āĻā§āĻ°ā§āĻ¸ āĻāĻžāĻ¤ā§āĻ°āĻĻā§āĻ° āĻāĻ¨ā§āĻ¯ āĻĒā§āĻ°āĻ¸ā§āĻ¤ā§āĻ¤ āĻ¨āĻŋāĻŦāĻ¨ā§āĻ§ā§āĻ° āĻ āĻ¨ā§āĻŦāĻžāĻĻ . āĻāĻ āĻĻāĻŋāĻā§ āĻāĻ¨ā§āĻ¨āĻ¯āĻŧāĻ¨ āĻāĻ°āĻ¤ā§ āĻāĻā§āĻ°āĻšā§? āĻāĻāĻžāĻ¨ āĻĒāĻŋāĻ¸āĻā§āĻ¨āĻā§āĻ° āĻŽāĻžāĻ¸ā§āĻāĻžāĻ° āĻā§āĻ˛āĻžāĻ¸ā§āĻ° āĻ¸āĻŽā§āĻĒā§āĻ°āĻāĻžāĻ°ā§āĻ° āĻ°ā§āĻāĻ°ā§āĻĄāĻŋāĻ āĻĻā§āĻā§āĻ¨
āĻāĻ āĻ¨āĻŋāĻŦāĻ¨ā§āĻ§ā§, āĻāĻŽāĻŋ āĻāĻĒāĻ¨āĻžāĻā§ RHEL 7 āĻŦāĻž CentOS 7-āĻ āĻāĻāĻāĻŋ DNS āĻ¸āĻžāĻ°ā§āĻāĻžāĻ° āĻ¸ā§āĻ āĻāĻĒ āĻāĻ°āĻžāĻ° āĻ§āĻžāĻĒāĻā§āĻ˛āĻŋāĻ° āĻŽāĻžāĻ§ā§āĻ¯āĻŽā§ āĻ¨āĻŋāĻ¯āĻŧā§ āĻ¯āĻžāĻŦāĨ¤ āĻĒā§āĻ°āĻĻāĻ°ā§āĻļāĻ¨ā§āĻ° āĻāĻ¨ā§āĻ¯ āĻāĻŽāĻŋ Red Hat Enterprise Linux 7.4 āĻŦā§āĻ¯āĻŦāĻšāĻžāĻ° āĻāĻ°ā§āĻāĻŋāĨ¤ āĻāĻŽāĻžāĻĻā§āĻ° āĻ˛āĻā§āĻˇā§āĻ¯ āĻĢāĻ°ā§āĻ¯āĻŧāĻžāĻ°ā§āĻĄ āĻāĻŦāĻ āĻ°āĻŋāĻāĻžāĻ°ā§āĻ¸ āĻ˛ā§āĻāĻāĻĒ āĻā§āĻ¨ā§āĻ° āĻāĻ¨ā§āĻ¯ āĻ¯āĻĨāĻžāĻā§āĻ°āĻŽā§ āĻāĻāĻāĻŋ A āĻ°ā§āĻāĻ°ā§āĻĄ āĻāĻŦāĻ āĻāĻāĻāĻŋ PTR āĻ°ā§āĻāĻ°ā§āĻĄ āĻ¤ā§āĻ°āĻŋ āĻāĻ°āĻžāĨ¤
āĻĒā§āĻ°āĻĨāĻŽā§, DNS āĻ¸āĻžāĻ°ā§āĻāĻžāĻ°ā§āĻ° āĻāĻ¨ā§āĻ¯ āĻĒā§āĻ°āĻ¯āĻŧā§āĻāĻ¨ā§āĻ¯āĻŧ rpm āĻĒā§āĻ¯āĻžāĻā§āĻāĻā§āĻ˛āĻŋ āĻāĻ¨āĻ¸ā§āĻāĻ˛ āĻāĻ°ā§āĻ¨āĨ¤
āĻĻā§āĻ°āĻˇā§āĻāĻŦā§āĻ¯: RHEL āĻāĻ° āĻāĻ¨ā§āĻ¯ āĻāĻĒāĻ¨āĻžāĻ° āĻ āĻŦāĻļā§āĻ¯āĻ āĻĨāĻžāĻāĻ¤ā§ āĻšāĻŦā§ , āĻ āĻĨāĻŦāĻž āĻāĻĒāĻ¨āĻŋ āĻĒāĻžāĻ°ā§āĻ¨ , āĻ¯āĻžāĻ° āĻ¸āĻžāĻšāĻžāĻ¯ā§āĻ¯ā§ āĻĒā§āĻ¯āĻžāĻā§āĻ āĻŽā§āĻ¯āĻžāĻ¨ā§āĻāĻžāĻ° âyumâ āĻĒā§āĻ°āĻ¯āĻŧā§āĻāĻ¨ā§āĻ¯āĻŧ rpm āĻĒā§āĻ¯āĻžāĻā§āĻ āĻāĻŦāĻ āĻ¨āĻŋāĻ°ā§āĻāĻ°āĻ¤āĻž āĻāĻ¨āĻ¸ā§āĻāĻ˛ āĻāĻ°āĻ¤ā§ āĻĒāĻžāĻ°ā§āĨ¤
# yum install bind bind-chroot caching-nameserverāĻāĻŽāĻžāĻ° āĻ¸ā§āĻāĻŋāĻāĻ¸:
# hostname
golinuxhub-client.example
