CentOS-5.6-x86_64-bin下DNS安裝基礎篇
CentOS-5.6-x86_64-bin下DNS安裝基礎篇vim
一、安裝
### 備註:System OS:CentOS-5.6-x86_64-bin-DVD-1of2
# yum install -y bind bind-chroot ypbind bind-utils
# rpm -qa |grep bind
bind-libs-9.3.6-16.P1.el5
bind-utils-9.3.6-16.P1.el5
ypbind-1.19-12.el5_6.1
bind-9.3.6-16.P1.el5
bind-chroot-9.3.6-16.P1.el5
# yum install -y caching-nameserver-9.3.* //安裝後可啓動named
# service named start
# netstat -antup //TCP 53\953端口開放,953提供給rndc工具用來管理DNS服務器服務器
二、主區域配置dom
# cd /var/named/chroot/etc //如下操做均在此路徑下
# cp -p named.caching-nameserver.conf named.conf //注意加 -p 所屬組不變
# cp -p named.rfc1912.zones named.rfc1912.zones_back
# vim named.conf
### 配置內容以下:
options {
listen-on port 53 { any; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";ide
// Those options should be used carefully because they disable port
// randomization
// query-source port 53;
// query-source-v6 port 53;工具
allow-query { any; };
allow-query-cache { any; };
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
view localhost_resolver {
match-clients { any; };
match-destinations { any; };
recursion yes;
include "/etc/named.rfc1912.zones";
};
### 結束 ###測試
# vim named.rfc1912.zones
### 配置內容以下:
zone "." IN {
type hint;
file "named.ca";
};debug
zone "laowafang.com" IN {
type master;
file "laowafang.com.zone";
allow-update { none; };
};rest
zone "113.168.192.in-addr.arpa" IN {
type master;
file "laowafang.com.local";
allow-update { none; };
};
### 結束 ###日誌
三、區域文件配置server
# cd /var/named/chroot/var/named //如下操做均在此路徑下
# cp -p localhost.zone laowafang.com.zone //拷貝正向文件
# cp -p named.local laowafang.com.local //拷貝反向文件
# vim laowafang.com.zone
### 配置內容以下:
$TTL 86400
@ IN SOA @ root (
42 ; serial (d. adams)
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum
IN NS dns.laowafang.com.
IN MX 10 mail.laowafang.com.
www1 IN A 192.168.113.104
www2 IN A 192.168.113.105
www IN CNAME www1.laowafang.com.
### 結束 ###
# vim laowafang.com.local
### 配置內容以下:
$TTL 86400
@ IN SOA dns.laowafang.com. root.laowafang.com. (
1997022700 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS dns.laowafang.com.
104 IN PTR www1.laowafang.com.
105 IN PTR www2.laowafang.com.
### 結束 ###
# ln -s /var/named/chroot/etc/named.conf /etc/ //建立軟鏈接
# ll /etc/name* //查看鏈接是否建立成功
# service named restart
# tail /var/log/messages //查看日誌存在 running 及成功啓動
四、測試
# nslookup //使用客戶端正向測試解析
[root@dnsmaster etc]# nslookup
> server 127.0.0.1
Default server: 127.0.0.1
Address: 127.0.0.1#53
> www1.laowafang.com
Server: 127.0.0.1
Address: 127.0.0.1#53
Name: www1.laowafang.com //正向解析成功
Address: 192.168.113.104
> www2.laowafang.com
Server: 127.0.0.1
Address: 127.0.0.1#53
Name: www2.laowafang.com
Address: 192.168.113.105
> 192.168.113.104 //反向解析成功
Server: 127.0.0.1
Address: 127.0.0.1#53
104.113.168.192.in-addr.arpa name = www1.laowafang.com.
> 192.168.113.105
Server: 127.0.0.1
Address: 127.0.0.1#53
105.113.168.192.in-addr.arpa name = www2.laowafang.com.
