发布时间:2014-09-05 17:01:21作者:知识屋
CentOS-5.6-x86_64-bin下DNS安装基础篇
1、安装
### 备注:System OS:CentOS-5.6-x86_64-bin-DVD-1of2
# yum install -y bind bind-chroot ypbind bind-utils
# rpm -qa |grep bind
bind-libs-9.3.6-16.P1.el5
bind-utils-9.3.6-16.P1.el5
ypbind-1.19-12.el5_6.1
bind-9.3.6-16.P1.el5
bind-chroot-9.3.6-16.P1.el5
# yum install -y caching-nameserver-9.3.* //安装后可启动named
# service named start
# netstat -antup //TCP 53/953端口开放,953提供给rndc工具用来管理DNS服务器
2、主区域配置
# cd /var/named/chroot/etc //以下操作均在此路径下
# cp -p named.caching-nameserver.conf named.conf //注意加 -p 所属组不变
# cp -p named.rfc1912.zones named.rfc1912.zones_back
# vim named.conf
### 配置内容如下:
options {
listen-on port 53 { any; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
// Those options should be used carefully because they disable port
// randomization
// query-source port 53;
// query-source-v6 port 53;
allow-query { any; };
allow-query-cache { any; };
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
view localhost_resolver {
match-clients { any; };
match-destinations { any; };
recursion yes;
include "/etc/named.rfc1912.zones";
};
### 结束 ###
# vim named.rfc1912.zones
### 配置内容如下:
zone "." IN {
type hint;
file "named.ca";
};
zone "laowafang.com" IN {
type master;
file "laowafang.com.zone";
allow-update { none; };
};
zone "113.168.192.in-addr.arpa" IN {
type master;
file "laowafang.com.local";
allow-update { none; };
};
### 结束 ###
3、区域文件配置
# cd /var/named/chroot/var/named //以下操作均在此路径下
# cp -p localhost.zone laowafang.com.zone //拷贝正向文件
# cp -p named.local laowafang.com.local //拷贝反向文件
# vim laowafang.com.zone
### 配置内容如下:
$TTL 86400
@ IN SOA @ root (
42 ; serial (d. adams)
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum
IN NS dns.laowafang.com.
IN MX 10 mail.laowafang.com.
www1 IN A 192.168.113.104
www2 IN A 192.168.113.105
www IN CNAME www1.laowafang.com.
### 结束 ###
# vim laowafang.com.local
### 配置内容如下:
$TTL 86400
@ IN SOA dns.laowafang.com. root.laowafang.com. (
1997022700 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS dns.laowafang.com.
104 IN PTR www1.laowafang.com.
105 IN PTR www2.laowafang.com.
### 结束 ###
# ln -s /var/named/chroot/etc/named.conf /etc/ //创建软连接
# ll /etc/name* //查看连接是否创建成功
# service named restart
# tail /var/log/messages //查看日志存在 running 及成功启动
4、测试
# nslookup //使用客户端正向测试解析
[root@dnsmaster etc]# nslookup
> server 127.0.0.1
Default server: 127.0.0.1
Address: 127.0.0.1#53
> www1.laowafang.com
Server: 127.0.0.1
Address: 127.0.0.1#53
Name: www1.laowafang.com //正向解析成功
Address: 192.168.113.104
> www2.laowafang.com
Server: 127.0.0.1
Address: 127.0.0.1#53
Name: www2.laowafang.com
Address: 192.168.113.105
> 192.168.113.104 //反向解析成功
Server: 127.0.0.1
Address: 127.0.0.1#53
104.113.168.192.in-addr.arpa name = www1.laowafang.com.
> 192.168.113.105
Server: 127.0.0.1
Address: 127.0.0.1#53
105.113.168.192.in-addr.arpa name = www2.laowafang.com.
