CentOS 7 DNS服务配置
1.安装DNS服务组件
[root@localhost ~]# yum -y install bind
这里已将对应的依赖关系的组件都安装好了
2.配置DNS服务文件
进入etc文件夹中查找named文件
[root@localhost etc]# ls named*
named-chroot.files named.iscdlv.key named.root.key
named.conf named.rfc1912.zones
named:
编辑named.conf文件,将原本的监听端口改为any
注释logging区域
/*
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
*/
在文件最后添加我们的正反向解析文件
zone "0.in-addr.arpa" IN {
type master;
file "named.empty";
allow-update { none; };
};
zone "example.com" IN {
type master;
file "example.com";
allow-update { none; };
};
zone "25.168.192.in-addr.arpa" IN {
type master;
file "192.168.26.zone";
allow-update { none; };
};
将named.localhost复制出两个文件,分别对应正反区域文件“example.com"和192.168.26.zone“,这样省下了编辑SOA的一些常规参数
[root@localhost named]# cp -a named.localhost example.com
[root@localhost named]# cp -a named.localhost 192.168.26.zone
配置正反向区域文件
正向文件配置
vim example.com
$TTL 1D
@ IN SOA example.com. rname.invalid. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
@ NS master.example.com.
mater A 192.168.26.128
AAAA ::1
www CNAME master
ftp CNAME master
smtp A 192.168.26.11
mail A 192.168.26.12
@ MX 10 mail
~
反向文件配置
vim 192.168.26.zone
$TTL 1D
@ IN SOA master.exmaple.com. rname.invalid. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
@ NS master.example.com.
128 PTR master.example.com.
11 PTR smtp.example.com.
12 PTR mail.example.com.
重启DNS服务
配置好我们的DNS服务器
vim /etc/sysconfig/network-scripts/ifcfg-ens33
TYPE="Ethernet"
PROXY_METHOD="none"
BROWSER_ONLY="no"
BOOTPROTO="static"
DEFROUTE="yes"
IPV4_FAILURE_FATAL="no"
IPV6INIT="yes"
IPV6_AUTOCONF="yes"
IPV6_DEFROUTE="yes"
IPV6_FAILURE_FATAL="no"
IPV6_ADDR_GEN_MODE="stable-privacy"
NAME="ens33"
UUID="c5fe79f2-77d7-4431-9814-79f6646b6083"
DEVICE="ens33"
ONBOOT="yes"
IPADDR="192.168.26.128"
NETMASK="255.255.255.0"
GATEWAY="192.168.26.2"
DNS1="192.168.26.128"
DNS2="8.8.8.8"
这里检查一下我们的配置有没有出错
named-checkconf -z /etc/named.rfc1912.zones
[root@localhost named]# named-checkconf -z /etc/named.rfc1912.zones
zone localhost.localdomain/IN: loaded serial 0
zone localhost/IN: loaded serial 0
zone 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN: loaded serial 0
zone 1.0.0.127.in-addr.arpa/IN: loaded serial 0
zone 0.in-addr.arpa/IN: loaded serial 0
zone example.com/IN: NS 'master.example.com' has no address records (A or AAAA)
zone example.com/IN: not loaded due to errors.
_default/example.com/IN: bad zone
zone 25.168.192.in-addr.arpa/IN: loaded serial 0
这里example.com文件出错了,发现是master写成来了mater,改过来之后重启DNS服务
systemctl restart named
测试DNS服务配置
测试前主机的DNS服务器地址记得设置成刚写好的地址
[root@master ~]# nslookup
> www.example.com
Server: 192.168.26.128
Address: 192.168.26.128#53
www.example.com canonical name = master.example.com.
Name: master.example.com
Address: 192.168.26.128
Name: master.example.com
Address: ::1
> ftp.example.com
Server: 192.168.26.128
Address: 192.168.26.128#53
ftp.example.com canonical name = master.example.com.
Name: master.example.com
Address: 192.168.26.128
Name: master.example.com
Address: ::1
> 192.168.128
Server: 192.168.26.128
Address: 192.168.26.128#53
在win2003上测试 一下,先关CentOS的防火墙service firewalld stop
测试成功