配置緩存DNS服務器和主DNS服務器

規劃：

域：fsy.com地址段：172.16.100.0/24

ns地址：172.16.100.3

www地址：172.16.100.3, 172.16.100.5

mail地址：172.16.100.4

ftp 別名： www

一．配置緩存DNS服務器：

    1.安裝軟件包

        [root@fsy-Centos6 ~]# yum -y install bind 

    2.備份主配置文件

        [root@fsy-Centos6 ~]# mv /etc/named.conf /etc/named.conf.orig 

    3.編輯主配置文件，並添加如下內容

        [root@fsy-Centos6 ~]# vim /etc/named.conf

        options {

                directory "/var/named";

        };

         

        zone "." IN {

                type hint;

                file "named.ca";

        };

         

        zone "localhost" IN {

                type master;

                file "named.localhost";

        };

         

        zone "0.0.127.in-addr.arpa" IN {

                type master;

                file "named.loopback";

        };

    4.根據安裝bind時生成的主配置文件改當前自定義的配置文件的屬主、屬組及權限

    [root@fsy-Centos6 ~]# chown root:named /etc/named.conf

    [root@fsy-Centos6 ~]# chmod 640 /etc/named.conf

    5.啓動服務

    [root@fsy-Centos6 ~]# service named start

    6.保證此主機能夠訪問到互聯網的狀況下，將主機的DNS服務器指向本機地址（個人地址是172.16.100.3）

    [root@fsy-Centos6 ~]# vim /etc/resolv.conf

    nameserver 172.16.100.3

    7.[root@fsy-Centos6 ~]# ping www.baidu.com

    此時能夠ping通，說明一個簡單的緩存DNS服務器已搭建完成

    8.將此服務設置爲開機自動啓動

    [root@fsy-Centos6 ~]# chkconfig --list named

    [root@fsy-Centos6 ~]# chkconfig  named on

二．配置主DNS服務器

作好以上的配置後：

1.修改主配置文件，並添加如下內容

[root@fsy-Centos6 ~]# vim /etc/named.conf

zone "fsy.com" IN {

        type master;

        file "fsy.com.zone";

};

 

zone "100.16.172.in-addr.arpa" IN {

        type master;

        file "172.16.100.zone";

};

2.檢查主配置文件是否有語法錯誤

[root@fsy-Centos6 ~]# named-checkconf

3.編輯正向區域數據文件

[root@fsy-Centos6 ~]# cd /var/named/

[root@fsy-Centos6 named]# vim fsy.com.zone

添加如下內容：

$TTL 600

@        IN      SOA     ns1.fsy.com.    admin.fsy.com.  (

                                2016080101

                                1H

                                5M

                                2D

                                6H )

                IN      NS      ns1

                IN      MX      10      mail

ns1             IN      A       172.16.100.3

mail            IN      A       172.16.100.4

www            IN      A       172.16.100.5

www            IN      A       172.16.100.3

ftp              IN      CNAME   www

4.根據安裝bind時生成的區域數據文件改當前自定義的配置文件的屬主、屬組及權限

[root@fsy-Centos6 named]# chmod 640 fsy.com.zone

[root@fsy-Centos6 named]# chown root:named fsy.com.zone

5.測試正向區域數據文件看有無語法錯誤

[root@fsy-Centos6 named]# named-checkzone "fsy.com" /var/named/fsy.com.zone

6.編輯反向區域數據文件

[root@fsy-Centos6 named]# cp fsy.com.zone 172.16.100.zone -p

[root@fsy-Centos6 named]# vim 172.16.100.zone

修改成如下內容：

$TTL 600

@       IN      SOA     ns1.fsy.com.    admin.fsy.com.  (

                                2016080101

                                1H

                                5M

                                2D

                                6H )

                IN      NS      ns1.fsy.com.

3               IN      PTR     ns1.fsy.com.

4               IN      PTR     mail.fsy.com.

5               IN      PTR     www.fsy.com.

3               IN      PTR    www.fsy.com.

 

7.測試反向區域數據文件看有無語法錯誤

    [root@fsy-Centos6 named]# named-checkzone "100.16.172.in-addr.arpa" 172.16.100.zone

8.重啓服務

[root@fsy-Centos6 named]# service named restart

9.測試

[root@fsy-Centos6 named]# dig -x 172.16.100.3

[root@fsy-Centos6 named]# dig -t A www.fsy.com

正向和反向解析都正常，服務搭建成功！