ĐОК IP-Đ°Đ´ŅĐĩŅ 192.168.1.7
# ip address | egrep 'inet.*enp0s3'
inet 192.168.1.7/24 brd 192.168.1.255 scope global dynamic enp0s3āĻ¯ā§āĻšā§āĻ¤ā§ āĻāĻŽāĻ°āĻž chroot āĻŦā§āĻ¯āĻŦāĻšāĻžāĻ° āĻāĻ°āĻŦ, āĻ¤āĻžāĻ āĻāĻŽāĻžāĻĻā§āĻ° āĻĒāĻ°āĻŋāĻˇā§āĻŦāĻžāĻāĻŋ āĻ¨āĻŋāĻˇā§āĻā§āĻ°āĻŋāĻ¯āĻŧ āĻāĻ°āĻ¤ā§ āĻšāĻŦā§āĨ¤
# systemctl stop named
# systemctl disable namedāĻ¤āĻžāĻ°āĻĒāĻ°ā§ āĻĒā§āĻ°āĻ¯āĻŧā§āĻāĻ¨ā§āĻ¯āĻŧ āĻĢāĻžāĻāĻ˛āĻā§āĻ˛āĻŋ chroot āĻĄāĻŋāĻ°ā§āĻā§āĻāĻ°āĻŋāĻ¤ā§ āĻ
āĻ¨ā§āĻ˛āĻŋāĻĒāĻŋ āĻāĻ°ā§āĻ¨āĨ¤
āĻŦāĻŋāĻāĻĻā§āĻ°āĻ. āĻ¯ā§āĻā§āĻ¤āĻŋ āĻŦā§āĻ¯āĻŦāĻšāĻžāĻ° āĻāĻ°ā§āĻ¨ -p āĻāĻāĻāĻŋ āĻĻāĻ˛ā§ cp āĻ
āĻ§āĻŋāĻāĻžāĻ° āĻāĻŦāĻ āĻŽāĻžāĻ˛āĻŋāĻāĻĻā§āĻ° āĻ¸āĻāĻ°āĻā§āĻˇāĻŖ āĻāĻ°āĻ¤ā§āĨ¤
[root@golinuxhub-client ~]# cp -rpvf /usr/share/doc/bind-9.9.4/sample/etc/* /var/named/chroot/etc/
â/usr/share/doc/bind-9.9.4/sample/etc/named.confâ -> â/var/named/chroot/etc/named.confâ
â/usr/share/doc/bind-9.9.4/sample/etc/named.rfc1912.zonesâ -> â/var/named/chroot/etc/named.rfc1912.zonesâāĻ¤āĻžāĻ°āĻĒāĻ°ā§ āĻā§āĻ¨ā§āĻ° āĻ¸āĻžāĻĨā§ āĻ¯ā§āĻā§āĻ¤ āĻĢāĻžāĻāĻ˛āĻā§āĻ˛āĻŋāĻā§ āĻāĻāĻāĻŋ āĻ¨āĻ¤ā§āĻ¨ āĻ āĻŦāĻ¸ā§āĻĨāĻžāĻ¨ā§ āĻ āĻ¨ā§āĻ˛āĻŋāĻĒāĻŋ āĻāĻ°ā§āĻ¨āĨ¤
[root@golinuxhub-client ~]# cp -rpvf /usr/share/doc/bind-9.9.4/sample/var/named/* /var/named/chroot/var/named/
â/usr/share/doc/bind-9.9.4/sample/var/named/dataâ -> â/var/named/chroot/var/named/dataâ
â/usr/share/doc/bind-9.9.4/sample/var/named/my.external.zone.dbâ -> â/var/named/chroot/var/named/my.external.zone.dbâ
â/usr/share/doc/bind-9.9.4/sample/var/named/my.internal.zone.dbâ -> â/var/named/chroot/var/named/my.internal.zone.dbâ
