Configuring Domain Name Server On AIX 7.1
In this article,you will be learn how to configure Domain Name Server on IBM AIX.Before you do,ensure that the bind package was installed.
- [root@dbserv1 named]# named -v
- named: continuing without SRC support
- BIND 9.4.1
- [root@dbserv1 named]# lslpp -w /usr/sbin/named
- 文件 文件集 类型
- ----------------------------------------------------------------------------
- /usr/sbin/named bos.net.tcp.server Symlink
一.Configuring The Master DNS Server:
1.Make the rndc.conf file:
If you want to manage DNS by rndc command,ensure that the rndc.conf or rndc.key are exist.If them aren't exist,use following command to make it.
- [root@dbserv1 named]# rndc-confgen >/etc/rndc.conf
2.Create /etc/named.conf:
- options {
- listen-on port 53 { 127.0.0.1;172.16.255.11; };
- directory "/etc/named";
- };
- zone "." IN {
- type hint;
- file "named.ca";
- };
- zone "xzxj.edu.cn" in {
- type master;
- file "named.xzxj.data";
- };
- zone "255.16.172.in-addr.arpa" in {
- type master;
- file "named.xzxj.rev";
- };
- zone "0.0.127.in-addr.arpa" in {
- type master;
- file "named.local";
- };
- zone "localdomain" IN {
- type master;
- file "localdomain.zone";
- };
- zone "localhost" IN {
- type master;
- file "localhost.zone";
- };
- zone "255.in-addr.arpa" IN {
- type master;
- file "named.broadcast";
- };
- zone "0.in-addr.arpa" IN {
- type master;
- file "named.zero";
- };
- logging {
- channel syslog_errors { // this channel will send errors or
- syslog user; // or worse to syslog (user facility)
- severity error;
- };
- channel audit_log {
- file "named.log" versions 3 size 20m;
- severity info;
- print-time yes;
- print-category yes;
- };
- category default { audit_log; };
- category general { audit_log; };
- category security { audit_log; default_syslog; };
- category config { default_syslog; };
- category resolver { audit_log; };
- category xfer-in { audit_log; };
- category xfer-out { audit_log; };
- category notify { audit_log; };
- category client { audit_log; };
- category network { audit_log; };
- category update { audit_log; };
- category queries { audit_log; };
- category lame-servers { audit_log; };
- };
3.Append following lines to named.conf and uncomment them:
- [root@dbserv1 named]# tail -10 /etc/rndc.conf>>/etc/named.conf
- [root@dbserv1 named]# tail -10 /etc/named.conf
- key "rndc-key" {
- algorithm hmac-md5;
- secret "ExxtiKY7VCbCJQew9fVsMA==";
- };
- controls {
- inet 127.0.0.1 port 953
- allow { 127.0.0.1; } keys { "rndc-key"; };
- };
4.Create named home directory:
- [root@dbserv1 named]#mkdir /etc/named
- [root@dbserv1 named]#touch /etc/named/named.log
5.Create zones file:
The named.xzxj.data file:
- [root@dbserv1 named]# cat named.xzxj.data
- $TTL 86400
- @ IN SOA dbserv1.xzxj.edu.cn. root (
- 2012070100 ; serial (d. adams)
- 3H ; refresh
- 15M ; retry
- 1W ; expiry
- 1D ) ; minimum
- IN NS dbserv1.xzxj.edu.cn.
- IN MX 10 mail.xzxj.edu.cn.
- xzxj.edu.cn. IN A 172.16.255.11
- mail IN A 172.16.255.11
- dbserv1 IN A 172.16.255.11
- dbserv2 IN A 172.16.255.13
The named.xzxj.rev file:
- [root@dbserv1 named]# cat named.xzxj.rev
- $TTL 86400
- @ IN SOA dbserv1.xzxj.edu.cn. root (
- 2012070100 ; Serial
- 28800 ; Refresh
- 14400 ; Retry
- 3600000 ; Expire
- 86400 ) ; Minimum
- IN NS dbserv1.xzxj.edu.cn.
- IN MX 70 mail.xzxj.edu.cn.
- 11 IN PTR mail.xzxj.edu.cn.
- IN PTR dbserv1.xzxj.edu.cn.
