DNS服务器配置
DNS服务器配置
试验环境:
1.装有RHEL5系统计算机一台;IP:192.168.1.217
2.客户机一台;IP:192.168.1.218 DNS:192.168.1.217
3.确保两台主机可通信;
4.server可与互联网通信;
实验目的:
搭建DNS服务器,能提供域名解析
1.装有RHEL5系统计算机一台;IP:192.168.1.217
2.客户机一台;IP:192.168.1.218 DNS:192.168.1.217
3.确保两台主机可通信;
4.server可与互联网通信;
实验目的:
搭建DNS服务器,能提供域名解析
试验步骤:
1.DNS服务器包的安装;
2.修改DNS主配置文件
3.创建正向区域和反向区域文件;
4.修改正、反向区域文件的属组;
5.重启dns服务
6.正向和反向的测试;
1.DNS服务器包的安装;
2.修改DNS主配置文件
3.创建正向区域和反向区域文件;
4.修改正、反向区域文件的属组;
5.重启dns服务
6.正向和反向的测试;
实验具体步骤:
2.4内核下的配置:
第一步:安装dns服务器包;
[root@colu ~]#mount /dev/cdrom /media/mnt ------挂载光盘
[root@colu ~]#cd /media/mnt/Server ------cd到光盘中
[root@colu Server]# rpm -ivh bind-9.3.3-10 .el5.i386.rpm ------主程序包
[root@colu Server]# rpm -ivh bind-utils-9.3.4-6.Pl.e15.i386.rpm ------库文件包
[root@colu Server]# rpm -ivh caching-nameserver-9.3.3-10 .el5.i386.rpm ------模版文件包
第二步:建立主配置文件,并修改相关选项;
2.4内核下的配置:
第一步:安装dns服务器包;
[root@colu ~]#mount /dev/cdrom /media/mnt ------挂载光盘
[root@colu ~]#cd /media/mnt/Server ------cd到光盘中
[root@colu Server]# rpm -ivh bind-9.3.3-10 .el5.i386.rpm ------主程序包
[root@colu Server]# rpm -ivh bind-utils-9.3.4-6.Pl.e15.i386.rpm ------库文件包
[root@colu Server]# rpm -ivh caching-nameserver-9.3.3-10 .el5.i386.rpm ------模版文件包
第二步:建立主配置文件,并修改相关选项;
首先:copy "named.conf"文件(模版文件)到本机上"/etc/"
[root@colu ~]#cd /etc
[root@colu etc]#vim named.conf
[root@colu ~]#cd /etc
[root@colu etc]#vim named.conf
// generated by named-bootconf.pl
options {
directory "/var/named";
/*
* If there is a firewall between you and nameservers you want
* to talk to, you might need to uncomment the query-source
* directive below. Previous versions of BIND always asked
* questions using port 53, but BIND 8.1 uses an unprivileged
* port by default.
*/
// query-source address * port 53;
};
directory "/var/named";
/*
* If there is a firewall between you and nameservers you want
* to talk to, you might need to uncomment the query-source
* directive below. Previous versions of BIND always asked
* questions using port 53, but BIND 8.1 uses an unprivileged
* port by default.
*/
// query-source address * port 53;
};
//
// a caching only nameserver config
//
controls {
inet 127.0.0.1 allow { localhost; } keys { rndckey; };
};
zone "." IN {
type hint;
file "named.ca";
};
// a caching only nameserver config
//
controls {
inet 127.0.0.1 allow { localhost; } keys { rndckey; };
};
zone "." IN {
type hint;
file "named.ca";
};
zone "localhost" IN {
type master;
file "localhost.zone";
allow-update { none; };
};
type master;
file "localhost.zone";
allow-update { none; };
};
zone "0.0.127.in-addr.arpa" IN {
type master;
file "named.local";
allow-update { none; };
};
//正向区域记录
zone "baidu.com" IN { ------正向区域
type master; ------主区域
file "baidu.zone"; ------正向区域文件
allow-update { none; }; ------不允许动态更新
};
//反向区域记录
zone "1.168.192.in-addr.arpa" IN { ------反向区域
type master; ------主区域
file "baidu.local"; ------反向区域文件
allow-update { none; }; ------不允许动态更新
};
type master;
file "named.local";
allow-update { none; };
};
//正向区域记录
zone "baidu.com" IN { ------正向区域
type master; ------主区域
file "baidu.zone"; ------正向区域文件
allow-update { none; }; ------不允许动态更新
};
//反向区域记录
zone "1.168.192.in-addr.arpa" IN { ------反向区域
type master; ------主区域
file "baidu.local"; ------反向区域文件
allow-update { none; }; ------不允许动态更新
};
include "/etc/rndc.key";
第三步:建立正向区域和反向区域;
[root@colu ~]# cd /var/named/
[root@colu named]#cp named.local baidu.zone cp一份baidu正向区域文件(稍后还要修改)
[root@colu named]#cp named.local baidu.local cp一份baidu反向区域文件(稍后也要修改)
[root@colu named]#vi baidu.zone ------修改baidu的正向区域文件
$TTL 86400
@ IN SOA baidu.com. root.baidu.com. (
1998022700 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS baidu.com.
