Linux(RHEL 5)中Bind服务的安装与配置全过程

红色字体为配置,蓝色为要特别注意的
与RHEL 4的对比请看Linux(RHEL 4)系列 之 DNS配置
 
[root@localhost ~]# rpm -qa|grep bind   // 查看当前已安装的 bind 所需要的包
bind-utils- 9.3.3 -10.el5     // 表明安装的是 bind-9.3.3-10
kdebindings- 3.5.4 -1.fc6
ypbind-1.19-8.el5
bind-libs- 9.3.3 -10.el5
[root@localhost ~]# mkdir /mnt/cdrom   // 创建用来挂载光盘的目录
[root@localhost ~]# mount /dev/cdrom /mnt/cdrom/     // 将光盘挂载到 /mnt/cdrom/
mount: block device /dev/cdrom is write-protected, mounting read-only
[root@localhost ~]# cd /mnt/cdrom/Server/      // 切换目录到 /mnt/cdrom/Server/
[root@localhost Server]# ls -l bind*   // 查看该目录下以 bind 开头的所有文件
-rw-r--r-- 113 root root  977426 2007-08-14 bind- 9.3.3 -10.el5.i386.rpm
-rw-r--r-- 109 root root   39879 2007-08-14 bind-chroot- 9.3.3 -10.el5.i386.rpm
-rw-r--r-- 124 root root 2679780 2007-08-14 bind-devel- 9.3.3 -10.el5.i386.rpm
-rw-r--r-- 125 root root  449579 2007-08-14 bind-libbind-devel- 9.3.3 -10.el5.i386.rpm
-rw-r--r-- 133 root root  857545 2007-08-14 bind-libs- 9.3.3 -10.el5.i386.rpm
-rw-r--r-- 109 root root  227173 2007-08-14 bind-sdb- 9.3.3 -10.el5.i386.rpm
-rw-r--r-- 113 root root  166398 2007-08-14 bind-utils- 9.3.3 -10.el5.i386.rpm
[root@localhost Server]# rpm -ivh bind-chroot- 9.3.3 -10.el5.i386.rpm     rpm 工具安装包
warning: bind-chroot- 9.3.3 -10.el5.i386.rpm: Header V3 DSA signature: NOKEY, key ID 37017186
error: Failed dependencies:
        bind = 30: 9.3.3 -10.el5 is needed by bind-chroot-9.3.3-10.el5.i386
[root@localhost Server]# rpm -ivh bind- 9.3.3 -10.el5.i386.rpm
warning: bind- 9.3.3 -10.el5.i386.rpm: Header V3 DSA signature: NOKEY, key ID 37017186
Preparing...                ########################################### [100%]
   1:bind                   ########################################### [100%]
[root@localhost Server]# rpm -ivh bind-chroot- 9.3.3 -10.el5.i386.rpm
warning: bind-chroot- 9.3.3 -10.el5.i386.rpm: Header V3 DSA signature: NOKEY, key ID 37017186
Preparing...                ########################################### [100%]
   1:bind-chroot            ########################################### [100%]
Locating /var/named/chroot//etc/named.conf failed:
[ 失败 ]
[root@localhost Server]# rpm -ivh bind-devel- 9.3.3 -10.el5.i386.rpm
warning: bind-devel- 9.3.3 -10.el5.i386.rpm: Header V3 DSA signature: NOKEY, key ID 37017186
Preparing...                ########################################### [100%]
   1:bind-devel             ########################################### [100%]
[root@localhost Server]# rpm -ivh bind-libbind-devel- 9.3.3 -10.el5.i386.rpm
warning: bind-libbind-devel- 9.3.3 -10.el5.i386.rpm: Header V3 DSA signature: NOKEY, key ID 37017186
Preparing...                ########################################### [100%]
   1:bind-libbind-devel     ########################################### [100%]
[root@localhost Server]# rpm -ivh bind-libs- 9.3.3 -10.el5.i386.rpm
warning: bind-libs- 9.3.3 -10.el5.i386.rpm: Header V3 DSA signature: NOKEY, key ID 37017186
Preparing...                ########################################### [100%]
        package bind-libs- 9.3.3 -10.el5 is already installed
[root@localhost Server]# rpm -ivh bind-chroot- 9.3.3 -10.el5.i386.rpm
warning: bind-chroot- 9.3.3 -10.el5.i386.rpm: Header V3 DSA signature: NOKEY, key ID 37017186
Preparing...                ########################################### [100%]
        package bind-chroot- 9.3.3 -10.el5 is already installed
[root@localhost Server]# rpm -ivh bind-sdb- 9.3.3 -10.el5.i386.rpm
warning: bind-sdb- 9.3.3 -10.el5.i386.rpm: Header V3 DSA signature: NOKEY, key ID 37017186
error: Failed dependencies:
        libpq.so.4 is needed by bind-sdb- 9.3.3 -10.el5.i386
[root@localhost Server]# rpm -qa|grep bind
bind-chroot- 9.3.3 -10.el5
bind-utils- 9.3.3 -10.el5
kdebindings- 3.5.4 -1.fc6
bind-libbind-devel- 9.3.3 -10.el5
bind- 9.3.3 -10.el5
ypbind-1.19-8.el5
bind-libs- 9.3.3 -10.el5
bind-devel- 9.3.3 -10.el5
[root@localhost Server]# rpm -ivh cach    // 按下 Tab 键补余
cachefilesd-0.8-2.el5.i386.rpm
caching-nameserver- 9.3.3 -10.el5.i386.rpm
[root@localhost Server]# rpm -ivh caching-nameserver- 9.3.3 -10.el5.i386.rpm   
//   这是最重要的一个包,和 RHEL 4 不同之处就在这里,这个包在 RHEL 5 BIND 服务是必须的。
warning: caching-nameserver- 9.3.3 -10.el5.i386.rpm: Header V3 DSA signature: NOKEY, key ID 37017186
Preparing...                ########################################### [100%]
   1:caching-nameserver     ########################################### [100%]
