operation system:hiweed debian version:2.6
架设dns服务器所需要的dns软件是:bind9
Bind 简介
Bind是使用最广泛的Domain Name Server,它是Berkeley Internet Name Domain
Service的简写,伯克里大学编写的。这个大学可真厉害,写了不少著名程序。
原本bind的版本一直在 4.8.x 4.9.x 左右,后来一口气跳到8.1.x,是因为大幅度
改进了功能,并修复了漏洞。现在bind有两个版本在同时发展,bind 8.x 和 bind
9.x,最新版本是8.3.3和9.2.1
安装有两种方法:全命令和借助工具软件#apt-get install webmin webmin-bind
第一种方法的第一步:apt-get install bind9
第二步:安装完毕后,用命令whereis bind可以发现bind安装在/etc/bind目录下,
进入/etc/bind目录,看到目录下有这些文件:
db.0
db.127
db.255
db.empty
db.local
db.root
named.conf
named.conf.local
named.conf.options
rndc.key
其中的关键文件是named.conf,我们可以查看它的内容:
// This is the primary configuration file for the BIND DNS server named.
//
// Please read /usr/share/doc/bind9/README.Debian.gz for information on
the
// structure of BIND configuration files in Debian, *BEFORE* you
customize
// this configuration file.
//
// If you are just adding zones, please do that in
/etc/bind/named.conf.local
include "/etc/bind/named.conf.options";
// prime the server with knowledge of the root servers
zone "." {
type hint;
file "/etc/bind/db.root";
};
// be authoritative for the localhost forward and reverse zones, and for
// broadcast zones as per RFC 1912
zone "localhost" {
type master;
file "/etc/bind/db.local";
};
zone "127.in-addr.arpa" {
type master;
file "/etc/bind/db.127";
};
zone "0.in-addr.arpa" {
type master;
file "/etc/bind/db.0";
};
zone "255.in-addr.arpa" {
type master;
file "/etc/bind/db.255";
};
include "/etc/bind/named.conf.local";
我们注意到此文件include 两个文件"/etc/bind/named.conf.options"和
"/etc/bind/named.conf.local",此外是一些DNS解析区域及其记录文件。在此文件
的注释里提示,如果要增加区域的话,可以编辑/etc/bind/named.conf.local。
文件/etc/bind/named.conf.options的内容如下:
options {
directory "/var/cache/bind";
// If there is a firewall between you and nameservers you want
// to talk to, you might need to uncomment the query-source
// directive below. Previous versions of BIND always asked
// questions using port 53, but BIND 8.1 and later use an unprivileged
// port by default.
// query-source address * port 53;
// If your ISP provided one or more IP addresses for stable
// nameservers, you probably want to use them as forwarders.
// Uncomment the following block, and insert the addresses replacing
// the all-0's placeholder.
// forwarders {
// 0.0.0.0;
// };
auth-nxdomain no; # conform to RFC1035
};
文件/etc/bind/named.conf.local的内容如下,基本没有内容:
//
// Do any local configuration here
//
// Consider adding the 1918 zones here, if they are not used in your
// organization
//include "/etc/bind/zones.rfc1918";
从以上内容可以看出,除DNS的本地域名外,其它部分已经正常。要增加本地域名解
析只要编辑/etc/bind/named.conf.local,并增加相应记录文件即可。本目录下的其
它文件不必更改。
每三步:假定一个实验环境:让本身这台linux机子配置成为dns服务器,好让本身这台
linux配置的apache ftp等,可以通过其它机子不用直接输入ip地址而是输入相应的
域名就能够访问.eg:本身这台linux机子已经配置成功,可以用
http://172.15.31.192就可以打开apache相应的页面.而我要想用www.qq.com来打开
这个页面.
第四步:修改/etc/resolve.conf的内容如下:
domain com.
nameserver 172.15.31.192
第五步:cd /etc/bind/
vi named.conf.local
在里面增加以下内容:
zone "com" {
type master;
file "/var/cache/bind/com.txt";
};
zone "15.172.in-addr.arpa" {
type master;
file "/var/cache/bind/172.15.txt";
};
好保存退出以后,重新启动一下dns
cd /etc/init.d
./bind9 stop
./bind9 start
重新启动以后,再在/var/cache/bind 增加以下两个文件,如果有的话,就不用手动增
加,如果没有就手动增加,这两个文件分别是:com.txt 和 172.15.txt
vi com.txt 在里面增加如下内容:
$ttl 38400
com. IN SOA
qq.com. gxdguan714.163.com. (
1039102090
10800
3600
604800
38400 )
com. IN NS qq.com
www.qq.com. IN A 172.15.31.192
www.sina.com. IN A 172.15.31.192
www.google.com. IN A 172.15.31.192
www.guan.com. IN A 172.15.0.103
www.xiao.com IN A 172.15.31.191
vi 172.15.txt在里面增加如下内容:
$ttl 38400
15.172.in-addr.arpa. IN SOA qq.com. gxdguan714.163.com. (
1039102453
10800
3600
604800
38400 )
15.172.in-addr.arpa. IN NS qq.com.
192.31.15.172.in-addr.arpa. IN PTR www.qq.com.
192.31.15.172.in-addr.arpa. IN PTR www.google..com.
103.0.15.172.in-addr.arpa. IN PTR www.guan.com.
191.31.15.172.in-addr.arpa. IN PTR www.xiao.com.
好保存退出以后,重新启动一下dns
cd /etc/init.d
./bind9 stop
./bind9 start
下面我们就可以用www.qq.com 打开172.15.31.192里面相关的网页,也可以用
www.xiao.com打开172.15.31.191里面相关的见面,哈哈,是不是很不错了呢?
第二种方法,是用#apt-get install webmin webmin-bind,把webmin webmin-bind软
件安装好以后,我们就可以在浏览器中输入https://localhost:10000,打开web来相
应的配置dns.