5、rndc工具使用
使用rndc可以在不停止DNS服务器工作的情况下进行数据的更新,使配置生效。953提供给rndc工具用来管理DNS服务器。
# rndc-confgen > /etc/rndc.conf //生产配置文件
### 配置内容如下:
# Start of rndc.conf
key "rndckey" {
algorithm hmac-md5;
secret "xO/qxwFJjYE41OrsbEAexQ==";
};
options {
default-key "rndckey";
default-server 127.0.0.1;
default-port 953;
};
# End of rndc.conf
# Use with the following in named.conf, adjusting the allow list as needed:
# key "rndckey" {
# algorithm hmac-md5;
# secret "xO/qxwFJjYE41OrsbEAexQ==";
# };
#
# controls {
# inet 127.0.0.1 port 953
# allow { 127.0.0.1; } keys { "rndckey"; };
# };
# End of named.conf
### 结束 ###
# vim /etc/named.conf //拷贝有 # 号注释的内容到named.conf末尾
### 添加内容如下:
### rndc.conf 2011-08-26 ###
key "rndckey" {
algorithm hmac-md5;
secret "xO/qxwFJjYE41OrsbEAexQ==";
};
controls {
inet 127.0.0.1 port 953
allow { 127.0.0.1; } keys { "rndckey"; };
};
### configure end ###
### 结束 ###
# service named restart
# rndc reload //修改完.zone文件,使用rndc工具加载即可,可以查考第四部分进行测试
6、辅助DNS
备注:安装内容同主DNS安装
# scp -p 22 root@192.168.113.100:/var/named/chroot/etc/* ./ //拷贝主DNS服务器配置文件到辅助DNS上
# chown root.named /var/named/chroot/etc/named.conf //修改其权限
备注:以上操作在辅助DNS上操作
(1)修改主DNS服务器配置文件
# vim /etc/named.rfc1912.zones
### 配置内容如下:
zone "." IN {
type hint;
file "named.ca";
};
zone "laowafang.com" IN {
type master;
file "laowafang.com.zone";
allow-update { none; };
allow-transfer{ 192.168.113.101; }; //注意{空格192.168.113.101;空格}分号
also-notify{ 192.168.113.101; };
};
zone "113.168.192.in-addr.arpa" IN {
type master;
file "laowafang.com.local";
allow-update { none; };
allow-transfer{ 192.168.113.101; };
also-notify{ 192.168.113.101; };
};
### 结束 ###
(2)修改辅助DNS服务器配置文件
# vim /etc/named.rfc1912.zones
### 配置内容如下:
zone "." IN {
type hint;
file "named.ca";
};
zone "laowafang.com" IN {
type slave;
file "slaves/laowafang.com.zone";
masters { 192.168.113.100; };
};
zone "113.168.192.in-addr.arpa" IN {
type slave;
file "slaves/laowafang.com.local";
masters { 192.168.113.100; };
};
### 结束 ###
# ln -s /var/named/chroot/etc/named.conf /etc/ //创建软连接
# ll /etc/name* //查看连接是否创建成功
# service named restart
# tail /var/log/messages //查看日志存在 running 及成功启动
# ls /var/named/chroot/var/named/slaves/ //查看是否同步了区域文件
7、注意事项
(1)注意/var/named/chroot/etc/named.conf文件的权限:root.named
(2)the working directory is not writable 可以尝试加权限解决:
# chmod g+w /var/named/chroot/var/named
(3)主辅同步测试时需要修改serial值 42+
本文出自 “老瓦房” 博客
linux一键安装web环境全攻略 在linux系统中怎么一键安装web环境方法
Linux网络基本网络配置方法介绍 如何配置Linux系统的网络方法
Linux下DNS服务器搭建详解 Linux下搭建DNS服务器和配置文件
对Linux进行详细的性能监控的方法 Linux 系统性能监控命令详解
linux系统root密码忘了怎么办 linux忘记root密码后找回密码的方法
Linux基本命令有哪些 Linux系统常用操作命令有哪些
Linux必学的网络操作命令 linux网络操作相关命令汇总
linux系统从入侵到提权的详细过程 linux入侵提权服务器方法技巧
linux系统怎么用命令切换用户登录 Linux切换用户的命令是什么
在linux中添加普通新用户登录 如何在Linux中添加一个新的用户
2012-07-10
CentOS 6.3安装(详细图解教程)
Linux怎么查看网卡驱动?Linux下查看网卡的驱动程序
centos修改主机名命令
Ubuntu或UbuntuKyKin14.04Unity桌面风格与Gnome桌面风格的切换
FEDORA 17中设置TIGERVNC远程访问
StartOS 5.0相关介绍,新型的Linux系统!
解决vSphere Client登录linux版vCenter失败
LINUX最新提权 Exploits Linux Kernel <= 2.6.37
nginx在网站中的7层转发功能