「BIND9」- 杂记


Configure BIND DNS Server to Listen Only On Certain IP Address or Network Interface


# 下载:ftp://ftp.isc.org/isc/


# 文档:https://kb.isc.org/docs/aa-01310
# 对于历史版本的文档,需要到源码目录中查找
# BIND 9.9 Administrator Reference Manual (ARM)

# 技巧与提示

How to Check DNS ( BIND ) Configuration File
检查配置文件:named-checkconf /etc/named.conf

Turn on or enable BIND DNS server logging to see all queries or for troubleshooting problem
打开及关闭日志都可以使用rndc querylog命令,然后查看tail -f /var/log/message文件。

# 转发和递归的区别

What’s the difference between recursion and forwarding in bind


just passes the DNS query to another DNS server (e.g. your ISP’s). Home routers use forwarding to pass DNS queries from your home network’s clients to your ISP’s DNS servers.

For example, for foo.example.com, a forwarding DNS server would first check its cache (did it already ask this question before), and if the answer is not in its cache, it would ask its forwarder (your ISP’s DNS server) for the answer, which would respond with either a cached response, or would perform recursion until it figured out the answer.


the DNS server receiving the query takes it upon itself to figure out the answer to that query by recursively querying authoritative DNS servers for that domain.

For example, for foo.example.com, a recursor would first query the root servers for what DNS servers are responsible for the .com TLD, then it would ask those servers for example.com, then it would query the servers for example.com for foo.example.com, finally getting the answer to the original query.