DNS 架设过程-chinaorg-ChinaUnix博客

境随心转

首页　| 　博文目录　| 　关于我

chinaorg

博客访问： 19427
博文数量： 3
博客积分： 130
博客等级：入伍新兵
技术积分： 40
用户组：普通用户
注册时间： 2007-08-25 16:27

文章分类

全部博文（3）

linux（3）

perl（2）

system（1）
未分配的博文（0）

文章存档

2008年（3）

我的朋友

bjchenxu

最近访客

厚积薄发

推荐博文

DNS 架设过程

分类：

2008-03-11 10:56:57

平台：redhat EL 5

第一步：软件下载：bind 9.4.2 地址

第二步：安装

         # tar zxvf bind-9.4.2.tar.gz
         # cd bind-9.4.2
         # ./configure --prefix=/usr/local/bind --sysconfdir=/etc
         # make
         # make install

第三步：配置

      生成/etc/rndc.conf
         #/usr/local/bind/sbin/rndc-confgen > /etc/rndc.conf
         # tail -10 /etc/rndc.conf|head -9|sed s/#\//g >>/etc/named.conf

         A）cache-only dns server 配置

            # vi /etc/named.conf
                      //this setting is only for forwarding dns server
                     options {
                                 forward only;
                                 forwarders {
                                          211.94.69.34;
                                          211.94.65.97;
                                    };
                                 pid-file "/usr/local/bind/var/run/named.pid";

                        };

                     key "rndc-key" {
                              algorithm hmac-md5;
                              secret "N2uQAFWNwrMIVKMapOFq0Q==";
                        };

                     controls {
                              inet 127.0.0.1 port 953
                              allow { 127.0.0.1; } keys { "rndc-key"; };
                        };

B）完整 DNS SERVER 配置

            需要配置的文档大概如下几个：
               1./etc/named.conf
               2./etc/named/named.root
               3./etc/named/named.localhost
               4./etc/named/named.127.0.0
               5./etc/named/named.正解档案
               6./etc/named/named.反解档案

            hostname 与 ip地址规划 ------> 192.168.0.105
                                             mail.mysite.com ------> 192.168.0.105
                                             ftp.mysite.com ------> 192.168.0.106
            编辑/etc/named.conf
                     # vi /etc/named.conf
                           // dns server
                        options {
                                       directory "/etc/named";
                                       forwarders {
                                             211.94.69.34;
                                             211.94.65.97;
                                       };
                                       pid-file "/usr/local/bind/var/run/named.pid";
                                       allow-query { any; };
                                       allow-transfer { none; };
                           };

                           zone "." {
                                    type hint;
                                    file "named.root";
                           };

                           zone "localhost" {
                                    type master;
                                    file "named.localhost";
                           };

                           zone "0.0.127.in-addr.arpa" {
                                    type master;
                                    file "named.127.0.0";
                           };

                           zone "mysite.com" {
                                    type master;
                                    file "named.mysite.com";
                           };

                           zone "0.168.192.in-addr.arpa" {
                                    type master;
                                    file "named.192.168.0";
                           };

                           key "rndc-key" {
                                    algorithm hmac-md5;
                                    secret "N2uQAFWNwrMIVKMapOFq0Q==";
                           };

                           controls {
                                    inet 127.0.0.1 port 953
                                    allow { 127.0.0.1; } keys { "rndc-key"; };
                           };

建立目录/etc/named/  #mkdir /etc/named
                     先让自己的DNS服务器指向上游ISP提供的DNS服务器地址
               #echo "nameserver  211.94.69.34"> /etc/resolv.conf

                     获得 named.root 文档
               方法一、
               #ftp rs.internic.net
                        username anonymous
                        password:回车
                        ftp> cd domain
                        ftp> get named.root
                        ftp>bye

                     #cp named.root /etc/named

            方法二、
               #/usr/local/bind/bin/dig -t NS . >/etc/named/named.root

               编辑 /etc/named/named.localhost 文档

# vi /etc/named/named.localhost
TTL 600
@    IN    SOA    localhost.    root.localhost. (
            20080228 ;serial
            28800 ;refresh
            14400 ;retry
            720000 ;expire
            86400 ;minimum
)

@             IN    NS    localhost.
localhost.    IN    A    127.0.0.1

编辑/etc/named/named.127.0.0 文档
# vi /etc/named/named.127.0.0
$TTL 600
@    IN    SOA    localhost.    root.localhost. (
            20080228       ;serial
            28800          ;refresh
            14400          ;retry
            720000       ;expire
            86400          ;minium
)
@             IN    NS    localhost.
1             IN    PTR    localhost.

编辑/etc/named/named.mysite.com正解文档
# vi /etc/named/named.mysite.com
$TTL 600
@    IN    SOA          mysite.com.    root.mysite.com. (

                20080228       ;serial
            28800          ;refresh
            14400          ;retry
            720000       ;expire
            86400          ;mininum
)
@                      IN    NS    mysite.com.
@                      IN    MX 10 mail.mysite.com.
mysite.com.          IN    A    192.168.0.105
www                   IN    A    192.168.0.105
mail                   IN    CNAME www
ftp                   IN    A    192.168.0.106

编辑/etc/named/named.192.168.0反解文档
# vi /etc/named/named.192.168.0

$TTL 600
@    IN    SOA    mysite.com.    root.mysite.com. (
            20080228
            28800
            14400
            720000
            86400
)
@    IN    NS    mysite.com.
105    IN    PTR    mysite.com.
105    IN    PTR
106    IN    PTR    .

第四步：启动测试

让自己的DNS服务器指向自己
#echo "nameserver  127.0.0.1"> /etc/resolv.conf

启动bind
#/usr/local/bind/sbin/named

[root@localhost ~]# nslookup
> mysite.com
Server:       127.0.0.1
Address:       127.0.0.1#53
Name: mysite.com
Address: 192.168.0.105
> ftp.mysite.com
Server:       127.0.0.1
Address:       127.0.0.1#53
Name: ftp.mysite.com
Address: 192.168.0.106
> mail.mysite.com
Server:       127.0.0.1
Address:       127.0.0.1#53
mail.mysite.com canonical name =
Name:
Address: 192.168.0.105
> set type=mx
> mysite.com
Server:       127.0.0.1
Address:       127.0.0.1#53
mysite.com    mail exchanger = 10 mail.mysite.com.
> set type=a
>
Server:       127.0.0.1
Address:       127.0.0.1#53
Name:
Address: 192.168.0.105
> 192.168.0.105
Server:       127.0.0.1
Address:       127.0.0.1#53
105.0.168.192.in-addr.arpa    name =
105.0.168.192.in-addr.arpa    name = mysite.com.
> 192.168.0.106
Server:       127.0.0.1
Address:       127.0.0.1#53
106.0.168.192.in-addr.arpa    name = ftp.mysite.com.
>
如果想加入独立日志功能安如下操作

#mkdir /var/log/named

编辑/etc/named.conf
添加：

logging {
      channel dns_errors
      { file "/var/log/named/err_logs" versions 3 size 10m;
      severity error;
      print-category yes;
      print-severity yes;
      print-time yes;
      };
      channel dns_queries
      { file "/var/log/named/query_logs" versions 3 size 10m;
      severity info;
      print-category yes;
      print-severity yes;
      print-time yes;
      };
      category default { dns_errors; };
      category queries { dns_queries; };
};

重新启动bind

阅读(1641) | 评论(0) | 转发(0) |

上一篇：没有了

下一篇：perl 二叉树示例程序

给主人留下些什么吧！~~

感谢所有关心和支持过ChinaUnix的朋友们

16024965号-6