Chinaunix首页 | 论坛 | 博客

工作日志

首页 |  博文目录 |  关于我

xuexiaogang

  • 博客访问: 52370
  • 博文数量: 18
  • 博客积分: 0
  • 博客等级: 民兵
  • 技术积分: 272
  • 用 户 组: 普通用户
  • 注册时间: 2015-07-22 23:12
个人简介

数据架构师

文章分类

全部博文(18)

文章存档

2015年(18)

我的朋友
最近访客
推荐博文
相关博文
DNS服务器

分类: 系统运维

2015-07-24 17:39:36

1.1 操作系统版本

Linux Centos6.5 2.6.32-431.el6.x86_64 (简称 Centos 6.5

1.2  DNS服务器所需软件版本

     bind-9.8.2-0.30.rc1.el6_6.3.x86_64

bind-utils-9.8.2-0.30.rc1.el6_6.3.x86_64

bind-chroot-9.8.2-0.30.rc1.el6_6.3.x86_64

 

2      服务器端安装Subversion软件

2.1 yum源配置

# CentOS-Base.repo

#

# The mirror system uses the connecting IP address of the client and the

# update status of each mirror to pick mirrors that are updated to and

# geographically close to the client.  You should use this for CentOS updates

# unless you are manually picking other mirrors.

#

# remarked out baseurl= line instead.

#

#

 

[base]

name=CentOS-$releasever - Base

baseurl=

gpgcheck=1

gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6

 

#released updates

[updates]

name=CentOS-$releasever - Updates

baseurl=

gpgcheck=1

gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6

 

#additional packages that may be useful

[extras]

name=CentOS-$releasever - Extras

baseurl=

gpgcheck=1

gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6

 

#additional packages that extend functionality of existing packages

[centosplus]

name=CentOS-$releasever - Plus

baseurl=

gpgcheck=1

enabled=1

gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6

 

#contrib - packages by Centos Users

[contrib]

name=CentOS-$releasever - Contrib

baseurl=

gpgcheck=1

enabled=1

gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6

 

 

2.2 软件安装

 yum install -y bind bind-chroot bind-utils

 

3      DNS服务器文件配置

 

cp -rv /usr/share/doc/bind-9.8.2/sample/etc/* /var/named/chroot/etc/

cp -rv /usr/share/doc/bind-9.8.2/sample/var/* /var/named/chroot/var/

 

3.1  主配置文件named.conf配置

 

vim /var/named/chroot/etc/named.conf

 

 

options {

        listen-on port 53 { 10.10.102.124[s1] ; };

        listen-on-v6 port 53 { ::1; };

        directory       "/var/named";

        dump-file       "/var/named/data/cache_dump.db";

        statistics-file "/var/named/data/named_stats.txt";

        memstatistics-file "/var/named/data/named_mem_stats.txt";

        allow-query     { any; };

        recursion yes;

 

        dnssec-enable yes;

        dnssec-validation yes;

        dnssec-lookaside auto;

 

        /* Path to ISC DLV key */

        bindkeys-file "/etc/named.iscdlv.key";

 

        managed-keys-directory "/var/named/dynamic";

};

 

logging {

        channel default_debug {

                file "data/named.run";

                severity dynamic;

        };

};

 

zone "." IN {

        type hint;

        file "named.ca";

};

 

include "/etc/named.rfc1912.zones";

#include "/etc/named.root.key";

 

 

3.2  辅助区域配置文件named.rfc1912.zones配置

 

vim /var/named/chroot/etc/named.rfc1912.zones
// named.rfc1912.zones:

//

// Provided by Red Hat caching-nameserver package

//

// ISC BIND named zone configuration for zones recommended by

// RFC 1912 section 4.1 : localhost TLDs and address zones

// and

// (c)2007 R W Franks

//

// See /usr/share/doc/bind*/sample/ for example named configuration files.

//

 

zone "localhost.localdomain" IN {

        type master;

        file "named.localhost";

        allow-update { none; };

};

 

zone "localhost" IN {

        type master;

        file "named.localhost";

        allow-update { none; };

};

 

zone "phzc.com" IN {

        type master;

        file "phzc.com.zone";

        allow-update { none; };

};

 

zone "1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN {

        type master;

        file "named.loopback";

        allow-update { none; };

};

 

zone "1.0.0.127.in-addr.arpa" IN {

        type master;

        file "named.loopback";

        allow-update { none; };

};

 

zone "10.10.in-addr.arpa" IN {

        type master;

        file "phzc.com.reverse";

        allow-update { none; };

};

 

zone "0.in-addr.arpa" IN {

        type master;

        file "named.empty";

        allow-update { none; };

};

 

 

3.3  正解配置文件phzc.com.zone配置

 

vim /var/named/chroot/var/named/phzc.com.zone

$TTL 1D

@       IN SOA  localhost. root.phzc.com. (

                                        20150627        ; serial

                                        1D      ; refresh

                                        1H      ; retry

                                        1W      ; expire

                                        3H )    ; minimum

     IN NS      phzcudns001.phzc.com.

