03-DNS配置
1.查詢DNS服務是否安裝
# rpm -qa bind
2.安裝DNS服務
# yum -y install bind
3.備份配置文件
# cp -p /etc/named.conf{,.bak}
# cp -p /etc/named.rfc1912.zones /etc/named.rfc1912.zones.bak
4.設置名稱解析區域
# vim /etc/named.conf
options {
listen-on port 53 { any; };
// listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { any; };
recursion yes;
dnssec-enable no;
dnssec-validation no;
// dnssec-lookaside auto;
/* Path to ISC DLV key */
// bindkeys-file "/etc/named.iscdlv.key";
// managed-keys-directory "/var/named/dynamic";
};
(註意:緩存DNS服務器,配置到此結束)
# vim /etc/named.rfc1912.zones
zone "test.com" IN {
type master;
file "test.com.zone";
};
zone "6.168.192.in-addr.arpa" IN {
type master;
file "192.168.6.zone";
};
4.1.檢查配置文件語法
# named-checkconf
5.創建和配置正向區域文件
# cp -p /var/named/named.localhost /var/named/test.com.zone
# vim /var/named/test.com.zone
$TTL 1D
@ IN SOA dns1.test.com. root.test.com. (
2018010602 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS dns1.test.com.
NS dns2.test.com.
MX 5 mail.test.com.
dns1 A 192.168.6.1
dns2 A 192.168.6.2
dhcp A 192.168.6.4
www A 192.168.6.5
ftp A 192.168.6.6
nfs A 192.168.6.7
mail A 192.168.6.8
test.com. A 192.168.6.5
*.test.com. A 192.168.6.5
pop3 CNAME mail
smtp CNAME mail
5.1.檢查正向區域配置文件是否正確
# named-checkzone test.com /var/named/test.com.zone
6.創建和配置反向區域文件
# cp -p /var/named/named.loopback /var/named/192.168.6.zone
# vim /var/named/192.168.6.zone
$TTL 1D
@ IN SOA dns1.test.com. root.test.com. (
2018010602 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS dns1.test.com.
NS dns2.test.com.
1 PTR dns1
2 PTR dns2
4 PTR dhcp
5 PTR www
6 PTR ftp
7 PTR nfs
8 PTR mail
8 PTR pop3
8 PTR smtp
6.1.檢查反向區域配置文件是否正確
# named-checkzone 6.168.192.in-addr.arpa /var/named/192.168.6.zone
7.重新啟動DNS服務
# service named start
8.開機自動啟動服務
# chkconfig named on
9.客戶端測試
# dig -t A www.test.com @192.168.6.1
# host -t NS test.com @192.168.6.1
# nslookup
>server
>ftp.test.com
>set q=mx
>test.com
10.主從DNS服務器配置
主DNS服務器配置
# vim /etc/named.rfc1912.zones
zone "test.com" IN {
type master;
file "test.com.zone";
allow-transfer { 192.168.6.2; };
};
zone "6.168.192.in-addr.arpa" IN {
type master;
file "192.168.6.zone";
allow-transfer { 192.168.6.2; };
};
# service named restart || rndc reload
從DNS服務器配置
# yum -y install bind
# vim /etc/named.conf
(配置為緩存DNS服務器)
# vim /etc/named.rfc1912.zones
zone "test.com" IN {
type slave;
file "slaves/test.com.zone";
masters { 192.168.6.1; };
};
zone "6.168.192.in-addr.arpa" IN {
type slave;
file "slaves/192.168.6.zone";
masters { 192.168.6.1; };
};
# service named start
# ls /var/named/slave
11.父子域DNS服務器配置
父域DNS服務器配置
# vim /var/named/test.com.zone
(增加子域NS和A記錄)
sub.test.com. NS ns1.sub.test.com.
ns1.sub.test.com. A 192.168.6.3
# rndc reload
子域DNS服務器配置
# vim /etc/named.conf
(配置為緩存DNS服務器)
# vim /etc/named.rfc1912.zones
//子域配置
zone "sub.test.com" IN {
type master;
file "sub.test.com.zone";
};
//子域轉發父域解析的名稱區域
zone "test.com" IN {
type forward;
forward only;
forwarders { 192.168.6.1; 192.168.6.2; };
};
# named-checkconf
# cp -p /var/named/named.localhost /var/named/sub.test.com.zone
# vim /var/named/sub.test.com.zone
$TTL 1D
@ IN SOA ns1.sub.test.com. root.sub.test.com. (
2018020101 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS ns1.sub.test.com.
A 127.0.0.1
AAAA ::1
ns1 A 192.168.6.3
www A 192.168.6.3
# named-checkzone sub.test.com /var/named/sub.test.com.zone
# service named start
12.註意:
(1)設置DNS服務器
# vim /etc/resolv.conf
search test.com
nameserver 192.168.6.1
(2)設置名稱解析順序
# vim /etc/nsswitch.conf
hosts: dns files
(3)查看日誌
# tail /var/log/messages
03-DNS配置