Chinaunix首页 | 论坛 | 博客
  • 博客访问: 202431
  • 博文数量: 49
  • 博客积分: 4776
  • 博客等级: 中校
  • 技术积分: 486
  • 用 户 组: 普通用户
  • 注册时间: 2005-03-02 10:42
  • 认证徽章:
文章分类

全部博文(49)

文章存档

2010年(6)

2009年(8)

2008年(20)

2007年(10)

2006年(2)

2005年(3)

分类:

2007-10-15 11:28:21

CenTOS 5下面用自带的RPM包安装基于Bind的域名解析系统
Author:汪洋
Nickname:ruochen / ruochen0926
Date:20070927
Version:1.0
Contact: E-Mail:yang_wang(at)sae (dot) com (dot) hk  QQ:967409
Blog:http://ruochen.cublog.cn/
Note:如果在安装或者使用过程中有疑问,请到我的blog跟帖,我会尽快回复

目录:
目标:配置一个基本的DNS域名解析系统
1)安装需要的软件包
2)配置 /etc/named.conf
3)配置 /etc/named.rfc1912.zones
4)配置 /var/named/named.test.hk
5)配置 /var/named/named.10.10.119
6)配置 /etc/resolv.conf
7)配置 /etc/rndc.conf & /etc/rndc.key
8)测试 DNS
9)其他
 
1)安装需要的软件包
bind-utils-9.3.3-7.el5
bind-9.3.3-7.el5
bind-libs-9.3.3-7.el5
caching-nameserver-9.3.3-7.el5 (第一次没有安装这个包,导致默认的配置文件没有)
ypbind-1.19-7.el5
bind-chroot-9.3.3-7.el5
后面的两个软件包根据自己需要安装
note:
用rpm包来安装或者用yum来安装
推荐使用yum安装,自动解决软件包之间依赖关系
 
2)配置 /etc/named.conf
默认是没有/etc/named.conf这个配置文件的,我们根据/etc/named.caching-nameserver.conf来复制修改得到
[root@mail ~]# cp /etc/named.caching-nameserver.conf  /etc/named.conf
[root@mail ~]# vi /etc/named.conf
// options {
//    directory    "/var/named";
//    dump-file    "/var/named/data/cache_dump.db";
//    statistics-file    "/var/named/data/named_stats.txt";
// };
options {
        listen-on port 53 { 10.10.119.200; };
#        listen-on port 53 { 127.0.0.1; };
#        listen-on-v6 port 53 { ::1; };
        directory       "/var/named";
        dump-file       "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
        memstatistics-file "/var/named/data/named_mem_stats.txt";
        query-source    port 53;
#        query-source-v6 port 53;
#        pid-file "/var/run/named/named.pid";
#        allow-query     { localhost; };
};
logging {
        channel default_debug {
                file "data/named.run";
                severity dynamic;
        };
};
key "rndckey" {
      algorithm hmac-md5;
      secret "vt/j+jC7MxIoB+9emnuKqw==";
};
controls {
      inet 10.10.119.200 port 953
              allow { any; } keys { "rndckey"; };
};
view localhost_resolver {
        match-clients      { any; };
        match-destinations { any; };
        recursion yes;
        include "/etc/named.rfc1912.zones";
};
3)配置 /etc/named.rfc1912.zones
[root@mail ~]# vi /etc/named.rfc1912.zones
// named.rfc1912.zones:
//
// Provided by Red Hat caching-nameserver package
//
// ISC BIND named zone configuration for zones recommended by
// RFC 1912 section 4.1 : localhost TLDs and address zones
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
zone "." IN {
        type hint;
        file "named.ca";
};
zone "localdomain" IN {
        type master;
        file "localdomain.zone";
        allow-update { none; };
};
zone "localhost" IN {
        type master;
        file "localhost.zone";
        allow-update { none; };
};
zone "0.0.127.in-addr.arpa" IN {
        type master;
        file "named.local";
        allow-update { none; };
};
zone "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN {
        type master;
        file "named.ip6.local";
        allow-update { none; };
};
zone "255.in-addr.arpa" IN {
        type master;
        file "named.broadcast";
        allow-update { none; };
};
zone "0.in-addr.arpa" IN {
        type master;
        file "named.zero";
        allow-update { none; };
};
zone "test.hk" IN {
    type master;
    file    "named.test.hk";
};
zone "119.10.10.in-addr.arpa" IN {
        type master;
        file "named.10.10.119";
        allow-update { none; };
};
 