www IN A 192.168.1.217
[root@colu named]#vi baidu.local ------修改baidu的反向区域文件
$TTL 86400
@ IN SOA baidu.com. root.baidu.com. (
1998022700 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS baidu.com.
217 IN PTR www.baidu.com.
第三步:建立正向区域和反向区域;
[root@colu ~]# cd /var/named/
[root@colu named]#cp named.local baidu.zone cp一份baidu正向区域文件(稍后还要修改)
[root@colu named]#cp named.local baidu.local cp一份baidu反向区域文件(稍后也要修改)
[root@colu named]#vi baidu.zone ------修改baidu的正向区域文件
$TTL 86400
@ IN SOA baidu.com. root.baidu.com. (
1998022700 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS baidu.com.
www IN A 192.168.1.217
[root@colu named]#vi baidu.local ------修改baidu的反向区域文件
$TTL 86400
@ IN SOA baidu.com. root.baidu.com. (
1998022700 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS baidu.com.
217 IN PTR www.baidu.com.
第四步:修改baidu.zone和baidu.local的属组为named
[root@colu named]#chgrp named baidu.zone ------修改baidu.zone的属组为named
[root@colu named]#chgrp named baidu.local ------修改baidu.local的属组为named
[root@colu named]#chgrp named baidu.local ------修改baidu.local的属组为named
第五步:重启dns服务
[root@colu named]#service named restart ------重启DNS服务
第六步:测试
linux系统的客户端:
修改DNS配置文件,指定DNS服务器
[root@colu ~]#vi /etc/resolv.conf
search localdomain
nameserver 192.168.1.217 ------添加DNS服务器的IP
[root@colu ~]#nslookup
> www.baidu.com ------正向解析
Server: 192.168.1.217
Address: 192.168.1.217#53
Name: www.baidu.com
Address: 192.168.1.217
> 192.168.1.217 ------反向解析
Server: 192.168.1.217
Address: 192.168.1.217#53
217.1.168.192.in-addr.arpa name = www.baidu.com.
修改DNS配置文件,指定DNS服务器
[root@colu ~]#vi /etc/resolv.conf
search localdomain
nameserver 192.168.1.217 ------添加DNS服务器的IP
[root@colu ~]#nslookup
> www.baidu.com ------正向解析
Server: 192.168.1.217
Address: 192.168.1.217#53
Name: www.baidu.com
Address: 192.168.1.217
> 192.168.1.217 ------反向解析
Server: 192.168.1.217
Address: 192.168.1.217#53
217.1.168.192.in-addr.arpa name = www.baidu.com.
