为主DNS服务器配置IP:
[root@localhost ~]# ifconfig eth0
eth0Link encap:EthernetHWaddr00:0C:29:AC:5E:76
inet addr:192.168.10.87
安装DNS服务:[root@localhost ~]# cd /misc/cd/Server/
[root@localhost Server]# rpm --import/etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release
[root@localhost Server]# rpm -ivhbind-9.3.6-20.P1.el5_8.5.x86_64.rpm bind-chroot-9.3.6-20.P1.el5_8.5.x86_64.rpmcaching-nameserver-9.3.6-20.P1.el5_8.5.x86_64.rpm
[root@localhost etc]# pwd注意路径容易弄错
/var/named/chroot/etc
使用模板拷贝DNS服务主配置文件,注意属猪权限不要改变(-p保留权限属主等)
[root@localhost etc]# cp -pnamed.caching-nameserver.conf named.conf
[root@localhost etc]# vim named.conf
options {
listen-on port 53 { 192.168.10.87; };
//listen-on-v6 port 53 { ::1; };
allow-transfer {192.168.10.88}授权此IP地址的服务器,可以为从DNS服务器。
allow-query{ any; };
allow-query-cache { any; };
};
logging {
channel default_debug {
file"data/named.run";
severity dynamic;
};
};
view localhost_resolver {
match-clients{ any; };
match-destinations { any; };
recursion yes;
:%s/localhost/any/gc把localhost替换为any(c为交互式)
编辑第二配置文件:
[root@localhost etc]# vimnamed.rfc1912.zones
:21,31y
51 zone "tarena.com" IN {
52type master;
53file "tarena.com.zone";
54};
55
56zone "10.168.192.in-addr.arpa" IN {
57type master;
58file "192.168.10.arpa";
59};
:%s/localhost/tarena.com/gc
[root@localhost etc]# named-checkconfnamed.conf检验语法是否正确
[root@localhost etc]# named-checkconfnamed.rfc1912.zones
编辑区域声明文件,使用模板复制:
[root@localhost named]# pwd
/var/named/chroot/var/named
[root@localhost named]# cp -plocaldomain.zone tarena.com.zone
[root@localhost named]# vim tarena.com.zone正向区域声明
$TTL86400
@IN SOAtarena.com. root.tarena.com. (
2014030301; serial(d. adams)
3H; refresh
15M; retry
1W; expiry
1D); minimum
IN NStarena.com.
wwwIN A192.168.10.30
mailIN A192.168.10.35
bbsIN A192.168.10.40
ftpIN CNAMEbbs
wwwIN A192.168.10.31负载均衡
wwwIN A192.168.10.32负载均衡
*IN A192.168.10.25通配机头名
@IN A192.168.10.28域名解析
:%s/localhost/tarena.com.
编辑反向区域声明:
[root@localhost named]# named-checkzonetarena.com tarena.com.zone 检验语法
zone tarena.com/IN: loaded serial2014030301
OK
[root@localhost named]# cp -ptarena.com.zone 192.168.10.arpa
[root@localhost named]# vim 192.168.10.arpa
30IN PTRwww.tarena.com.
35IN PTRmail.tarena.com.
40IN PTRbbs.tarena.com.
[root@localhost named]# named-checkzonetarena.com 192.168.10.arpa
zone tarena.com/IN: loaded serial2014030301
OK
重启服务:
[root@localhost named]# service namedrestart
停止 named:[确定]
启动 named:[确定]
客户机验证:[root@localhost ~]# host mail.tarena.com
mail.tarena.com has address 192.168.10.35
[root@localhost ~]# nslookup
> ftp.tarena.com
Server:192.168.10.87
Address:192.168.10.87#53
ftp.tarena.comcanonical name = bbs.tarena.com.
Name:bbs.tarena.com
Address: 192.168.10.40
> tarena.com
Server:192.168.10.87
Address:192.168.10.87#53
Name:tarena.com
Address: 192.168.10.28
配置从DNS服务器:
安装软件包:编辑主文件:同主服务器一样,编辑第二主文件时与主服务器不同:
[root@localhost etc]# vimnamed.rfc1912.zones
zone "tarena.com" IN {
type slave;
file "slaves/tarena.com.zone";
masters {192.168.10.87; };
};
zone "10.168.192.in-addr.arpa" IN{
type slave;
file "slaves/192.168.10.arpa";
masters {192.168.10.87; };
};
检验语法:从服务器,区域声明自动从主服务复制因此不需要自己配置;
[root@localhost etc]# named-checkconfnamed.conf
[root@localhost etc]# named-checkconfnamed.rfc1912.zones
查看未重启服务时的从服务器区域声明目录,目录为空;
[root@localhost named]# ls slaves/
[root@localhost named]#
重启服务:
[root@localhost etc]# service named restart
停止 named:[确定]
启动 named:[确定]
此时目录自动生成了以助服务器为模板的两个区域声明文件
[root@localhost named]# ls slaves/
192.168.10.arpatarena.com.zone
验证:从客户机验证,DNSip指向从服务器:
[root@localhost ~]# nslookupwwwww.tarena.com 192.168.10.88
Server:192.168.10.88
Address:192.168.10.88#53
Name:wwwww.tarena.com
Address: 192.168.10.25
区域数据的特殊应用:
[root@localhost named]# vim tarena.com.zone编辑正向区域声明
$GENERATE1-200station$IN A 192.168.10$
[root@localhost named]# vim 192.168.10.arpa
$GENERATE1-200$IN PTRstation$.tarena.com.
验证两个区域的声明语法:
[root@localhost named]# named-checkzonetarena.com tarena.com.zone
one tarena.com/IN: loaded serial 2014030301
OK
[root@localhost named]# named-checkzonetarena.com 192.168.10.arpa
zone tarena.com/IN: loaded serial2014030301
OK
从客户机验证函数解析:(正向)
[root@localhost named]# vim tarena.com.zone
$GENERATE1-200station$IN A 192.168.10.$
[root@localhost named]# service namedrestart
停止 named:[确定]
启动 named:[确定]
验证:[root@localhost ~]# nslookup
> station22.tarena.com
Server:192.168.10.87
Address:192.168.10.87#53
Name:station22.tarena.com
Address: 192.168.10.22
> exit
[root@localhost ~]# hoststation88.tarena.com
station88.tarena.com has address192.168.10.88
反向函数:
[root@localhost named]# vim 192.168.10.arpa
$GENERATE1-200$IN PTRstation$.tarena.com.
[root@localhost named]# named-checkzonetarena.com 192.168.10.arpa
zone tarena.com/IN: loaded serial2014030301检验语法
OK
客户机验证:
[root@localhost ~]# host 192.168.10.33
33.10.168.192.in-addr.arpa domain namepointer station33.tarena.com.
[root@localhost ~]# nslookup
> 192.168.10.99
Server:192.168.10.87
Address:192.168.10.87#53
99.10.168.192.in-addr.arpaname = station99.tarena.com.