安装DNS服务
yum install -y bind* caching-nameserver
将主配置文件改名为named.conf
cd /var/named/chroot/etc/ mv name.caching-nameserver.conf named.conf
将 ip 设为 192.168.1.1/24
echo "nameserver 192.168.1.1" > /etc/resolv.conf
修改配置文件 named.conf
grep -v "^#" named.conf | grep -v "//" | grep -v "^$"
options { listen-on port 53 { 127.0.0.1; 192.168.1.1; }; directory "/var/named"; dump-file "/var/named/data/cache_dump.db"; statistics-file "/var/named/data/named_stats.txt"; memstatistics-file "/var/named/data/named_mem_stats.txt"; allow-query { any; }; allow-query-cache { any; }; }; logging { channel default_debug { file "data/named.run"; severity dynamic; }; }; view localhost_resolver { match-clients { any; }; match-destinations { any; }; recursion yes; include "/etc/named.rfc1912.zones"; };
配置 named.rfc1912.zones 文件 添加:
zone "xiaozi.com" IN { type master; file "xiaozi.com.zone"; allow-transfer { 192.168.1.2; }; //192.168.1.2 为 从域名服务器的ip }; zone "1.168.192.in-addr.arpa" IN { type master; file "xiaozi.local"; allow-transfer { 192.168.1.2; }; };
配置 区域传送文件:xiaozi.com.zone , xiaozi.local
cd /var/named/chroot/var/named/ cp -p localhost.zone xiaozi.com.zone //-p 可以保持文件的权限不变 cp -p named.local xiaozi.local
编辑文件:xiaozi.com.zone
$TTL 86400 @ IN SOA xiaozi.com root.xiaozi.com ( 42 ; serial (d. adams) 3H ; refresh 15M ; retry 1W ; expiry 1D ) ; minimum IN NS ns.xiaozi.com. ns IN A 192.168.1.1 www IN CNAME ns
编辑文件:xiaozi.local
$TTL 86400 @ IN SOA xiaozi.com. root.xiaozi.com. ( 1997022700 ; Serial 28800 ; Refresh 14400 ; Retry 3600000 ; Expire 86400 ) ; Minimum IN NS ns.xiaozi.com. 1 IN PTR ns. 1 IN PTR www.
将服务重启 , 设为开机自启动:
service named restart chkconfig named on
从服务器的配置 : 只需修改 /var/named/chroot/etc/named.rfc1912.zones , 添加:
zone "xiaozi.com" { type slave; masters { 192.168.1.1; }; //一定要注意格式,ip地址两旁与括号之间至少留一个空格; file "slaves/xiaozi.com.zone"; }; zone "1.168.192.in-addr.arpa" { type slave; masters { 192.168.1.1; }; file "slaves/xiaozi.local"; };
然后就可以启动服务了,如果没有传送过来,可能是因为 selinux ; iptables 等的原因;
关闭selinux:
setenforce 0 getenforce Permission
关闭防火墙:
iptables -F 或 service iptables stop
如果传送成功,可以用nslookup ; host ; dig 等命令来验证 (在从服务器上,将nameserver 指向本地即可)
^_^ , 呵呵,这是 xiaozi 的第一篇博客,写的很差劲,还请大家多多点评,谢谢!!!