If you don\\\\\\\\\\\\\\\'t wanna do it, you find an EXCUSE; if you do, you\\\\\\\\\\\\\\\'ll find a WAY :-)
全部博文(235)
分类: LINUX
2011-02-17 18:17:27
首先给出需要配置的文件以及这些文件最终的配置结果,如下文件复制后仍不起作用(必须按步骤来操作)!
———————————————————————————————————————————————
/var/named/chroot/etc:
named.conf,named.rfc1912.zones
### named.conf ###
//
// named.caching-nameserver.conf
//
// Provided by Red Hat caching-nameserver package to configure the
// ISC BIND named(8) DNS server as a caching only nameserver
// (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
// DO NOT EDIT THIS FILE - use system-config-bind or an editor
// to create named.conf - edits to this file will be lost on
// caching-nameserver package upgrade.
//
options {
listen-on port 53 { any; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
//##########################################################
//# Set Caching-Only DNS #
//##########################################################
#forwarders { 192.168.57.129; };
#forward only;
// Those options should be used carefully because they disable port
// randomization
query-source port 53;
query-source-v6 port 53;
allow-query { any; };
allow-query-cache { any; };
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
view localhost_resolver {
match-clients { any; };
match-destinations { any; };
recursion yes;
include "/etc/named.rfc1912.zones";
};
________________________________________________________________________________________
### named.rfc1912.zones ###
// named.rfc1912.zones:
//
// Provided by Red Hat caching-nameserver package
//
// ISC BIND named zone configuration for zones recommended by
// RFC 1912 section 4.1 : localhost TLDs and address zones
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
zone "." IN {
type hint;
file "named.ca";
};
zone "localdomain" IN {
type master;
file "localdomain.zone";
allow-update { none; };
};
zone "localhost" IN {
type master;
file "localhost.zone";
allow-update { none; };
};
zone "0.0.127.in-addr.arpa" IN {
type master;
file "named.local";
allow-update { none; };
};
zone "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN {
type master;
file "named.ip6.local";
allow-update { none; };
};
zone "255.in-addr.arpa" IN {
type master;
file "named.broadcast";
allow-update { none; };
};
zone "0.in-addr.arpa" IN {
type master;
file "named.zero";
allow-update { none; };
};
//################################################################
//# #
//# Master nameserver for rhel.com and 192.168.57/24 #
//# #
//################################################################
zone "rhel5.com" IN {
type master;
file "rhel5.com.zone";
allow-update { none; };
};
zone "57.168.192.in-addr.arpa" IN {
type master;
file "192.168.57.rev";
allow-update { none; };
};
//################################################################
//# #
//# Slave nameserver for domain.com and 192.168.56/24 #
//# #
//################################################################
zone "domain.com" {
type slave;
masters { 192.168.57.129; };
file "slaves/domain.com.zone";
};
zone "56.168.192.in-addr.arpa" {
type slave;
masters { 192.168.57.129; };
file "slaves/192.168.56.zone";
};
________________________________________________________________________________________
/var/named/chroot/var/named:
192.168.57.rev,rhel5.com.zone
### 192.168.57.rev ###
$TTL 86400
@ IN SOA . root. (
2009102700 ; Serial
1H ; Refresh
15M ; Retry
1W ; Expire
1D ) ; Minimum
@ IN NS .
129 IN PTR .
128 IN PTR .
127 IN PTR .
126 IN PTR .
125 IN PTR mail.rhel5.com.
124 IN PTR bbs.rhel5.com.
### rhel5.com.zone ###
$TTL 86400
@ IN SOA . root. (
2009102700 ; serial (d. adams)
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum
@ IN NS .
rhel5.com. IN MX 10 mail.rhel5.com.
www IN A 192.168.57.129
www IN A 192.168.57.128
www IN A 192.168.57.127
ftp IN A 192.168.57.126
mail IN A 192.168.57.125
bbs IN A 192.168.57.124
sub IN NS .
