一:主域名服務器.
[root@localhost ~]# vim /etc/named.conf
----------------------------------------------------------------
options {
listen-on port 53 { 199.100.77.137; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { any; };
recursion no;
allow-transfer { 199.100.77.138; };
dnssec-enable yes;
dnssec-validation yes;
dnssec-lookaside auto;
/* Path to ISC DLV key */
bindkeys-file "/etc/named.iscdlv.key";
managed-keys-directory "/var/named/dynamic";
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
zone "." IN {
type hint;
file "named.ca";
};
zone "snptc.com" IN {
type master;
file "masters/snptc.zone";
};
zone "77.100.199.in-addr.arpa" IN {
type master;
file "masters/zone.77.100.199";
};
include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";
----------------------------------------------------------
[root@localhost ~]#mkdir /var/named/masters
[root@localhost ~]#chown named:named /var/named/masters
[root@localhost ~]# vi /var/named/masters/snptc.zone
------------------------------------------------------
$TTL 1D
@ IN SOA ns1.snptc.com admin.snptc.com. (
201502 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
@ IN NS ns1.snptc.com.
@ IN NS ns2.snptc.com.
@ IN MX 10 mail.snptc.com.
ns1 IN A 199.100.77.137
ns2 IN A 199.100.77.138
mail IN A 199.100.77.138
www IN A 199.100.77.137
------------------------------------------------------------
[root@localhost ~]#vim /var/named/masters/zone.77.100.199
---------------------------------------------------------
$TTL 1D
@ IN SOA ns1.snptc.com admin.snptc.com. (
201502 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
@ IN NS ns1.snptc.com.
@ IN NS ns2.snptc.com.
@ IN MX 10 mail.snptc.com.
137 IN PTR ns1.snptc.com.
137 IN PTR www.snptc.com.
138 IN PTR mail.snptc.com.
138 IN PTR ns2.snptc.com.
-----------------------------------------------------
[root@localhost ~]# service named restart
停止 named:. [確定]
啓動 named: [確定]
客戶端測試
[root@localhost ~]# dig -t A www.snptc.com @199.100.77.137
[root@localhost ~]# dig -x 199.100.77.138 @199.100.77.137
二:從域名服務器:
[root@localhost ~]# vi /etc/named.conf
----------------------------------------------
options {
listen-on port 53 { 199.100.77.138; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { any; };
recursion no;
dnssec-enable yes;
dnssec-validation yes;
dnssec-lookaside auto;
/* Path to ISC DLV key */
bindkeys-file "/etc/named.iscdlv.key";
managed-keys-directory "/var/named/dynamic";
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
zone "." IN {
type hint;
file "named.ca";
};
zone "snptc.com" IN {
type slave;
file "slaves/snptc.zone";
masters { 199.100.77.137; };
};
zone "77.100.199.in-addr.arpa" IN {
type slave;
file "slaves/zone.77.100.199";
masters { 199.100.77.137; };
};
include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";
----------------------------------------------
[root@localhost ~]# service named restart
停止 named: [確定]
啓動 named: [確定]
客戶端測試
[root@localhost ~]# dig -t A www.snptc.com @199.100.77.137
[root@localhost ~]# dig -x 199.100.77.138 @199.100.77.137