Redhat 5.8 操作系统上DNS详细配置(DNS resolution for SCAN VIPs)
1、准备工作
软件包支持(bind*、caching-nameserver)
安装执行yum install bind* caching-nameserver
看下我已经安装的有关包
[root@doudou named]# rpm -qa bind* caching-nameserver
bind-utils-9.3.6-20.P1.el5_8.6
bind-libs-9.3.6-20.P1.el5_8.6
bind-chroot-9.3.6-20.P1.el5_8.6
caching-nameserver-9.3.6-20.P1.el5_8.6
bind-9.3.6-20.P1.el5_8.6
开启named服务、设置开启启动
/etc/init.d/named start
chkconfig named on
配置nameserver
[root@doudou named]# ifconfig
eth0 Link encap:Ethernet HWaddr 00:0C:29:06:FC:D0
inet addr:192.168.1.212 Bcast:192.168.1.255 Mask:255.255.255.0
[root@doudou named]# cat /etc/resolv.conf
nameserver 192.168.1.212
nameserver 8.8.8.8
nameserver 4.4.4.4
2、详细配置
查看named.caching-nameserver.conf 在操作系统上的位置
[root@doudou named]# cd /etc/
[root@doudou etc]# ls -ln named.*
lrwxrwxrwx 1 0 25 51 04-22 16:52 named.caching-nameserver.conf -> /var/named/chroot/etc/named.caching-nameserver.conf
lrwxrwxrwx 1 0 25 41 04-22 16:52 named.rfc1912.zones -> /var/named/chroot/etc/named.rfc1912.zones
备份并修改named.caching-nameserver.conf (备份是个人习惯)【注意红色字体为修改部分】
[root@doudou etc]# cd /var/named/chroot/etc/
[root@doudou etc]# cp -p named.caching-nameserver.conf named.caching-nameserver.conf_backup
[root@doudou etc]# cat named.caching-nameserver.conf
//
// named.caching-nameserver.conf
//
// Provided by Red Hat caching-nameserver package to configure the
// ISC BIND named(8) DNS server as a caching only nameserver
// (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
// DO NOT EDIT THIS FILE - use system-config-bind or an editor
// to create named.conf - edits to this file will be lost on
// caching-nameserver package upgrade.
//
options {
listen-on port 53 { 127.0.0.1; }; ==》127.0.0.1改成any
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
// Those options should be used carefully because they disable port
// randomization
// query-source port 53;
// query-source-v6 port 53;
allow-query { localhost; }; ==>localhost改成any
allow-query-cache { localhost; }; ==>localhost改成any
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
view localhost_resolver {
match-clients { localhost; }; ==>localhost改成any
match-destinations { localhost; }; ==>localhost改成any
recursion yes;
include "/etc/named.rfc1912.zones";
};
备份并修改named.rfc1912.zones
[root@doudou etc]# cd /var/named/chroot/etc/
[root@doudou etc]# cp -p named.rfc1912.zones named.rfc1912.zones_backup
[root@doudou etc]# vi named.rfc1912.zones
尾部添加
zone "scan-doudou.com" IN {
type master;
file " scan-doudou.com.zone";
allow-update { none; };
};
zone "1.168.192.in-addr.arpa" IN {
type master;
file "1.168.192.in-addr.arpa.local";
allow-update { none; };
};
配置正向解析
[root@doudou etc]# cd /var/named/chroot/var/named/
[root@doudou named]# cp -p localhost.zone scan-doudou.com.zone
【红色字体为添加部分】
[root@doudou named]# vi scan-doudou.com.zone
$TTL 86400
@ IN SOA @ root (
42 ; serial (d. adams)
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum
IN NS @
IN NS scan-doudou.com
IN A 127.0.0.1
IN AAAA ::1
www IN A 192.168.1.25
IN A 192.168.1.211
IN A 192.168.1.212
配置方向解析
【红色字体为添加部分】
[root@doudou named]# cp -p named.local 1.168.192.in-addr.arpa.local
[root@doudou named]# vi 1.168.192.in-addr.arpa.local
$TTL 86400
@ IN SOA localhost. root.localhost. (
1997022700 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS localhost.
