linux+bind快速配置简单dns

一、安装

# yum install bind

 

二、配置
# vi /etc/named.conf
输入以下内容:

options {
  directory "/var/named";
  pid-file "/var/named/named.pid";
  forwarders { 202.101.224.67; 202.101.224.68; };
  allow-query { any; };
};
zone "." IN {
  type hint;
  file "named.root";
};
zone "0.0.127.in-addr-arpa" IN {
  type master;
  file "named.local";
  allow-update { none; };
};
zone "df3c.com" IN {
  type master;
  file "named.df3c.com";
  allow-update { none; };
};
zone "1.168.192.in-addr-arpa" IN {
  type master;
  file "named.1.168.192";
  allow-update { none; };
};
 

# dig /var/named/named.root

# vi /var/named/named.local

输入以下内容:

$TTL 3h
0.0.127.in-addr.arpa. IN SOA terminator.df3c.edu. [email protected]. (
                      1      ; Serial
                      3h     ; Refresh after 3 hours
                      1h     ; Retry after 1 hours
                      1w     ; Expire after 1 week
                      1h )   ; Negative caching TTL of 1 hour
1.0.0.127.in-addr.arpa. IN PTR localhost.
 

# vi /var/named/named.df3c.com
输入以下内容:

$TTL 3h
df3c.com. IN SOA ns.df3c.com. [email protected]. (
                      1      ; Serial
                      3h     ; Refresh after 3 hours
                      1h     ; Retry after 1 hours
                      1w     ; Expire after 1 week
                      1h )   ; Negative caching TTL of 1 hour
df3c.com.     IN NS ns.df3c.com.
df3c.com.     IN MX 10 mail
ns.df3c.com. IN A  192.168.1.226
www             IN A  192.168.1.226
*                  IN A  192.168.1.240
 

# vi /var/named/named.1.168.192
输入以下内容:

$TTL 3h
1.168.192.in-addr.arpa. IN SOA ns.df3c.com. [email protected]. (
                      1      ; Serial
                      3h     ; Refresh after 3 hours
                      1h     ; Retry after 1 hours
                      1w     ; Expire after 1 week
                      1h )   ; Negative caching TTL of 1 hour
1.168.192.in-addr.arpa.          IN NS  ns.df3c.com.
226.1.168.192.in-addr.arpa.    IN PTR ns.df3c.com.

 

 

三、启动


# /usr/sbin/named -g &
注:-g显示启动时的日志,一边分析启动过程出现错误的原因。


# ps -eaf|grep named

# netstat -an |grep :53

 

四、开启dns防火墙


# iptables -I INPUT -p tcp --dport 53 -j ACCEPT
# iptables -I INPUT -p udp --dport 53 -j ACCEPT


# /etc/init.d/iptables save
# service iptables restart
# /etc/rc.d/init.d/iptables status

 

参考阅读

1、第14章_DNS服务器架设与应用

 

 

 

你可能感兴趣的:(linux)