DNS服務器配置
試驗環境:
1.裝有RHEL5系統計算機一臺;IP:192.168.1.217
2.客戶機一臺;IP:192.168.1.218 DNS:192.168.1.217
3.確保兩臺主機可通信;
4.server可與互聯網通信;
實驗目的:
搭建DNS服務器,能提供域名解析
1.裝有RHEL5系統計算機一臺;IP:192.168.1.217
2.客戶機一臺;IP:192.168.1.218 DNS:192.168.1.217
3.確保兩臺主機可通信;
4.server可與互聯網通信;
實驗目的:
搭建DNS服務器,能提供域名解析
試驗步驟:
1.DNS服務器包的安裝;
2.修改DNS主配置文件
3.創建正向區域和反向區域文件;
4.修改正、反向區域文件的屬組;
5.重啓dns服務
6.正向和反向的測試;
1.DNS服務器包的安裝;
2.修改DNS主配置文件
3.創建正向區域和反向區域文件;
4.修改正、反向區域文件的屬組;
5.重啓dns服務
6.正向和反向的測試;
實驗具體步驟:
2.4內核下的配置:
第一步:安裝dns服務器包;
[root@colu ~]#mount /dev/cdrom /media/mnt ------掛載光盤
[root@colu ~]#cd /media/mnt/Server ------cd到光盤中
[root@colu Server]# rpm -ivh bind-9.3.3-10 .el5.i386.rpm ------主程序包
[root@colu Server]# rpm -ivh bind-utils-9.3.4-6.Pl.e15.i386.rpm ------庫文件包
[root@colu Server]# rpm -ivh caching-nameserver-9.3.3-10 .el5.i386.rpm ------模版文件包
第二步:建立主配置文件,並修改相關選項;
2.4內核下的配置:
第一步:安裝dns服務器包;
[root@colu ~]#mount /dev/cdrom /media/mnt ------掛載光盤
[root@colu ~]#cd /media/mnt/Server ------cd到光盤中
[root@colu Server]# rpm -ivh bind-9.3.3-10 .el5.i386.rpm ------主程序包
[root@colu Server]# rpm -ivh bind-utils-9.3.4-6.Pl.e15.i386.rpm ------庫文件包
[root@colu Server]# rpm -ivh caching-nameserver-9.3.3-10 .el5.i386.rpm ------模版文件包
第二步:建立主配置文件,並修改相關選項;
首先:copy "named.conf"文件(模版文件)到本機上"/etc/"
[root@colu ~]#cd /etc
[root@colu etc]#vim named.conf
[root@colu ~]#cd /etc
[root@colu etc]#vim named.conf
// generated by named-bootconf.pl
options {
directory "/var/named";
/*
* If there is a firewall between you and nameservers you want
* to talk to, you might need to uncomment the query-source
* directive below. Previous versions of BIND always asked
* questions using port 53, but BIND 8.1 uses an unprivileged
* port by default.
*/
// query-source address * port 53;
};
directory "/var/named";
/*
* If there is a firewall between you and nameservers you want
* to talk to, you might need to uncomment the query-source
* directive below. Previous versions of BIND always asked
* questions using port 53, but BIND 8.1 uses an unprivileged
* port by default.
*/
// query-source address * port 53;
};
//
// a caching only nameserver config
//
controls {
inet 127.0.0.1 allow { localhost; } keys { rndckey; };
};
zone "." IN {
type hint;
file "named.ca";
};
// a caching only nameserver config
//
controls {
inet 127.0.0.1 allow { localhost; } keys { rndckey; };
};
zone "." IN {
type hint;
file "named.ca";
};
zone "localhost" IN {
type master;
file "localhost.zone";
allow-update { none; };
};
type master;
file "localhost.zone";
allow-update { none; };
};
zone "0.0.127.in-addr.arpa" IN {
type master;
file "named.local";
allow-update { none; };
};
//正向區域記錄
zone "baidu.com" IN { ------正向區域
type master; ------主區域
file "baidu.zone"; ------正向區域文件
allow-update { none; }; ------不允許動態更新
};
//反向區域記錄
zone "1.168.192.in-addr.arpa" IN { ------反向區域
type master; ------主區域
file "baidu.local"; ------反向區域文件
allow-update { none; }; ------不允許動態更新
};
type master;
file "named.local";
allow-update { none; };
};
//正向區域記錄
zone "baidu.com" IN { ------正向區域
type master; ------主區域
file "baidu.zone"; ------正向區域文件
allow-update { none; }; ------不允許動態更新
};
//反向區域記錄
zone "1.168.192.in-addr.arpa" IN { ------反向區域
type master; ------主區域
file "baidu.local"; ------反向區域文件
allow-update { none; }; ------不允許動態更新
};
include "/etc/rndc.key";
第三步:建立正向區域和反向區域;
[root@colu ~]# cd /var/named/
[root@colu named]#cp named.local baidu.zone cp一份baidu正向區域文件(稍後還要修改)
[root@colu named]#cp named.local baidu.local cp一份baidu反向區域文件(稍後也要修改)
[root@colu named]#vi baidu.zone ------修改baidu的正向區域文件
$TTL 86400
@ IN SOA baidu.com. root.baidu.com. (
1998022700 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS baidu.com.