[root@localhost Server]# rpm -qa|grep bind
bind-chroot- 9.3.3 -10.el5
bind-utils- 9.3.3 -10.el5
kdebindings- 3.5.4 -1.fc6
bind-libbind-devel- 9.3.3 -10.el5
bind- 9.3.3 -10.el5
ypbind-1.19-8.el5
bind-libs- 9.3.3 -10.el5
bind-devel- 9.3.3 -10.el5
[root@localhost Server]# cd /var/named/chroot/etc/          // 查看是否安装正确正确情况是包括以下文件的:
/var/named/chroot/etc/ 下面有
named.caching-nameserver.conf
named.rfc1912.zones
/var/named/chroot/var/named/ 下面有
localdomain.zone
localhost.zone
named.ca
named.local
[root@localhost etc]# ls -l
总计 32
-rw-r--r-- 1 root root   405 12-14 20:06 localtime
-rw-r----- 1 root named 1100 2007-07-19 named.caching-nameserver.conf
-rw-r----- 1 root named  955 2007-07-19 named.rfc1912.zones
-rw-r--r-- 1 root named  113 12-14 20:07 rndc.key
[root@localhost etc]# cd /var/named/chroot/var/named/
[root@localhost named]# ls -l
总计 72
drwxrwx--- 2 named named 4096 2004-08-26 data
-rw-r----- 1 root  named  198 2007-07-19 localdomain.zone
-rw-r----- 1 root  named  195 2007-07-19 localhost.zone
-rw-r----- 1 root  named  427 2007-07-19 named.broadcast
-rw-r----- 1 root  named 2518 2007-07-19 named.ca
-rw-r----- 1 root  named  424 2007-07-19 named.ip6.local
-rw-r----- 1 root  named  426 2007-07-19 named.local
-rw-r----- 1 root  named  427 2007-07-19 named.zero
drwxrwx--- 2 named named 4096 2004-07-27 slaves
[root@localhost named]# cd ..
[root@localhost var]# cd ..
[root@localhost chroot]# cd etc/
[root@localhost etc]# cp -b named.caching-nameserver.conf named.caching-nameserver.conf.bak  
[root@localhost etc]# cp -b named.rfc1912.zones named.rfc1912.zones.bak
// 上面这两行是备份文件,以免不小心把文件破坏
[root@localhost etc]# cat named.caching-nameserver.conf    // 修改前的文件,做对比之用
//
// named.caching-nameserver.conf
//
// Provided by Red Hat caching-nameserver package to configure the
// ISC BIND named(8) DNS server as a caching only nameserver
// (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
// DO NOT EDIT THIS FILE - use system-config-bind or an editor
// to create named.conf - edits to this file will be lost on
// caching-nameserver package upgrade.
//
options {
        listen-on port 53 { 127.0.0.1; };
        listen-on-v6 port 53 { ::1; };
        directory       "/var/named";
        dump-file       "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
        memstatistics-file "/var/named/data/named_mem_stats.txt";
        query-source    port 53;
        query-source-v6 port 53;
        allow-query     { localhost; };
};
logging {
        channel default_debug {
                file "data/named.run";
                severity dynamic;
        };
};
view localhost_resolver {
        match-clients      { localhost; };
        match-destinations { localhost; };
        recursion yes;
        include "/etc/named.rfc1912.zones";
};
[root@localhost etc]# vi named.caching-nameserver.conf      // vi 编辑器编辑文件内容
[root@localhost etc]# cat named.caching-nameserver.conf            // 查看修改后的文件,
和原文件作对比
//
// named.caching-nameserver.conf
//
// Provided by Red Hat caching-nameserver package to configure the
// ISC BIND named(8) DNS server as a caching only nameserver
// (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
// DO NOT EDIT THIS FILE - use system-config-bind or an editor
// to create named.conf - edits to this file will be lost on
// caching-nameserver package upgrade.
//
options {
        listen-on port 53 { any; };
        listen-on-v6 port 53 { ::1; };
        directory       "/var/named";
        dump-file       "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
        memstatistics-file "/var/named/data/named_mem_stats.txt";
        query-source    port 53;
        query-source-v6 port 53;
        allow-query     { any; };
};
logging {
        channel default_debug {
                file "data/named.run";
                severity dynamic;
        };
};
view localhost_resolver {
        match-clients      { any; };
        match-destinations  { any; };
        recursion yes;
        include "/etc/named.rfc1912.zones";
};
[root@localhost etc]# cat named.rfc1912.zones
// named.rfc1912.zones:
//
// Provided by Red Hat caching-nameserver package
//
// ISC BIND named zone configuration for zones recommended by
// RFC 1912 section 4.1 : localhost TLDs and address zones
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
zone "." IN {
        type hint;
        file "named.ca";
};
 
