Centos7配置DNS服務器
1. 安裝bind服務
網絡連接方式橋接或NAT
yum -y install bind
網絡連接方式僅主機模式
2. 修改named配置文件
• Vi /etc/named.conf #打開文件
13 listen-on port 53 { any; }; //修改爲any;
14 listen-on-v6 port 53 { any; }; //修改爲any;
15 directory "/var/named";
16 dump-file "/var/named/data/cache_dump.db";
17 statistics-file "/var/named/data/named_stats.txt";
18 memstatistics-file "/var/named/data/named_mem_stats.txt";
19 recursing-file "/var/named/data/named.recursing";
20 secroots-file "/var/named/data/named.secroots";
21 allow-query { any; }; //修改爲any;
• Vi /etc/named.rfc1912.zones #打開文件
在該文件中添加需要解析的域名,這裏解析的分別是 www.company.com,ftp.company.com
• 把下面內容添加最後
zone "company.com" IN { //正向解析
type master;
file "company.com.zone"; //文件名後綴可自定義
allow-update { none; };
};
zone "5.168.192.in-addr.arpa" IN { //反向解析
type master;
file "192.168.5.arpa"; //文件名後綴可自定義
allow-update { none; };
};
3. 添加對應的文件
cd /var/named/
cp –a named.localhost company.com.zone
cp –a named.localhost 192.168.5.arpa
4. 修改正向解析文件
Vi company.com.zone #打開文件
$TTL 1D
@ IN SOA company.com. root.company.com. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS @
A 127.0.0.1
AAAA ::1
www IN A 192.168.5.3
ftp IN A 192.168.5.3
5. 修改反向解析文件
Vi 192.168.5.arpa
$TTL 1D
@ IN SOA company.com. root.company.com. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS @
AAAA ::1
3 PTR www.company.com.
3 PTR ftp.company.com.
6、測試文件是否修改正確
測試主配置文件:named-checkconf /etc/named.conf
測試區域數據文件:named-checkzone "company.com" company.com.zone
named-checkzone "5.168.192.arpa" 192.168.5.arpa
結果類似截圖:
7. 測試
啓動DNS
systemctl restart named.service
將測試機器的IP地址改爲IP:192.168.5.3 子網掩碼:255.255.255.0 DNS:192.168.5.3 改完之後,將網絡服務重啓 systemctl restart network,使用nslookup測試是否解析成功
[root@localhost named]# nslookup
www.company.com
Server: 192.168.5.3
Address: 192.168.5.3#53
Name: www.company.com
Address: 192.168.5.3
ftp.company.com
Server: 192.168.5.3
Address: 192.168.5.3#53
Name: ftp.company.com
Address: 192.168.5.3
exit
8、外網測試:
關閉防火牆:systemctl stop firewalld
進入Windows Server2012,修改DNS服務器地址爲192.168.5.3
然後進入Windows PowerShell
輸入ping 192.168.5.3 測試連通性:
測試DNS的解析情況:ping www.company.com
如果失敗了記得看一下兩邊的防火牆是不是都關上了!!!