輔助DNS服務器部署文檔(for linux平臺)
一.配置yum,以便安裝軟件包
yum全局文件編輯目錄: /etc/yum.repos.d/rhel-source.repo
[root@localhost ~]# vim //etc/yum.repos.d/rhel-source.repo
#[rhel-source]
#name=Red Hat Enterprise Linux $releasever - $basearch - Source
#baseurl=ftp://ftp.redhat.com/pub/redhat/linux/enterprise/$releasever/en/os/SRPMS/
#enabled=0
#gpgcheck=1
#gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release
#[rhel-source-beta]
#name=Red Hat Enterprise Linux $releasever Beta - $basearch - Source
#baseurl=ftp://ftp.redhat.com/pub/redhat/linux/beta/$releasever/en/os/SRPMS/
#enabled=0
#gpgcheck=1
#gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-beta,file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release
[wanghong]
Name=123
Baseurl=file:///mnt/Server
enable=1
gpgcheck=0
備註: #是註釋作用,在此對文件沒用任何影響,可以去掉
二.安裝DNS服務軟件包
1.DNS服務軟件包名如下:
bind-9.3.3-7.el5.i386.rpm
bind-chroot-9.3.3-7.el5.i386.rpm
[root@localhost ~]# mount /dev/cdrom /mnt
[root@localhost ~]# yum install bind bind-chroot
執行此過程,就可以正常的安裝DNS服務包軟件,或者用以下命令也可以正常安裝DNS服務包軟件
[root@localhost ~]# mount /dev/cdrom /mnt
[root@localhost ~]# rpm -ivh bind-9.3.3-7.el5.i386.rpm --force
[root@localhost ~]# rpm -ivh bind-chroot-9.3.3-7.el5.i386.rpm --force
--foce 代表強制安裝
2.編輯全局配置文件named.conf
如果目錄/etc或/var/named/chroot/var/etc/named.conf沒有named.conf文件,需要在目錄底下創建named.conf文件(目錄/var/named/chr oot/etc/)
[root@localhost ~]# touch /var/named/chroot/etc/named.conf
[root@localhost ~]# vim /var/named/chroot/etc/named.conf
options {
directory "/var/named";
};
zone "test.com" IN {
type slave;
masters { 192.168.2.1; };
file "slaves/tets.com.zone";
};
zone "2.168.192.in-addr.arpa" IN {
type slave;
masters { 192.168.2.1; };
file "slaves/192.168.2.arpa";
};
3.編輯配置文件named.rfc1912.zones
如果目錄/etc或/var/named/chroot/var/etc/named.rfc1912.zones沒有named.rfc1912.zones文件,需要在目錄底下創建named.rfc1912.zones文件(目錄/var/named/chroot/etc/)
[root@localhost ~]# touch /var/named/chroot/etc/named.rfc1912.zones
[root@localhost ~]# vim /var/named/chroot/etc/named.rfc1912.zones
type master;
file "named.localhost";
allow-update { none; };
};
zone "localhost" IN {
type master;
file "named.localhost";
allow-update { none; };
};
zone "1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN {
type master;
file "named.loopback";
allow-update { none; };
};
zone "1.0.0.127.in-addr.arpa" IN {
type master;
file "named.loopback";
allow-update { none; };
};
zone "0.in-addr.arpa" IN {
type master;
file "named.empty";
allow-update { none; };
};
zone "test.com" IN {
type slave;
masters { 192.168.2.1; };
file "slaves/tets.com.zone";
};
zone "2.168.192.in-addr.arpa" IN {
type slave;
masters { 192.168.2.1; };
file "slaves/192.168.2.arpa";
};
4.確定關閉防火牆或清空防火牆,重啓named服務
關閉防火牆服務
[root@localhost ~]# service iptables stop
[root@localhost ~]# chkconfig iptables off
或者執行清空防火牆命令
[root@localhost ~]# iptables -F
[root@localhost ~]# service iptables save
開起named服務
[root@localhost ~]# service named start
[root@localhost ~]# chkconfig named on
三.測試輔助DNS服務
1.配置客戶端DNS地址192.168.2.*(這裏地址爲輔助DNS服務地址192.168.2.5)
使用nslookup命令,解析www.test.com /ftp.test.com/mail.test.com /aa.test.com
2.給客戶端配置主DNS和輔DNS192.168.2.*(這裏主DNS地址爲192.168.2.1,輔DNS地址爲192.168.2.5), 再用nslookup命令,解析www.test.com /ftp.test.com / mail.test.com / aa.test.com