RedHat_(centos5.5)DNS詳細配置說明
@主DNS伺服器配置
一、前期準備工作
centos 5.5 能上網
二、加載資料包
yum -y install caching-nameserver* bind-chroot*
是以加載了資料包會有以下這些目錄
chroot localdomain.zone named.broadcast named.ip6.local named.zero
data localhost.zone named.ca named.local slaves
三、進行主檔案配置
1、cd /var/named/chroot/etc
cp -p named.caching-nameserver.conf named.conf
要加-p 因為在複制的時候可以擁有所有權限
2、修改named.conf檔案,内容如下。
options {
listen-on port 53 { any; }; #指定BIND偵聽的本機IP位址53端口收到的DNS查詢請求
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
// Those options should be used carefully because they disable port
// randomization
// query-source port 53;
// query-source-v6 port 53;
allow-query { any; }; #接收任何用戶端的DNS查詢請求
allow-query-cache { localhost; };
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
view localhost_resolver {
match-clients { any; }; #指定目前view處理源和目标任意的查詢請求
match-destinations { any; }; #指定目前view處理源和目标任意的查詢請求
recursion yes;
include "/etc/named.zones"; #這一處要跟後面的named.zones的檔案相對應
};
這裡隻是講述基本功能的實作,沒有考慮安全性的問題,從安全角度來說在指 定 IP位址集合時最好還是明确指定IP位址或網段,而不要使用“any".
3、cp -p named.rfc1912.zones named.zones
修改named.zones文檔的相應需求,在該文檔的最後添加如下修改過的相應需求
zone "example123.com" IN {
type master;
file "example123.com.zero";
allow-transfer { 192.10.10.55; }; #轉發到輔助伺服器去
allow-update { none; };
}; #正向解析區域
zone "100.168.192.in-addr.arpa" IN {
file "100.168.192.local";
allow-transfer { 192.10.10.55; }; #轉發到輔助伺服器去
}; #反向解析區域
4、對正向區域的配置如下
cd /var/named/chroot/var/named
進行這樣的複制與配置
cp -p named.zero example123.com.zero
cp -p named.local 100.168.192.local
修改正向檔案的需求example123.com.zero檔案,内容如下。
$TTL 86400
@ IN SOA dns.example123.com. root.example123.com. (
42 ; serial (d. adams)
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum
IN NS dns.example123.com.
IN MX 10 mail.example123.com.
mail IN A 192.168.100.127
dns IN A 192.168.100.127
www IN CNAME web.example123.com.
web.example123.com. IN A 192.168.100.127
修改反向檔案的需求100.168.192.local檔案,内容如下。
$TTL 86400
@ IN SOA dns.example123.com. root.example123.com. (
1997022700 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS dns.example123.com.
127 IN PTR mail.example123.com.
127 IN PTR web.example123.com.
經過以上的這些配置,正向區域和反向區域已經配置好了,但是還需要做一些工作
四、修改一些配置
vi /etc/hosts
# Do not remove the following line, or various programs
# that require network functionality will fail.
127.0.0.1 example123.com localhost
::1 localhost6.localdomain6 localhost6
192.168.100.127 mail.example123.com
127.0.0.1 www.example123.com
192.168.100.127 www.example123.com
五、修改/etc/resolv.conf
vi /etc/resolv.conf
; generated by /sbin/dhclient-script
nameserver 192.168.100.127
#nameserver 202.96.134.133
六、一個完整的DNS伺服器就成功建構起來了
啟動:service named restart
七、測試結果如下
正向測試
C:\Documents and Settings\Administrator>nslookup www.example123.com
Server: web.example123.com
Address: 192.168.100.127
Name: web.example123.com
Aliases: www.example123.com
反向測試
C:\Documents and Settings\Administrator>nslookup 192.168.100.127
Server: mail.example123.com
@輔助伺服器配置
@輔助伺服器的工作,主要是分擔主伺服器的解析工作,詳細資訊請看下面配置。
一、安裝資料包和主伺服器的一樣,其實配置什麼資訊都差不多
2、修改named.conf檔案,内容如下。(這個文檔中的那句轉發指令是在主伺服器配置的)
allow-transfer { 192.168.100.147; }; #轉發指定到要做輔助DNS的伺服器上面去
zone "example123.com" IN {
type slave;
masters { 192.168.100.127; };
file "slaves/example123.com.zero";
#正向解析區域
zone "100.168.192.in-addr.arpa" IN {
file "slaves/100.168.192.local";
};
#反向解析區域
mail IN A 192.168.100.147
dns IN A 192.168.100.147
web.example123.com. IN A 192.168.100.147
147 IN PTR mail.example123.com.
147 IN PTR web.example123.com.
192.10.10.127 ns1.example123.com
192.10.10.147 ns2.example123.com
nameserver 192.168.100.147
nameserver 192.168.100.127
2、vi /etc/sysconfig/network
NETWORKING=yes
NETWORKING_IPV6=yes
HOSTNAME=ns2.example.com #設定主機名
GATEWAY=192.168.100.254
Address: 192.168.100.147
![hualinux1.20 基礎:sendEmail安裝及郵件發送[圖]](data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=)