Windows系统的客户端:
首先:设置TCP/IP属性,将DNS服务器指向192.168.1.217
nslookup
Default Server: www.baidu.com
Address: 192.168.1.217
>www.baidu.com ------正向解析
Server: www.baidu.com
Address: 192.168.1.217
首先:设置TCP/IP属性,将DNS服务器指向192.168.1.217
nslookup
Default Server: www.baidu.com
Address: 192.168.1.217
>www.baidu.com ------正向解析
Server: www.baidu.com
Address: 192.168.1.217
Name:www.baidu.com
Address: 192.168.1.217
Address: 192.168.1.217
>192.168.1.217 ------反向解析
Server: www.baidu.com
Address: 192.168.1.217
Server: www.baidu.com
Address: 192.168.1.217
Name:www.baidu.com
Address: 192.168.1.217
DNS服务器配置完成
*******************************************************************
扩展:
一个IP解析两个域名:(ping 192.168.1.217 既能解析www.baidu.com又能解析www.sina.com.cn)
Address: 192.168.1.217
DNS服务器配置完成
*******************************************************************
扩展:
一个IP解析两个域名:(ping 192.168.1.217 既能解析www.baidu.com又能解析www.sina.com.cn)
第一步:在/etc/named.conf中添加相关的正向区域
[root@colu named]#vi /etc/named.conf
[root@colu named]#vi /etc/named.conf
// generated by named-bootconf.pl
options {
directory "/var/named";
/*
* If there is a firewall between you and nameservers you want
* to talk to, you might need to uncomment the query-source
* directive below. Previous versions of BIND always asked
* questions using port 53, but BIND 8.1 uses an unprivileged
* port by default.
*/
// query-source address * port 53;
};
directory "/var/named";
/*
* If there is a firewall between you and nameservers you want
* to talk to, you might need to uncomment the query-source
* directive below. Previous versions of BIND always asked
* questions using port 53, but BIND 8.1 uses an unprivileged
* port by default.
*/
// query-source address * port 53;
};
//
// a caching only nameserver config
//
controls {
inet 127.0.0.1 allow { localhost; } keys { rndckey; };
};
zone "." IN {
type hint;
file "named.ca";
};
// a caching only nameserver config
//
controls {
inet 127.0.0.1 allow { localhost; } keys { rndckey; };
};
zone "." IN {
type hint;
file "named.ca";
};
zone "localhost" IN {
type master;
file "localhost.zone";
allow-update { none; };
};
type master;
file "localhost.zone";
allow-update { none; };
};
zone "0.0.127.in-addr.arpa" IN {
type master;
file "named.local";
allow-update { none; };
};
type master;
file "named.local";
allow-update { none; };
};
zone "baidu.com" IN {
type master;
file "baidu.zone";
allow-update { none; };
};
type master;
file "baidu.zone";
allow-update { none; };
};
zone "1.168.192.in-addr.arpa" IN {
type master;
file "baidu.local";
allow-update { none; };
};
type master;
file "baidu.local";
allow-update { none; };
};
#添加sina正向区域记录
zone "sina.com.cn" IN {
type master;
file "sina.zone";
allow-update { none; };
};
zone "sina.com.cn" IN {
type master;
file "sina.zone";
allow-update { none; };
};
include "/etc/rndc.key";
第二步:修改正向区域文件和反向区域文件
创建并修改sina的正向区域文件(sina.zone)
[root@colu ~]#cd /var/named
[root@colu named]#cp baidu.zone sina.zone
[root@colu named]#vi sina.com.cn
$TTL 86400
@ IN SOA sina.com.cn. root.sina.com.cn. (
1998022700 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS sina.com.cn.
www IN A 192.168.1.217
修改baidu.local(反向区域文件)
[root@colu named]#vi baidu.local
$TTL 86400
@ IN SOA baidu.com. root.baidu.com. (
1998022700 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS baidu.com.
217 IN PTR www.baidu.com.
217 IN PTR www.sina.com.cn. ------添加一条sina的PTR记录
[root@colu named]#chgrp named sina.zone ------修改sina.zone的属组
[root@colu named]#service named restart ------重启dns服务
第三步:测试
[root@colu named]#nslookup
>www.sina.com.cn ------正向解析
Server: 192.168.1.217
Address: 192.168.1.217#53
[root@colu ~]#cd /var/named
[root@colu named]#cp baidu.zone sina.zone
[root@colu named]#vi sina.com.cn
$TTL 86400
@ IN SOA sina.com.cn. root.sina.com.cn. (
1998022700 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS sina.com.cn.
www IN A 192.168.1.217
修改baidu.local(反向区域文件)
[root@colu named]#vi baidu.local
$TTL 86400
@ IN SOA baidu.com. root.baidu.com. (
1998022700 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS baidu.com.
