红色字体为配置,蓝色为要特别注意的
与RHEL 4的对比请看Linux(RHEL 4)系列 之 DNS配置
[root@localhost ~]# rpm -qa|grep bind //
查看当前已安装的
bind
所需要的包
bind-utils- 9.3.3 -10.el5 //
表明安装的是
bind-9.3.3-10
kdebindings- 3.5.4 -1.fc6
ypbind-1.19-8.el5
bind-libs- 9.3.3 -10.el5
[root@localhost ~]# mkdir /mnt/cdrom //
创建用来挂载光盘的目录
[root@localhost ~]# mount /dev/cdrom /mnt/cdrom/ //
将光盘挂载到
/mnt/cdrom/
mount: block device /dev/cdrom is write-protected, mounting read-only
[root@localhost ~]# cd /mnt/cdrom/Server/ //
切换目录到
/mnt/cdrom/Server/
[root@localhost Server]# ls -l bind* //
查看该目录下以
bind
开头的所有文件
-rw-r--r-- 113 root root 977426 2007-08-14 bind- 9.3.3 -10.el5.i386.rpm
-rw-r--r-- 109 root root 39879 2007-08-14 bind-chroot- 9.3.3 -10.el5.i386.rpm
-rw-r--r-- 124 root root 2679780 2007-08-14 bind-devel- 9.3.3 -10.el5.i386.rpm
-rw-r--r-- 125 root root 449579 2007-08-14 bind-libbind-devel- 9.3.3 -10.el5.i386.rpm
-rw-r--r-- 133 root root 857545 2007-08-14 bind-libs- 9.3.3 -10.el5.i386.rpm
-rw-r--r-- 109 root root 227173 2007-08-14 bind-sdb- 9.3.3 -10.el5.i386.rpm
-rw-r--r-- 113 root root 166398 2007-08-14 bind-utils- 9.3.3 -10.el5.i386.rpm
[root@localhost Server]# rpm -ivh bind-chroot- 9.3.3 -10.el5.i386.rpm
用
rpm
工具安装包
warning: bind-chroot- 9.3.3 -10.el5.i386.rpm: Header V3 DSA signature: NOKEY, key ID 37017186
error: Failed dependencies:
bind = 30: 9.3.3 -10.el5 is needed by bind-chroot-9.3.3-10.el5.i386
[root@localhost Server]# rpm -ivh bind- 9.3.3 -10.el5.i386.rpm
warning: bind- 9.3.3 -10.el5.i386.rpm: Header V3 DSA signature: NOKEY, key ID 37017186
Preparing... ########################################### [100%]
1:bind ########################################### [100%]
[root@localhost Server]# rpm -ivh bind-chroot- 9.3.3 -10.el5.i386.rpm
warning: bind-chroot- 9.3.3 -10.el5.i386.rpm: Header V3 DSA signature: NOKEY, key ID 37017186
Preparing... ########################################### [100%]
1:bind-chroot ########################################### [100%]
Locating /var/named/chroot//etc/named.conf failed:
[
失败
]
[root@localhost Server]# rpm -ivh bind-devel- 9.3.3 -10.el5.i386.rpm
warning: bind-devel- 9.3.3 -10.el5.i386.rpm: Header V3 DSA signature: NOKEY, key ID 37017186
Preparing... ########################################### [100%]
1:bind-devel ########################################### [100%]
[root@localhost Server]# rpm -ivh bind-libbind-devel- 9.3.3 -10.el5.i386.rpm
warning: bind-libbind-devel- 9.3.3 -10.el5.i386.rpm: Header V3 DSA signature: NOKEY, key ID 37017186
Preparing... ########################################### [100%]
1:bind-libbind-devel ########################################### [100%]
[root@localhost Server]# rpm -ivh bind-libs- 9.3.3 -10.el5.i386.rpm
warning: bind-libs- 9.3.3 -10.el5.i386.rpm: Header V3 DSA signature: NOKEY, key ID 37017186
Preparing... ########################################### [100%]
package bind-libs- 9.3.3 -10.el5 is already installed
[root@localhost Server]# rpm -ivh bind-chroot- 9.3.3 -10.el5.i386.rpm
warning: bind-chroot- 9.3.3 -10.el5.i386.rpm: Header V3 DSA signature: NOKEY, key ID 37017186
Preparing... ########################################### [100%]
package bind-chroot- 9.3.3 -10.el5 is already installed
[root@localhost Server]# rpm -ivh bind-sdb- 9.3.3 -10.el5.i386.rpm
warning: bind-sdb- 9.3.3 -10.el5.i386.rpm: Header V3 DSA signature: NOKEY, key ID 37017186
error: Failed dependencies:
libpq.so.4 is needed by bind-sdb- 9.3.3 -10.el5.i386
[root@localhost Server]# rpm -qa|grep bind
bind-chroot- 9.3.3 -10.el5
bind-utils- 9.3.3 -10.el5
kdebindings- 3.5.4 -1.fc6
bind-libbind-devel- 9.3.3 -10.el5
