在192.168.1.103上配置ops.test.com.子域,配置转发,使它可以解析test.com.父域以及1.168.192反向域
一、安装bind9:
yum install -y bind
二、修改配置文件:
cp /etc/named.conf{,.back} //先做备份
vim /etc/named.conf
chkconfig --level 35 named on
service named start
三、配置ops.test.com.子域:
cp /etc/named.rfc1912.zones{,.back} //先做备份
vim /etc/named.rfc1912.zones
vim /var/named/ops.test.com.zone
chown :named /var/named/ops.test.com.zone
chmod 640 /var/named/ops.test.com.zone //修改文件权限
rndc reload
验证:
dig -t A www.ops.test.com @192.168.1.103 //任意主机上执行
dig -t MX ops.test.com @192.168.1.103 //任意主机上执行
dig -t A ftp.ops.test.com @192.168.1.101 //192.168.1.0/24网段的主机上执行
dig -t A ftp.ops.test.com @192.168.1.101 //在非192.168.1.0/24网段的主机上执行
四、配置转发域:
cp /etc/named.rfc1912.zones{,.back} //先做备份
vim /etc/named.rfc1912.zones
验证:
dig -t A ftp.test.com @192.168.1.103 //192.168.1.0/24主机上执行
dig -t A ftp.test.com @192.168.1.103 //非192.168.1.0/24主机上执行
进一步测试:
关闭192.168.1.101
rndc flush //在192.168.1.103上执行,清除dns查询缓存
dig -t A ftp.test.com @192.168.1.103 //192.168.1.0/24主机上执行
继续关闭192.168.1.102
dig -t A mx.test.com @192.168.1.103 //192.168.1.0/24主机上执行
开启192.168.1.101
rndc flush //在192.168.1.103上执行,清除dns查询缓存
dig -t A www.test.com @192.168.1.103 //192.168.1.0/24主机上执行
五、解决父域转发的问题:
为了使101服务器和102服务器可以直接把子域的查询请求转发到103上,需要在101和102服务器上配置区域转发
在101和102服务器上操作
cp /etc/named.rfc1912.zones{,.back} //先做备份
vim /etc/named.rfc1912.zones
rndc reload
验证:
dig -t A www.ops.test.com @192.168.1.101 //192.168.1.0/24主机上执行
dig -t A mx.ops.test.com @192.168.1.102
附:
/etc/named.conf
//
// named.conf
//
// Provided by Red Hat bind package toconfigure the ISC BIND named(8) DNS
// server as a caching only nameserver(as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ forexample named configuration files.
//
acl myNet {
192.168.1.0/24;
};
options {
listen-onport 53 { 192.168.1.103; 127.0.0.1; };
// listen-on-v6port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { any; };
recursionyes;
allow-recursion{ myNet; };
dnssec-enableno;
dnssec-validationno;
forwardfirst;
forwarders { 192.168.1.104; };
/*Path to ISC DLV key */
// bindkeys-file"/etc/named.iscdlv.key";
// managed-keys-directory"/var/named/dynamic";
};
logging {
channel default_debug {
file"data/named.run";
severity dynamic;
};
};
zone "." IN {
typehint;
file"named.ca";
};
include"/etc/named.rfc1912.zones";
include "/etc/named.root.key";
/etc/named.rfc1912.zones
// named.rfc1912.zones:
//
// Provided by Red Hat caching-nameserverpackage
//
// ISC BIND named zone configuration forzones recommended by
// RFC 1912 section 4.1 : localhost TLDsand address zones
// and http://www.ietf.org/internet-drafts/draft-ietf-dnsop-default-local-zones-02.txt
// (c)2007 R W Franks
//
// See /usr/share/doc/bind*/sample/ forexample named configuration files.
//
zone "localhost.localdomain" IN{
typemaster;
file"named.localhost";
allow-update{ none; };
};
zone "localhost" IN {
typemaster;
file"named.localhost";
allow-update{ none; };
};
zone"1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa"IN {
typemaster;
file"named.loopback";
allow-update{ none; };
};
zone "1.0.0.127.in-addr.arpa"IN {
typemaster;
file"named.loopback";
allow-update{ none; };
};
zone "0.in-addr.arpa" IN {
typemaster;
file"named.empty";
allow-update{ none; };
};
zone "ops.test.com" IN {
typemaster;
file"ops.test.com.zone";
allow-update{ none; };
};
zone "test.com" IN {
typeforward;
forwardfirst;
forwarders{ 192.168.1.101; 192.168.1.102; };
};
zone "1.168.192.in-addr.arpa"IN {
typeforward;
forwardfirst;
forwarders{ 192.168.1.101; 192.168.1.102; };
};
/var/named/ops.test.com.zone
$TTL 86400 $ORIGIN ops.test.com. @ IN SOA ops.test.com. admin ( 2016122002 1H 5M 7D 1D ) IN NS ns1 IN MX 10 mx ns1 IN A 192.168.1.103 mx IN A 192.168.1.222 www IN A 192.168.1.22 ftp IN CNAME www