www IN A 192.168.1.217
[root@colu named]#vi baidu.local ------修改baidu的反向區域文件
$TTL 86400
@ IN SOA baidu.com. root.baidu.com. (
1998022700 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS baidu.com.
217 IN PTR www.baidu.com.
第三步:建立正向區域和反向區域;
[root@colu ~]# cd /var/named/
[root@colu named]#cp named.local baidu.zone cp一份baidu正向區域文件(稍後還要修改)
[root@colu named]#cp named.local baidu.local cp一份baidu反向區域文件(稍後也要修改)
[root@colu named]#vi baidu.zone ------修改baidu的正向區域文件
$TTL 86400
@ IN SOA baidu.com. root.baidu.com. (
1998022700 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS baidu.com.
www IN A 192.168.1.217
[root@colu named]#vi baidu.local ------修改baidu的反向區域文件
$TTL 86400
@ IN SOA baidu.com. root.baidu.com. (
1998022700 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS baidu.com.
217 IN PTR www.baidu.com.
第四步:修改baidu.zone和baidu.local的屬組爲named
[root@colu named]#chgrp named baidu.zone ------修改baidu.zone的屬組爲named
[root@colu named]#chgrp named baidu.local ------修改baidu.local的屬組爲named
[root@colu named]#chgrp named baidu.local ------修改baidu.local的屬組爲named
第五步:重啓dns服務
[root@colu named]#service named restart ------重啓DNS服務
第六步:測試
linux系統的客戶端:
修改DNS配置文件,指定DNS服務器
[root@colu ~]#vi /etc/resolv.conf
search localdomain
nameserver 192.168.1.217 ------添加DNS服務器的IP
[root@colu ~]#nslookup
> www.baidu.com ------正向解析
Server: 192.168.1.217
Address: 192.168.1.217#53
Name: www.baidu.com
Address: 192.168.1.217
> 192.168.1.217 ------反向解析
Server: 192.168.1.217
Address: 192.168.1.217#53
217.1.168.192.in-addr.arpa name = www.baidu.com.
修改DNS配置文件,指定DNS服務器
[root@colu ~]#vi /etc/resolv.conf
search localdomain
nameserver 192.168.1.217 ------添加DNS服務器的IP
[root@colu ~]#nslookup
> www.baidu.com ------正向解析
Server: 192.168.1.217
Address: 192.168.1.217#53
Name: www.baidu.com
Address: 192.168.1.217
> 192.168.1.217 ------反向解析
Server: 192.168.1.217
Address: 192.168.1.217#53
217.1.168.192.in-addr.arpa name = www.baidu.com.