bind- 9.3.3 -10.el5
ypbind-1.19-8.el5
bind-libs- 9.3.3 -10.el5
bind-devel- 9.3.3 -10.el5
[root@localhost Server]# rpm -ivh cach //
按下
Tab
键补余
cachefilesd-0.8-2.el5.i386.rpm
caching-nameserver- 9.3.3 -10.el5.i386.rpm
[root@localhost Server]# rpm -ivh caching-nameserver- 9.3.3 -10.el5.i386.rpm
//
这是最重要的一个包,和
RHEL 4
不同之处就在这里,这个包在
RHEL 5
中
BIND
服务是必须的。
warning: caching-nameserver- 9.3.3 -10.el5.i386.rpm: Header V3 DSA signature: NOKEY, key ID 37017186
Preparing... ########################################### [100%]
1:caching-nameserver ########################################### [100%]
[root@localhost Server]# rpm -qa|grep bind
bind-chroot- 9.3.3 -10.el5
bind-utils- 9.3.3 -10.el5
kdebindings- 3.5.4 -1.fc6
bind-libbind-devel- 9.3.3 -10.el5
bind- 9.3.3 -10.el5
ypbind-1.19-8.el5
bind-libs- 9.3.3 -10.el5
bind-devel- 9.3.3 -10.el5
[root@localhost Server]# cd /var/named/chroot/etc/ //
查看是否安装正确正确情况是包括以下文件的:
/var/named/chroot/etc/
下面有
named.caching-nameserver.conf
named.rfc1912.zones
/var/named/chroot/var/named/
下面有
localdomain.zone
localhost.zone
named.ca
named.local
[root@localhost etc]# ls -l
总计
32
-rw-r--r-- 1 root root 405 12-14 20:06 localtime
-rw-r----- 1 root named 1100 2007-07-19 named.caching-nameserver.conf
-rw-r----- 1 root named 955 2007-07-19 named.rfc1912.zones
-rw-r--r-- 1 root named 113 12-14 20:07 rndc.key
[root@localhost etc]# cd /var/named/chroot/var/named/
[root@localhost named]# ls -l
总计
72
drwxrwx--- 2 named named 4096 2004-08-26 data
-rw-r----- 1 root named 198 2007-07-19 localdomain.zone
-rw-r----- 1 root named 195 2007-07-19 localhost.zone
-rw-r----- 1 root named 427 2007-07-19 named.broadcast
-rw-r----- 1 root named 2518 2007-07-19 named.ca
-rw-r----- 1 root named 424 2007-07-19 named.ip6.local
-rw-r----- 1 root named 426 2007-07-19 named.local
-rw-r----- 1 root named 427 2007-07-19 named.zero
drwxrwx--- 2 named named 4096 2004-07-27 slaves
[root@localhost named]# cd ..
[root@localhost var]# cd ..
[root@localhost chroot]# cd etc/
[root@localhost etc]# cp -b named.caching-nameserver.conf named.caching-nameserver.conf.bak
[root@localhost etc]# cp -b named.rfc1912.zones named.rfc1912.zones.bak
//
上面这两行是备份文件,以免不小心把文件破坏
[root@localhost etc]# cat named.caching-nameserver.conf //
修改前的文件,做对比之用
//
// named.caching-nameserver.conf
//
// Provided by Red Hat caching-nameserver package to configure the
// ISC BIND named(8) DNS server as a caching only nameserver
// (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
// DO NOT EDIT THIS FILE - use system-config-bind or an editor
// to create named.conf - edits to this file will be lost on
// caching-nameserver package upgrade.
//
options {
listen-on port 53 { 127.0.0.1; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
query-source port 53;
query-source-v6 port 53;
allow-query { localhost; };
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
view localhost_resolver {
match-clients { localhost; };
match-destinations { localhost; };
recursion yes;
include "/etc/named.rfc1912.zones";
};
[root@localhost etc]# vi named.caching-nameserver.conf //
用
vi
编辑器编辑文件内容
[root@localhost etc]# cat named.caching-nameserver.conf //
查看修改后的文件,
和原文件作对比
//
// named.caching-nameserver.conf
//
// Provided by Red Hat caching-nameserver package to configure the
// ISC BIND named(8) DNS server as a caching only nameserver
// (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
// DO NOT EDIT THIS FILE - use system-config-bind or an editor
// to create named.conf - edits to this file will be lost on
// caching-nameserver package upgrade.