IN A 192.168.57.8
www1 IN CNAME www
ftp1 IN CNAME ftp
mail1 IN CNAME mail
bbs1 IN CNAME bbs
________________________________________________________________________________________
### /etc/sysconfig/network ###
NETWORKING=yes
NETWORKING_IPV6=no
HOSTNAME=rhel5
### /etc/hosts ###
# Do not remove the following line, or various programs
# that require network functionality will fail.
127.0.0.1 localhost.localdomain localhost
::1 localhost6.localdomain6 localhost6
192.168.57.129 rhel5.com rhel5
### /etc/resolv.conf ###
; generated by /sbin/dhclient-script
search localdomain
nameserver 192.168.57.129
________________________________________________________________________________________
接下来说明一下具体操作步骤:
1. 安装DNS相关package
[root@rhel5 ~]# yum install bind*
[root@rhel5 ~]# yum install system-config-bind
[root@rhel5 ~]# yum install caching-nameserver
2.修改配置文件添加 nameserver 所在IP
[root@rhel5 ~]# echo "nameserver 192.168.57.129" >> /etc/resolv.conf
3.修改network配置文件
[root@rhel5 ~]# vi /etc/sysconfig/network
### /etc/sysconfig/network ###
NETWORKING=yes
NETWORKING_IPV6=no
HOSTNAME=rhel5 →→修改主机名称reboot 生效
4.修改hosts配置文件
[root@rhel5 ~]# vi /etc/hosts
### /etc/hosts ###
# Do not remove the following line, or various programs
# that require network functionality will fail.
127.0.0.1 localhost.localdomain localhost
::1 localhost6.localdomain6 localhost6
192.168.57.129 rhel5.com rhel5
[root@rhel5 ~]# less /etc/host.conf →→查看解析顺序
order hosts,bind →→首先查看host.conf配置文件, 其次使用bind
5.修改bashrc配置文件便于查看当前路径
[root@rhel5 ~]# vi /etc/bashrc
大致在37行(定位到37行方法:输入37,按下Shift+g即可。)
[ "$PS1" = \\s-\\v\\\$ ] && PS1="[\u@\h \w]\\$" →→ 将大写" W "改为小写" w "
——————————————————————————————————————
PS1:(控制提示字源前面的提示 例如:[root@localhost ~]#)
[root@rhel5 ~]# echo $PS1 →→ 显示字源提示的值
[\u@\h \w] \$
\d today's date
\h short hostname
\t current time
\u user name
\W current working directory
\w whole path of current working directory
\! The history number of current command
\$ shows $ if you are a non-privileged user and a # if you are a privileged user
\l The basename of the shell's terminal device name
[root@rhel5 ~]# PS1 = '[\u@\h \w TTY\l \d \t \!]\#
→→ 依次是:用户名@主机名、目前工作目录"~"、目前所在tty(1)、日期、时间、 history中的编号(23)、指定使用 "$"作为提示字源。*/
[root@rhel5 ~ TTY1 Thu Jun 18 22:22:18 23]#
——————————————————————————————————————
[root@rhel5 ~]# cd /var/named/chroot/etc
[root@rhel5 ~]# cp -p named.caching-nameserver.conf named.conf
[root@rhel5 ~]# vi named.conf→→详细配置见上文
[root@rhel5 ~]# vi named.rfc1912.zones→→详细配置见上文
7.配置 rhel5.com.zone 和 192.168.57.rev
[root@rhel5 ~]# cd /var/named/chroot/var/named
[root@rhel5 ~]# cp -p localdomain.zone rhel5.com.zone
[root@rhel5 ~]# cp -p named.local 192.168.57.rev
[root@rhel5 ~]# vi rhel5.com.zone →→详细配置见上文
[root@rhel5 ~]# vi 192.168.57.rev→→详细配置见上文
8.配置防火墙开放53 port
[root@rhel5 ~]# setup
选择 Firewall configuration →→ Customize →→ Other ports处输入:53:tcp 53:udp
9.配置named服务
[root@rhel5 ~]# chkconfig named --level 345 on
[root@rhel5 ~]# service named status
[root@rhel5 ~]# service named restart
[root@rhel5 ~]# rndc reload
10.测试我们的配置是否成功
hostname →→→→→→→→IP address /* forward lookup(正向名称解析) */
hostname ←←←←←←←←IP address /* reverse lookup(反向名称解析) */
Forward lookup:
[root@rhel5 ~]# host
has address 192.168.57.128
has address 192.168.57.129
has address 192.168.57.127
[root@rhel5 ~]# host www1.rhel5.com
www1.rhel5.com is an alias for
has address 192.168.57.129
has address 192.168.57.127
has address 192.168.57.128
[root@rhel5 ~]# host ftp.rhel5.com
ftp.rhel5.com has address 192.168.57.126
[root@rhel5 ~]# nslookup
Server: 192.168.57.129
Address: 192.168.57.129#53
Name:
Address: 192.168.57.127
Name:
Address: 192.168.57.128
Name:
Address: 192.168.57.129
Reverse lookup:
[root@rhel5 ~]# host 192.168.57.128
128.57.168.192.in-addr.arpa domain name pointer .
[root@rhel5 ~]# host 192.168.57.126
126.57.168.192.in-addr.arpa domain name pointer .
[root@rhel5 ~]# nslookup 192.168.57.129
Server: 192.168.57.129
Address: 192.168.57.129#53
129.57.168.192.in-addr.arpa name = .
——————————————————————————————————————
PS:经过上述10个步骤最终成功使用BIND配置了DNS...