1 IN PTR localhost.
IN NS scan-doudou.com.
localhost IN A 127.0.0.1
25 IN PTR www.scan-doudou.com.
211 IN PTR www.scan-doudou.com.
212 IN PTR www.scan-doudou.com.
重启named服务
[root@doudou named]# /etc/init.d/named restart
停止 named:[确定]
启动 named:[确定]
3、验证结果
[root@doudou named]# nslookup www.scan-doudou.com
Server: 192.168.1.212
Address: 192.168.1.212#53
Name: www.scan-doudou.com
Address: 192.168.1.25
Name: www.scan-doudou.com
Address: 192.168.1.211
Name: www.scan-doudou.com
Address: 192.168.1.212
[root@doudou named]# ping www.scan-doudou.com
PING www.scan-doudou.com (192.168.1.212) 56(84) bytes of data.
64 bytes from www.scan-doudou.com.1.168.192.in-addr.arpa (192.168.1.212): icmp_seq=1 ttl=64 time=0.018 ms
[root@doudou named]# ping www.scan-doudou.com
PING www.scan-doudou.com (192.168.1.211) 56(84) bytes of data.
64 bytes from www.scan-doudou.com.1.168.192.in-addr.arpa (192.168.1.211): icmp_seq=1 ttl=64 time=0.560 ms
[root@doudou named]# ping www.scan-doudou.com
PING www.scan-doudou.com (192.168.1.25) 56(84) bytes of data.
64 bytes from www.scan-doudou.com.1.168.192.in-addr.arpa (192.168.1.25): icmp_seq=1 ttl=64 time=0.061 ms
[root@doudou named]# nslookup 192.168.1.211
Server: 192.168.1.212
Address: 192.168.1.212#53
211.1.168.192.in-addr.arpa name = www.scan-doudou.com.
4、DNS使用验证
另一个机器
[root@doudou-32bit ~]# cat /etc/resolv.conf
nameserver 192.168.1.212
nameserver 8.8.8.8
nameserver 4.4.4.4
[root@doudou-32bit ~]# nslookup www.scan-doudou.com
Server: 192.168.1.212
Address: 192.168.1.212#53
Name: www.scan-doudou.com
Address: 192.168.1.212
Name: www.scan-doudou.com
Address: 192.168.1.25
Name: www.scan-doudou.com
Address: 192.168.1.211
[root@doudou-32bit ~]# ping www.scan-doudou.com
PING www.scan-doudou.com (192.168.1.211) 56(84) bytes of data.
64 bytes from doudou-32bit (192.168.1.211): icmp_seq=1 ttl=64 time=0.003 ms
[root@doudou-32bit ~]# ping www.scan-doudou.com
PING www.scan-doudou.com (192.168.1.25) 56(84) bytes of data.
64 bytes from www.scan-doudou.com.1.168.192.in-addr.arpa (192.168.1.25): icmp_seq=1 ttl=64 time=0.219 ms
[root@doudou-32bit ~]# ping www.scan-doudou.com
PING www.scan-doudou.com (192.168.1.212) 56(84) bytes of data.
64 bytes from www.scan-doudou.com.1.168.192.in-addr.arpa (192.168.1.212): icmp_seq=1 ttl=64 time=0.336 ms
[root@doudou-32bit ~]# nslookup 192.168.1.212
Server: 192.168.1.212
Address: 192.168.1.212#53
212.1.168.192.in-addr.arpa name = www.scan-doudou.com.
总结:
一个简单的DNS搞了整整一天,但是最终还是成功了,成功还是很高兴的。以后安装RAC,需要使用DNS解析SCAN VIPs 我们就可以搞了。