bind9配置说明
安装普通DNS解析,配置说明。
ubuntu下安装方法:apt-get install bind9
默认安装目录/etc/bind/ 配置文件位置
启动方法/etc/init.d/bind9 start
配置文件组成:
named.conf
include "/etc/bind/named.conf.options";
include "/etc/bind/named.conf.local";
include "/etc/bind/named.conf.default-zones";rndc授权
修改/etc/bind/named.conf.options,在未授权的情况下,将会出现
错误信息:rndc: connect failed: 127.0.0.1#953: connection
vim /etc/bind/named.conf.options添加文件内容与/etc/bind/rndc.key相同
如果/etc/bind/rndc.key的内容如下:
key "rndc-key" {
algorithm hmac-md5;
secret "qafoS7wFWJb/lG95Vc6U0A==";
};
则在named.conf.options 中的option外添加以下内容
key "rndc-key" {
algorithm hmac-md5;
secret "qafoS7wFWJb/lG95Vc6U0A==";
};
controls {
inet 127.0.0.1 port 953
allow { 127.0.0.1; } keys { "rndc-key"; };
};
/etc/bind/named.conf.options
修改:
listen-on port 53 {10.0.0.217; }; //监听本机公网IP 或内网IP的53端口
allow-query { 10.51.70.0/24; 10.51.170.0/24; }; //允许来解析的地址段
recursion yes; //开启递归解析
allow-recursion { 10.51.70.0/24; 10.51.170.0/24; }; //允许递归解析地址。其他来访地址解析失败。
增加精确解析:
修改 named.conf.default-zones 添加zone解析
zone "d1-33.play.leo.com" {
type master;
file "/etc/bind/d1-33.play.leo.com";
};
创建文件 /etc/bind/d1-33.play.leo.com
添加如下内容:
;
; BIND data file for local loopback interface
;
$TTL 604800
@ IN SOA localhost. root.localhost. (
2 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800 ) ; Negative Cache TTL
;
@ IN NS localhost.
d1-33.play.bokecc.com. IN A 8.8.8.8
@ IN AAAA ::1
增加泛域名解析:
修改 named.conf.default-zones 添加zone解析
zone "*.play.leo.com" {
type master;
file "/etc/bind/vaild.play.leo.com";
};
创建文件 /etc/bind/vaild.play.leo.com
添加如下内容:
;
; BIND data file for local loopback interface
;
$TTL 604800
@ IN SOA localhost. root.localhost. (
2 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800 ) ; Negative Cache TTL
;
@ IN NS localhost.
*.play.leo.com. IN A 8.8.8.8
@ IN AAAA ::1