- 13 IN PTR dbserv2.xzxj.edu.cn.
The localhost.zone file:
- [root@dbserv1 named]# cat localhost.zone
- $TTL 86400
- @ IN SOA @ root (
- 42 ; serial (d. adams)
- 3H ; refresh
- 15M ; retry
- 1W ; expiry
- 1D ) ; minimum
- IN NS @
- IN A 127.0.0.1
- IN AAAA ::1
The localdomain.zone file:
- [root@dbserv1 named]# cat localdomain.zone
- $TTL 86400
- @ IN SOA localhost root (
- 42 ; serial (d. adams)
- 3H ; refresh
- 15M ; retry
- 1W ; expiry
- 1D ) ; minimum
- IN NS localhost
- localhost IN A 127.0.0.1
The named.local file:
- [root@dbserv1 named]# cat named.local
- $TTL 86400
- @ IN SOA localhost. root.localhost. (
- 2012070100 ; Serial
- 28800 ; Refresh
- 14400 ; Retry
- 3600000 ; Expire
- 86400 ) ; Minimum
- IN NS localhost.
- 1 IN PTR localhost.
The named.broadcast file:
- [root@dbserv1 named]# cat named.broadcast
- $TTL 86400
- @ IN SOA localhost. root.localhost. (
- 42 ; serial (d. adams)
- 3H ; refresh
- 15M ; retry
- 1W ; expiry
- 1D ) ; minimum
- IN NS localhost.
The named.zero file:
- [root@dbserv1 named]# cat named.zero
- $TTL 86400
- @ IN SOA localhost. root.localhost. (
- 42 ; serial (d. adams)
- 3H ; refresh
- 15M ; retry
- 1W ; expiry
- 1D ) ; minimum
- IN NS localhost.
The named.ca file:
- [root@dbserv1 named]# cat named.ca
- ; <<>> DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5_4.2 <<>> -t NS .
- ;; global options: printcmd
- ;; Got answer:
- ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 42043
- ;; flags: qr rd ra; QUERY: 1, ANSWER: 13, AUTHORITY: 0, ADDITIONAL: 14
- ;; QUESTION SECTION:
- ;. IN NS
- ;; ANSWER SECTION:
- . 518230 IN NS l.root-servers.net.
- . 518230 IN NS m.root-servers.net.
- . 518230 IN NS a.root-servers.net.
- . 518230 IN NS b.root-servers.net.
- . 518230 IN NS c.root-servers.net.
- . 518230 IN NS d.root-servers.net.
- . 518230 IN NS e.root-servers.net.
- . 518230 IN NS f.root-servers.net.
- . 518230 IN NS g.root-servers.net.
- . 518230 IN NS h.root-servers.net.
- . 518230 IN NS i.root-servers.net.
- . 518230 IN NS j.root-servers.net.
- . 518230 IN NS k.root-servers.net.
- ;; ADDITIONAL SECTION:
- a.root-servers.net. 604630 IN A 198.41.0.4
- a.root-servers.net. 604630 IN AAAA 2001:503:ba3e::2:30
- b.root-servers.net. 604630 IN A 192.228.79.201
- c.root-servers.net. 604630 IN A 192.33.4.12
- d.root-servers.net. 604630 IN A 128.8.10.90
- e.root-servers.net. 604630 IN A 192.203.230.10
- f.root-servers.net. 604630 IN A 192.5.5.241
- f.root-servers.net. 604630 IN AAAA 2001:500:2f::f
- g.root-servers.net. 604630 IN A 192.112.36.4
- h.root-servers.net. 604630 IN A 128.63.2.53
- h.root-servers.net. 604630 IN AAAA 2001:500:1::803f:235
- i.root-servers.net. 604630 IN A 192.36.148.17
- j.root-servers.net. 604630 IN A 192.58.128.30
- j.root-servers.net. 604630 IN AAAA 2001:503:c27::2:30
After created above files,then start named:
