DNS服务器安装与配置
1.查询是否安装DNS服务器 rpm -qa |grep bind
2.安装DNS服务器
rpm -ivh bind-*.rpm //BIND服务器软件包
rpm -ivh bind-libs-*.rpm //提供实现域名解析功能必备的库文件
rpm -ivh bind-utils-*.rpm //提供了对DNS服务器的测试工具程序
2./etc/named.conf全局配置
options {
listen-on port 53 { 192.168.1.70; };
directory "/var/named"; //区域数据文件存放的目录
dump-file "/var/named/data/cache_dump.db"; //用于设置域名缓存文件的保存位置
statistics-file "/var/named/data/named_stats.txt"; //保存解析的统计信息
};
zone "." IN {
type hint; //根区域
file "named.ca"; //根区域文件,保存在/var/named/下
};
zone "localhost" IN {
type master;
file "localhost.zone";
};
zone "0.0.127.in-addr.arpa" IN {
type master;
file "localhost.rev";
};
zone "test.com" IN {
type master;
file "test.com.zone";
};
zone "1.168.192.in-addr.arpa" IN {
type master;
file "1.168.192.rev";
};
3.建立正向区域文件
vi /var/named/test.com.zon
$TTL 86400
@ IN SOA dns1.test.com. root.test.com. (
42 ;serial //更新服务器时加1,通告辅助DNS服务器须要更新
3H ;refresh //主服务器每隔3小时刷新一次
15M ;retry //辅DNS每隔15分钟向主DNS联系
1W ;expiry //联系不上一周之后删除记录
1D) ;minimum
IN NS dns1.test.com. //名称服务器记录
IN NS dns2.test.com.
IN MX 10 mail.test.com.
dns1 IN A 192.168.1.70 //主机到IP地址的记录
dns2 IN A 192.168.1.71
www IN CNAME dns1.test.com.
ftp IN CNAME dns2.test.com.
mail IN CNAME dns2.test.com.
4.建立反射区域文件
vi /var/named/1.168.192.rev
$TTL 86400
@ IN SOA dns1.test.com. root.test.com. (
132323232 ; Serial
28808 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Mimimum
IN NS dns1.test.com.
IN NS dns2.test.com.
70 IN PTR dns1.test.com.
70 IN PTR www.test.com.
71 IN PTR dns2.test.com.
71 IN PTR ftp.test.com.
5.检查配置文件是否正确:
named-checkconf
检查正向区域文件是否正确
named-checkzone test.com /var/named/test.com.zone
检查反向区域文件是否正确
named-checkzone 1.168.192.in-addr.arpa /var/named/1.168.192.rev
6.重启DNS服务器: service named restart
7.本机配置文件
vi /etc/resolv.conf
nameserver 192.168.1.70
vi /etc/hosts
192.168.1.70 server.com server
8.用nslookup测试
9.用nslookup测试时出现:;; connection timed out; no servers could be reached
解决方法: vi /etc/named.conf
listen-on port 53 { 192.168.1.70; };
10.构建辅助域名服务器
(1).查询是否安装DNS服务器 rpm -qa |grep bind
(2).安装DNS服务器
rpm -ivh bind-*.rpm //BIND服务器软件包
rpm -ivh bind-libs-*.rpm //提供实现域名解析功能必备的库文件
rpm -ivh bind-utils-*.rpm //提供了对DNS服务器的测试工具程序
(3).DNS主配置文件 vi /etc/named.conf
options {
listen-on port 53 { 192.168.1.70; };
directory "/var/named"; //区域数据文件存放的目录
dump-file "/var/named/data/cache_dump.db"; //用于设置域名缓存文件的保存位置
statistics-file "/var/named/data/named_stats.txt"; //保存解析的统计信息
};
zone "." IN {
type hint; //根区域
file "named.ca"; //根区域文件,保存在/var/named/下
};
zone "server.com" IN {
type slave;
file "slaves/server.com.zone";
masters {192.168.1.70;};
};
zone "1.168.192.in-addr.arpa" IN {
type hint;
file "slaves/1.168.192.rev";
masters {192.168.1.70;};
};
(4).复制区域文件
cp /var/named/server.com.zone /var/named/slaves/
cp /var/named/1.168.192.rev /var/named/slaves/
(5).重启DNS服务器: service named restart
11.构建DNS转发服务器
(1).DNS主配置文件 vi /etc/named.conf
options {
listen-on port 53 { 192.168.1.70; };
directory "/var/named"; //区域数据文件存放的目录
dump-file "/var/named/data/cache_dump.db"; //用于设置域名缓存文件的保存位置
statistics-file "/var/named/data/named_stats.txt"; //保存解析的统计信息
forward only;
forwarders {192.168.1.70;};
};
zone "server.com" IN {
type master;
file "server.com.zone";
};
zone "1.168.192.in-addr.arpa" IN {
type master;
file "1.168.192.rev";
};
(2).建立正向区域文件
vi /var/named/test.com.zon
$TTL 86400
@ IN SOA dns1.test.com. root.test.com. (
42 ;serial //更新服务器时加1,通告辅助DNS服务器须要更新
3H ;refresh //主服务器每隔3小时刷新一次
15M ;retry //辅DNS每隔15分钟向主DNS联系
1W ;expiry //联系不上一周之后删除记录
1D) ;minimum
IN NS dns1.test.com. //名称服务器记录
IN NS dns2.test.com.
IN MX 10 mail.test.com.
dns1 IN A 192.168.1.70 //主机到IP地址的记录
dns2 IN A 192.168.1.71
www IN CNAME dns1.test.com.
ftp IN CNAME dns2.test.com.
mail IN CNAME dns2.test.com.
(3).建立反射区域文件
vi /var/named/1.168.192.rev
$TTL 86400
@ IN SOA dns1.test.com. root.test.com. (
132323232 ; Serial
28808 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Mimimum
IN NS dns1.test.com.
IN NS dns2.test.com.
70 IN PTR dns1.test.com.
70 IN PTR www.test.com.
71 IN PTR dns2.test.com.
71 IN PTR ftp.test.com.
(4).检查配置文件是否正确:
named-checkconf
检查正向区域文件是否正确
named-checkzone test.com /var/named/test.com.zone
检查反向区域文件是否正确
named-checkzone 1.168.192.in-addr.arpa /var/named/1.168.192.rev
(5).重启DNS服务器: service named restart