â/usr/share/doc/bind-9.9.4/sample/var/named/named.caâ -> â/var/named/chroot/var/named/named.caâ
â/usr/share/doc/bind-9.9.4/sample/var/named/named.emptyâ -> â/var/named/chroot/var/named/named.emptyâ
â/usr/share/doc/bind-9.9.4/sample/var/named/named.localhostâ -> â/var/named/chroot/var/named/named.localhostâ
â/usr/share/doc/bind-9.9.4/sample/var/named/named.loopbackâ -> â/var/named/chroot/var/named/named.loopbackâ
â/usr/share/doc/bind-9.9.4/sample/var/named/slavesâ -> â/var/named/chroot/var/named/slavesâ
â/usr/share/doc/bind-9.9.4/sample/var/named/slaves/my.ddns.internal.zone.dbâ -> â/var/named/chroot/var/named/slaves/my.ddns.internal.zone.dbâ
â/usr/share/doc/bind-9.9.4/sample/var/named/slaves/my.slave.internal.zone.dbâ -> â/var/named/chroot/var/named/slaves/my.slave.internal.zone.dbâ
```bash
ĐĸĐĩĐŋĐĩŅŅ даваКŅĐĩ ĐŋĐžŅĐŧĐžŅŅиĐŧ ĐŊĐ° ĐžŅĐŊОвĐŊОК ŅĐ°ĐšĐģ ĐēĐžĐŊŅиĐŗŅŅĐ°Ņии.
```bash
# cd /var/named/chroot/etc/name.conf āĻāĻ° āĻŦāĻŋāĻˇāĻ¯āĻŧāĻŦāĻ¸ā§āĻ¤ā§ āĻ¸āĻžāĻĢ āĻāĻ°ā§āĻ¨ āĻāĻŦāĻ āĻ¨āĻŋāĻŽā§āĻ¨āĻ˛āĻŋāĻāĻŋāĻ¤ āĻĒā§āĻ¸ā§āĻ āĻāĻ°ā§āĻ¨āĨ¤
[root@golinuxhub-client etc]# vim named.conf
options {
listen-on port 53 { 127.0.0.1; any; };
# listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { localhost; any; };
allow-query-cache { localhost; any; };
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
view my_resolver {
match-clients { localhost; any; };
recursion yes;
include "/etc/named.rfc1912.zones";
