RHEL5 DNS服务器配置
试验环境
1.装有RHEL5系统计算机一台;server:192.168.1.102
2.客户机一台;pc:192.168.1.252
3.两主机课通信;
4.server可与互联网通信;
实验目的
1.dns服务器包的安装;
2.正向区域和反向区域的建立;
3.正向和反向的测试;
实验步骤:
第一步:安装dns服务器包;
[root@huyb ~]#mount /dev/cdrom /mnt
[root@huyb ~]#cd /mnt/Server
[root@huyb Server]# rpm -ivh bind-9.3.3-7.el5.i386.rpm
[root@huyb Server]# rpm -ivh bind-chroot-9.3.3-7.el5.i386.rpm
[root@huyb Server]# rpm -ivh caching-nameserver-9.3.3-7.el5.i386.rpm
第二步:建立主配置文件,并修改相关选项;
[root@huyb ~]#cd /var/named/chroot/etc
[root@huyb etc]#cp -p named.caching-nameserver.conf named.conf
[root@huyb etc]#vi named.conf
... ...
options {
listen-on port 53 { any; }; //侦听接口;
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
query-source port 53;
query-source-v6 port 53;
allow-query { any; }; //允许查询哪些主机查询;
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
view localhost_resolver {
match-clients { any; }; //匹配任何主机
match-destinations { any; };
recursion yes;
include "/etc/named.rfc1912.zones"; //调用区域文件;
};
第三步:建立正向区域和反向区域;
[root@huyb ~]# vi /var/named/chroot/etc/named.rfc1912.zones
在文件末尾添加一下内容,并保存推出;
zone "xyz.com" IN {
type master;
file "xyz.com.db";
};
zone "1.168.192.in-addr.arpa" IN {
type master;
file "192.168.1.rev";
};
第四步:建立对应的区域文件;
[root@huyb ~]#cd /var/named/chroot/var/named
[root@huyb named]#vi xyz.com.db //建立正向解析区域文件;
$TTL 86400
xyz.com IN SOA ns.xyz.com. . (
42 ; serial (d. adams)
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum
IN NS ns.xyz.com.
IN MX 10 mail.xyz.com.
ns IN A 192.168.1.102
mail IN A 192.168.1.103
www IN A 192.168.1.111
ftp IN CNAME .
[root@huyb named]#vi 192.168.1.rev //建立反向解析区域文件;
$TTL 86400
@ IN SOA ns.xyz.com. root.xyz.com. (
1997022700 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
102 IN NS ns.xyz.com.
111 IN PTR .
第五步:测试A记录和PTR记录;
注释:我用的是一台linux系统做客户机测试的 ;
[root@huyb ~]#nslookup
> //测试A记录;
Server: 127.0.0.1
Address: 127.0.0.1#53
Name:
Address: 192.168.1.111
> 192.168.1.111 //测试PTR记录;
Server: 127.0.0.1
Address: 127.0.0.1#53
111.1.168.192.in-addr.arpa name = .
> //测试CNAME记录;
Server: 127.0.0.1
Address: 127.0.0.1#53
canonical name = .
Name:
Address: 192.168.1.111
> set type=ns //测试NS记录;
> xyz.com
Server: 127.0.0.1
Address: 127.0.0.1#53
xyz.com nameserver = ns.xyz.com.
> set type=mx //测试mx记录;
> xyz.com
Server: 127.0.0.1
Address: 127.0.0.1#53
xyz.com mail exchanger = 10 mail.xyz.com.
*******************************************************************
试验扩展:
在本实验中可以单独创建自己的试图和区域定义文件;完整的配置如下:
[root@huyb ~]#cd /var/named/chroot/etc
[root@huyb etc]#cp -p named.caching-nameserver.conf named.conf
[root@huyb etc]#vi named.conf
options {
listen-on port 53 { any; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
query-source port 53;
query-source-v6 port 53;
allow-query { any; };
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
view localhost_resolver {
match-clients { localhost; };
match-destinations { localhost; };
recursion yes;
include "/etc/named.rfc1912.zones";
};
view wnt {
match-clients { any; };
match-destinations { any; };
recursion yes;
include "/etc/wnt.zones";
};
建立wnt.zones文件,内容为:
[root@huyb ~]#vi /var/named/chroot/etc/wnt.zones
zone "xyz.com" IN {
type master;
file "xyz.com.db";
};
zone "1.168.192.in-addr.arpa" IN {
type master;
file "192.168.1.rev";
};
[root@huyb ~]#vi /var/named/chroot/var/named/xyz.com.db
$TTL 86400
xyz.com IN SOA ns.xyz.com. . (
42 ; serial (d. adams)
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum
IN NS ns.xyz.com.
IN MX 10 mail.xyz.com.
ns IN A 192.168.1.102
mail IN A 192.168.1.103
www IN A 192.168.1.111
ftp IN CNAME .
[root@huyb ~]#vi /var/named/chroot/var/named/192.168.1.rev
$TTL 86400
@ IN SOA ns.xyz.com. root.xyz.com. (
1997022700 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
102 IN NS ns.xyz.com.
111 IN PTR .
重启dns服务测试,结果跟上个试验是一样的 ,建议大家在实际中采用后
面的方法;这样dns配置的结构就比较清晰了。