Windows系統的客戶端:
首先:設置TCP/IP屬性,將DNS服務器指向192.168.1.217
nslookup
Default Server: www.baidu.com
Address: 192.168.1.217
>www.baidu.com ------正向解析
Server: www.baidu.com
Address: 192.168.1.217
首先:設置TCP/IP屬性,將DNS服務器指向192.168.1.217
nslookup
Default Server: www.baidu.com
Address: 192.168.1.217
>www.baidu.com ------正向解析
Server: www.baidu.com
Address: 192.168.1.217
Name:www.baidu.com
Address: 192.168.1.217
Address: 192.168.1.217
>192.168.1.217 ------反向解析
Server: www.baidu.com
Address: 192.168.1.217
Server: www.baidu.com
Address: 192.168.1.217
Name:www.baidu.com
Address: 192.168.1.217
DNS服務器配置完成
*******************************************************************
擴展:
一個IP解析兩個域名:(ping 192.168.1.217 既能解析www.baidu.com又能解析www.sina.com.cn)
Address: 192.168.1.217
DNS服務器配置完成
*******************************************************************
擴展:
一個IP解析兩個域名:(ping 192.168.1.217 既能解析www.baidu.com又能解析www.sina.com.cn)
第一步:在/etc/named.conf中添加相關的正向區域
[root@colu named]#vi /etc/named.conf
[root@colu named]#vi /etc/named.conf
// generated by named-bootconf.pl
options {
directory "/var/named";
/*
* If there is a firewall between you and nameservers you want
* to talk to, you might need to uncomment the query-source
* directive below. Previous versions of BIND always asked
* questions using port 53, but BIND 8.1 uses an unprivileged
* port by default.
*/
// query-source address * port 53;
};
directory "/var/named";
/*
* If there is a firewall between you and nameservers you want
* to talk to, you might need to uncomment the query-source
* directive below. Previous versions of BIND always asked
* questions using port 53, but BIND 8.1 uses an unprivileged
* port by default.
*/
// query-source address * port 53;
};
//
// a caching only nameserver config
//
controls {
inet 127.0.0.1 allow { localhost; } keys { rndckey; };
};
zone "." IN {
type hint;
file "named.ca";
};
// a caching only nameserver config
//
controls {
inet 127.0.0.1 allow { localhost; } keys { rndckey; };
};
zone "." IN {
type hint;
file "named.ca";
};
zone "localhost" IN {
type master;
file "localhost.zone";
allow-update { none; };
};
type master;
file "localhost.zone";
allow-update { none; };
};
zone "0.0.127.in-addr.arpa" IN {
type master;
file "named.local";
allow-update { none; };
};
type master;
file "named.local";
allow-update { none; };
};
zone "baidu.com" IN {
type master;
file "baidu.zone";
allow-update { none; };
};
type master;
file "baidu.zone";
allow-update { none; };
};
zone "1.168.192.in-addr.arpa" IN {
type master;
file "baidu.local";
allow-update { none; };
};
type master;
file "baidu.local";
allow-update { none; };
};
#添加sina正向區域記錄
zone "sina.com.cn" IN {
type master;
file "sina.zone";
allow-update { none; };
};
zone "sina.com.cn" IN {
type master;
file "sina.zone";
allow-update { none; };
};
include "/etc/rndc.key";
第二步:修改正向區域文件和反向區域文件
創建並修改sina的正向區域文件(sina.zone)
[root@colu ~]#cd /var/named
[root@colu named]#cp baidu.zone sina.zone
[root@colu named]#vi sina.com.cn
$TTL 86400
@ IN SOA sina.com.cn. root.sina.com.cn. (
1998022700 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS sina.com.cn.
www IN A 192.168.1.217
修改baidu.local(反向區域文件)
[root@colu named]#vi baidu.local
$TTL 86400
@ IN SOA baidu.com. root.baidu.com. (
1998022700 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS baidu.com.
217 IN PTR www.baidu.com.
217 IN PTR www.sina.com.cn. ------添加一條sina的PTR記錄
[root@colu named]#chgrp named sina.zone ------修改sina.zone的屬組
[root@colu named]#service named restart ------重啓dns服務
第三步:測試
[root@colu named]#nslookup
>www.sina.com.cn ------正向解析
Server: 192.168.1.217
Address: 192.168.1.217#53
[root@colu ~]#cd /var/named
[root@colu named]#cp baidu.zone sina.zone
[root@colu named]#vi sina.com.cn
$TTL 86400
@ IN SOA sina.com.cn. root.sina.com.cn. (
1998022700 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS sina.com.cn.
www IN A 192.168.1.217
修改baidu.local(反向區域文件)
[root@colu named]#vi baidu.local
$TTL 86400
@ IN SOA baidu.com. root.baidu.com. (
1998022700 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS baidu.com.