- [root@dbserv1 named]# startsrc -s named
- 0513-059 已启动“named 子系统”。子系统 PID 为 3670234。
- [root@dbserv1 named]# lssrc -ls named
- Subsystem Group PID Status
- named tcpip 3670234 活动的
- Debug Inactive
- Type Zone Source File or Host
- master xzxj.edu.cn named.xzxj.data
- master 255.16.172.in-addr.arpa named.xzxj.rev
- master 0.0.127.in-addr.arpa named.local
- master localdomain localdomain.zone
- master localhost localhost.zone
- master 255.in-addr.arpa named.broadcast
- master 0.in-addr.arpa named.zero
6.Edit the resolv.conf:
- [root@dbserv1 named]# cat /etc/resolv.conf
- nameserver 172.16.255.11
- domain xzxj.edu.cn
- search xzxj.edu.cn
7.Testing:
- [root@dbserv1 named]# host dbserv1
- dbserv1.xzxj.edu.cn 是 172.16.255.11
- [root@dbserv1 named]# host dbserv2
- dbserv2.xzxj.edu.cn 是 172.16.255.13
- [root@dbserv1 named]# dig -x 172.16.255.11
- ; <<>> DiG 9.4.1 <<>> -x 172.16.255.11
- ;; global options: printcmd
- ;; Got answer:
- ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 201
- ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 1, ADDITIONAL: 1
- ;; QUESTION SECTION:
- ;11.255.16.172.in-addr.arpa. IN PTR
- ;; ANSWER SECTION:
- 11.255.16.172.in-addr.arpa. 86400 IN PTR mail.xzxj.edu.cn.
- 11.255.16.172.in-addr.arpa. 86400 IN PTR dbserv1.xzxj.edu.cn.
- ;; AUTHORITY SECTION:
- 255.16.172.in-addr.arpa. 86400 IN NS dbserv1.xzxj.edu.cn.
- ;; ADDITIONAL SECTION:
- dbserv1.xzxj.edu.cn. 86400 IN A 172.16.255.11
- ;; Query time: 1 msec
- ;; SERVER: 172.16.255.11#53(172.16.255.11)
- ;; WHEN: Sun Jul 1 15:43:50 2012
- ;; MSG SIZE rcvd: 126
8.The named log output like this:
- [root@dbserv1 /]# tail -f /etc/named/named.log
- 01- 7月-2012 15时39分56秒.615 general: zone 0.in-addr.arpa/IN: loaded serial 42
- 01- 7月-2012 15时39分56秒.616 general: zone 0.0.127.in-addr.arpa/IN: loaded serial 2012070100
- 01- 7月-2012 15时39分56秒.618 general: zone 255.16.172.in-addr.arpa/IN: loaded serial 2012070100
- 01- 7月-2012 15时39分56秒.619 general: zone 255.in-addr.arpa/IN: loaded serial 42
- 01- 7月-2012 15时39分56秒.620 general: zone xzxj.edu.cn/IN: loaded serial 2012070100
- 01- 7月-2012 15时39分56秒.621 general: zone localdomain/IN: loaded serial 42
- 01- 7月-2012 15时39分56秒.622 general: zone localhost/IN: loaded serial 42
- 01- 7月-2012 15时39分56秒.623 general: running
- 01- 7月-2012 15时43分43秒.753 queries: client 172.16.255.11#33573: query: dbserv1.xzxj.edu.cn IN A +
- 01- 7月-2012 15时43分45秒.408 queries: client 172.16.255.11#33574: query: dbserv2.xzxj.edu.cn IN A +
- 01- 7月-2012 15时43分50秒.134 queries: client 172.16.255.11#33575: query: 11.255.16.172.in-addr.arpa IN PTR +
9.Using rndc command:
- [root@dbserv1 named]# rndc reload
- server reload successful
- [root@dbserv1 named]# rndc status
- number of zones: 7
- debug level: 0
- xfers running: 0
- xfers deferred: 0
- soa queries in progress: 0
- query logging is ON