五、rndc工具使用
使用rndc能夠在不中止DNS服務器工做的狀況下進行數據的更新,使配置生效。953提供給rndc工具用來管理DNS服務器。
# rndc-confgen > /etc/rndc.conf //生產配置文件
### 配置內容以下:
# Start of rndc.conf
key "rndckey" {
algorithm hmac-md5;
secret "xO/qxwFJjYE41OrsbEAexQ==";
};
options {
default-key "rndckey";
default-server 127.0.0.1;
default-port 953;
};
# End of rndc.conf
# Use with the following in named.conf, adjusting the allow list as needed:
# key "rndckey" {
# algorithm hmac-md5;
# secret "xO/qxwFJjYE41OrsbEAexQ==";
# };
#
# controls {
# inet 127.0.0.1 port 953
# allow { 127.0.0.1; } keys { "rndckey"; };
# };
# End of named.conf
### 結束 ###
# vim /etc/named.conf //拷貝有 # 號註釋的內容到named.conf末尾
### 添加內容以下:
### rndc.conf 2011-08-26 ###
key "rndckey" {
algorithm hmac-md5;
secret "xO/qxwFJjYE41OrsbEAexQ==";
};
controls {
inet 127.0.0.1 port 953
allow { 127.0.0.1; } keys { "rndckey"; };
};
### configure end ###
### 結束 ###
# service named restart
# rndc reload //修改完.zone文件,使用rndc工具加載便可,能夠查考第四部分進行測試
六、輔助DNS
備註:安裝內容同主DNS安裝
# scp -p 22 root@192.168.113.100:/var/named/chroot/etc/* ./ //拷貝主DNS服務器配置文件到輔助DNS上
# chown root.named /var/named/chroot/etc/named.conf //修改其權限
備註:以上操做在輔助DNS上操做
(1)修改主DNS服務器配置文件
# vim /etc/named.rfc1912.zones
### 配置內容以下:
zone "." IN {
type hint;
file "named.ca";
};
zone "laowafang.com" IN {
type master;
file "laowafang.com.zone";
allow-update { none; };
allow-transfer{ 192.168.113.101; }; //注意{空格192.168.113.101;空格}分號
also-notify{ 192.168.113.101; };
};
zone "113.168.192.in-addr.arpa" IN {
type master;
file "laowafang.com.local";
allow-update { none; };
allow-transfer{ 192.168.113.101; };
also-notify{ 192.168.113.101; };
};
### 結束 ###
(2)修改輔助DNS服務器配置文件
# vim /etc/named.rfc1912.zones
### 配置內容以下:
zone "." IN {
type hint;
file "named.ca";
};
zone "laowafang.com" IN {
type slave;
file "slaves/laowafang.com.zone";
masters { 192.168.113.100; };
};
zone "113.168.192.in-addr.arpa" IN {
type slave;
file "slaves/laowafang.com.local";
masters { 192.168.113.100; };
};
### 結束 ###
# ln -s /var/named/chroot/etc/named.conf /etc/ //建立軟鏈接
# ll /etc/name* //查看鏈接是否建立成功
# service named restart
# tail /var/log/messages //查看日誌存在 running 及成功啓動
# ls /var/named/chroot/var/named/slaves/ //查看是否同步了區域文件
七、注意事項 (1)注意/var/named/chroot/etc/named.conf文件的權限:root.named (2)the working directory is not writable 能夠嘗試加權限解決: # chmod g+w /var/named/chroot/var/named (3)主輔同步測試時須要修改serial值 42+
- 1. DNS——基礎篇
- 2. 【mysql-基礎篇】Ubuntu下Mysql安裝
- 3. 01-【基礎篇】Idea下載與安裝
- 4. DNS篇之一基礎
- 5. DNS基礎與bind的安裝
- 6. IT基礎結構-1.DC-DNS-安裝
- 7. Python基礎篇-安裝python
- 8. Python安裝【基礎篇】
- 9. ThinkPHP5 ---基礎篇(安裝)
- 10. Redis基礎篇——Redis安裝
- 更多相關文章...
- • Kotlin 基礎語法 - Kotlin 教程
- • Scala 基礎語法 - Scala教程
- • Composer 安裝與使用
- • IntelliJ IDEA安裝代碼格式化插件
-
每一个你不满意的现在,都有一个你没有努力的曾经。
- 1. DNS——基礎篇
- 2. 【mysql-基礎篇】Ubuntu下Mysql安裝
- 3. 01-【基礎篇】Idea下載與安裝
- 4. DNS篇之一基礎
- 5. DNS基礎與bind的安裝
- 6. IT基礎結構-1.DC-DNS-安裝
- 7. Python基礎篇-安裝python
- 8. Python安裝【基礎篇】
- 9. ThinkPHP5 ---基礎篇(安裝)
- 10. Redis基礎篇——Redis安裝