- DNS安装包:rpm安装。前缀bind、dns配置caching-nameserver
- 检查安装文件rpm -qa | grep bind
- 打开/var/named/chroot/etc/,有两个文件named.caching-nameserver.conf 、named.rfc1912.zones
named.caching-nameserver.conf文件修改内容:参见红色字体
options {
listen-on port 53 { any; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
query-source port 53;
query-source-v6 port 53;
allow-query { any; };
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
view localhost_resolver {
match-clients { any; };
match-destinations { any; };
recursion yes;
include "/etc/named.rfc1912.zones";
};
named.rfc1912.zones 文件末尾添加以下内容:
zone "area.com" IN {
type master;
file "area.com.zone";
allow-update { none; };
};
zone "0.168.192.in-addr.arpa" IN {
type master;
file "192.168.0.zone";
allow-update { none; };
};
其中area.com是设置的域名。192.168.0.是域名对应的IP地址
area.com.zone是正向解析文件
192.168.0.zone是反向解析文件
4.打开/var/named/chroot/var/named,配置正反向解析文件
#cp -p localdomain.zone area.com.zone
#vim area.com.zone
$TTL 86400
@ IN SOA www.area.com. root.area.com. (
42 ; serial (d. adams)
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum
IN NS www.area.com.
www IN A 192.168.0.100 IN AAAA ::1
---------------------------------------------------------------------------
#cp -p named.local 192.168.0.zone
#vim 192.168.0.zone
$TTL 86400
@ IN SOA www.area.com. root.area.com. (
1997022700 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS www.area.com.
100 IN PTR www.area.com.
---------------------------------------------------------------------------
100指的是IP:192.168.0.100的最后一个数。IP地址是配置dns服务器的机器地址
5.
添加自己的机器进行域名解析
# 打开 /etc/hosts
127.0.0.1 localhost.localdomain localhost
#::1 localhost6.localdomain6 localhost6
192.168.0.100 www.area.com www
# 打开/etc/resolv.conf
nameserver 192.168.0.100
search area.com
6.配置selinux
输入 setup命令
弹出一个对话框。我们要进行的是防火墙配置,步骤如下:
选择“Firewall Configuration”---按 “Tab”键切换到“Run Tool”—回车—“Security Level”选项要在“Enabled”前面按一下“Tab”键---“SelLinux”选项要选“Disabled”—按一下“Tab”键---选中“Customize”---弹出新对话框---在“Other Port”栏目里输入“53:tcp 53:udp”—“OK”—返回上一个对话框—“OK”—对话框自动关闭。配置完成。
7.启动named
# service named start
# /etc/init.d/named start
8.测试
-------host----------
host 192.168.0.100 -> 0.168.192.in-addr.arpa domain name pointer www.area.com.
host www.area.com ->
www.area.com has address 192.168.0.100
www.area.com has IPv6 address ::1
---------nslookup--------------------------
[root@testserver named]# nslookup
> www.area.com
Server: 192.168.0.100
Address: 192.168.0.100#53
Name: www.area.com
Address: 192.168.0.100
> 192.168.0.100
Server: 192.168.0.100
Address: 192.168.0.100#53
100.0.168.192.in-addr.arpa name = www.area.com.
> exit
9.修改配置后记得重启
# service named restart
# /etc/init.d/named restart
10. 常见错误分析
<1>server can't find 100.0.168.192.in-addr.arpa:SERVFAIL
查看named.run文件,会提示“正反向解析文件没有权限”,修改正反向解析文件的属性。