- recursive clients: 0/0/1000
- tcp clients: 0/100
- server is up and running
二.Configure The Slave DNS Server:
1.Make the rndc.conf file:
- [root@dbserv2 named]# rndc-confgen >/etc/rndc.conf
- [root@dbserv2 named]#tail -10 /etc/rndc.conf >/etc/named.conf
2.Edit the named.conf file:
- [root@dbserv2 named]# cat /etc/named.conf
- options {
- listen-on port 53 { 127.0.0.1;172.16.255.11; };
- directory "/etc/named";
- };
- zone "." IN {
- type hint;
- file "named.ca";
- };
- zone "xzxj.edu.cn" IN {
- type slave;
- file "named.xzxj.data.bak";
- masters { 172.16.255.11; };
- };
- zone "255.16.172.in-addr.arpa" IN {
- type slave;
- file "named.xzxj.rev.bak";
- masters { 172.16.255.11; };
- };
- zone "0.0.127.in-addr.arpa" in {
- type master;
- file "named.local";
- };
- logging {
- channel syslog_errors { // this channel will send errors or
- syslog user; // or worse to syslog (user facility)
- severity error;
- };
- channel audit_log {
- file "named.log" versions 3 size 20m;
- severity info;
- print-time yes;
- print-category yes;
- };
- category default { audit_log; };
- category general { audit_log; };
- category security { audit_log; default_syslog; };
- category config { default_syslog; };
- category resolver { audit_log; };
- category xfer-in { audit_log; };
- category xfer-out { audit_log; };
- category notify { audit_log; };
- category client { audit_log; };
- category network { audit_log; };
- category update { audit_log; };
- category queries { audit_log; };
- category lame-servers { audit_log; };
- };
- key "rndc-key" {
- algorithm hmac-md5;
- secret "5xl+9GORa0hrur3AmakrXQ==";
- };
- controls {
- inet 127.0.0.1 port 953
- allow { 127.0.0.1; } keys { "rndc-key"; };
- };
3.Create zone files:
The named.local file:
- [root@dbserv2 named]# cat named.local
- $TTL 86400
- @ IN SOA localhost. root.localhost. (
- 2012070100 ; Serial
- 28800 ; Refresh
- 14400 ; Retry
- 3600000 ; Expire
- 86400 ) ; Minimum
- IN NS localhost.
- 1 IN PTR localhost.
The named.ca file:
- [root@dbserv2 named]# cat named.ca
- ; <<>> DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5_4.2 <<>> -t NS .
- ;; global options: printcmd
- ;; Got answer:
- ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 42043
- ;; flags: qr rd ra; QUERY: 1, ANSWER: 13, AUTHORITY: 0, ADDITIONAL: 14
- ;; QUESTION SECTION:
- ;. IN NS
- ;; ANSWER SECTION:
- . 518230 IN NS l.root-servers.net.
- . 518230 IN NS m.root-servers.net.
- . 518230 IN NS a.root-servers.net.
- . 518230 IN NS b.root-servers.net.
- . 518230 IN NS c.root-servers.net.
- . 518230 IN NS d.root-servers.net.
- . 518230 IN NS e.root-servers.net.
- . 518230 IN NS f.root-servers.net.
- . 518230 IN NS g.root-servers.net.
- . 518230 IN NS h.root-servers.net.
- . 518230 IN NS i.root-servers.net.
- . 518230 IN NS j.root-servers.net.
- . 518230 IN NS k.root-servers.net.