217 IN PTR www.baidu.com.
217 IN PTR www.sina.com.cn. ------添加一條sina的PTR記錄
[root@colu named]#chgrp named sina.zone ------修改sina.zone的屬組
[root@colu named]#service named restart ------重啓dns服務
第三步:測試
[root@colu named]#nslookup
>www.sina.com.cn ------正向解析
Server: 192.168.1.217
Address: 192.168.1.217#53
Name: www.sina.com.cn
Address: 192.168.1.217
>192.168.1.217 ------反向解析
217.1.168.192.in-addr.arpa name = www.sina.com.cn
217.1.168.192.in-addr.arpa name = www.baidu.com
*******************************************************************
2.6內核下的配置:
Address: 192.168.1.217
>192.168.1.217 ------反向解析
217.1.168.192.in-addr.arpa name = www.sina.com.cn
217.1.168.192.in-addr.arpa name = www.baidu.com
*******************************************************************
2.6內核下的配置:
思路都是一樣的,只是配置文件所在的目錄發生了變化,需要安裝bind-chroot包
/var/named/chroot/var/named/ ------正/反向區域文件的存放路徑
/var/named/chroot/etc/named.conf ------主配置文件
安裝步驟:
1.DNS服務器包的安裝;baidu.com
2.修改DNS主配置文件
3.創建正向區域和反向區域文件;
4.修改正、反向區域文件的屬組;
5.重啓dns服務;
6.正向和反向的測試;
/var/named/chroot/var/named/ ------正/反向區域文件的存放路徑
/var/named/chroot/etc/named.conf ------主配置文件
安裝步驟:
1.DNS服務器包的安裝;baidu.com
2.修改DNS主配置文件
3.創建正向區域和反向區域文件;
4.修改正、反向區域文件的屬組;
5.重啓dns服務;
6.正向和反向的測試;
具體安裝步驟:
第一步:安裝dns服務器包;
[root@colu ~]#mount /dev/cdrom /media/mnt ------掛載光盤
[root@colu ~]#cd /media/mnt/Server ------cd到光盤中
[root@colu Server]# rpm -ivh bind-9.3.3-10 .el5.i386.rpm ------主程序包
[root@colu Server]# rpm -ivh bind-utils-9.3.4-6.Pl.e15.i386.rpm ------庫文件包
[root@colu Server]# rpm -ivh caching-nameserver-9.3.3-10 .el5.i386.rpm ------模版文件包
[root@colu Server]# rpm -ivh bind-chroot-9.3.4.-6.Pl.e15.i386.rpm ----建立chroot目錄及相關子目錄
第一步:安裝dns服務器包;
[root@colu ~]#mount /dev/cdrom /media/mnt ------掛載光盤
[root@colu ~]#cd /media/mnt/Server ------cd到光盤中
[root@colu Server]# rpm -ivh bind-9.3.3-10 .el5.i386.rpm ------主程序包
[root@colu Server]# rpm -ivh bind-utils-9.3.4-6.Pl.e15.i386.rpm ------庫文件包
[root@colu Server]# rpm -ivh caching-nameserver-9.3.3-10 .el5.i386.rpm ------模版文件包
[root@colu Server]# rpm -ivh bind-chroot-9.3.4.-6.Pl.e15.i386.rpm ----建立chroot目錄及相關子目錄
第二步:建立主配置文件,並修改相關選項;
首先:copy "named.conf"文件(模版文件)到本機上"/etc/"
[root@colu ~]#cd /var/named/chroot/etc
[root@colu etc]#vim named.conf
[root@colu ~]#cd /var/named/chroot/etc
[root@colu etc]#vim named.conf
// generated by named-bootconf.pl
options {
directory "/var/named";
/*
* If there is a firewall between you and nameservers you want
* to talk to, you might need to uncomment the query-source
* directive below. Previous versions of BIND always asked
* questions using port 53, but BIND 8.1 uses an unprivileged
* port by default.
*/
// query-source address * port 53;
};
directory "/var/named";
/*
* If there is a firewall between you and nameservers you want
* to talk to, you might need to uncomment the query-source
* directive below. Previous versions of BIND always asked
* questions using port 53, but BIND 8.1 uses an unprivileged
* port by default.
