RHEL 5 DNS配置實例

1.安裝

[root@localhost ~]# yum install bind*

[root@localhost ~]# yum install caching-*

[root@localhost ~]# rpm -qa | grep bind
ypbind-1.19-7.el5
bind-libs-9.3.4-6.P1.el5
bind-devel-9.3.4-6.P1.el5
bind-9.3.4-6.P1.el5
bind-utils-9.3.4-6.P1.el5
bind-chroot-9.3.4-6.P1.el5
bind-libbind-devel-9.3.4-6.P1.el5
bind-sdb-9.3.4-6.P1.el5

[root@localhost etc]# rpm -qa | grep caching
caching-nameserver-9.3.4-6.P1.el5

相關軟件已經安裝好了，關於yum安裝請參考本博，有詳盡說明

2.配置

RHEL5的配置文件不是在/etc下，這個跟以前版本不一樣，需要注意。

[root@localhost ~]# cd /var/named/chroot/
[root@localhost chroot]# ls
dev  etc  var

[root@localhost chroot]# cd etc/
[root@localhost etc]# ls
localtime  named.caching-nameserver.conf  named.rfc1912.zones  rndc.key

利用模板配置效率更高，這就是爲什麼我們要安裝caching-nameserver-9.3.4-6.P1.el5的原因。

[root@localhost etc]# cp -p named.caching-nameserver.conf named.conf

複製時必須帶參數p，否則named服務不能啓動。

[root@localhost etc]# vi named.conf

options {
        listen-on port 53 { any; };      //偵聽接口
        listen-on-v6 port 53 { ::1; };
        directory       "/var/named";
        dump-file       "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
        memstatistics-file "/var/named/data/named_mem_stats.txt";
        query-source    port 53;
        query-source-v6 port 53;
        allow-query     { any; };    //接受哪些主機查詢
};
logging {
        channel default_debug {
                file "data/named.run";
                severity dynamic;
        };
};
view localhost_resolver {
        match-clients      { any; };    //匹配主機
        match-destinations { any; };
        recursion yes;

這幾個參數從字面就知道是什麼意思了，就不多解釋了

[root@localhost etc]# vi named.rfc1912.zones

zone "." IN {
        type hint;
        file "named.ca";
};

zone "localdomain" IN {
        type master;
        file "localdomain.zone";
        allow-update { none; };
};

zone "test.com" IN {
        type master;
        file "test.com.zone";
        allow-update { none; };
};

zone "1.168.192.in-addr.arpa" IN {
        type master;
        file "test.com.local";
        allow-update { none; };

配置正反向文件的參數

 

[root@localhost etc]# cd ../var/named/
[root@localhost named]# ll
drwxrwx--- 2 named named 4096 2004-08-26 data
-rw-r----- 1 root  named  198 2008-02-29 localdomain.zone
-rw-r----- 1 root  named  195 2008-02-29 localhost.zone
-rw-r----- 1 root  named  427 2008-02-29 named.broadcast
-rw-r----- 1 root  named 1892 2008-02-29 named.ca
-rw-r----- 1 root  named  424 2008-02-29 named.ip6.local
-rw-r----- 1 root  named  426 2008-02-29 named.local
-rw-r----- 1 root  named  427 2008-02-29 named.zero
drwxrwx--- 2 named named 4096 2004-07-27 slaves

[root@localhost named]# cp -p localhost.zone test.com.zone    正向文件
[root@localhost named]# cp -p named.local test.com.local   反向文件
[root@localhost named]# ll
drwxrwx--- 2 named named 4096 2004-08-26 data
-rw-r----- 1 root  named  198 2008-02-29 localdomain.zone
-rw-r----- 1 root  named  195 2008-02-29 localhost.zone
-rw-r----- 1 root  named  427 2008-02-29 named.broadcast
-rw-r----- 1 root  named 1892 2008-02-29 named.ca
-rw-r----- 1 root  named  424 2008-02-29 named.ip6.local
-rw-r----- 1 root  named  426 2008-02-29 named.local
-rw-r----- 1 root  named  427 2008-02-29 named.zero
drwxrwx--- 2 named named 4096 2004-07-27 slaves
-rw-r----- 1 root  named  426 2008-02-29 test.com.local
-rw-r----- 1 root  named  195 2008-02-29 test.com.zone

[root@localhost named]# vi test.com.zone
$TTL    86400
@               IN SOA  @       root (
                                        42              ; serial (d. adams)
                                        3H              ; refresh
                                        15M             ; retry
                                        1W              ; expiry
                                        1D )            ; minimum

                IN NS           test.com.
                IN A            192.168.1.200
                IN MX 10        mail.test.com.
mail            IN A            192.168.1.200
www             IN A            192.168.1.200

[root@localhost named]# vi test.com.local
$TTL    86400
@       IN      SOA   test.com. root.test.com.  (
                                      1997022700 ; Serial
                                      28800      ; Refresh
                                      14400      ; Retry
                                      3600000    ; Expire
                                      86400 )    ; Minimum
        IN      NS      test.com.
200     IN      PTR     mail.test.com.
200     IN      PTR     www.test.com.

這裏一定要注意域名後面加點

[root@localhost named]# vi /etc/resolv.conf
; generated by /sbin/dhclient-script
search test.com
nameserver 192.168.1.200

3.測試

啓動named服務

這裏使用SSL有亂碼，只能截圖了。

[root@localhost named]# nslookup mail.test.com
Server:         192.168.1.200
Address:        192.168.1.200#53

Name:   mail.test.com
Address: 192.168.1.200

[root@localhost named]# nslookup www.test.com
Server:         192.168.1.200
Address:        192.168.1.200#53

Name:   www.test.com
Address: 192.168.1.200

[root@localhost named]# nslookup 192.168.1.200
Server:         192.168.1.200
Address:        192.168.1.200#53

200.1.168.192.in-addr.arpa      name = www.test.com.
200.1.168.192.in-addr.arpa      name = mail.test.com.