};āĻā§āĻ¨ āĻ¨āĻŋāĻ°ā§āĻĻāĻŋāĻˇā§āĻ āĻ¤āĻĨā§āĻ¯ āĻ¯ā§āĻ āĻāĻ°āĻž āĻāĻŦāĻļā§āĻ¯āĻ /var/named/chroot/etc/named.rfc1912.zones. āĻ¨ā§āĻā§āĻ° āĻāĻ¨ā§āĻā§āĻ°āĻŋ āĻ¯ā§āĻ āĻāĻ°ā§āĻ¨. example.zone āĻĢāĻžāĻāĻ˛āĻāĻŋ āĻĢāĻ°ā§āĻ¯āĻŧāĻžāĻ°ā§āĻĄ āĻ˛ā§āĻāĻāĻĒ āĻā§āĻ¨ āĻĢāĻžāĻāĻ˛, āĻāĻŦāĻ example.rzone - āĻ°āĻŋāĻāĻžāĻ°ā§āĻ¸ āĻā§āĻ¨ āĻĢāĻžāĻāĻ˛āĨ¤
āĻā§āĻ°ā§āĻ¤ā§āĻŦāĻĒā§āĻ°ā§āĻŖ āĻĻā§āĻ°āĻˇā§āĻāĻŦā§āĻ¯: āĻŦāĻŋāĻĒāĻ°ā§āĻ¤ āĻ˛ā§āĻāĻāĻĒ āĻā§āĻ¨ā§ āĻ°āĻ¯āĻŧā§āĻā§ 1.168.192 āĻāĻžāĻ°āĻŖ āĻāĻŽāĻžāĻ° āĻāĻāĻĒāĻŋ āĻ āĻŋāĻāĻžāĻ¨āĻž āĻšāĻ˛ 192.168.1.7
zone "example" IN {
type master;
file "example.zone";
allow-update { none; };
};
zone "1.168.192.in-addr.arpa" IN {
type master;
file "example.rzone";
allow-update { none; };
};āĻā§āĻ¨āĻā§āĻ˛āĻŋāĻ° āĻ¸āĻžāĻĨā§ āĻ¸āĻŽā§āĻĒāĻ°ā§āĻāĻŋāĻ¤ āĻĢāĻžāĻāĻ˛āĻā§āĻ˛āĻŋ āĻāĻāĻžāĻ¨ā§ āĻ āĻŦāĻ¸ā§āĻĨāĻŋāĻ¤:
# cd /var/named/chroot/var/named/āĻāĻ° āĻĒāĻ°ā§, āĻāĻŽāĻ°āĻž āĻĢāĻ°ā§āĻ¯āĻŧāĻžāĻ°ā§āĻĄ āĻāĻŦāĻ āĻ°āĻŋāĻāĻžāĻ°ā§āĻ¸ āĻā§āĻ¨ā§āĻ° āĻāĻ¨ā§āĻ¯ āĻĢāĻžāĻāĻ˛ āĻ¤ā§āĻ°āĻŋ āĻāĻ°āĻŦāĨ¤ āĻĢāĻžāĻāĻ˛ā§āĻ° āĻ¨āĻžāĻŽ āĻāĻĒāĻ°ā§āĻ° āĻĢāĻžāĻāĻ˛ā§āĻ° āĻŽāĻ¤āĻ āĻšāĻŦā§ name.rfc1912.zones. āĻāĻŽāĻžāĻĻā§āĻ° āĻāĻ¤āĻŋāĻŽāĻ§ā§āĻ¯ā§āĻ āĻŦā§āĻļ āĻāĻŋāĻā§ āĻĄāĻŋāĻĢāĻ˛ā§āĻ āĻā§āĻŽāĻĒā§āĻ˛ā§āĻ āĻāĻā§ āĻ¯āĻž āĻāĻŽāĻ°āĻž āĻŦā§āĻ¯āĻŦāĻšāĻžāĻ° āĻāĻ°āĻ¤ā§ āĻĒāĻžāĻ°āĻŋāĨ¤
# cp -p named.localhost example.zone
# cp -p named.loopback example.rzoneāĻāĻĒāĻ¨āĻŋ āĻĻā§āĻāĻ¤ā§ āĻĒāĻžāĻā§āĻā§āĻ¨, āĻ¸āĻŽāĻ¸ā§āĻ¤ āĻĢāĻžāĻāĻ˛ āĻāĻŦāĻ āĻĄāĻŋāĻ°ā§āĻā§āĻāĻ°āĻŋāĻ° āĻŦāĻ°ā§āĻ¤āĻŽāĻžāĻ¨ āĻ āĻ¨ā§āĻŽāĻ¤āĻŋāĻā§āĻ˛āĻŋ āĻ āĻ¨ā§āĻ¤āĻ°ā§āĻāĻ¤ āĻļāĻŋāĻāĻĄāĻŧ.
