分类: LINUX
2009-05-03 23:51:44
大家好!
这次我们来学习Linux系统中的DNS服务器的配置。
首先我们需要安装bind软件,它位于AS4的第四章光盘中,
[root@localhost ~]# rpm -ivh /media/cdrom/RedHat/RPMS/bind-9.2.4-2.i386.rpm
[root@localhost ~]# rpm -ivh /media/cdrom/RedHat/RPMS/caching-nameserver-7.3-3.noarch.rpm
[root@localhost ~]# rpm -qa | grep bind
bind-utils-9.2.4-2
bind-9.2.4-2
bind-libs-9.2.4-2
ypbind-1.17.2-3
[root@localhost ~]# rpm -qa | grep caching
caching-nameserver-7.3-3
我们架设DNS服务器需要这些软件,
实例情况:
主域名服务器的地址是192.168.1.2 ,从域名服务器的地址是192.168.1.3 winxpIP地址是192.168.1.174
在主域名服务器中添加ltest.com域名区域
下面我们就来架设主域名服务器
1,软件安装完后我们修改配置文件
[root@localhost ~]# vi /etc/named.conf
修改完后的named.conf如下:
[root@localhost ~]# cat /etc/named.conf
//
// named.conf for Red Hat caching-nameserver
//
options {
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
/*
* If there is a firewall between you and nameservers you want
* to talk to, you might need to uncomment the query-source
* directive below. Previous versions of BIND always asked
* questions using port 53, but BIND 8.1 uses an unprivileged
* port by default.
*/
// query-source address * port 53;
};
//
// a caching only nameserver config
//
controls {
inet 127.0.0.1 allow { localhost; } keys { rndckey; };
};
zone "." IN {
type hint;
file "named.ca";
};
zone "localdomain" IN {
type master;
file "localdomain.zone";
allow-update { none; };
};
zone "localhost" IN {
type master;
file "localhost.zone";
allow-update { none; };
};
zone "ltest.com" IN {
type master;
file "ltest.com.zone";
};
zone "1.168.192.in-addr.arpa" IN {
type master;
file "192.168.1.rev";
};
zone "0.0.127.in-addr.arpa" IN {
type master;
file "named.local";
allow-update { none; };
};
zone "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN {
type master;
file "named.ip6.local";
allow-update { none; };
};
zone "255.in-addr.arpa" IN {
type master;
file "named.broadcast";
allow-update { none; };
};
zone "0.in-addr.arpa" IN {
type master;
file "named.zero";
allow-update { none; };
};
include "/etc/rndc.key";
2建立正向和反向区域文件
[root@localhost named]# cd /var/named/
[root@localhost named]# cp localhost.zone ltest.com.zone 把localhost的摸版cp后修改嘿嘿
修改完后的ltest.com.zone的文件如下
[root@localhost named]# cat ltest.com.zone
$TTL 86400
@ IN SOA ns1.ltest.com. hostmaster.ltest.com. (
42 ; serial (d. adams)
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum
IN NS ns1.ltest.com.
IN NS ns2.ltest.com.
ns1 IN A 192.168.1.2
ns2 IN A 192.168.1.3
host1 IN A 192.168.1.174
mail IN CNAME host1.ltest.com.
@ IN MX 5 mail.ltest.com.
[root@localhost named]# cp ltest.com.zone 192.168.1.rev 把修改完后的ltest.com.zone cp一份作为反向配置文件,修改后如下
[root@localhost named]# cat 192.168.1.rev
$TTL 86400
@ IN SOA ns1.ltest.com. hostmaster.ltest.com. (
42 ; serial (d. adams)
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum
IN NS ns1.ltest.com.
IN NS ns2.ltest.com.