*/
// query-source address * port 53;
};
//
// a caching only nameserver config
//
controls {
inet 127.0.0.1 allow { localhost; } keys { rndckey; };
};
zone "." IN {
type hint;
file "named.ca";
};
// a caching only nameserver config
//
controls {
inet 127.0.0.1 allow { localhost; } keys { rndckey; };
};
zone "." IN {
type hint;
file "named.ca";
};
zone "localhost" IN {
type master;
file "localhost.zone";
allow-update { none; };
};
type master;
file "localhost.zone";
allow-update { none; };
};
zone "0.0.127.in-addr.arpa" IN {
type master;
file "named.local";
allow-update { none; };
};
//正向區域記錄
zone "baidu.com" IN { ------正向區域
type master; ------主區域
file "baidu.zone"; ------正向區域文件
allow-update { none; }; ------不允許動態更新
};
//反向區域記錄
zone "1.168.192.in-addr.arpa" IN { ------反向區域
type master; ------主區域
file "baidu.local"; ------反向區域文件
allow-update { none; }; ------不允許動態更新
};
type master;
file "named.local";
allow-update { none; };
};
//正向區域記錄
zone "baidu.com" IN { ------正向區域
type master; ------主區域
file "baidu.zone"; ------正向區域文件
allow-update { none; }; ------不允許動態更新
};
//反向區域記錄
zone "1.168.192.in-addr.arpa" IN { ------反向區域
type master; ------主區域
file "baidu.local"; ------反向區域文件
allow-update { none; }; ------不允許動態更新
};
include "/etc/rndc.key";
第三步:建立正向區域和反向區域;
[root@colu ~]# cd /var/named/chroot/var/named/
[root@colu named]#cp named.local baidu.zone cp一份baidu正向區域文件(稍後還要修改)
[root@colu named]#cp named.local baidu.local cp一份baidu反向區域文件(稍後也要修改)
[root@colu named]#vi baidu.zone ------修改baidu的正向區域文件
$TTL 86400
@ IN SOA baidu.com. root.baidu.com. (
1998022700 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS baidu.com.
www IN A 192.168.1.217
[root@colu named]#vi baidu.local ------修改baidu的反向區域文件
$TTL 86400
@ IN SOA baidu.com. root.baidu.com. (
1998022700 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS baidu.com.
217 IN PTR www.baidu.com.
第三步:建立正向區域和反向區域;
[root@colu ~]# cd /var/named/chroot/var/named/
[root@colu named]#cp named.local baidu.zone cp一份baidu正向區域文件(稍後還要修改)
[root@colu named]#cp named.local baidu.local cp一份baidu反向區域文件(稍後也要修改)
[root@colu named]#vi baidu.zone ------修改baidu的正向區域文件
$TTL 86400
@ IN SOA baidu.com. root.baidu.com. (
1998022700 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS baidu.com.
www IN A 192.168.1.217
[root@colu named]#vi baidu.local ------修改baidu的反向區域文件
$TTL 86400
@ IN SOA baidu.com. root.baidu.com. (
1998022700 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS baidu.com.
217 IN PTR www.baidu.com.
第四步:修改baidu.zone和baidu.local的屬組爲named
[root@colu named]#chgrp named baidu.zone ------修改baidu.zone的屬組爲named
[root@colu named]#chgrp named baidu.local ------修改baidu.local的屬組爲named
[root@colu named]#chgrp named baidu.local ------修改baidu.local的屬組爲named
第五步:重啓dns服務
[root@colu named]#service named restart ------重啓DNS服務
[root@colu named]#service named restart ------重啓DNS服務
第六步:測試
修改DNS配置文件,指定DNS服務器
[root@colu ~]#vi /etc/resolv.conf
search localdomain
nameserver 192.168.1.217 ------添加DNS服務器的IP
[root@colu ~]#nslookup
> www.baidu.com ------正向解析
Server: 192.168.1.217
Address: 192.168.1.217#53
Name: www.baidu.com
Address: 192.168.1.217
> 192.168.1.217 ------反向解析
Server: 192.168.1.217
Address: 192.168.1.217#53
217.1.168.192.in-addr.arpa name = www.baidu.com.
DNS服務器配置完成
*******************************************************************
擴展:輔助DNS服務器的配置
注意:
1、主DNS服務器必須存在
2、主、輔兩臺服務器不能在同一臺服務器上
修改DNS配置文件,指定DNS服務器
[root@colu ~]#vi /etc/resolv.conf
search localdomain
nameserver 192.168.1.217 ------添加DNS服務器的IP
[root@colu ~]#nslookup
> www.baidu.com ------正向解析
Server: 192.168.1.217
Address: 192.168.1.217#53
Name: www.baidu.com
Address: 192.168.1.217
> 192.168.1.217 ------反向解析
Server: 192.168.1.217
Address: 192.168.1.217#53
217.1.168.192.in-addr.arpa name = www.baidu.com.
