2.4.验证
复制代码
[root@linuxprobe ~]# unbound-checkconf
unbound-checkconf: no errors in /etc/unbound/unbound.conf
验证无配置问题,即可重启服务
复制代码
[root@linuxprobe ~]# systemctl restart unbound
dns验证:
-------------------------修改本机DNS------------------------
复制代码
[root@linuxprobe ~]# vim /etc/sysconfig/network-scripts/ifcfg-eth0
HWADDR=00:0C:29:70:····
TYPE=Ethernet
····
IPADDR="192.168.10.10"
PREFIX="24"
···
DNS1=192.168.10.10
NAME=eth0
ONBOOT=no
[root@linuxprobe ~]# systemctl restart network
----------------------------------------------------nslookup验证--------------------------------------------
复制代码
[root@linuxprobe ~]# nslookup
linuxprobe.example.com.
192.168.10.10
ok dns设置成功
PS:关闭防火墙
在本次实验中我们关闭了 linux 的3大防火墙。当没有关闭防火墙时,远程主机验证可能出现故障,这时需要在 DNS 服务器防火墙上开放 DNS 服务。我们以 firewall 防火墙为例,修改一下:
复制代码
[root@linuxprobe ~]# systemctl stop iptables
[root@linuxprobe ~]# systemctl stop ebtables
[root@linuxprobe ~]# systemctl disable iptables
[root@linuxprobe ~]# systemctl disable ebtables
[root@linuxprobe ~]# firewall-cmd --add-service=dns --permanent
success
[root@linuxprobe ~]# firewall-cmd --reload
success
[root@linuxprobe ~]# firewall-cmd --list-all
public (default, active)
interfaces: eth0
sources:
services: dhcpv6-client dns ssh
ports:
masquerade: no
forward-ports:
icmp-blocks:
rich rules:
//DNS服务器上Firewall开放DNS访问ok