zone "localdomain" IN {
        type master;
        file "localdomain.zone";
        allow-update { none; };
};
 
zone "localhost" IN {
        type master;
        file "localhost.zone";
        allow-update { none; };
};
 
zone "0.0.127.in-addr.arpa" IN {
        type master;
        file "named.local";
        allow-update { none; };
};
 
zone " 0.0.0 .0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN {
        type master;
        file "named.ip6.local";
        allow-update { none; };
};
 
zone "255.in-addr.arpa" IN {
        type master;
        file "named.broadcast";
        allow-update { none; };
};
 
zone "0.in-addr.arpa" IN {
        type master;
        file "named.zero";
        allow-update { none; };
};
[root@localhost etc]# vi named.rfc1912.zones     // 某些操作看下面的图

[root@localhost etc]# cat named.rfc1912.zones
// named.rfc1912.zones:
//
// Provided by Red Hat caching-nameserver package
//
// ISC BIND named zone configuration for zones recommended by
// RFC 1912 section 4.1 : localhost TLDs and address zones
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
zone "." IN {
        type hint;
        file "named.ca";
};
 
zone "localdomain" IN {
        type master;
        file "localdomain.zone";
        allow-update { none; };
};
 
zone "localhost" IN {                          // 从这往下复制 12 行的原因是备份之用
        type master;
        file "localhost.zone";
        allow-update { none; };
};
 
zone "0.0.127.in-addr.arpa" IN {
        type master;
        file "named.local";
        allow-update { none; };
};
 
zone " 0.0.0 .0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN {
        type master;
        file "named.ip6.local";
        allow-update { none; };
};
 
zone "255.in-addr.arpa" IN {
        type master;
        file "named.broadcast";
        allow-update { none; };
};
 
zone "0.in-addr.arpa" IN {
        type master;
        file "named.zero";
        allow-update { none; };
};
 
zone "bokai.com" IN {                //bokai.com 要与正向解析文件名一致
        type master;
        file "bokai.com";
        allow-update { none; };
};
 
zone "10.168.192.in-addr.arpa" IN {     //192.168.10 与反向解析文件名要一致
        type master;
        file "192.168.10";
        allow-update { none; };
};
 