DNS服務器配置完成
*******************************************************************
擴展:輔助DNS服務器的配置
注意:
1、主DNS服務器必須存在
2、主、輔兩臺服務器不能在同一臺服務器上
安裝步驟:
1.DNS服務器包的安裝;
2.修改DNS主配置文件
3.創建正向區域和反向區域文件;
4.修改baidu.zone和baidu.local的屬組
5.重啓dns服務
6.正向和反向的測試;
1.DNS服務器包的安裝;
2.修改DNS主配置文件
3.創建正向區域和反向區域文件;
4.修改baidu.zone和baidu.local的屬組
5.重啓dns服務
6.正向和反向的測試;
具體步驟:
第一步:安裝DNS服務器包
[root@colu ~]#mount /dev/cdrom /media/mnt ------掛載光盤
[root@colu ~]#cd /media/mnt/Server ------cd到光盤中
[root@colu Server]# rpm -ivh bind-9.3.3-10 .el5.i386.rpm ------主程序包
[root@colu Server]# rpm -ivh bind-utils-9.3.4-6.Pl.e15.i386.rpm ------庫文件包
[root@colu Server]# rpm -ivh caching-nameserver-9.3.3-10 .el5.i386.rpm ------模版文件包
[root@colu Server]# rpm -ivh bind-chroot-9.3.4.-6.Pl.e15.i386.rpm ----建立chroot目錄及相關子目錄
第一步:安裝DNS服務器包
[root@colu ~]#mount /dev/cdrom /media/mnt ------掛載光盤
[root@colu ~]#cd /media/mnt/Server ------cd到光盤中
[root@colu Server]# rpm -ivh bind-9.3.3-10 .el5.i386.rpm ------主程序包
[root@colu Server]# rpm -ivh bind-utils-9.3.4-6.Pl.e15.i386.rpm ------庫文件包
[root@colu Server]# rpm -ivh caching-nameserver-9.3.3-10 .el5.i386.rpm ------模版文件包
[root@colu Server]# rpm -ivh bind-chroot-9.3.4.-6.Pl.e15.i386.rpm ----建立chroot目錄及相關子目錄
第二步:建立主配置文件,並修改相關選項;
首先:copy "named.conf"文件(模版文件)到本機上"/etc/"
[root@colu ~]#cd /var/named/chroot/etc
[root@colu etc]#vim named.conf
[root@colu ~]#cd /var/named/chroot/etc
[root@colu etc]#vim named.conf
// generated by named-bootconf.pl
options {
directory "/var/named";
/*
* If there is a firewall between you and nameservers you want
* to talk to, you might need to uncomment the query-source
* directive below. Previous versions of BIND always asked
* questions using port 53, but BIND 8.1 uses an unprivileged
* port by default.
*/
// query-source address * port 53;
};
directory "/var/named";
/*
* If there is a firewall between you and nameservers you want
* to talk to, you might need to uncomment the query-source
* directive below. Previous versions of BIND always asked
* questions using port 53, but BIND 8.1 uses an unprivileged
* port by default.
