Chinaunix首页 | 论坛 | 博客
  • 博客访问: 681723
  • 博文数量: 191
  • 博客积分: 10987
  • 博客等级: 上将
  • 技术积分: 1925
  • 用 户 组: 普通用户
  • 注册时间: 2009-04-22 09:52
文章分类

全部博文(191)

文章存档

2014年(10)

2011年(11)

2010年(38)

2009年(132)

分类: LINUX

2009-06-16 10:53:24

一:软件包

     bind-9.3.4-10.P1.el5

bind-utils-9.3.4-10.P1.el5

bind-chroot-9.3.4-10.P1.el5

caching-nameserver

二:实现过程

1:复制配置文件

   [root@www /]#/var/named/chroot/etc

-rw-r--r-- 1 root root   405 06-03 00:00 localtime

-rw-r----- 1 root named 1195 01-06 21:11 named.caching-nameserver.conf

-rw-r----- 1 root named  955 01-06 21:11 named.rfc1912.zones.bak

-rw-r----- 1 root named  113 06-03 20:48 rndc.key

 [root@www /]#cp -p named.caching-nameserver.conf named.conf

[root@www /]#cp -p named.rfc1912.zones named.rfc1912.zones.bak

[root@www /]#/var/named/chroot/etc

-rw-r--r-- 1 root root   405 06-03 00:00 localtime

-rw-r----- 1 root named 1195 01-06 21:11 named.caching-nameserver.conf

-rw-r----- 1 root named  955 01-06 21:11 named.rfc1912.zones.bak

-rw-r----- 1 root named  113 06-03 20:48 rndc.key

-rw-r----- 1 root named 1171 06-15 17:42 named.conf        ####cp的配置文件

-rw-r----- 1 root named  965 06-15 17:52 named.rfc1912.zones.bak     ###同上

2:编辑配置文件

  [root@www etc]# vim named.conf

内容如下:

 

//

options {

        listen-on port 53 { any; };                 ###修改成any

        listen-on-v6 port 53 { ::1; };

        directory       "/var/named";          ###dns根目录(实际是/var/named/chroot/var/named)

        dump-file       "/var/named/data/cache_dump.db";                 ###缓存文件路径

        statistics-file "/var/named/data/named_stats.txt";

        memstatistics-file "/var/named/data/named_mem_stats.txt";

 

        // Those options should be used carefully because they disable port

        // randomization

        // query-source    port 53;

        // query-source-v6 port 53;

 

        allow-query     { any; };              ###修改成any   (允许任何客户端迭代查询)  ####也可以限制客户端查询,比如:修改成none,拒绝任何客户端查询。

};

logging {

        channel default_debug {

                file "data/named.run";

                severity dynamic;

        };

};

view localhost_resolver {

        match-clients      { any; };                ###修改成any     

        match-destinations { any; };                 ###修改成any

        recursion yes;                                     ####允许递归查询

        include "/etc/named.rfc1912.zones";

};

3:建立DNS服务器所解析的域名文件

 [root@www etc]# vim named.rfc1912.zones

 

   //

zone "." IN {

        type hint;

        file "named.ca";

};

 

zone "apple.com" IN {                         ####DNS服务器所要解析的域名

        type master;

        file "apple.com.zone";                 ####apple.com区域文件

     

 

        allow-update { none; };

};

 

zone "1.168.192.in-addr.arpa" IN {

        type master;

        file "1.168.192.in-addr.local";

        allow-update { none; };

};                                                                                                      

4:重启named服务

   Service named restart

5: 设置客户pc机器的主机名以及域名、并指向DNS服务器地址

  修改: /etc/hosts

  127.0.0.1                                

  修改:/etc/sysconfig/network

  HOSTNAME=

  修改:/etc/resolv.conf

   nameserver 192.168.1.112                   ####DNS服务器地址

6:测试

   测试命令nslookup , host , dig .

1.1       nslookup

[root@www etc]# nslookup

>

Server:         192.168.1.112

Address:        192.168.1.112#53

 

Name:  

Address: 192.168.1.112

> 192.168.1.112

Server:         192.168.1.112

Address:        192.168.1.112#53

 

112.1.168.192.in-addr.arpa      name = .

> 

************************测试成功***********************

 

1.2       host

[root@www etc]# host

has address 192.168.1.112

[root@www etc]# host 192.168.1.112

112.1.168.192.in-addr.arpa domain name pointer .

 

************************测试成功***********************

1.3       dig

 

[root@www etc]# dig

 

; <<>> DiG 9.3.4-P1 <<>>

;; global options:  printcmd

;; Got answer:

;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 40390

;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 0

 

;; QUESTION SECTION:

;.                 IN      A

 

;; ANSWER SECTION:

.          86400   IN      A       192.168.1.112

 

;; AUTHORITY SECTION:

apple.com.              86400   IN      NS      apple.com.

 

;; Query time: 9 msec

;; SERVER: 192.168.1.112#53(192.168.1.112)

;; WHEN: Tue Jun 16 10:00:40 2009

;; MSG SIZE  rcvd: 61

 

[root@www etc]# dig @192.168.1.112

 

; <<>> DiG 9.3.4-P1 <<>> @192.168.1.112

; (1 server found)

;; global options:  printcmd

;; Got answer:

;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 63354

;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 0

 

;; QUESTION SECTION:

;.                 IN      A

 

;; ANSWER SECTION:

.          86400   IN      A       192.168.1.112

 

;; AUTHORITY SECTION:

apple.com.              86400   IN      NS      apple.com.

 

;; Query time: 8 msec

;; SERVER: 192.168.1.112#53(192.168.1.112)

;; WHEN: Tue Jun 16 10:01:45 2009

;; MSG SIZE  rcvd: 61

************************测试成功***********************

 

后记:

  有关DNS的概念性的术语,如:A记录,SOA记录,NS记录等,以及DNS的原理,较高级的DNS相关的技术,如:allow-query (迭代查询)、allow-recursion (递归查询)、allow-transfer (区域传输) ,主从DNS服务器,rndc远程加密管理DNS服务器等,下次介绍。

阅读(4315) | 评论(0) | 转发(1) |
给主人留下些什么吧!~~