bind主从服务器设置
bind主服务器IP:192.168.1.134
bind从服务器IP:192.168.1.113
在客户端
vi /etc/resolv.conf
添加
nameserver 192.168.1.134 nameserver 192.168.1.113
主服务器named.conf
options {
directory "/etc/named/etc";
auth-nxdomain no;
listen-on-v6 { any; };
allow-recursion { any; };
allow-query { any; };
recursion yes;
sortlist {
{ 192.168.1.31/32;
192.168.0.31/32; };
{ 192.168.1.138/32;
192.168.1.113/32; };
};
};
# End of options
key myddns-key. {
algorithm hmac-md5;
secret "vkUf8ub4BPcLWcuqhrpk7Q==";
};
server 192.168.1.134 {
keys { myddns-key. ;};
};
logging {
channel default_debug {
file "/var/log/named/named.log";
severity info;
print-category yes;
print-time yes;
};
category queries { default_debug; };
category default { default_debug; };
category unmatched { default_debug; };
};
zone "mydomain.com" {
type master;
file "mydomain.com.db";
allow-transfer { 192.168.1.113;};
notify yes;
also-notify{ 192.168.1.113;};
};
zone "1.168.192.in-addr.arpa" {
type master;
file "192.168.1.db";
allow-transfer { 192.168.1.113;};
notify yes;
also-notify{ 192.168.1.113;};
};
zone "." {
type hint;
file "named.ca";
};
从服务器named.conf
options {
directory "/etc/named/etc";
auth-nxdomain no;
listen-on-v6 { any; };
allow-recursion { any; };
allow-query { any; };
recursion yes;
sortlist {
{ 192.168.1.31/32;
192.168.0.31/32; };
};
};
# End of options
key myddns-key. {
algorithm hmac-md5;
secret "vkUf8ub4BPcLWcuqhrpk7Q==";
};
server 192.168.1.113 {
keys { myddns-key. ;};
};
logging {
channel default_debug {
file "/var/log/named/named.log";
severity info;
print-category yes;
print-time yes;
};
category queries { default_debug; };
category default { default_debug; };
category unmatched { default_debug; };
};
zone "mydomain.com" {
type slave;
file "slaves/domain.salve";
masters{192.168.1.134;};
};
zone "1.168.192.in-addr.arpa" {
type slave;
file "slaveslave.zone";
masters{192.168.1.134;};
};
zone "." {
type hint;
file "named.ca";
};
请注意两个conf文件的红字部分,红字部分是主要修改的内容
另外需要注意的地方:
1.在/etc/named/etc 下mkdir slaves,因在从服务器上设置了这个路径
2.启动bind时,先启动主服务器
3.将主服务器的named.ca copy到从服务器
遇到的问题:
1.couldn't open pid file '/var/run/named/named.pid': Permission denied
解决方法:
chmod 777 /var/run/named
当我们主DNS服务器上修改完成后重启服务,会主动传送notify值,如果辅助DNS服务器没有收到才参考Refresh,Refresh 不成功,则参考Retry ,Retry 一直不成功, 则参考 Expire,如果Expire也不成功,则选择放弃zone transfer的过程。