*/
// query-source address * port 53;
};
//
// a caching only nameserver config
//
controls {
inet 127.0.0.1 allow { localhost; } keys { rndckey; };
};
zone "." IN {
type hint;
file "named.ca";
};
// a caching only nameserver config
//
controls {
inet 127.0.0.1 allow { localhost; } keys { rndckey; };
};
zone "." IN {
type hint;
file "named.ca";
};
zone "localhost" IN {
type master;
file "localhost.zone";
allow-update { none; };
};
type master;
file "localhost.zone";
allow-update { none; };
};
zone "0.0.127.in-addr.arpa" IN {
type master;
file "named.local";
allow-update { none; };
};
//正向區域記錄
zone "baidu.com" IN { ------正向區域
type slave; ------輔助區域
file "/slaves/baidu.zone"; ------正向區域文件
(如果沒安裝chroot包,此文件應該爲"baidu.local")
masters { 172.16.1.217; }; ------指定主DNS服務器的地址
};
//反向區域記錄
zone "1.168.192.in-addr.arpa" IN { ------反向區域
type slave; ------輔助區域
file "/slaves/baidu.local"; ------反向區域文件
(如果沒安裝chroot包,此文件應該爲"baidu.local")
masters { none; }; ------指定主DNS服務器的地址
};
type master;
file "named.local";
allow-update { none; };
};
//正向區域記錄
zone "baidu.com" IN { ------正向區域
type slave; ------輔助區域
file "/slaves/baidu.zone"; ------正向區域文件
(如果沒安裝chroot包,此文件應該爲"baidu.local")
masters { 172.16.1.217; }; ------指定主DNS服務器的地址
};
//反向區域記錄
zone "1.168.192.in-addr.arpa" IN { ------反向區域
type slave; ------輔助區域
file "/slaves/baidu.local"; ------反向區域文件
(如果沒安裝chroot包,此文件應該爲"baidu.local")
masters { none; }; ------指定主DNS服務器的地址
};
include "/etc/rndc.key";
第三步:建立正向區域和反向區域;
[root@colu ~]# cd /var/named/chroot/var/named/
[root@colu named]#cp named.local baidu.zone cp一份baidu正向區域文件(稍後還要修改)
[root@colu named]#cp named.local baidu.local cp一份baidu反向區域文件(稍後也要修改)
[root@colu named]#vi baidu.zone ------修改baidu的正向區域文件
$TTL 86400
@ IN SOA baidu.com. root.baidu.com. (
1998022700 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS baidu.com.
www IN A 192.168.1.217
[root@colu named]#vi baidu.local ------修改baidu的反向區域文件
$TTL 86400
@ IN SOA baidu.com. root.baidu.com. (
1998022700 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS baidu.com.
217 IN PTR www.baidu.com.
第三步:建立正向區域和反向區域;
[root@colu ~]# cd /var/named/chroot/var/named/
[root@colu named]#cp named.local baidu.zone cp一份baidu正向區域文件(稍後還要修改)
[root@colu named]#cp named.local baidu.local cp一份baidu反向區域文件(稍後也要修改)
[root@colu named]#vi baidu.zone ------修改baidu的正向區域文件
$TTL 86400
@ IN SOA baidu.com. root.baidu.com. (
1998022700 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS baidu.com.
www IN A 192.168.1.217
[root@colu named]#vi baidu.local ------修改baidu的反向區域文件
$TTL 86400
@ IN SOA baidu.com. root.baidu.com. (
1998022700 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS baidu.com.
217 IN PTR www.baidu.com.
第四步:修改baidu.zone和baidu.local的屬組爲named
[root@colu named]#chgrp named baidu.zone ------修改baidu.zone的屬組爲named
[root@colu named]#chgrp named baidu.local ------修改baidu.local的屬組爲named
[root@colu named]#chgrp named baidu.local ------修改baidu.local的屬組爲named
第五步:重啓dns服務
[root@colu named]#service named restart ------重啓DNS服務
[root@colu named]#service named restart ------重啓DNS服務
第六步:測試
修改DNS配置文件,指定DNS服務器
[root@colu ~]#vi /etc/resolv.conf
search localdomain
nameserver 192.168.1.217 ------添加DNS服務器的IP
[root@colu ~]#nslookup
> www.baidu.com ------正向解析
Server: 192.168.1.217
Address: 192.168.1.217#53
Name: www.baidu.com
Address: 192.168.1.217
> 192.168.1.217 ------反向解析
Server: 192.168.1.217
Address: 192.168.1.217#53
217.1.168.192.in-addr.arpa name = www.baidu.com.
修改DNS配置文件,指定DNS服務器
[root@colu ~]#vi /etc/resolv.conf
search localdomain
nameserver 192.168.1.217 ------添加DNS服務器的IP
[root@colu ~]#nslookup
> www.baidu.com ------正向解析
Server: 192.168.1.217
Address: 192.168.1.217#53
Name: www.baidu.com
Address: 192.168.1.217
> 192.168.1.217 ------反向解析
Server: 192.168.1.217
Address: 192.168.1.217#53
217.1.168.192.in-addr.arpa name = www.baidu.com.
*******************************************************************
以上有錯誤地方請大家糾正謝謝了!