4)配置 /var/named/named.test.hk
[root@mail ~]# vi /var/named/named.test.hk
$TTL 86400
@                         IN          SOA        test.hk.         ruochen.mail.test.hk  (
                                                1997022700 ; Serial
                                                28800      ; Refresh
                                                14400      ; Retry
                                                3600000    ; Expire
                                                86400 )    ; Minimum
@                       IN          NS         www.test.hk.
                        IN          NS         mail.test.hk.
                        IN          MX  5      mail.test.hk.
localhost.              IN          A          127.0.0.1
www                     IN          A          10.10.119.200
mail                    IN          A          10.10.119.200
mail.test.hk            IN          CNAME      test.hk

5)配置 /var/named/named.10.10.119
[root@mail ~]# vi /var/named/named.10.10.119
$TTL 86400
@                    IN                   SOA                  localhost. root.localhost.  (
                                      1997022700 ; Serial
                                      28800      ; Refresh
                                      14400      ; Retry
                                      3600000    ; Expire
                                      86400 )    ; Minimum
@                    IN             NS      localhost.
localhost.           IN             PTR     localhost.
200                  IN             PTR     www.test.hk.
200                  IN             PTR     mail.test.hk.
 
 
 
 
 
 
 
 

[root@mail ~]# more /etc/rndc.conf
# Start of rndc.conf
key "rndckey" {
        algorithm hmac-md5;
        secret "vt/j+jC7MxIoB+9emnuKqw==";
};
options {
        default-key "rndckey";
        default-server 10.10.119.200;
        default-port 953;
};
# End of rndc.conf
# Use with the following in named.conf, adjusting the allow list as needed:
# key "rndckey" {
#       algorithm hmac-md5;
#       secret "vt/j+jC7MxIoB+9emnuKqw==";
# };
#
# controls {
#       inet 127.0.0.1 port 953
#               allow { 127.0.0.1; } keys { "rndckey"; };
# };
# End of named.conf

[root@mail ~]# more /etc/rndc.key
# Start of rndc.conf
key "rndckey" {
        algorithm hmac-md5;
        secret "vt/j+jC7MxIoB+9emnuKqw==";
};
options {
        default-key "rndckey";
        default-server 10.10.119.200;
        default-port 953;
};
# End of rndc.conf
# Use with the following in named.conf, adjusting the allow list as needed:
# key "rndckey" {
#       algorithm hmac-md5;
#       secret "vt/j+jC7MxIoB+9emnuKqw==";
# };
#
# controls {
#       inet 127.0.0.1 port 953
#               allow { 127.0.0.1; } keys { "rndckey"; };
# };
# End of named.conf
 
[root@mail ~]# rndc status
number of zones: 8
debug level: 0
xfers running: 0
xfers deferred: 0
soa queries in progress: 0
query logging is OFF
recursive clients: 0/1000
tcp clients: 0/100
server is up and running
 

[root@mail ~]# more /etc/resolv.conf
# generated by NetworkManager, do not edit!
; Use a local caching nameserver controlled by NetworkManager
#nameserver 127.0.0.1
nameserver 10.10.119.200
 
8)测试 DNS
[root@mail ~]# ping www.test.hk
PING www.test.hk (10.10.119.200) 56(84) bytes of data.
64 bytes from mail (10.10.119.200): icmp_seq=1 ttl=64 time=0.303 ms
64 bytes from mail (10.10.119.200): icmp_seq=2 ttl=64 time=0.291 ms
64 bytes from mail (10.10.119.200): icmp_seq=3 ttl=64 time=0.039 ms
64 bytes from mail (10.10.119.200): icmp_seq=4 ttl=64 time=0.038 ms
--- www.test.hk ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3002ms
rtt min/avg/max/mdev = 0.038/0.167/0.303/0.130 ms
[root@mail ~]# ping mail.test.hk
PING mail (10.10.119.200) 56(84) bytes of data.
64 bytes from mail (10.10.119.200): icmp_seq=1 ttl=64 time=0.622 ms
64 bytes from mail (10.10.119.200): icmp_seq=2 ttl=64 time=0.048 ms
64 bytes from mail (10.10.119.200): icmp_seq=3 ttl=64 time=0.047 ms
64 bytes from mail (10.10.119.200): icmp_seq=4 ttl=64 time=0.040 ms
--- mail ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3001ms
rtt min/avg/max/mdev = 0.040/0.189/0.622/0.250 ms

[root@mail ~]# nslookup 10.10.119.200
Server:         10.10.119.200
Address:        10.10.119.200#53
200.119.10.10.in-addr.arpa      name = mail.test.hk.
200.119.10.10.in-addr.arpa      name = www.test.hk.
阅读(1015) | 评论(0) | 转发(0) |
给主人留下些什么吧!~~
评论热议
请登录后评论。

登录 注册