linux下搭建 DNS 服务器
一、安装环境
虚拟机ESXi5.0 Centos 5.8
二、软件安装包Centos5.8 自带包:
(1)bind-9.3.4-6.P1.el5.i386.rpm ;
(2)bind-libbind-devel-9.3.4-6.P1.el5.i386.rpm
(3)bind-devel-9.3.4-6.P1.el5.i386.rpm
(4)bind-sdb-9.3.4-6.P1.el5.i386.rpm
三、安装过程
(5)caching-nameserver-9.3.4-6.P1.el5.i386.rpm
(6)bind-chroot-9.3.4-6.P1.el5.i386.rpm
(7)libqp.so.5
rpm –qa|grepbind,查看有无安装 rpm –ivh 上面的包,先检查安装前五个包。
再安装第六个包bind-chroot之前,先将/usr/share/doc/bind-9.3.3/sample/etc/named.conf 范本文件复制/etc/named.conf,因为要安装chroot包就必须在/etc下要有named.conf 这个文件存在,否则可能会出错。然后再安装bind-chroot包。若安装出现 libcyto.so.0.0.6等依赖关系不对的,可以直接使用 yum –y install + 包)
[root@killgoogle~]# cp –p /usr/share/doc/bind-9.3.3/sample/etc/named.conf /etc/named.conf主配置文件named.conf的配置由于安装了chroot,所以主配置文件named.conf在 /var/named/chroot/etc/下进行配置,命令如下:
#cd /var/named/chroot/etc由于安装了上面六个包后,这个目录下就默认会生成一个named.conf但这个named.conf文件只是个解释文档,所以我们要通过以下命令来把 named.conf文件的模板拷贝一份。命令如下: [root@killgoogle etc]# cp -p named.caching-nameserver.confnamed.conf
四、配置
1.几个有关文件及目录的名字
(1)/etc/resolv.conf
[root@centos54 etc]# cat resolv.conf
search abc.com
nameserver 192.168.1.254 //这是本台机器的 IP 地址,我们将要把这台机器作为 dns 服务器.
#nameserver 8.8.8.8 //这是 Googl.com 的 dns 地址,这台机器去访问外网的DNS
[root@centos54 etc]#
(2)本机器的 dns 全名[root@centos54 etc]# hostname centos54.abc.com
(3)named.conf 所在的目录及内容:
[root@centos54 etc]# pwd /var/named/chroot/etc内容:
[root@centos54 etc]# cat named.conf
// Red Hat BINDConfiguration Tool //
// Defaultinitial "caching Only" name server configuration //
options {
directory"/var/named";
dump-file"/var/named/data/cache_dump.db";
statistics-file"/var/named/data/named_stats.txt";
/* * If there is a firewall between you andnameservers you want * to talk to, you might need to uncomment the query-source
* directive below. Previous versions of BIND always asked * questions usingport 53, but BIND 8.1 uses an unprivileged * port by default. */
// query-sourceaddress * port 53; };
#zone "." IN {
#type hint;#file "named.root";
#};
zone"localdomain." IN {
type master;
file"localdomain.zone";
allow-update {none; };
};
zone "localhost." IN { type master;
file"localhost.zone";
allow-update {none; };
};
zone"0.0.127.in-addr.arpa." IN {
type master;
file "named.local";
allow-update {none; };
};
zone"0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa."IN {
type master;
file"named.ip6.local";
allow-update {none; };
};
zone"255.in-addr.arpa." IN {
type master;
file"named.broadcast";
allow-update {none; };
};
zone "0.in-addr.arpa." IN {
type master;
file"named.zero";
allow-update {none; };
};
zone "kkk.com" IN {
type master;
file"kkk.com.db";
};
zone "abc.com" IN {
type master; file "abc.com.zone";
};
zone "xyz.com" IN {
type master; file "xyz.com.zone";
};
zone"1.168.192.in-addr.arpa" IN {
type master;
file "1.168.192.in-addr.arpa.zone";
};
include "/etc/rndc.key";
