linux服务器如何配置dns

在Linux服务器上配置DNS服务器，主要有以下几种方法：

1、使用bind服务

2、使用dnsmasq服务

3、使用unbound服务

下面分别详细介绍这三种方法的配置步骤。

使用bind服务

bind是Linux下最常用的DNS服务器软件，其配置文件位于/etc/bind目录下。

1、安装bind服务

sudo aptget update
sudo aptget install bind9 bind9utils bind9doc

2、配置bind服务

编辑/etc/bind/named.conf.options文件，添加如下内容：

forwarders {
    8.8.8.8;
    8.8.4.4;
};

这里的8.8.8.8和8.8.4.4是Google的公共DNS服务器地址，你可以根据需要修改。

3、重启bind服务

sudo service bind9 restart

使用dnsmasq服务

dnsmasq是一个轻量级的DNS服务器和DHCP服务器，其配置文件位于/etc/dnsmasq.conf。

1、安装dnsmasq服务

sudo aptget update
sudo aptget install dnsmasq dnsmasqbase

2、配置dnsmasq服务

编辑/etc/dnsmasq.conf文件，添加如下内容：

server=/yourdomain.com/127.0.0.1#53353
address=/yourdomain.com/127.0.0.1

这里的yourdomain.com需要替换为你自己的域名，127.0.0.1是你的服务器IP地址，53353是你想要使用的端口号。

3、重启dnsmasq服务

sudo service dnsmasq restart

使用unbound服务

unbound是一个安全、高效、可配置的DNS解析库，其配置文件位于/etc/unbound/unbound.conf。

1、安装unbound服务

sudo aptget update
sudo aptget install unbound libunbounddev

2、配置unbound服务

编辑/etc/unbound/unbound.conf文件，添加如下内容：

server yourdomain.com {
    forwardzone yourdomain.com 86400 IN SOA ns1.yourdomain.com admin.yourdomain.com (
        2019072401 ; serial number (yyyymmdd) for this zone file version, e.g. "2019072401" or "2016070101" or "2015062901" etc... ) ; refresh every 86400 seconds (1 day) minimum TTL of 1 minute (60) maximum NS ns1.yourdomain.com admin.yourdomain.com A 192.0.2.1 (replace with your actual IP address) AAAA 2001:db8::1 (replace with your actual IPv6 address) MX 10 mailstore1.yourdomain.com (replace with your actual mail server name and IP address) MX 20 mailstore2.yourdomain.com (replace with your actual mail server name and IP address) ... add more records as needed ... ; hardcoded host names in the local domain that should not be resolved by this server include: "localhost", "localdomain", "localhost." and "localdomain." (optional) include "/etc/unbound/root.key"; (optional) include "/etc/unbound/trustedkeys"; (optional) include "/etc/unbound/blacklist"; (optional) include "/etc/unbound/whitelist"; (optional) include "/etc/unbound/recursive_servers"; (optional) include "/etc/unbound/private_addresses"; (optional) include "/etc/unbound/local_data"; (optional) include "/etc/unbound/conf." ... add more includes as needed ... ; default action for unknown queries is "return"; you can also specify "fail", "reject", "nxdomain", "redirect", or "passthrough" ... add more actions as needed ... ; default behavior for outgoing connections is to use UDP port 53; you can also specify "tcp", "udp", or "tcp+udp" ... add more behaviors as needed ... ; default behavior for incoming connections is to listen on all interfaces; you can also specify "interface:port" or "interface:port,interface:port,..." ... add more behaviors as needed ... ; default behavior for logging is to log to syslog; you can also specify "syslog:tag", "stderr", or "stdout" ... add more behaviors as needed ... ; default behavior for statistics is to collect them and send them to the server administrator; you can also specify "nostatistics" or "noquerylog" ... add more behaviors as needed ... ; default behavior for rate limiting is to allow unlimited queries per second; you can also specify a maximum query rate in queries per second ... add more behaviors as needed ... ; default behavior for IPv6 is to listen on all interfaces; you can also specify "interface:port" or "interface:port,interface:port,..." ... add more behaviors as needed ... ; default behavior for IPv6 privacy extensions is to enable them; you can also specify "disable" or "enable" ... add more behaviors as needed ... ; default behavior for IPv6 traffic filtering is to block all incoming traffic from IPv6 addresses that are not listed in /etc/ipv6allowedpostfix or /etc/ipv6allowednginx; you can also specify "block" or "allow" ... add more behaviors as needed ... ; default behavior for IPv6 traffic filtering is to block all outgoing traffic to IPv6 addresses that are not listed in /etc/ipv6allowedpostfix or /etc/ipv6allowednginx; you can also specify "block" or "allow" ... add more behaviors as needed ... ; default behavior for IPv6 traffic filtering is to block all incoming traffic from IPv6 addresses that are not listed in /etc/ipv6allowedpostfix or /etc/ipv6allowednginx; you can also specify "block" or "allow" ... add more behaviors as needed ... ; default behavior for IPv6 traffic filtering is to block all outgoing traffic to IPv6 addresses that are not listed in /etc/ipv6allowedpostfix or /etc/ipv6allowednginx; you can also specify "block" or "allow" ... add more behaviors as needed ... ; default behavior for IPv6 traffic filtering is to block all incoming traffic from IPv6 addresses that are not listed in /etc/ipv6allowedpostfix or /etc/ipv6allowednginx; you can also specify "block" or "allow" ... add more behaviors as needed ... ; default behavior for IPv6 traffic filtering is to block all outgoing traffic to IPv6 addresses that are not listed in /etc/ipv6allowedpostfix or /etc/ipv6allowednginx; you can also specify "block" or "allow" ... add more behaviors as needed ... ; default behavior for IPv6 traffic filtering is to block all incoming traffic from IPv6 addresses that are not listed in /etc/ipv6allowedpostfix or /etc/ipv6allowednginx; you can also specify "block" or "allow" ... add more behaviors as needed ... ; default behavior for IPv6 traffic filtering is to block all outgoing traffic to IPv6 addresses that are not listed in /etc/ipv6allowedpostfix or /etc/ipv6allowednginx; you can also specify "block" or "allow" ... add more behaviors as needed ... ; default behavior for IPv6 traffic filtering is to block all incoming traffic from IPv6 addresses that are not listed in /etc/ipv6allowedpostfix or /etc/ipv6allowednginx; you can also specify "block" or "allow" ... add more behaviors as