217 IN PTR www.baidu.com.
217 IN PTR www.sina.com.cn. ------添加一条sina的PTR记录
[root@colu named]#chgrp named sina.zone ------修改sina.zone的属组
[root@colu named]#service named restart ------重启dns服务
第三步:测试
[root@colu named]#nslookup
>www.sina.com.cn ------正向解析
Server: 192.168.1.217
Address: 192.168.1.217#53
Name: www.sina.com.cn
Address: 192.168.1.217
>192.168.1.217 ------反向解析
217.1.168.192.in-addr.arpa name = www.sina.com.cn
217.1.168.192.in-addr.arpa name = www.baidu.com
*******************************************************************
2.6内核下的配置:
Address: 192.168.1.217
>192.168.1.217 ------反向解析
217.1.168.192.in-addr.arpa name = www.sina.com.cn
217.1.168.192.in-addr.arpa name = www.baidu.com
*******************************************************************
2.6内核下的配置:
思路都是一样的,只是配置文件所在的目录发生了变化,需要安装bind-chroot包
/var/named/chroot/var/named/ ------正/反向区域文件的存放路径
/var/named/chroot/etc/named.conf ------主配置文件
安装步骤:
1.DNS服务器包的安装;baidu.com
2.修改DNS主配置文件
3.创建正向区域和反向区域文件;
4.修改正、反向区域文件的属组;
5.重启dns服务;
6.正向和反向的测试;
/var/named/chroot/var/named/ ------正/反向区域文件的存放路径
/var/named/chroot/etc/named.conf ------主配置文件
安装步骤:
1.DNS服务器包的安装;baidu.com
2.修改DNS主配置文件
3.创建正向区域和反向区域文件;
4.修改正、反向区域文件的属组;
5.重启dns服务;
6.正向和反向的测试;
具体安装步骤:
第一步:安装dns服务器包;
[root@colu ~]#mount /dev/cdrom /media/mnt ------挂载光盘
[root@colu ~]#cd /media/mnt/Server ------cd到光盘中
[root@colu Server]# rpm -ivh bind-9.3.3-10 .el5.i386.rpm ------主程序包
[root@colu Server]# rpm -ivh bind-utils-9.3.4-6.Pl.e15.i386.rpm ------库文件包
[root@colu Server]# rpm -ivh caching-nameserver-9.3.3-10 .el5.i386.rpm ------模版文件包
[root@colu Server]# rpm -ivh bind-chroot-9.3.4.-6.Pl.e15.i386.rpm ----建立chroot目录及相关子目录
第一步:安装dns服务器包;
[root@colu ~]#mount /dev/cdrom /media/mnt ------挂载光盘
[root@colu ~]#cd /media/mnt/Server ------cd到光盘中
[root@colu Server]# rpm -ivh bind-9.3.3-10 .el5.i386.rpm ------主程序包
[root@colu Server]# rpm -ivh bind-utils-9.3.4-6.Pl.e15.i386.rpm ------库文件包
[root@colu Server]# rpm -ivh caching-nameserver-9.3.3-10 .el5.i386.rpm ------模版文件包
[root@colu Server]# rpm -ivh bind-chroot-9.3.4.-6.Pl.e15.i386.rpm ----建立chroot目录及相关子目录
第二步:建立主配置文件,并修改相关选项;
首先:copy "named.conf"文件(模版文件)到本机上"/etc/"
[root@colu ~]#cd /var/named/chroot/etc
[root@colu etc]#vim named.conf
[root@colu ~]#cd /var/named/chroot/etc
[root@colu etc]#vim named.conf
// generated by named-bootconf.pl
options {
directory "/var/named";
/*
* If there is a firewall between you and nameservers you want
* to talk to, you might need to uncomment the query-source
* directive below. Previous versions of BIND always asked
* questions using port 53, but BIND 8.1 uses an unprivileged
* port by default.
*/
// query-source address * port 53;
};
directory "/var/named";
/*
* If there is a firewall between you and nameservers you want
* to talk to, you might need to uncomment the query-source
* directive below. Previous versions of BIND always asked
* questions using port 53, but BIND 8.1 uses an unprivileged
* port by default.