[root@golinuxhub-client named]# ll
total 32
drwxr-xr-x. 2 root root 6 May 22 2017 data
-rw-r--r--. 1 root root 168 May 22 2017 example.rzone
-rw-r--r--. 1 root root 152 May 22 2017 example.zone
-rw-r--r--. 1 root root 56 May 22 2017 my.external.zone.db
-rw-r--r--. 1 root root 56 May 22 2017 my.internal.zone.db
-rw-r--r--. 1 root root 2281 May 22 2017 named.ca
-rw-r--r--. 1 root root 152 May 22 2017 named.empty
-rw-r--r--. 1 root root 152 May 22 2017 named.localhost
-rw-r--r--. 1 root root 168 May 22 2017 named.loopback
drwxr-xr-x. 2 root root 71 Feb 12 21:02 slavesāĻŦā§āĻ¯āĻŦāĻšāĻžāĻ°āĻāĻžāĻ°ā§āĻā§ āĻŽāĻžāĻ˛āĻŋāĻ āĻšāĻŋāĻ¸āĻžāĻŦā§ āĻ¨āĻŋāĻ°ā§āĻĻā§āĻļ āĻāĻ°āĻ¤ā§ āĻ¸āĻŽāĻ¸ā§āĻ¤ āĻĢāĻžāĻāĻ˛ā§āĻ° āĻ āĻ¨ā§āĻŽāĻ¤āĻŋ āĻĒāĻ°āĻŋāĻŦāĻ°ā§āĻ¤āĻ¨ āĻāĻ°ā§āĻ¨ āĻļāĻŋāĻāĻĄāĻŧ āĻāĻŦāĻ āĻā§āĻ°ā§āĻĒ āĻ¨āĻžāĻŽā§.
# chown root:named *āĻāĻŋāĻ¨ā§āĻ¤ā§ āĻ¤āĻĨā§āĻ¯ā§āĻ° āĻāĻ¨ā§āĻ¯ āĻŽāĻžāĻ˛āĻŋāĻ āĻšāĻ¤ā§ āĻšāĻŦā§ āĻ¨āĻžāĻŽ: āĻ¨āĻžāĻŽā§.
# chown -R named:named data
# ls -l
total 32
drwxr-xr-x. 2 named named 6 May 22 2017 data
-rw-r--r--. 1 root named 168 May 22 2017 example.rzone
-rw-r--r--. 1 root named 152 May 22 2017 example.zone
-rw-r--r--. 1 root named 56 May 22 2017 my.external.zone.db
-rw-r--r--. 1 root named 56 May 22 2017 my.internal.zone.db
-rw-r--r--. 1 root named 2281 May 22 2017 named.ca
-rw-r--r--. 1 root named 152 May 22 2017 named.empty
-rw-r--r--. 1 root named 152 May 22 2017 named.localhost
-rw-r--r--. 1 root named 168 May 22 2017 named.loopback
drwxr-xr-x. 2 root named 71 Feb 12 21:02 slavesāĻāĻĒāĻ¨āĻžāĻ° āĻĢāĻ°āĻāĻ¯āĻŧāĻžāĻ°ā§āĻĄ āĻā§āĻ¨ āĻĢāĻžāĻāĻ˛ā§ āĻ¨āĻŋāĻŽā§āĻ¨āĻ˛āĻŋāĻāĻŋāĻ¤ āĻŦāĻŋāĻˇāĻ¯āĻŧāĻŦāĻ¸ā§āĻ¤ā§ āĻ¯ā§āĻ āĻāĻ°ā§āĻ¨āĨ¤ āĻāĻāĻžāĻ¨ā§ āĻāĻŽāĻ°āĻž āĻ˛ā§āĻāĻžāĻ˛āĻšā§āĻ¸ā§āĻā§āĻ° āĻāĻ¨ā§āĻ¯ āĻāĻāĻāĻŋ A āĻ°ā§āĻāĻ°ā§āĻĄ āĻ¤ā§āĻ°āĻŋ āĻāĻ°āĻŋ (golinuxhub-client) āĻāĻŦāĻ āĻāĻ°ā§āĻāĻāĻŋ āĻ¸āĻžāĻ°ā§āĻāĻžāĻ°ā§āĻ° (golinuxhub-server) āĻāĻ¨ā§āĻ¯āĨ¤
# vim example.zone
$TTL 1D
@ IN SOA example. root (
1 ; serial
3H ; refresh
15M ; retry
1W ; expire
1D ) ; minimum
IN NS example.
