linux 下僅緩存DNS的搭建

1.安裝包

yum install bind* -y

yum install bind-chroot -y

[root@localhost ~]# /etc/init.d/named restart

Stopping named: [ OK ]

Generating /etc/rndc.key:^C

[root@localhost ~]#

[root@localhost ~]# rndc-confgen -r /dev/urandom -a 運作這指令導入rndc key

wrote key file "/etc/rndc.key"

Starting named: [ OK ]

[root@localhost ~]# cd /var/named/

[root@localhost named]# cp -p named.localhost example.com.zone 一定是小寫p

[root@localhost named]# vim example.com.zone

$TTL 1D

@ IN SOA @ cc.163.com. ( 這裡最後一個點不能少

0 ; serial 這些

1D ; refresh 東西

1H ; retry 不

1W ; expire 要

3H ) ; minimum 動

NS @

A 192.168.122.22 自己的IP

www A 1.1.1.1

aa A 2.2.2.2

* A 2.2.250.250

bbs CNAME www 這是别名，www.example.com和bbs.example.com的IP一樣

[root@localhost named]# vim /var/named/chroot/etc/named.conf

options {

listen-on port 53 { 192.168.122.22; }; 改成自己的IP

listen-on-v6 port 53 { ::1; };

directory "/var/named";

dump-file "/var/named/data/cache_dump.db";

statistics-file "/var/named/data/named_stats.txt";

memstatistics-file "/var/named/data/named_mem_stats.txt";

allow-query { any; }; 改為any

recursion yes;

dnssec-enable yes;

dnssec-validation yes;

dnssec-lookaside auto;

forwarders { 192.168.122.1; }; 如果本DNS解析不裡，先不去13台跟DNS找，而是先去192.168.122.1這個DNS上找

/* Path to ISC DLV key */

bindkeys-file "/etc/named.iscdlv.key";

managed-keys-directory "/var/named/dynamic";

};

logging {

channel default_debug {

file "data/named.run";

severity dynamic;

};

zone "." IN {

type hint;

file "named.ca";

zone "example.com"IN{ 這三行是加的，在include "/etc/named.rfc1912.zones";上面添加的，不要多空格

type master;

file "example.com.zone";

include "/etc/named.rfc1912.zones";

include "/etc/named.root.key";

[root@localhost named]# /etc/init.d/named restart

[root@localhost named]# cat /etc/resolv.conf 改DNS

# Generated by NetworkManager

nameserver 192.168.122.22

[root@localhost named]# dig aa.example.com 驗證，注意防火牆，selinux

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.10.rc1.el6 <<>> aa.example.com

;; global options: +cmd

;; Got answer:

;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 60551

;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1

;; QUESTION SECTION:

;aa.example.com. IN A

;; ANSWER SECTION:

aa.example.com. 86400 IN A 2.2.2.2

;; AUTHORITY SECTION:

example.com. 86400 IN NS example.com.

;; ADDITIONAL SECTION:

example.com. 86400 IN A 192.168.122.22

;; Query time: 1 msec

;; SERVER: 192.168.122.22#53(192.168.122.22)

;; WHEN: Sat Mar 16 21:37:25 2013

;; MSG SIZE rcvd: 78

主從DNS，

在主DNS中

[root@vm1 named]# vim /var/named/chroot/etc/named.conf

# listen-on port 53 { 192.168.122.11; }; 将這行用#注釋掉

allow-query { localhost ; localnets; }; 改為這個

forwarders { 192.168.122.1; };

/* Path to ISC DLV key */

zone "example.com"IN {

allow-transfer { 192.168.122.22; }; 從DNS的IP

also-notify { 192.168.122.22;};

[root@vm1 named]# /etc/init.d/named restart

從DNS配置，安裝包後，

[root@localhost slaves]# cat /etc/named.conf

// named.conf

// Provided by Red Hat bind package to configure the ISC BIND named(8) DNS

// server as a caching only nameserver (as a localhost DNS resolver only).

// See /usr/share/doc/bind*/sample/ for example named configuration files.

# listen-on port 53 { 127.0.0.1; };注釋掉

allow-query { localhost;localnets; }; 改成這個

zone "example.com"IN { 這幾行加在最後面

type slave;

masters { 192.168.122.11 ;};主DNS的IP

file "slaves/example.com.zone"; 生成檔案儲存位置

本文轉自 369藍寶 51CTO部落格，原文連結：http://blog.51cto.com/3739387/1156104，如需轉載請自行聯系原作者

linux 下僅緩存DNS的搭建

繼續閱讀

Apache (You don't have permission to access / on this server.）

debian9更新4.9.0核心到4.19.2核心過程

centOS7 配置 vsftpd 虛拟使用者及權限Vsftpd配置虛拟使用者及權限

linux-svn解除安裝與安裝

vsftp虛拟多使用者多權限一鍵部署腳本

Ubuntu14.04 LTS下安裝mongodb

httpd服務的部署、啟動、配置和簡單優化一、部署二、啟動三、配置檔案

配置網頁内容通路

手動安裝Intel network I217-LM網卡的Linux驅動

禁止ubuntu系統彈出報錯界面

Ubuntu Linux下Apache的配置檔案

samba伺服器的功能

【Linux】UDP廣播封包接收速率問題

Linux裝置模型（中）之上層容器

PowerPC平台 Linux移植三