*/
// query-source address * port 53;
};
//
// a caching only nameserver config
//
controls {
inet 127.0.0.1 allow { localhost; } keys { rndckey; };
};
zone "." IN {
type hint;
file "named.ca";
};
// a caching only nameserver config
//
controls {
inet 127.0.0.1 allow { localhost; } keys { rndckey; };
};
zone "." IN {
type hint;
file "named.ca";
};
zone "localhost" IN {
type master;
file "localhost.zone";
allow-update { none; };
};
type master;
file "localhost.zone";
allow-update { none; };
};
zone "0.0.127.in-addr.arpa" IN {
type master;
file "named.local";
allow-update { none; };
};
//正向区域记录
zone "baidu.com" IN { ------正向区域
type master; ------主区域
file "baidu.zone"; ------正向区域文件
allow-update { none; }; ------不允许动态更新
};
//反向区域记录
zone "1.168.192.in-addr.arpa" IN { ------反向区域
type master; ------主区域
file "baidu.local"; ------反向区域文件
allow-update { none; }; ------不允许动态更新
};
type master;
file "named.local";
allow-update { none; };
};
//正向区域记录
zone "baidu.com" IN { ------正向区域
type master; ------主区域
file "baidu.zone"; ------正向区域文件
allow-update { none; }; ------不允许动态更新
};
//反向区域记录
zone "1.168.192.in-addr.arpa" IN { ------反向区域
type master; ------主区域
file "baidu.local"; ------反向区域文件
allow-update { none; }; ------不允许动态更新
};
include "/etc/rndc.key";
第三步:建立正向区域和反向区域;
[root@colu ~]# cd /var/named/chroot/var/named/
[root@colu named]#cp named.local baidu.zone cp一份baidu正向区域文件(稍后还要修改)
[root@colu named]#cp named.local baidu.local cp一份baidu反向区域文件(稍后也要修改)
[root@colu named]#vi baidu.zone ------修改baidu的正向区域文件
$TTL 86400
@ IN SOA baidu.com. root.baidu.com. (
1998022700 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS baidu.com.
www IN A 192.168.1.217
[root@colu named]#vi baidu.local ------修改baidu的反向区域文件
$TTL 86400
@ IN SOA baidu.com. root.baidu.com. (
1998022700 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS baidu.com.
217 IN PTR www.baidu.com.
第三步:建立正向区域和反向区域;
[root@colu ~]# cd /var/named/chroot/var/named/
[root@colu named]#cp named.local baidu.zone cp一份baidu正向区域文件(稍后还要修改)
[root@colu named]#cp named.local baidu.local cp一份baidu反向区域文件(稍后也要修改)
[root@colu named]#vi baidu.zone ------修改baidu的正向区域文件
$TTL 86400
@ IN SOA baidu.com. root.baidu.com. (
1998022700 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS baidu.com.
www IN A 192.168.1.217
[root@colu named]#vi baidu.local ------修改baidu的反向区域文件
$TTL 86400
@ IN SOA baidu.com. root.baidu.com. (
1998022700 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS baidu.com.
217 IN PTR www.baidu.com.
第四步:修改baidu.zone和baidu.local的属组为named
[root@colu named]#chgrp named baidu.zone ------修改baidu.zone的属组为named
[root@colu named]#chgrp named baidu.local ------修改baidu.local的属组为named
[root@colu named]#chgrp named baidu.local ------修改baidu.local的属组为named
第五步:重启dns服务
[root@colu named]#service named restart ------重启DNS服务
[root@colu named]#service named restart ------重启DNS服务
第六步:测试
修改DNS配置文件,指定DNS服务器
[root@colu ~]#vi /etc/resolv.conf
search localdomain
nameserver 192.168.1.217 ------添加DNS服务器的IP
[root@colu ~]#nslookup
> www.baidu.com ------正向解析
Server: 192.168.1.217
Address: 192.168.1.217#53
Name: www.baidu.com
Address: 192.168.1.217
> 192.168.1.217 ------反向解析
Server: 192.168.1.217
Address: 192.168.1.217#53
217.1.168.192.in-addr.arpa name = www.baidu.com.
DNS服务器配置完成
*******************************************************************
扩展:辅助DNS服务器的配置
注意:
1、主DNS服务器必须存在
2、主、辅两台服务器不能在同一台服务器上
修改DNS配置文件,指定DNS服务器
[root@colu ~]#vi /etc/resolv.conf
search localdomain
nameserver 192.168.1.217 ------添加DNS服务器的IP
[root@colu ~]#nslookup
> www.baidu.com ------正向解析
Server: 192.168.1.217
Address: 192.168.1.217#53
Name: www.baidu.com
Address: 192.168.1.217
> 192.168.1.217 ------反向解析
Server: 192.168.1.217
Address: 192.168.1.217#53
217.1.168.192.in-addr.arpa name = www.baidu.com.
