客户端linux 靠 /etc/resolv.conf 指定
服务器端 安装BIND
tar xvzf bind-9.2.3.tar.gz
cd bind-9.2.3
./configure -sysconfdir=/etc
make
make install
vi /etc/named.conf 主配置文件
vi /var/named/domain.come.zone
named
rpm包里包含这个软件有配置的范例
caching-nameserver 软件包 包含DNS 配置范例
手动配置主配置文件
options {
directory "/var/named";
};
zone "."
{
type hint;
file "named.ca";
};
zone "localhost"
{
type master;
file "named.local";
};
默认不存在/var/named
产生named.ca文件
echo "namedserver 202.196.33.2" > /etc/resolv.conf
dig -t NS . > /var/named/named.ca
用RNDC控制服务器 RNDC的作用????
1.产生rndc控制文件
rndc-confgen > /etc/rndc.conf
tail +13 /etc/rndc.conf >> /etc/named.conf
2.启动named 服务器,监视/var/log/message
named
tail /var/log/messages
3.测试rndc和解析的效果
rndc status
echo "nameserver 127.0.0.1" > /etc/resolv.conf
host www.chinaitlab.com
编辑/var/named/named.local
管理员邮箱地址
@ 1D IN SOA localhost. root (
2004071201 ;serial 序列号
1H ;refresh 刷新
15M ;retry
1W ;expire
1D ;TTL
)
IN NS @
IN A 127.0.0.1
测试
host localhost
dig localhost
增加一个正向区
/etc/named.conf
zone "chinaitlab.com" {
type master;
file "chinaitlab.com.zone";
};
/var/named/chinaitlab.com.zone
......
IN NS ns.chinaitlab.com.
IN MX 5 mail.chinaitlab.com.
ns IN A 10.0.0.254
www. IN A 10.0.0.1
mail IN A 10.0.0.2
dns IN A 10.0.0.254
tail /var/log/messages
通过以下可以少写域名
echo "search chinaitlab.com" >/etc/resolv.conf
host www
127.0.0的反向区
/etc/named.conf追加:
zone "0.0.127.in-addr.arpa" {
type master;
file "127.0.0.zone";
};
编辑/var/named/127.0.0.zone;
@ IN SOA @ root.localhost (
.....
)
......
IN NS localhost.
1 IN PTR localhost.
测试
host 127.0.0.1
需要两台计算机做实验:
子域授权
主服务器的/etc/named/chinaitlab.com.zone
domain IN NS ns.domain
(domain.chinaitlab.com IN NS ns.domain.chinaitlab.com.)
ns.domain IN A 10.0.0.2
子域服务器的区文件domain.chinaitlab.com.zone:
@ IN SOA domain.chinaitlab.com. root.domain.chinaitlab.com.
( )
IN NS ns.domain.chinaitlab.com.
ns IN A 10.0.0.2
www IN A 10.1.0.1
重启服务器
rndc reload
tail /var/log/messages
测试解析
host -t SOA chinaitlab.com
host -t NS chinaitlab.com
host -t A chinaitlab.com
测试反向区
host 127.0.0.1
dig -x 127.0.0.1
反向解析
@ 1D IN SOA chinaitlab.com. root.chinaitlab.com. (
2004081201
1H
15M
1W
1D )
IN NS chinaitlab.com.
2 IN PTR chinaitlab.com.
5 IN PTR www.chinaitlab.com.
6 IN PTR mail.chinaitlab.com.
正向解析
@ 1D IN SOA chinaitlab.com. root (
2004081201
1H
15M
1W
1D )
IN NS @
IN MX 5 mail.chinaitlab.com.
IN A 192.168.1.2
www IN A 192.168.1.5
mail IN A 192.168.1.6
news IN CNAME www
辅助域名服务器(另一台服务器)
/etc/named.conf
zone "chinaitlab.com" {
type slave;
file "chinaitlab.com.zone";
masters { 192.168.1.2; };
};
然后改变 /var/named 的权限
chmod g+w /var/named
rndc reload
ls /var/named
tail /var/log/messages
ls -ld /var/named
以普通用户身份实行
首先修改named.conf,设置pid-file选项值
options {
.......
pif-file "/var/run/named/named.pid";
};
useradd -s /bin/false -d /dev/null named
mkdir /var/yun/named
chown named.named /var/run/named
chmod 700 /var/run/named
named -u named
echo "/usr/local/sbin/named -u named">> /etc/rc.local
根据需要修改/var/named目录的属性。
当以普通用户身份运行服务器时,
配置辅助域名服务器的时候要
修改/var/named的权限 为named 组可读。
