vim /etc/named.conf #编辑配置文件#对内容进行以下修改
listen-on port 53 { any;};#53端口监听任意地址
allow-query { any;};#允许任意地址的请求
recursion no;#关闭递归,提高速率
dnssec-enable no;#关闭安全检查,实验环境无需开启
vim /etc/named.rfc1912.zones #编辑区域配置文件#在文件最下方添加以下内容
zone "yu.com" IN {#添加正解区域type master;file"named.yu.com";
allow-transfer{ 192.168.14.14;};};
zone "14.168.192.in-addr.arpa" IN {#添加反解区域type master;file"named.192.168.14";
allow-transfer{ 192.168.14.14;};};cp /var/named/named.localhost /var/named/named.yu.com #复制此文件作为正解文件模板
vim /var/named/named.yu.com #编辑正解文件#内容模板如下$TTL 1D
@ IN SOA @ rname.invalid. (
1 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ); minimum
@ IN NS dns1.yu.com.
@ IN NS dns2.yu.com.
dns1.yu.com. IN A 192.168.14.14
dns2.yu.com. IN A 192.168.14.24
dns3.yu.com. IN A 192.168.14.12
cp /var/named/named.yu.com /var/named/named.192.168.14 #编辑此内容为反解文件模板
vim /var/named/named.192.168.14 #编辑反解文件#文件内容模板如下$TTL 1D
@ IN SOA @ rname.invalid. (
1 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ); minimum
@ IN NS dns1.yu.com.
@ IN NS dns2.yu.com.
dns1.yu.com. IN A 192.168.14.14
dns2.yu.com. IN A 192.168.14.24
14 IN PTR dns1.yu.com.
12 IN PTR dns3.yu.com.
24 IN PTR dns2.yu.com.
5.启动服务与排错
systemctl restart named
vim /var/named/data/named.run #打开named服务的启动日志#发现以下关键语句
zone yu.com/IN: loading from master file named.yu.com failed: permission denied #说明文件没有权限,这是因为启动服务时是由named这个系统用户来读取配置文件的,而我们文件权限是root
ll /var/named/
-rw-r----- 1 root root 229 Feb 4 15:20 named.yu.com
chown .named /var/named/named.yu.com #修改文件权限
timedatectl set-timezone Asia/Shanghai #时区修改为上海
ntpdate cn.pool.ntp.org #同步时间
4 Feb 14:53:30 ntpdate[1488]: step time server 119.28.206.193 offset 435078.691668 sec #输入命令后的输出内容date#查看时间
Tue Feb 4 14:53:37 CST 2020 #输入命令后的输出内容
3.编辑正反解相关文件
vim /etc/named.conf #编辑配置文件#对内容进行以下修改
listen-on port 53 { any;};#53端口监听任意地址
allow-query { any;};#允许任意地址的请求
recursion no;#关闭递归,提高速率
dnssec-enable no;#关闭安全检查,实验环境无需开启
vim /etc/named.rfc1912.zones #编辑区域配置文件#在文件最下方添加以下内容
zone "yu.com" IN {type slave;file"slaves/named.yu.com";
masters{ 192.168.14.24;};};
zone "14.168.192.in-addr.arpa" IN {type slave;file"slave/named.192.168.14";
masters{ 192.168.14.24;};};
systemctl restart named #启动服务
第三部分:测试
dig dns1.yu.com @192.168.14.24
dig dns1.yu.com @192.168.14.14
#得到以下关键信息;; ANSWER SECTION:
dns1.yu.com. 86400 IN A 192.168.14.14
;; AUTHORITY SECTION:
yu.com. 86400 IN NS dns1.yu.com.
yu.com. 86400 IN NS dns2.yu.com.