DNS服务器配置完成
*******************************************************************
扩展:辅助DNS服务器的配置
注意:
1、主DNS服务器必须存在
2、主、辅两台服务器不能在同一台服务器上
安装步骤:
1.DNS服务器包的安装;
2.修改DNS主配置文件
3.创建正向区域和反向区域文件;
4.修改baidu.zone和baidu.local的属组
5.重启dns服务
6.正向和反向的测试;
1.DNS服务器包的安装;
2.修改DNS主配置文件
3.创建正向区域和反向区域文件;
4.修改baidu.zone和baidu.local的属组
5.重启dns服务
6.正向和反向的测试;
具体步骤:
第一步:安装DNS服务器包
[root@colu ~]#mount /dev/cdrom /media/mnt ------挂载光盘
[root@colu ~]#cd /media/mnt/Server ------cd到光盘中
[root@colu Server]# rpm -ivh bind-9.3.3-10 .el5.i386.rpm ------主程序包
[root@colu Server]# rpm -ivh bind-utils-9.3.4-6.Pl.e15.i386.rpm ------库文件包
[root@colu Server]# rpm -ivh caching-nameserver-9.3.3-10 .el5.i386.rpm ------模版文件包
[root@colu Server]# rpm -ivh bind-chroot-9.3.4.-6.Pl.e15.i386.rpm ----建立chroot目录及相关子目录
第一步:安装DNS服务器包
[root@colu ~]#mount /dev/cdrom /media/mnt ------挂载光盘
[root@colu ~]#cd /media/mnt/Server ------cd到光盘中
[root@colu Server]# rpm -ivh bind-9.3.3-10 .el5.i386.rpm ------主程序包
[root@colu Server]# rpm -ivh bind-utils-9.3.4-6.Pl.e15.i386.rpm ------库文件包
[root@colu Server]# rpm -ivh caching-nameserver-9.3.3-10 .el5.i386.rpm ------模版文件包
[root@colu Server]# rpm -ivh bind-chroot-9.3.4.-6.Pl.e15.i386.rpm ----建立chroot目录及相关子目录
第二步:建立主配置文件,并修改相关选项;
首先:copy "named.conf"文件(模版文件)到本机上"/etc/"
[root@colu ~]#cd /var/named/chroot/etc
[root@colu etc]#vim named.conf
[root@colu ~]#cd /var/named/chroot/etc
[root@colu etc]#vim named.conf
// generated by named-bootconf.pl
options {
directory "/var/named";
/*
* If there is a firewall between you and nameservers you want
* to talk to, you might need to uncomment the query-source
* directive below. Previous versions of BIND always asked
* questions using port 53, but BIND 8.1 uses an unprivileged
* port by default.
*/
// query-source address * port 53;
};
directory "/var/named";
/*
* If there is a firewall between you and nameservers you want
* to talk to, you might need to uncomment the query-source
* directive below. Previous versions of BIND always asked
* questions using port 53, but BIND 8.1 uses an unprivileged
* port by default.
