 1.941 ms
3 54.222.1.66 (54.222.1.66) 1.069 ms 1.063 ms 1.105 ms
4 * * 97.31.110.36.static.bjtelecom.net (36.110.31.97) 1.725 ms
5 * 102.254.120.106.static.bjtelecom.net (106.120.254.102) 1.441 ms *
6 * * *
7 220.181.182.34 (220.181.182.34) 2.865 ms * 220.181.17.90 (220.181.17.90) 3.329 ms
8 220.181.17.18 (220.181.17.18) 2.426 ms * *
9 * * *
10 * * *
11 * * *
12 * * *
13 * * *
14 * * *
15 * * *
16 * * *
17 * * *
18 * * *
19 * * *
20 * * *
21 * * *
22 * * *
23 * * *
24 * * *
25 * * *
26 * * *
27 * * *
28 * * *
29 * * *
30 * * *

DNS 安装/配置/trouble-shooting