IN A 192.168.1.7
golinuxhub-server IN A 192.168.1.5
golinuxhub-client IN A 192.169.1.7āĻāĻ°āĻĒāĻ°ā§, āĻ°āĻŋāĻāĻžāĻ°ā§āĻ¸ āĻā§āĻ¨ āĻĢāĻžāĻāĻ˛ā§ āĻŦāĻŋāĻˇāĻ¯āĻŧāĻŦāĻ¸ā§āĻ¤ā§ āĻ¯ā§āĻ āĻāĻ°ā§āĻ¨āĨ¤ āĻāĻāĻžāĻ¨ā§ āĻāĻŽāĻ°āĻž golinuxhub-client āĻāĻŦāĻ golinuxhub-server-āĻāĻ° āĻāĻ¨ā§āĻ¯ āĻāĻāĻāĻŋ PTR āĻ°ā§āĻāĻ°ā§āĻĄ āĻ¤ā§āĻ°āĻŋ āĻāĻ°āĻŋāĨ¤
# vim example.rzone
$TTL 1D
@ IN SOA example. root.example. (
1997022700 ; serial
28800 ; refresh
14400 ; retry
3600000 ; expire
86400 ) ; minimum
IN NS example.
5 IN PTR golinuxhub-server.example.
7 IN PTR golinuxhub-client.example.āĻāĻŽāĻ°āĻž āĻĒāĻ°āĻŋāĻˇā§āĻŦāĻž āĻāĻžāĻ˛ā§ āĻāĻ°āĻžāĻ° āĻāĻā§ name-chroot, āĻāĻ˛ā§āĻ¨ āĻā§āĻ¨ āĻĢāĻžāĻāĻ˛ā§āĻ° āĻāĻ¨āĻĢāĻŋāĻāĻžāĻ°ā§āĻļāĻ¨ āĻĒāĻ°ā§āĻā§āĻˇāĻž āĻāĻ°āĻž āĻ¯āĻžāĻāĨ¤
[root@golinuxhub-client named]# named-checkzone golinuxhub-client.example example.zone
zone golinuxhub-client.example/IN: loaded serial 1
OK
[root@golinuxhub-client named]# named-checkzone golinuxhub-client.example example.rzone
zone golinuxhub-client.example/IN: loaded serial 1997022700
OKāĻ¸āĻŦāĻāĻŋāĻā§āĻ āĻāĻžāĻ˛ā§ āĻ˛āĻžāĻāĻā§āĨ¤ āĻāĻāĻ¨ āĻ¨āĻŋāĻŽā§āĻ¨āĻ˛āĻŋāĻāĻŋāĻ¤ āĻāĻŽāĻžāĻ¨ā§āĻĄāĻāĻŋ āĻŦā§āĻ¯āĻŦāĻšāĻžāĻ° āĻāĻ°ā§ āĻāĻ¨āĻĢāĻŋāĻāĻžāĻ°ā§āĻļāĻ¨ āĻĢāĻžāĻāĻ˛āĻāĻŋ āĻĒāĻ°ā§āĻā§āĻˇāĻž āĻāĻ°ā§āĻ¨āĨ¤
[root@golinuxhub-client named]# named-checkconf -t /var/named/chroot/ /etc/named.confāĻ¸ā§āĻ¤āĻ°āĻžāĻ, āĻ¸āĻŦāĻāĻŋāĻā§ āĻ¸āĻĢāĻ˛āĻāĻžāĻŦā§ āĻ¸āĻŽā§āĻĒāĻ¨ā§āĻ¨ āĻšāĻ¯āĻŧā§āĻā§āĨ¤
[root@golinuxhub-client named]# echo $?
