DNS伺服器部署文檔(for linux平台)
一.配置yum,以便安裝軟體包
yum全局文件編輯目錄: /etc/yum.repos.d/rhel-source.repo
[root@wanghong ~]# vim //etc/yum.repos.d/rhel-source.repo
#[rhel-source]
#name=Red Hat Enterprise Linux $releasever - $basearch - Source
#baseurl=ftp://ftp.redhat.com/pub/redhat/linux/enterprise/$releasever/en/os/SRPMS/
#enabled=0
#gpgcheck=1
#gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release #[rhel-source-beta]
#name=Red Hat Enterprise Linux $releasever Beta - $basearch - Source
#baseurl=ftp://ftp.redhat.com/pub/redhat/linux/beta/$releasever/en/os/SRPMS/
#enabled=0
#gpgcheck=1
#gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-beta,file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release
[wanghong]
Name=123
Baseurl=file:///mnt/Server
enable=1
gpgcheck=0
備註: #是註釋作用,在此對文件沒用任何影響,可以去掉
二.安裝DNS服務軟體包
1.DNS服務軟體包名如下:
bind-9.3.3-7.el5.i386.rpm
bind-chroot-9.3.3-7.el5.i386.rpm
[root@wanghong~]#mount /dev/cdrom /mnt
[root@wanghong~]#yum install bind bind-chroot
執行此過程,就可以正常的安裝DNS服務包軟體,或者用以下命令也可以正常安裝DNS服務包軟體
[root@wanghong~]#mount /dev/cdrom /mnt
[root@wanghong~]#rpm -ivh bind-9.3.3-7.el5.i386.rpm --force
[root@wanghong~]#rpm -ivh bind-chroot-9.3.3-7.el5.i386.rpm --force
--foce 代表強制安裝
2.編輯主配置文件
主配置文件目錄: /etc/named.conf [root@wanghong ~]# vim /etc/named.conf
//
// named.conf
//
// Provided by Red Hat bind package to configure the ISC BIND named(8) DNS
// server as a caching only nameserver (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
// options {
listen-on port 53 { any; }; 註釋: 監聽埠的DNS客戶端主機
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { any; }; 註釋: 允許查詢DNS的客戶端主機
recursion yes; 註釋: 是否允許客戶端進行遞歸查詢 dnssec-enable yes;
dnssec-validation yes;
dnssec-lookaside auto; /* Path to ISC DLV key */
bindkeys-file "/etc/named.iscdlv.key";
}; logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
}; zone "." IN {
type hint;
file "named.ca";
}; include "/etc/named.rfc1912.zones";
按住ESC鍵,打入符號( :wq ) 保存配置文件信息
3. 編輯named.rfc1912.zones配置文件
[root@wanghong ~]# vim /etc/named.rfc1912.zones
zone "openlab.com" IN {
type master;
file "test.com.zone";
}; zone "2.168.192.in-addr.arpa" IN {
type master;
file "2.168.192.zone";
};
備註:紅色區域為追加部份
4.創建兩個文件配置文件
[root@wanghong ~]# cp -a /var/named/named.empty /var/named/test.com.zone
[root@wanghong ~]# cp -a /var/named/named.empty /var/named/2.168.192.zone
5.編輯配置文件test.com.zone
[root@wanghong ~]# vim /named/test.com.zone
$TTL 3H
@ IN SOA @ rname.invalid. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS www.test.com.
IN MX 5 mail.test.com.
www IN A 192.168.2.1
mail IN A 192.168.2.2
ftp IN A 192.168.2.3
* IN A 192.168.2.4
備註:紅色和藍色區域為追加和更改區域
6.編輯配置文件2.168.192.zone
[root@wanghong ~]# vim /named/2.168.192.zone
$TTL 3H
@ IN SOA @ rname.invalid. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS www.openlab.com.
1 IN PTR www.openlab.com.
2 IN PTR mail.openlab.com.
3 IN PTR ftp.openlab.com.
備註:紅色和藍色區域為追加和更改區域
7.閉防火牆或清空防火牆
[root@wanghong ~]# service iptables stop
[root@wanghong ~]# chkconfig iptables off
或者執行清空防火牆命令
[root@wanghong ~]# iptables -F
[root@wanghong ~]# service iptables save
8.開始named服務
[root@wanghong ~]# service named start
[root@wanghong ~]# chkconfig named on
9.測試DNS服務是否成功
找一客戶端主機,把DNS配成DNS伺服器IP地址: 192.168.2.* ,這裡*為1(192.168.2.1)
執行nslookup命令,看是否能解板mail.tets.com / www.test.com / ftp.tet.com
/ ***.test.com
本文出自 「學海無涯苦作舟!」 博客,謝絕轉載!