- ;; ADDITIONAL SECTION:
- a.root-servers.net. 604630 IN A 198.41.0.4
- a.root-servers.net. 604630 IN AAAA 2001:503:ba3e::2:30
- b.root-servers.net. 604630 IN A 192.228.79.201
- c.root-servers.net. 604630 IN A 192.33.4.12
- d.root-servers.net. 604630 IN A 128.8.10.90
- e.root-servers.net. 604630 IN A 192.203.230.10
- f.root-servers.net. 604630 IN A 192.5.5.241
- f.root-servers.net. 604630 IN AAAA 2001:500:2f::f
- g.root-servers.net. 604630 IN A 192.112.36.4
- h.root-servers.net. 604630 IN A 128.63.2.53
- h.root-servers.net. 604630 IN AAAA 2001:500:1::803f:235
- i.root-servers.net. 604630 IN A 192.36.148.17
- j.root-servers.net. 604630 IN A 192.58.128.30
- j.root-servers.net. 604630 IN AAAA 2001:503:c27::2:30
4.Make named logfile:
- [root@dbserv2 named]# touch /etc/named/named.log
5.Start the named server:
- [root@dbserv2 named]# startsrc -s named
- [root@dbserv2 named]# lssrc -ls named
- Subsystem Group PID Status
- named tcpip 5570784 活动的
- Debug Inactive
- Type Zone Source File or Host
- slave xzxj.edu.cn named.xzxj.data.bak
- slave 255.16.172.in-addr.arpa named.xzxj.rev.bak
- master 0.0.127.in-addr.arpa named.local
After started named,the master zone file will be transfer to slave server:
- 01- 7月-2012 15时18分21秒.625 queries: client 172.16.255.13#33816: query: xzxj.edu.cn IN SOA -E
- 01- 7月-2012 15时18分21秒.724 queries: client 172.16.255.13#32902: query: xzxj.edu.cn IN AXFR -
- 01- 7月-2012 15时18分21秒.741 xfer-out: client 172.16.255.13#32902: transfer of 'xzxj.edu.cn/IN': AXFR started
- 01- 7月-2012 15时18分21秒.744 xfer-out: client 172.16.255.13#32902: transfer of 'xzxj.edu.cn/IN': AXFR ended
- 01- 7月-2012 15时18分22秒.096 queries: client 172.16.255.13#33816: query: 255.16.172.in-addr.arpa IN SOA -E
- 01- 7月-2012 15时18分22秒.125 queries: client 172.16.255.13#32903: query: 255.16.172.in-addr.arpa IN AXFR -
- 01- 7月-2012 15时18分22秒.125 xfer-out: client 172.16.255.13#32903: transfer of '255.16.172.in-addr.arpa/IN': AXFR started
- 01- 7月-2012 15时18分22秒.125 xfer-out: client 172.16.255.13#32903: transfer of '255.16.172.in-addr.arpa/IN': AXFR ended
- 01- 7月-2012 15时19分52秒.595 queries: client 172.16.255.11#33564: query: 11.255.16.172.in-addr.arpa IN PTR +
- [root@dbserv2 named]# pwd
- /etc/named
- [root@dbserv2 named]# ls -l
- total 40
- -rw-r--r-- 1 root system 2103 7月01 15时11 named.ca
- -rw-r--r-- 1 root system 430 7月01 15时51 named.local
- -rw-r--r-- 1 root system 1101 7月01 15时18 named.log
- -rw-r--r-- 1 root system 426 7月01 15时18 named.xzxj.data.bak
- -rw-r--r-- 1 root system 466 7月01 15时18 named.xzxj.rev.bak
6.Edit /etc/resolv.conf file:
- [root@dbserv2 named]# cat /etc/resolv.conf
- nameserver 172.16.255.13
- domain xzxj.edu.cn
- search xzxj.edu.cn
7.Testing:
- [root@dbserv2 named]# host dbserv1
- dbserv1.xzxj.edu.cn 是 172.16.255.11
- [root@dbserv2 named]# host dbserv2
- dbserv2.xzxj.edu.cn 是 172.16.255.13
- [root@dbserv2 named]# dig -x 172.16.255.11
- ; <<>> DiG 9.4.1 <<>> -x 172.16.255.11
- ;; global options: printcmd
- ;; Got answer:
- ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 737
- ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1
- ;; QUESTION SECTION:
- ;11.255.16.172.in-addr.arpa. IN PTR
- ;; ANSWER SECTION:
- 11.255.16.172.in-addr.arpa. 86400 IN PTR dbserv1.xzxj.edu.cn.
- ;; AUTHORITY SECTION:
- 255.16.172.in-addr.arpa. 86400 IN NS dbserv2.xzxj.edu.cn.
- ;; ADDITIONAL SECTION:
- dbserv2.xzxj.edu.cn. 86400 IN A 172.16.255.13
- ;; Query time: 1 msec
- ;; SERVER: 172.16.255.13#53(172.16.255.13)
- ;; WHEN: Sun Jul 1 15:57:09 2012
- ;; MSG SIZE rcvd: 114
- [root@dbserv2 named]# nslookup dbserv1
- Server: 172.16.255.13
- Address: 172.16.255.13#53
- Name: dbserv1.xzxj.edu.cn
- Address: 172.16.255.11
For more information from here.
本文出自 “candon123” 博客,谢绝转载!