phzcudns001 IN A       10.10.102.124

 

phzcuinternal001          IN A 10.10.81.127

phzcuuat001               IN A 10.10.108.65

phzcuuat002               IN A 10.10.63.99

phzcuuat003               IN A 10.10.91.99

phzcuuat004               IN A 10.10.97.74

phzcusftp001              IN A 10.10.11.81

phzcudns001               IN A 10.10.102.124

phzcunginx001             IN A 10.10.100.243

phzcunginx002             IN A 10.10.104.62

phzcutomcat001            IN A 10.10.103.76

phzcutomcat002            IN A 10.10.111.98

phzcutomcat003            IN A 10.10.111.184

phzcutomcat004            IN A 10.10.108.171

phzcutomcat005            IN A 10.10.112.16

phzcutomcat006            IN A 10.10.112.145

phzcutomcat007            IN A 10.10.104.88

phzcutomcat008            IN A 10.10.103.130

phzcumysql001             IN A 10.10.112.140

phzcumysql002             IN A 10.10.100.246

hadoop001                 IN A 10.10.112.120

hadoop002                 IN A 10.10.103.85

hadoop003                 IN A 10.10.105.251

hadoop004                 IN A 10.10.101.170

hadoop005                 IN A 10.10.103.169

phzcumysql003             IN A 10.10.109.62

               

3.4  反解配置文件phzc.com.reverse配置

 

 vim /var/named/chroot/var/named/phzc.com.reverse 

 

$TTL 1D

@       IN SOA  phzcudns001.phzc.com. root.phzc.com. (

                                        20150627        ; serial

                                        1D      ; refresh

                                        1H      ; retry

                                        1W      ; expire

                                        3H )    ; minimum

        IN      NS      phzcudns001.phzc.com.

 

127.81   IN PTR phzcuinternal001

65.108   IN PTR phzcuuat001

99.63    IN PTR phzcuuat002

99.91    IN PTR phzcuuat003

74.97    IN PTR phzcuuat004

81.11    IN PTR phzcusftp001

124.102  IN PTR phzcudns001

243.100  IN PTR phzcunginx001

62.104   IN PTR phzcunginx002

76.103   IN PTR phzcutomcat001

98.111   IN PTR phzcutomcat002

184.111  IN PTR phzcutomcat003

171.108  IN PTR phzcutomcat004

16.112   IN PTR phzcutomcat005

145.112  IN PTR phzcutomcat006

88.104   IN PTR phzcutomcat007

13.103   IN PTR phzcutomcat008

14.112   IN PTR phzcumysql001

246.100  IN PTR phzcumysql002

12.112   IN PTR hadoop001

85.103   IN PTR hadoop002

251.105  IN PTR hadoop003

17.101   IN PTR hadoop004

169.103  IN PTR hadoop005

62.109   IN PTR phzcumysql003     

 

 

4      启用和关闭DNS服务

4.1 启用DNS服务

 

/etc/init.d/named restart

 

4.2 确认DNS服务端口

netstat -nalp | grep :53

tcp        0      0 10.10.102.124:53            0.0.0.0:*                   LISTEN      12573/named        

tcp        0      0 ::1:53                      :::*                        LISTEN      12573/named        

udp        0      0 10.10.102.124:53            0.0.0.0:*                               12573/named        

udp        0      0 ::1:53                      :::*                                    12573/named               

4.3 关闭DNS服务

/etc/init.d/named stop

 

 


5      SVN客户端安装和使用 DNS服务验证

 

5.1  修改DNS server地址

 

vim /etc/resolv.conf

添加

nameserver 10.10.102.124

 

备注:

DNS server本身除了修改/etc/resolv.conf 还需要

vim /etc/sysconfig/network-scripts/ifcfg-eth0

添加

DNS1=10.10.102.124

重启网络 /etc/init.d/network restart

 

 

5.2  验证DNS服务器搭建成功

 

正解验证

nslookup phzcuuat001.phzc.com

Server:     10.10.102.124

Address:    10.10.102.124#53

 

Name:   phzcuuat001.phzc.com

Address: 10.10.108.65

 

 

反解验证

nslookup  10.10.108.65

Server:     10.10.102.124

Address:    10.10.102.124#53

 

65.108.10.10.in-addr.arpa   name = phzcuuat001.10.10.in-addr.arpa.

 

 [s1]这里如果写127.0.0.1就会不通

阅读(2556) | 评论(0) | 转发(0) |
0

上一篇:Amoeba for mysq

下一篇:没有了

给主人留下些什么吧!~~
关于我们 | 关于IT168 | 联系方式 | 广告合作 | 法律声明 | 免费注册

Copyright 2001-2010 ChinaUnix.net All Rights Reserved 北京皓辰网域网络信息技术有限公司. 版权所有

感谢所有关心和支持过ChinaUnix的朋友们

16024965号-6