[root@localhost etc]# cd ..
[root@localhost chroot]# pwd
/var/named/chroot
[root@localhost chroot]# cd var/named/
[root@localhost named]# ls -l
总计 72
drwxrwx--- 2 named named 4096 2004-08-26 data
-rw-r----- 1 root  named  198 2007-07-19 localdomain.zone
-rw-r----- 1 root  named  195 2007-07-19 localhost.zone
-rw-r----- 1 root  named  427 2007-07-19 named.broadcast
-rw-r----- 1 root  named 2518 2007-07-19 named.ca
-rw-r----- 1 root  named  424 2007-07-19 named.ip6.local
-rw-r----- 1 root  named  426 2007-07-19 named.local
-rw-r----- 1 root  named  427 2007-07-19 named.zero
drwxrwx--- 2 named named 4096 2004-07-27 slaves
[root@localhost named]# cp -p localhost.zone bokai.com     // 复制的时候加上 -p 参数可以把属性也一起复制过来,以免以后还要修改
[root@localhost named]# cp -p named.local 192.168.10
[root@localhost named]# vi bokai.com    // 编辑正向解析文件

[root@localhost named]# cat bokai.com
$TTL    86400
@               IN SOA  www.bokai.com.  root.www.bokai.com. (
                                        2009121201      ; serial (d. adams )
                                        3H              ; refresh
                                        15M              ; retry
                                        1W              ; expiry
                                        1D )            ; minimum
 
                IN NS           www.bokai.com
                IN A            127.0.0.1
                IN AAAA         ::1
www.bokai.com.  IN A          192.168.10.1
ftp.bokai.com.  IN CNAME      www.bokai.com..
[root@localhost named]# vi 192.168.10      // 编辑反向解析文件
[root@localhost named]# cat 192.168.10
$TTL    86400
@       IN      SOA     www.bokai.com. root.www.bokai.com.  (
                                      2009121201 ; Serial
                                      28800      ; Refresh
                                      14400      ; Retry
                                      3600000    ; Expire
                                      86400 )    ; Minimum
        IN      NS      www.bokai.com.
1       IN       PTR     www.bokai.com.
[root@localhost named]# cd
[root@localhost ~]# vi /etc/resolv.conf       // 编辑域名服务器 IP
[root@localhost ~]# cat /etc/resolv.conf
nameserver 192.168.10.1
nameserver 192.168.10.1
search bokai.com
[root@localhost ~]# vi /etc/hosts           // 编辑主机文件
[root@localhost ~]# cat /etc/hosts
# Do not remove the following line, or various programs
# that require network functionality will fail.
127.0.0.1       localhost.localdomain   localhost
192.168.10.1    www.bokai.com  www
[root@localhost ~]# /etc/init.d/named start     // 启动 named 进程(就是启动 DNS 服务)
启动 named                                                [ 确定 ]
[root@localhost ~]# nslookup     // 运用 nslookup 命令行工具测试 DNS 服务的解析是否正常
> www.bokai.com
Server:         192.168.10.1
Address:        192.168.10.1#53
 
Name:   www.bokai.com
Address: 192.168.10.1
> ftp.bokai.com
Server:         192.168.10.1
Address:        192.168.10.1#53
 
ftp.bokai.com   canonical name = www.bokai.com.
Name:   www.bokai.com
Address: 192.168.10.1
> 192.168.10.1
Server:         192.168.10.1
Address:        192.168.10.1#53
 
1.10.168.192.in-addr.arpa       name = www.bokai.com.
> exit
 
[root@localhost ~]# umount /dev/cdrom     // 最后卸载挂载的光盘
[root@localhost ~]#

你可能感兴趣的:(linux,bind,dns,RHEL,图解)