*/
// query-source address * port 53;
};
//
// a caching only nameserver config
//
controls {
inet 127.0.0.1 allow { localhost; } keys { rndckey; };
};
zone "." IN {
type hint;
file "named.ca";
};
// a caching only nameserver config
//
controls {
inet 127.0.0.1 allow { localhost; } keys { rndckey; };
};
zone "." IN {
type hint;
file "named.ca";
};
zone "localhost" IN {
type master;
file "localhost.zone";
allow-update { none; };
};
type master;
file "localhost.zone";
allow-update { none; };
};
zone "0.0.127.in-addr.arpa" IN {
type master;
file "named.local";
allow-update { none; };
};
//正向区域记录
zone "baidu.com" IN { ------正向区域
type slave; ------辅助区域
file "/slaves/baidu.zone"; ------正向区域文件
(如果没安装chroot包,此文件应该为"baidu.local")
masters { 172.16.1.217; }; ------指定主DNS服务器的地址
};
//反向区域记录
zone "1.168.192.in-addr.arpa" IN { ------反向区域
type slave; ------辅助区域
file "/slaves/baidu.local"; ------反向区域文件
(如果没安装chroot包,此文件应该为"baidu.local")
masters { none; }; ------指定主DNS服务器的地址
};
type master;
file "named.local";
allow-update { none; };
};
//正向区域记录
zone "baidu.com" IN { ------正向区域
type slave; ------辅助区域
file "/slaves/baidu.zone"; ------正向区域文件
(如果没安装chroot包,此文件应该为"baidu.local")
masters { 172.16.1.217; }; ------指定主DNS服务器的地址
};
//反向区域记录
zone "1.168.192.in-addr.arpa" IN { ------反向区域
type slave; ------辅助区域
file "/slaves/baidu.local"; ------反向区域文件
(如果没安装chroot包,此文件应该为"baidu.local")
masters { none; }; ------指定主DNS服务器的地址
};
include "/etc/rndc.key";
第三步:建立正向区域和反向区域;
[root@colu ~]# cd /var/named/chroot/var/named/
[root@colu named]#cp named.local baidu.zone cp一份baidu正向区域文件(稍后还要修改)
[root@colu named]#cp named.local baidu.local cp一份baidu反向区域文件(稍后也要修改)
[root@colu named]#vi baidu.zone ------修改baidu的正向区域文件
$TTL 86400
@ IN SOA baidu.com. root.baidu.com. (
1998022700 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS baidu.com.
www IN A 192.168.1.217
[root@colu named]#vi baidu.local ------修改baidu的反向区域文件
$TTL 86400
@ IN SOA baidu.com. root.baidu.com. (
1998022700 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS baidu.com.
217 IN PTR www.baidu.com.
第三步:建立正向区域和反向区域;
[root@colu ~]# cd /var/named/chroot/var/named/
[root@colu named]#cp named.local baidu.zone cp一份baidu正向区域文件(稍后还要修改)
[root@colu named]#cp named.local baidu.local cp一份baidu反向区域文件(稍后也要修改)
[root@colu named]#vi baidu.zone ------修改baidu的正向区域文件
$TTL 86400
@ IN SOA baidu.com. root.baidu.com. (
1998022700 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS baidu.com.
www IN A 192.168.1.217
[root@colu named]#vi baidu.local ------修改baidu的反向区域文件
$TTL 86400
@ IN SOA baidu.com. root.baidu.com. (
1998022700 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS baidu.com.
217 IN PTR www.baidu.com.
第四步:修改baidu.zone和baidu.local的属组为named
[root@colu named]#chgrp named baidu.zone ------修改baidu.zone的属组为named
[root@colu named]#chgrp named baidu.local ------修改baidu.local的属组为named
[root@colu named]#chgrp named baidu.local ------修改baidu.local的属组为named
第五步:重启dns服务
[root@colu named]#service named restart ------重启DNS服务
[root@colu named]#service named restart ------重启DNS服务
第六步:测试
修改DNS配置文件,指定DNS服务器
[root@colu ~]#vi /etc/resolv.conf
search localdomain
nameserver 192.168.1.217 ------添加DNS服务器的IP
[root@colu ~]#nslookup
> www.baidu.com ------正向解析
Server: 192.168.1.217
Address: 192.168.1.217#53
Name: www.baidu.com
Address: 192.168.1.217
> 192.168.1.217 ------反向解析
Server: 192.168.1.217
Address: 192.168.1.217#53
217.1.168.192.in-addr.arpa name = www.baidu.com.
修改DNS配置文件,指定DNS服务器
[root@colu ~]#vi /etc/resolv.conf
search localdomain
nameserver 192.168.1.217 ------添加DNS服务器的IP
[root@colu ~]#nslookup
> www.baidu.com ------正向解析
Server: 192.168.1.217
Address: 192.168.1.217#53
Name: www.baidu.com
Address: 192.168.1.217
> 192.168.1.217 ------反向解析
Server: 192.168.1.217
Address: 192.168.1.217#53
217.1.168.192.in-addr.arpa name = www.baidu.com.
*******************************************************************
以上有错误地方请大家纠正谢谢了!