Chinaunix首页 | 论坛 | 博客
  • 博客访问: 177113
  • 博文数量: 17
  • 博客积分: 299
  • 博客等级: 下士
  • 技术积分: 292
  • 用 户 组: 普通用户
  • 注册时间: 2011-03-24 12:11
文章分类
文章存档

2017年(1)

2013年(1)

2012年(15)

我的朋友

分类: LINUX

2013-03-27 15:53:17

安装软件

bind-chroot-9.3.6-20.P1.el5

bind-libs-9.3.6-20.P1.el5

bind-utils-9.3.6-20.P1.el5

bind-9.3.6-20.P1.el5

caching-nameserver-9.3.6-20.P1.el5.x86_64.rpm

 

配置/etc/resolv.conf(这个需要两台机器都配置):

nameserver 172.30.84.5

search localdomain

 

配置/etc/named.caching-nameserver.conf(安装了caching-nameserver后,就是这个文件):

options {

listen-on port 53 { 172.30.84.5;192.168.200.1;127.0.0.1; };   //监听的网卡

listen-on-v6 port 53 { ::1; };

directory "/var/named";    //配置文件存放的目录

dump-file "/var/named/data/cache_dump.db";

statistics-file "/var/named/data/named_stats.txt";

memstatistics-file "/var/named/data/named_mem_stats.txt";

// Those options should be used carefully because they disable port

// randomization

// query-source port 53;

// query-source-v6 port 53;

allow-query { any; };      //允许别的主机访问,下同

allow-query-cache { any; };

};

logging {

channel default_debug {

file "data/named.run";

severity dynamic;

};

};

view localhost_resolver {

match-clients { any; };

match-destinations { any; };

recursion yes;

include "/etc/named.rfc1912.zones";

};

 

配置各个ZONE,修改/etc/named.rfc1912.zones:

[root@DB-CS-YTH2-1 software]# more /etc/named.rfc1912.zones

// named.rfc1912.zones:

//

// Provided by Red Hat caching-nameserver package

//

// ISC BIND named zone configuration for zones recommended by

// RFC 1912 section 4.1 : localhost TLDs and address zones

//

// See /usr/share/doc/bind*/sample/ for example named configuration files.

//

zone "." IN {

type hint;

file "/dev/null";   //在查询一个不存在的主机名时,迅速返回SERVFAIL,从而避免PRVF-5636.

};

zone "localdomain" IN {

type master;

file "localdomain.zone";  //正向查询文件名

allow-update { none; };

};

zone "localhost" IN {

type master;

file "localhost.zone";

allow-update { none; };

};

zone "0.0.127.in-addr.arpa" IN {

type master;

file "named.local";

allow-update { none; };

};

zone "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" I

N {

type master;

file "named.ip6.local";

allow-update { none; };

};

zone "255.in-addr.arpa" IN {

type master;

file "named.broadcast";

allow-update { none; };

};

zone "0.in-addr.arpa" IN {

type master;

file "named.zero";

allow-update { none; };

};

zone "84.30.172.in-addr.arpa" IN {

type master;

file "84.30.172.in-addr.arpa";  //反向查询文件名

};

zone "200.168.192.in-addr.arpa" IN {

type master;

file "200.168.192.in-addr.arpa"; //反向查询文件名

};

其中" directory"参数值为解析文件的存放目录;

" forwarders"参数将解析地址指向本机

"zone"参数表示定义需要解析的域的名称,其中

zone "." IN {

type hint;

file "/dev/null";

};

是为了避免PRVF-5636警告而增加;

zone "localdomain" 表示是正向解析的域;

zone "84.30.172.in-addr.arpa" 表示反向解析的域;只填写除IP地址最后一位的其他3位地址,倒着填写。

 

配置正向解析文件/var/named/localdomain.zone:

$TTL 86400

@ IN SOA localhost root (

42 ; serial (d. adams)

3H ; refresh

15M ; retry

1W ; expiry

1D ) ; minimum

IN NS localhost

localhost IN A 127.0.0.1

DB-CS-YTH2-1 IN A 172.30.84.5

DB-CS-YTH2-2 IN A 172.30.84.7

DB-CS-YTH2-1vip IN A 172.30.84.6

DB-CS-YTH2-2vip IN A 172.30.84.8

DB-CS-YTH2-1prv IN A 192.168.200.1

DB-CS-YTH2-2prv IN A 192.168.200.2

DB-CS-YTH2scan IN A 172.30.84.10

 

反向解析文件:

[root@DB-CS-YTH2-1 named]# more 200.168.192.in-addr.arpa

$TTL 86400

@ IN SOA localhost root (

42 ; serial (d. adams)

3H ; refresh

15M ; retry

1W ; expiry

1D ) ; minimum

IN NS localhost

1 IN PTR DB-CS-YTH1-1prv

2 IN PTR DB-CS-YTH1-2prv

[root@DB-CS-YTH2-1 named]# more 84.30.172.in-addr.arpa

$TTL 86400

@ IN SOA localhost root (

42 ; serial (d. adams)

3H ; refresh

15M ; retry

1W ; expiry

1D ) ; minimum

IN NS localhost

5 IN PTR DB-CS-YTH2-1

7 IN PTR DB-CS-YTH2-2

6 IN PTR DB-CS-YTH2-1vip

8 IN PTR DB-CS-YTH2-2vip

10 IN PTR DB-CS-YTH2scan

 

其中在 localhost以上保持不变,填写/etc/hosts文件中主机名对应的IP地址的最后一位即可。

这两个文件,放到/var/named/chroot/var/named下(因为安装了bind-chroot).

 

同时在/var/named下建立链接:

lrwxrwxrwx 1 root root 52 Mar 26 10:29 200.168.192.in-addr.arpa -> /var/named/chroot/var/named/200.168.192.in-addr.arpa

lrwxrwxrwx 1 root root 50 Mar 26 10:29 84.30.172.in-addr.arpa -> /var/named/chroot/var/named/84.30.172.in-addr.arpa

 

启动DNS服务器named:

# [root@DB-CS-YTH2-1 named]# service named restart

Stopping named: [ OK ]

Starting named: [ OK ]

 

测试:

[root@DB-CS-YTH2-1 named]# nslookup

> sdf

Server: 172.30.84.5

Address: 172.30.84.5#53

** server can't find sdf: SERVFAIL    //此时DNS会迅速返回结果,而不是等待超时。

> DB-CS-YTH2-1

Server: 172.30.84.5

Address: 172.30.84.5#53

Name: DB-CS-YTH2-1.localdomain

Address: 172.30.84.5

> 192.168.200.1

Server: 172.30.84.5

Address: 172.30.84.5#53

1.200.168.192.in-addr.arpa name = DB-CS-YTH1-1prv.200.168.192.in-addr.arpa.

阅读(9945) | 评论(0) | 转发(1) |
给主人留下些什么吧!~~