0āĻā§āĻ°ā§āĻ¤ā§āĻŦāĻĒā§āĻ°ā§āĻŖ āĻĻā§āĻ°āĻˇā§āĻāĻŦā§āĻ¯: āĻāĻŽāĻžāĻ° āĻāĻžāĻā§ āĻ āĻ¨ā§āĻŽāĻ¤āĻŋāĻŽā§āĻ˛āĻ āĻŽā§āĻĄā§ SELinux āĻāĻā§
# getenforce
PermissiveāĻ¸āĻŦāĻāĻŋāĻā§ āĻāĻžāĻ˛ āĻĻā§āĻāĻžāĻā§āĻā§, āĻ¤āĻžāĻ āĻāĻŽāĻžāĻĻā§āĻ° āĻĒāĻ°āĻŋāĻˇā§āĻŦāĻž āĻāĻžāĻ˛ā§ āĻāĻ°āĻžāĻ° āĻ¸āĻŽāĻ¯āĻŧ āĻāĻ¸ā§āĻā§ā§ˇ name-chroot .
[root@golinuxhub-client named]# systemctl restart named-chroot[root@golinuxhub-client named]# systemctl status named-chroot
â named-chroot.service - Berkeley Internet Name Domain (DNS)
Loaded: loaded (/usr/lib/systemd/system/named-chroot.service; disabled; vendor preset: disabled)
Active: active (running) since Mon 2018-02-12 21:53:23 IST; 19s ago
Process: 5236 ExecStop=/bin/sh -c /usr/sbin/rndc stop > /dev/null 2>&1 || /bin/kill -TERM $MAINPID (code=exited, status=0/SUCCESS)
Process: 5327 ExecStart=/usr/sbin/named -u named -c ${NAMEDCONF} -t /var/named/chroot $OPTIONS (code=exited, status=0/SUCCESS)
Process: 5325 ExecStartPre=/bin/bash -c if [ ! "$DISABLE_ZONE_CHECKING" == "yes" ]; then /usr/sbin/named-checkconf -t /var/named/chroot -z "$NAMEDCONF"; else echo "Checking of zone files is disabled"; fi (code=exited, status=0/SUCCESS)
Main PID: 5330 (named)
CGroup: /system.slice/named-chroot.service
ââ5330 /usr/sbin/named -u named -c /etc/named.conf -t /var/named/chroot
Feb 12 21:53:23 golinuxhub-client.example named[5330]: managed-keys-zone/my_resolver: loaded serial 0
Feb 12 21:53:23 golinuxhub-client.example named[5330]: zone 0.in-addr.arpa/IN/my_resolver: loaded serial 0
Feb 12 21:53:23 golinuxhub-client.example named[5330]: zone 1.0.0.127.in-addr.arpa/IN/my_resolver: loaded serial 0
Feb 12 21:53:23 golinuxhub-client.example named[5330]: zone 1.168.192.in-addr.arpa/IN/my_resolver: loaded serial 1997022700
Feb 12 21:53:23 golinuxhub-client.example named[5330]: zone example/IN/my_resolver: loaded serial 1
Feb 12 21:53:23 golinuxhub-client.example named[5330]: zone localhost/IN/my_resolver: loaded serial 0
Feb 12 21:53:23 golinuxhub-client.example named[5330]: zone 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN/my_resolver: loaded serial 0
Feb 12 21:53:23 golinuxhub-client.example named[5330]: zone localhost.localdomain/IN/my_resolver: loaded serial 0
Feb 12 21:53:23 golinuxhub-client.example named[5330]: all zones loaded
Feb 12 21:53:23 golinuxhub-client.example named[5330]: running
```bash
ĐŖĐąĐĩдиŅĐĩŅŅ, ŅŅĐž resolv.conf ŅОдĐĩŅĐļиŅ ваŅ IP-Đ°Đ´ŅĐĩŅ, ŅŅОйŅ ĐžĐŊ ĐŧĐžĐŗ ŅайОŅĐ°ŅŅ в ĐēĐ°ŅĐĩŅŅвĐĩ DNS-ŅĐĩŅвĐĩŅĐ°.
```bash
# cat /etc/resolv.conf
search example
nameserver 192.168.1.7
```bash
ĐаваКŅĐĩ ĐŋŅОвĐĩŅиĐŧ ĐŊĐ°Ņ DNS-ŅĐĩŅвĐĩŅ Đ´ĐģŅ ОйŅĐ°ŅĐŊОК СОĐŊŅ, иŅĐŋĐžĐģŅСŅŅ dig.