其中斜体部分是我添加的三个域名部分内容
(4)建立区域文件: 区域文件所在的目录为:
[root@centos54 named]# pwd
/var/named/chroot/var/named 区域文件kkk.com.db 内容:(其中加粗斜体是我加进去的)
$TTL 86400
@ IN SOAcentos54.abc.com. root.abc.com. (
42 ; serial (d. adams)
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum
IN NS @
IN A 127.0.0.1
IN AAAA ::1 @
IN NS centos54.kkk.com. centos54
IN A 192.168.1.254
www IN A192.168.1.203
ftp IN A192.168.1.203
www1 IN CNAMEwww
区域文件 abc.com.zone 的内容:(斜体加粗的是我加进去的)
$TTL 86400
@ IN SOA centos54.abc.com. root.abc.com. (
42 ; serial (d.adams)
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum
IN NS @
IN A 127.0.0.1
IN AAAA ::1 @
IN NS centos54.abc.com. centos54
IN A192.168.1.254
www IN A192.168.1.254
www1 IN CNAMEwww
区域文件 xyz.com.zone 的内容:(斜体加粗是我加进去的)
$TTL 86400
@ IN SOAcentos54.abc.com. root.abc.com. (
42 ; serial (d. adams)
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum
IN NS
@ IN A 127.0.0.1
IN AAAA ::1
@ IN NScentos54.xyz.com.
centos54 IN A192.168.1.254
www IN A192.168.1.254
www1 IN CNAMEwww
反向解析区域文件
1.168.192.in-addr.arpa.zone 内容(其中)
$TTL 86400
@ IN SOAdns.abc.com. root.abc.com. (
42 ; serial (d.adams)
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum
IN NS
@ IN A 127.0.0.1
IN AAAA ::1
@ IN NScentos54.abc.com.
254 IN PTRcentos54.abc.com.
254 IN PTR www.abc.com.
254 IN PTR www.xyz.com.
254 IN PTRcentos54.xyz.com.
203 IN PTR www.kkk.com.
203 IN PTR ftp.kkk.com.
(5)检查区域配置文件和区域文件的正确性
[root@centos54 named]# named-checkzone abc.comabc.com.zone
zone abc.com/IN:loaded serial 42 OK
[root@centos54named]# named-checkzone xyz.com xyz.com.zone
zone xyz.com/IN: loaded serial 42 OK
[root@centos54named]# named-checkzone kkk.com kkk.com.db
zone kkk.com/IN: loaded serial 42 OK
[root@centos54named]# named-checkzone kkk.com 1.168.192.in-addr.arpa.zone
zone kkk.com/IN:loaded serial 42 OK
注意:如果以上检查都得到了正确结果,但是此时开启服务失败的话,就应该去配置这些文件的权限
2.(文件权限设置) 改变这些配置文件为named 组
[root@centos54 named]# chgrp named1.168.192.in-addr.arpa.zone
[root@centos54 named]# chgrp namedxyz.com.zone
[root@centos54 named]# chgrp namedabc.com.zone
[root@centos54named]# chgrp named kkk.com.db
[root@centos54 etc]# chgrp named named.conf 这一步骤很重要
3.开启服务 [root@centos54etc]# service named restart
停止 named: [确定]
启动 named: [确定]
4.检验: [root@centos54etc]# nslookup
> www.abc.com
Server:192.168.1.254
Address: 192.168.1.254#53
Name: www.abc.com
Address:192.168.1.254
>192.168.1.254
Server:192.168.1.254
Address:192.168.1.254#53
254.1.168.192.in-addr.arpa
name = www.abc.com.
254.1.168.192.in-addr.arpa
name =www.xyz.com. 254.1.168.192.in-addr.arpa
name = centos54.abc.com.254.1.168.192.in-addr.arpa
name = centos54.xyz.com.
本文出自 “DavideyLee” 博客,请务必保留此出处http://davideylee.blog.51cto.com/8703117/1386432
郑重声明:本站内容如果来自互联网及其他传播媒体,其版权均属原媒体及文章作者所有。转载目的在于传递更多信息及用于网络分享,并不代表本站赞同其观点和对其真实性负责,也不构成任何其他建议。