2 IN PTR ns1.ltest.com.
3 IN PTR ns2.ltest.com.
174 IN PTR host1.ltest.com.
3,对区域文件的测试
对named.conf的测试
[root@localhost named]# named-checkconf 如没语法错误就没任何信息
对区域文件测试
[root@localhost named]# named-checkzone ltest.com /var/named/ltest.com.zone
zone ltest.com/IN: loaded serial 42
OK
[root@localhost named]# named-checkzone 1.168.192.in-addr.arpa /var/named/192.168.1.rev
zone 1.168.192.in-addr.arpa/IN: loaded serial 42
OK
4,[root@localhost named]# cat /etc/resolv.conf 把服务器的DNS地址指向自己
nameserver 192.168.1.2
search localdomain
5,启动named 服务
[root@localhost named]# service named restart
Stopping named: [ OK ]
Starting named: [ OK ]
6,测试主域名服务
[root@localhost named]# host ns1.ltest.com
ns1.ltest.com has address 192.168.1.2
[root@localhost named]# host ns2.ltest.com
ns2.ltest.com has address 192.168.1.3
[root@localhost named]# host host1.ltest.com
host1.ltest.com has address 192.168.1.174
[root@localhost named]# host -t mx ltest.com
ltest.com mail is handled by 5 mail.ltest.com.
[root@localhost named]# host 192.168.1.2
2.1.168.192.in-addr.arpa domain name pointer ns1.ltest.com.
[root@localhost named]# host 192.168.1.3
3.1.168.192.in-addr.arpa domain name pointer ns2.ltest.com.
[root@localhost named]# host 192.168.1.174
174.1.168.192.in-addr.arpa domain name pointer host1.ltest.com.
嘿嘿 今天很顺利,一次 OK
下面我们就来架设缓存域名服务器
缓存服务器的架设很easy,我们只需要安装caching-nameserver软件包就OK
下面我们就来架设从域名服务器 (在192.168.1.3中做)
首先从服务器设置从主服务器中获取ltest.com域的正向和反向区域文件,同时他也提供域名解析
1, 安装软件包
[root@localhost RPMS]# rpm -ivh bind-9.2.4-2.i386.rpm
warning: bind-9.2.4-2.i386.rpm: V3 DSA signature: NOKEY, key ID db42a60e
Preparing... ########################################### [100%]
1:bind ########################################### [100%]
[root@localhost RPMS]# rpm -ivh caching-nameserver-7.3-3.noarch.rpm
warning: caching-nameserver-7.3-3.noarch.rpm: V3 DSA signature: NOKEY, key ID db42a60e
Preparing... ########################################### [100%]
1:caching-nameserver warning: /etc/named.conf saved as /etc/named.conf.rpmorig
########################################### [100%]
2, 设置named.conf
在从域名服务器的named.conf中添加ltest.com域和其反向解析区域的设置 ,内容如下
[root@localhost RPMS]# cat /etc/named.conf
//
// named.conf for Red Hat caching-nameserver
//
options {
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
/*
* If there is a firewall between you and nameservers you want
* to talk to, you might need to uncomment the query-source
* directive below. Previous versions of BIND always asked
* questions using port 53, but BIND 8.1 uses an unprivileged
* port by default.
*/
// query-source address * port 53;
};
//
// a caching only nameserver config
//
controls {
inet 127.0.0.1 allow { localhost; } keys { rndckey; };
};
zone "." IN {
type hint;
file "named.ca";
};
zone "localdomain" IN {
type master;
file "localdomain.zone";
allow-update { none; };
};
zone "localhost" IN {
type master;
file "localhost.zone";
allow-update { none; };
};
zone "ltest.com" IN {
type slave;
file "slaves/ltest.com.zone";
masters { 192.168.1.2 ; };
};
zone "1.168.192.in-addr.arpa" IN {
type slave;
file "slaves/192.168.1.rev";
masters { 192.168.1.2 ; };
};
zone "0.0.127.in-addr.arpa" IN {
type master;
file "named.local";
allow-update { none; };
};
zone "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN {
type master;
file "named.ip6.local";
allow-update { none; };
};
zone "255.in-addr.arpa" IN {
type master;
file "named.broadcast";
allow-update { none; };
};
zone "0.in-addr.arpa" IN {
type master;
file "named.zero";
allow-update { none; };
};
include "/etc/rndc.key";
3, 检测配置文件和启动named服务
[root@localhost RPMS]# named-checkconf
[root@localhost RPMS]# service named restart
Stopping named:
Starting named: [ OK ]
[root@localhost RPMS]# ls /var/named/slaves/
192.168.1.rev ltest.com.zone
