{"id":952,"date":"2014-10-29T11:07:12","date_gmt":"2014-10-29T03:07:12","guid":{"rendered":"http:\/\/blog.amjet.biz\/IT\/?p=952"},"modified":"2014-10-29T17:01:11","modified_gmt":"2014-10-29T09:01:11","slug":"bind-%e8%a8%ad%e5%ae%9a","status":"publish","type":"post","link":"https:\/\/blog.amjet.biz\/IT\/?p=952","title":{"rendered":"BIND \u8a2d\u5b9a\u7b46\u8a18"},"content":{"rendered":"<p>\u9996\u5148\u8a02\u51fa DNS \u670d\u52d9\u7684\u5c0d\u8c61\uff0c \u7531\u65bc primary or secondary server \u8981\u63d0\u4f9b domain \u7684\u8cc7\u8a0a<br \/>\n\u4f9b\u5916\u754c\u67e5\u8a62\uff0c \u4ee5\u4e0b\u9019\u500b\u8a2d\u5b9a\u662f\u5fc5\u8981\u7684<br \/>\nallow-query { any; };<\/p>\n<p>\u7576 DNS server \u6536\u5230\u975e\u81ea\u6709 domain \u67e5\u8a62\u6642\uff0c \u4f8b\u5982 client \u67e5\u8a62 www.google.com\uff0c \u4f9d\u64da<br \/>\n\u8a2d\u5b9a\u6703\u6709\u5169\u7a2e\u8655\u7406\u65b9\u5f0f<br \/>\n1. recursion yes<br \/>\nserver \u6703\u5148\u554f root server\uff0c \u627e\u5230 TLD .com\uff0c \u5728\u627e\u5230 google.com \u7684 dns server \u5f8c\uff0c<br \/>\n\u554f\u51fa www.google.com \u7684\u8cc7\u6599\uff0c \u56de\u8986 client \u5f8c\u653e\u4e00\u4efd\u5728 cache \u4f9b\u5f8c\u7e8c\u67e5\u8a62\uff0c \u5982\u679c\u9019\u7a2e<br \/>\n\u67e5\u8a62\u670d\u52d9\u6c92\u6709\u8a2d\u5b9a\u670d\u52d9\u5c0d\u8c61\uff0c \u5c31\u662f\u6240\u8b02\u7684 open resolver\uff0c \u6703\u6d88\u8017\u7db2\u8def\u983b\u5bec\u7b49\u8cc7\u6e90, \u751a\u81f3<br \/>\n\u6210\u70ba <a href=\"https:\/\/www.us-cert.gov\/ncas\/alerts\/TA13-088A\" target=\"_blank\">DNS Amplification Attacks<\/a> \u7684\u5de5\u5177\uff0c \u9650\u5236\u670d\u52d9\u5c0d\u8c61\u8a2d\u5b9a\u5982\u4e0b<br \/>\nacl mynet { 192.168.1.0\/24; };<br \/>\noptions {<br \/>\nallow-recursion { mynet; };<br \/>\n};<br \/>\n2. recursion no<br \/>\nserver \u56de\u8986\u4e00\u500b\u67e5\u8a62\u9ede\uff0c \u7531 client \u4f5c\u696d\u7cfb\u7d71\u5f9e\u9019\u500b\u9ede\u5f80\u4e0b\u67e5\uff0c \u76f4\u5230\u53d6\u5f97\u7b54\u6848<\/p>\n<p>server cache \u7684\u8cc7\u6599\u53ef\u4ee5\u52a0\u901f\u67e5\u8a62\u53ca\u7bc0\u7701\u983b\u5bec\uff0c \u4f46\u662f\u5982\u679c\u5c0d\u5916\u958b\u653e\u4e0d\u8a2d\u9650\uff0c \u4ecd\u7136\u53ef\u80fd\u88ab\u8aa4<br \/>\n\u7528\uff0c \u53ef\u4ee5\u7528\u4ee5\u4e0b\u8a2d\u5b9a\u9650\u5236<br \/>\nallow-query-cache { mynet; };<\/p>\n<p>[ratings]<\/p>\n","protected":false},"excerpt":{"rendered":"<p>\u9996\u5148\u8a02\u51fa DNS \u670d\u52d9\u7684\u5c0d\u8c61\uff0c \u7531\u65bc primary or secondary server \u8981\u63d0\u4f9b domain \u7684\u8cc7\u8a0a \u4f9b\u5916\u754c\u67e5\u8a62\uff0c \u4ee5\u4e0b\u9019\u500b\u8a2d\u5b9a\u662f\u5fc5\u8981\u7684 allow-query { any; }; \u7576 DNS server \u6536\u5230\u975e\u81ea\u6709 domain \u67e5\u8a62\u6642\uff0c \u4f8b\u5982 client \u67e5\u8a62 www.google.com\uff0c \u4f9d\u64da \u8a2d\u5b9a\u6703\u6709\u5169\u7a2e\u8655\u7406\u65b9\u5f0f 1. recursion yes server \u6703\u5148\u554f root server\uff0c \u627e\u5230 TLD .com\uff0c \u5728\u627e\u5230 google.com \u7684 dns server \u5f8c\uff0c \u554f\u51fa www.google.com \u7684\u8cc7\u6599\uff0c \u56de\u8986 client \u5f8c\u653e\u4e00\u4efd\u5728 cache \u4f9b\u5f8c\u7e8c\u67e5\u8a62\uff0c \u5982\u679c\u9019\u7a2e \u67e5\u8a62\u670d\u52d9\u6c92\u6709\u8a2d\u5b9a\u670d\u52d9\u5c0d\u8c61\uff0c [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[15],"tags":[107,108],"class_list":["post-952","post","type-post","status-publish","format-standard","hentry","category-centos","tag-bind","tag-dns"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/blog.amjet.biz\/IT\/index.php?rest_route=\/wp\/v2\/posts\/952","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.amjet.biz\/IT\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.amjet.biz\/IT\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.amjet.biz\/IT\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.amjet.biz\/IT\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=952"}],"version-history":[{"count":3,"href":"https:\/\/blog.amjet.biz\/IT\/index.php?rest_route=\/wp\/v2\/posts\/952\/revisions"}],"predecessor-version":[{"id":955,"href":"https:\/\/blog.amjet.biz\/IT\/index.php?rest_route=\/wp\/v2\/posts\/952\/revisions\/955"}],"wp:attachment":[{"href":"https:\/\/blog.amjet.biz\/IT\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=952"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.amjet.biz\/IT\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=952"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.amjet.biz\/IT\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=952"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}