//
options {
listen-on port 53 { any; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
query-source port 53;
query-source-v6 port 53;
allow-query { any; };
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
view localhost_resolver {
match-clients { any; };
match-destinations { any; };
recursion yes;
include "/etc/named.rfc1912.zones";
};
[root@localhost etc]# cat named.rfc1912.zones
// named.rfc1912.zones:
//
// Provided by Red Hat caching-nameserver package
//
// ISC BIND named zone configuration for zones recommended by
// RFC 1912 section 4.1 : localhost TLDs and address zones
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
zone "." IN {
type hint;
file "named.ca";
};
zone "localdomain" IN {
type master;
file "localdomain.zone";
allow-update { none; };
};
zone "localhost" IN {
type master;
file "localhost.zone";
allow-update { none; };
};
zone "0.0.127.in-addr.arpa" IN {
type master;
file "named.local";
allow-update { none; };
};
zone " 0.0.0 .0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN {
type master;
file "named.ip6.local";
allow-update { none; };
};
zone "255.in-addr.arpa" IN {
type master;
file "named.broadcast";
allow-update { none; };
};
zone "0.in-addr.arpa" IN {
type master;
file "named.zero";
allow-update { none; };
};
[root@localhost etc]# vi named.rfc1912.zones //
某些操作看下面的图
[root@localhost etc]# cat named.rfc1912.zones
// named.rfc1912.zones:
//
// Provided by Red Hat caching-nameserver package
//
// ISC BIND named zone configuration for zones recommended by
// RFC 1912 section 4.1 : localhost TLDs and address zones
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
zone "." IN {
type hint;
file "named.ca";
};
zone "localdomain" IN {
type master;
file "localdomain.zone";
allow-update { none; };
};
zone "localhost" IN { //
从这往下复制
12
行的原因是备份之用
type master;
file "localhost.zone";
allow-update { none; };
};
zone "0.0.127.in-addr.arpa" IN {
type master;
file "named.local";
allow-update { none; };
};
zone " 0.0.0 .0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN {
type master;
file "named.ip6.local";
allow-update { none; };
};
zone "255.in-addr.arpa" IN {
type master;
file "named.broadcast";
allow-update { none; };
};
zone "0.in-addr.arpa" IN {
type master;
file "named.zero";
allow-update { none; };
};
zone "bokai.com" IN { //bokai.com
要与正向解析文件名一致
type master;
file "bokai.com";
allow-update { none; };
};
zone "10.168.192.in-addr.arpa" IN { //192.168.10
与反向解析文件名要一致
type master;
file "192.168.10";
allow-update { none; };
};
[root@localhost etc]# cd ..
[root@localhost chroot]# pwd
/var/named/chroot
[root@localhost chroot]# cd var/named/
[root@localhost named]# ls -l
总计
72
drwxrwx--- 2 named named 4096 2004-08-26 data
-rw-r----- 1 root named 198 2007-07-19 localdomain.zone
-rw-r----- 1 root named 195 2007-07-19 localhost.zone
-rw-r----- 1 root named 427 2007-07-19 named.broadcast
-rw-r----- 1 root named 2518 2007-07-19 named.ca
-rw-r----- 1 root named 424 2007-07-19 named.ip6.local
-rw-r----- 1 root named 426 2007-07-19 named.local
-rw-r----- 1 root named 427 2007-07-19 named.zero
drwxrwx--- 2 named named 4096 2004-07-27 slaves
[root@localhost named]# cp -p localhost.zone bokai.com //
复制的时候加上
-p
参数可以把属性也一起复制过来,以免以后还要修改
[root@localhost named]# cp -p named.local 192.168.10
[root@localhost named]# vi bokai.com //
编辑正向解析文件
[root@localhost named]# cat bokai.com
$TTL 86400
@ IN SOA www.bokai.com. root.www.bokai.com. (
2009121201 ; serial (d. adams )
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum
IN NS www.bokai.com
IN A 127.0.0.1
IN AAAA ::1
www.bokai.com. IN A 192.168.10.1
ftp.bokai.com. IN CNAME www.bokai.com..
[root@localhost named]# vi 192.168.10 //
编辑反向解析文件
[root@localhost named]# cat 192.168.10
$TTL 86400
@ IN SOA www.bokai.com. root.www.bokai.com. (
2009121201 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS www.bokai.com.
1 IN
PTR www.bokai.com.
[root@localhost named]# cd
[root@localhost ~]# vi /etc/resolv.conf //
编辑域名服务器
IP
[root@localhost ~]# cat /etc/resolv.conf
nameserver 192.168.10.1
nameserver 192.168.10.1
search bokai.com
[root@localhost ~]# vi /etc/hosts //
编辑主机文件
[root@localhost ~]# cat /etc/hosts
# Do not remove the following line, or various programs
# that require network functionality will fail.
127.0.0.1 localhost.localdomain localhost
192.168.10.1 www.bokai.com www
[root@localhost ~]# /etc/init.d/named start //
启动
named
进程(就是启动
DNS
服务)
启动
named
:
[
确定
]
[root@localhost ~]# nslookup //
运用
nslookup
命令行工具测试
DNS
服务的解析是否正常
> www.bokai.com
Server: 192.168.10.1
Address: 192.168.10.1#53
Name: www.bokai.com
Address: 192.168.10.1
> ftp.bokai.com
Server: 192.168.10.1
Address: 192.168.10.1#53
ftp.bokai.com canonical name = www.bokai.com.
Name: www.bokai.com
Address: 192.168.10.1
> 192.168.10.1
Server: 192.168.10.1
Address: 192.168.10.1#53
1.10.168.192.in-addr.arpa name = www.bokai.com.
> exit
[root@localhost ~]# umount /dev/cdrom //
最后卸载挂载的光盘
[root@localhost ~]#