DNS服务搭建

原创

huangyangjh 2015-11-30 22:49:34 ©著作权

文章标签 file master localhost 文章分类 运维

©著作权归作者所有：来自51CTO博客作者huangyangjh的原创作品，谢绝转载，否则将追究法律责任

一.DNS服务搭建

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

①yum install -y bind;cp /etc/named.conf /etc/named.conf.bak;>/etc/named.conf

②vim /etc/named.conf

-------------------------------------------------------------------------------------------

options {

directory "/var/named";

};

zone"."IN {

type hint;

file "named.ca";

};

zone"localhost"IN {

type master;

file "localhost.zone";

};

zone"0.0.127.in-addr.arpa"IN {

type master;

file "named.local";

};

-------------------------------------------------------------------------------------------

③chown named /etc/named.conf

④cd /var/named/

⑤dig -t NS . > named.ca

⑥vim localhost.zone

-------------------------------------------------------------------------------------------

@ IN SOA localhost. admin.localhost. （

2013081601

10M

)

@ IN NS localhost.

localhost. IN A 127.0.0.1

-------------------------------------------------------------------------------------------

⑦vim named.local

----------------------------------------------------------------------------------------------

$TTL 86400

@ IN SOA localhost. admin.localhost. (

2013081601

10M

)

@ IN NS localhost.

1 IN PTR localhost

-------------------------------------------------------------------------------------

⑧检查配置是否有问题：named-checkconf

⑨检测正解析：named-checkzone "localhost" /var/named/localhost.zone

⑩检测反解析：named-checkzone "0.0.127.in-addr.arpa" /var/named/named.local

11生成rndc.key:rndc-confgen -r /dev/urandom -a ;chown named:named /etc/rndc.key

12启动:/etc/init.d/named start

13检测是否监听53端口：netstat -lnp|grep named

14测试正向解析：dig @127.0.0.1 localhost.

15测试反向解析：dig @127.0.0.1 -x 127.0.0.1

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

二.增加一个域名

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

①vim /etc/named.conf增加

--------------------------------------------------------------------------------------------

zone "abc.com" IN {

type master;

file "abc.com.zone";

};

zone"137.168.192.in-addr.arpa"IN {

type master;

file "192.168.zone";

};

-------------------------------------------------------------------------------------------

②编辑zone文件：vim /var/named/abc.com.zone

-------------------------------------------------------------------------------------------

$TTL 600

@ IN SOA abc.com. root.abc.com. (

2013081601

10M

)

IN NS ns.abc.com.

IN MX 10 mail.abc.com.

ns IN A 192.168.0.11

www IN A 192.168.137.73

mail IN A 192.168.137.10

bbs IN CNAME www.abc.com.

-------------------------------------------------------------------------------------------

③编辑反解析文件：vim /var/named/192.168.zone

-------------------------------------------------------------------------------------------

$TTL 600

@ IN SOA ns.abc.com. root.abc.com. (

2013081601

10M

)

@ IN NS ns.abc.com.

10 IN PTR ns.abc.com.

11 IN PTR mail.abc.com.

73 IN PTR www.abc.com.

-------------------------------------------------------------------------------------------

④检查配置文件：named-checkzone "abc.com" /var/named/abc.com.zone

named-checkzone "137.168.192.in-addr.arpa" /var/named/192.168.zone

⑤测试正向解析：dig @127.0.0.1 www.abc.com

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

三.DNS转发（我们配置的DNS只能解析我们定义的zone，DNS转发就可以解析其他互联网的域名）

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

在vim /etc/named.conf 在options{}里面加入

forward first;

forwarders {8.8.8.8;};

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

四.配置主从(主：192.168.137.2从：192.168.137.4)

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

①在从服务器：yum install -y bind

②拷贝主服务器的配置文件(远程复制scp)：/etc/named.conf

/var/named/localhost.zone

/var/named/named.local

③修改从的配置文件（其他的不改）：vim /etc/named.conf

------------------------------------------------------------------------------------------

zone "abc.com" IN {

type slave;

file "slaves/abc.com.zone";

masters { 192.168.137.2; };

};

zone"137.168.192.in-addr.arpa"IN {

type slave;

file "slaves/192.168.zone";

masters { 192.168.137.2; };

};

-------------------------------------------------------------------------------------------

④生成rndc.key:rndc-confgen -r /dev/urandom -a ;chown named:named /etc/rndc.key

⑤启动：/etc/init.d/named start(会在/var/named/slaves生成文件)

⑥测试主从同步（主上序列号要大于从，还要注意虚拟机时间要一致：ntpdate time.nist.gov）：

1.被动：比较困难

2.主动：(主)vim /etc/named.conf 加入

-------------------------------------------------------------------------------------------

zone "abc.com" IN {

type master;

file "abc.com.zone";

notify yes;

also-notify { 192.168.137.4; };

};

-------------------------------------------------------------------------------------------

提问和评论都可以，用心的回复会被更多人看到评论

发布评论

相关文章

官方博客	全部文章	热门标签	班级博客
了解我们	网站地图	意见反馈

鸿蒙开发者社区	51CTO学堂
51CTO	软考资讯