```bash
[root@golinuxhub-client named]# dig -x 192.168.1.5
; <<>> DiG 9.9.4-RedHat-9.9.4-50.el7 <<>> -x 192.168.1.5
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 40331
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;5.1.168.192.in-addr.arpa. IN PTR
;; ANSWER SECTION:
5.1.168.192.in-addr.arpa. 86400 IN PTR golinuxhub-server.example.
;; AUTHORITY SECTION:
1.168.192.in-addr.arpa. 86400 IN NS example.
;; ADDITIONAL SECTION:
example. 86400 IN A 192.168.1.7
;; Query time: 1 msec
;; SERVER: 192.168.1.7#53(192.168.1.7)
;; WHEN: Mon Feb 12 22:13:17 IST 2018
;; MSG SIZE rcvd: 122āĻāĻĒāĻ¨āĻŋ āĻĻā§āĻāĻ¤ā§ āĻĒāĻžāĻā§āĻā§āĻ¨, āĻāĻŽāĻ°āĻž āĻāĻŽāĻžāĻĻā§āĻ° āĻ āĻ¨ā§āĻ°ā§āĻ§ā§ (QUERY) āĻāĻāĻāĻŋ āĻāĻ¤āĻŋāĻŦāĻžāĻāĻ āĻĒā§āĻ°āĻ¤āĻŋāĻā§āĻ°āĻŋāĻ¯āĻŧāĻž (ANSWER) āĻĒā§āĻ¯āĻŧā§āĻāĻŋā§ˇ
[root@golinuxhub-client named]# dig -x 192.168.1.7
; <<>> DiG 9.9.4-RedHat-9.9.4-50.el7 <<>> -x 192.168.1.7
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 55804
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;7.1.168.192.in-addr.arpa. IN PTR
;; ANSWER SECTION:
7.1.168.192.in-addr.arpa. 86400 IN PTR golinuxhub-client.example.
;; AUTHORITY SECTION:
1.168.192.in-addr.arpa. 86400 IN NS example.
;; ADDITIONAL SECTION:
example. 86400 IN A 192.168.1.7
;; Query time: 1 msec
;; SERVER: 192.168.1.7#53(192.168.1.7)
;; WHEN: Mon Feb 12 22:12:54 IST 2018
;; MSG SIZE rcvd: 122āĻāĻŽāĻ°āĻž āĻāĻāĻ āĻāĻžāĻŦā§ āĻ¸āĻ°āĻžāĻ¸āĻ°āĻŋ āĻā§āĻ¨ āĻā§āĻ āĻāĻ°āĻ¤ā§ āĻĒāĻžāĻ°ā§āĻ¨.
[root@golinuxhub-client named]# nslookup golinuxhub-client.example
Server: 192.168.1.7
Address: 192.168.1.7#53
Name: golinuxhub-client.example
Address: 192.169.1.7
[root@golinuxhub-client named]# nslookup golinuxhub-server.example
Server: 192.168.1.7
Address: 192.168.1.7#53
Name: golinuxhub-server.example
Address: 192.168.1.5RHEL 7-āĻāĻ° āĻŽāĻ¤ā§ āĻāĻ āĻ¨āĻŋāĻŦāĻ¨ā§āĻ§āĻāĻŋ āĻāĻŋāĻā§āĻāĻž āĻĒā§āĻ°āĻ¨ā§ āĻšāĻ¯āĻŧā§ āĻā§āĻā§, āĻāĻĒāĻ¨āĻžāĻā§ āĻāĻ° chroot-āĻ āĻŦāĻžāĻāĻ¨ā§āĻĄ āĻāĻ¨āĻĢāĻŋāĻāĻžāĻ°ā§āĻļāĻ¨ āĻĢāĻžāĻāĻ˛ āĻāĻĒāĻŋ āĻāĻ°āĻ¤ā§ āĻšāĻŦā§ āĻ¨āĻžāĨ¤ .
āĻāĻ¤ā§āĻ¸: www.habr.com