Linux DNS服务器搭建

环境：CentOS 6.3需求：建立example.com域用于内部和外部查询，内网环境192.168.88.0/24,10.1.0.0/161.安装yum install bind //没安装chroot2.主配置文件/etc/named.conf //主配置文件vi /etc/named.confoptions {
listen-on port 53 { any; };
directory "/var/named"; //此配置文件中区域文件的存放路径
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { any; };
recursion yes; dnssec-enable yes;
dnssec-validation yes;
dnssec-lookaside auto; /* Path to ISC DLV key */
bindkeys-file "/etc/named.iscdlv.key"; managed-keys-directory "/var/named/dynamic";
};logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
view "internal" { //建立内部查询视图 match-clients { 192.168.0.0/16; 10.1.0.0/16; }; //指定允许查询主机
recursion yes; zone "." IN {
type hint;
file "named.ca";
}; zone "example.com" IN {
type master;
file "example.com.zone.internal";
}; zone "88.168.192.in-addr.arpa" IN { //注意反向区域的命名写法，我之前就错误的写成0.88168.192.in-addr.arpa
type master;
file "88.168.192.zone";
}; include "/etc/named.rfc1912.zones"; //如果有include的话，要包括在每个view里
include "/etc/named.root.key";
};view "external" { match-clients { any; };
recursion yes; zone "." IN {
type hint;
file "named.ca";
}; zone "example.com" IN {
type master;
file "example.com.zone.external";
}; zone "1.100.202.in-addr.arpa" IN {
type master;
file "1.100.202.zone";
}; include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";
};
3.建立区域配置文件cp –p /var/named/named.empty /var/named/example.com.zone.internalcp –p /var/named/named.empty /var/named/example.com.zone.externalcp –p /var/named/named.empty /var/named/88.168.192.zonecp –p /var/named/named.empty /var/named/1.100.202.zone //注意带上-p保持文件属性 example.com.zone.internal //internal view的正向区域文件
$TTL 3H
@ IN SOA ns1.example.com. root.example.com. （
2013051501 ; serial //序列号注意修改配置后增加此值
1D ; refresh
1H ; retry
1W ; expire
3H ） ; minimum
IN NS ns1.example.com. IN MX 5 mail.example.com.
ns1 IN A 192.168.88.110mail IN A 192.168.88.111www IN A 192.168.88.112bbs IN CNAME www
example.com.zone.external //external view正向区域文件
$TTL 3H
@ IN SOA ns1.example.com. root.example.com. （
2013051501 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ） ; minimum
IN NS ns1.example.com.
ns1 IN A 202.100.1.11088.168.192.zone //internal view的反向区域文件
$TTL 3H
@ IN SOA ns1.example.com. root.example.com. （
2013051501 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ） ; minimum
IN NS ns1.example.com.
110 IN PTR ns1.example.com.1.100.202.zone //external view的反向区域文件
$TTL 3H
@ IN SOA ns1.example.com. root.example.com. （
2013051501 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ） ; minimum
IN NS ns1.example.com.
110 IN PTR ns1.example.com. 4.配置检查named-checkconf /etc/named.confnamed-checkzone example.com /var/named/example.com.zone.internalnamed-checkzone example.com /var/named/example.com.zone.externalnamed-checkzone 88.168.192.in-addr.arpa 88.168.192.zonenamed-checkzone 1.100.202.in-addr.arpa 1.100.202.zone 5.启动服务service named start6.打开防火墙vi /etc/sysconfig/iptables-A INPUT -m state --state NEW -m tcp -p tcp --dport 53 -j ACCEPT
-A INPUT -m state --state NEW -m udp -p udp --dport 53 -j ACCEPT //注意UDP一定也要打开7.注册系统服务chkconfig –level 35 named on8.修改本机DNS配置 //注意不要直接修改/etc/resolvervi /etc/sysconfig/network-script/ifcfg-eth0DNS1=127.0.0.19.重启network服务service network restart 测试C:>nslookup
Default Server: ns1.example.com
Address: 192.168.88.110> example.com
Server: ns1.example.com
Address: 192.168.88.110Name: example.com> 192.168.88.110
Server: ns1.example.com
Address: 192.168.88.110Name: ns1.example.com
Address: 192.168.88.110更多CentOS相关信息见CentOS 专题页面 http://www.linuxidc.com/topicnews.aspx？tid=14Ubuntu 12.04下关闭图形界面知识整理Linux下如何将服务注册为系统服务相关资讯 Linux DNS服务器

Linux下DNS的主从服务器的实现（06/16/2013 14:44:15）
Linux下架设DNS服务器详细过程及测（05/25/2013 06:40:38）

Linux DNS服务器troubleshooting两（05/27/2013 06:07:15）
Linux系统服务架设之DNS架设（04/05/2013 14:10:23）

本文评论查看全部评论（0）