1 .Centos5環境下相關BIND包
[root@localhost ~]# rpm -qa |grep bind
bind-9.3.4-10.P1.el5 \ DNS服務器的主程序
ypbind-1.19-11.el5
bind-libs-9.3.4-10.P1.el5 \ 域名解析功能必備的庫文件
bind-utils-9.3.4-10.P1.el5 \ DNS服務器的測試工具程序
bind-chroot-9.3.4-10.P1.el5 \ chroot的模式,提高BIND的安全
bind-9.3.4-10.P1.el5 \ DNS服務器的主程序
ypbind-1.19-11.el5
bind-libs-9.3.4-10.P1.el5 \ 域名解析功能必備的庫文件
bind-utils-9.3.4-10.P1.el5 \ DNS服務器的測試工具程序
bind-chroot-9.3.4-10.P1.el5 \ chroot的模式,提高BIND的安全
caching-nameserver-9.3.4-10.P1.el5 \BIND初始化文件
2 相關注意
因爲現在版本都使用chroot技術,所以BIND的配置文件named.conf還有區域文件都在/var
/named/chroot/目錄下,如:配置文件named.conf在/var/named/chroot/etc/下,而區域配置文件在/var
/named/chroot/var/named/下,另外其文件屬性需要修改爲root.named,否則會造成DNS解析錯誤,修改命令爲
chown root.named 文件名。
3 BIND的安裝
這裏使用rpm包進行安裝,安裝包在系統DVD光盤中能找到:
[root@localhost cdrom]# ls /mnt/cdrom/CentOS/bind*
[root@localhost cdrom]# ls /mnt/cdrom/CentOS/cach*
[root@localhost cdrom]# rpm -ivh 相關包
rpm包安裝完成後,首先來建立named.conf文件和相關區域文件,進入/var/named/chroot/etc下,建立主配置文件:
[root@localhost etc]# ls
localtim med.caching-nameserver.conf named.rfc1912.zones rndc.key
[root@localhost etc]# cp named.rfc1912.zones named.conf
localtim med.caching-nameserver.conf named.rfc1912.zones rndc.key
[root@localhost etc]# cp named.rfc1912.zones named.conf
然後進入到/var/named/chroot/var/named/下建立區域文件(假設建立一個test.com的域):
[root@localhost named]# ls
localdomain.zone named.127.0.0 named.ca named.local named.root slaves
data localhost.zone named.broadcast named.ip6.local named.localhost named.zero
localdomain.zone named.127.0.0 named.ca named.local named.root slaves
data localhost.zone named.broadcast named.ip6.local named.localhost named.zero
[root@localhost named]# cp localhost.zone test.com \正向解析區域文件
[root@localhost named]# cp named.local 0.168.192.zone \反向解析區域文件
[root@localhost named]# cp named.local 0.168.192.zone \反向解析區域文件
4 BIND的配置
首先修改/etc/resolv.conf把機器DNS指向自己:
[root@localhost named]# vi /etc/resolv.conf
nameserver 192.168.0.8
search localdomain
search localdomain
配置named.conf:
[root@localhost etc]# more named.conf
// named.rfc1912.zones:
//
// Provided by Red Hat caching-nameserver package
//
// ISC BIND named zone configuration for zones recommended by
// RFC 1912 section 4.1 : localhost TLDs and address zones
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
options {
// named.rfc1912.zones:
//
// Provided by Red Hat caching-nameserver package
//
// ISC BIND named zone configuration for zones recommended by
// RFC 1912 section 4.1 : localhost TLDs and address zones
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
options {
directory "/var/named";
};
zone "." IN {
type hint;
file "named.ca";
};
type hint;
file "named.ca";
};
zone "localdomain" IN {
type master;
file "localdomain.zone";
allow-update { none; };
};
type master;
file "localdomain.zone";
allow-update { none; };
};
zone "localhost" IN {
type master;
file "localhost.zone";
allow-update { none; };
};
type master;
file "localhost.zone";
allow-update { none; };
};
zone "0.0.127.in-addr.arpa" IN {
type master;
file "named.local";
allow-update { none; };
};
type master;
file "named.local";
allow-update { none; };
};
zone "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN {
type master;
file "named.ip6.local";
allow-update { none; };
};
type master;
file "named.ip6.local";
allow-update { none; };
};
zone "255.in-addr.arpa" IN {
type master;
file "named.broadcast";
allow-update { none; };
};
type master;
file "named.broadcast";
allow-update { none; };
};
zone "0.in-addr.arpa" IN {
type master;
file "named.zero";
allow-update { none; };
};
type master;
file "named.zero";
allow-update { none; };
};
zone "0.168.192.in-addr.arpa" IN {
type master;
file "0.168.192.zone";
allow-update { none; };
};
zone "test.com" IN {
type master;
file "test.com";
allow-update { none; };
};
type master;
file "0.168.192.zone";
allow-update { none; };
};
zone "test.com" IN {
type master;
file "test.com";
allow-update { none; };
};
配置正向區域文件test.com:
[root@localhost named]# more test.com
$TTL 86400
@ IN SOA ns.test.com. root.test.com. (
42 ; serial (d. adams)
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum
$TTL 86400
@ IN SOA ns.test.com. root.test.com. (
42 ; serial (d. adams)
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum
IN NS ns.test.com.
IN A 192.168.0.8
IN A 192.168.0.8
ns IN A 192.168.0.8
www IN A 192.168.0.8
配置反向區域文件0.168.192.zone:
[root@localhost named]# more .0.168.192.zone
$TTL 86400
0.168.192.in-addr.arpa. IN SOA ns.test.com. root.localhost. (
1997022700 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
@ IN NS ns.test.com.
8 IN PTR ns.test.com.
$TTL 86400
0.168.192.in-addr.arpa. IN SOA ns.test.com. root.localhost. (
1997022700 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
@ IN NS ns.test.com.
8 IN PTR ns.test.com.
5 測試
啓動named服務進程
[root@localhost named]# service named start
[root@localhost named]# host 192.168.0.8
8.0.168.192.in-addr.arpa domain name pointer ns.test.com.
[root@localhost named]# host
www.test.com has address 192.168.0.8
www.test.com has address 192.168.0.8
Address: 192.168.0.8#53
6 故障排查
修改完named.conf 或區域數據文件後,一般需要重新啓動named服務生效
[root@localhost named]# service named restart
如果不重啓named服務的話,那麼:
修改了區文件用 rndc reload 區名 更新。
修改了named.conf用 rndc reconfig 更新。
修改了區文件用 rndc reload 區名 更新。
修改了named.conf用 rndc reconfig 更新。
在配置完以後可以通過以下命令對配置文件進行檢查
root@localhost named]# named-checkconf 主配置文件
root@localhost named]# named-checkzone 區域文件
root@localhost named]# named-checkzone 區域文件
BIND的日誌文件中的記錄
[root@localhost named]# tail /var/log/message/named*
本文出自 “流星 ” 博客,請務必保留此出處http://lsscto.blog.51cto.com/779396/157779