1、bind 安装
yum install bind bind-chroot -y
2、配置文件
/etc/named.conf
"""区域数据库文件"""
/var/named/chroot
/var/named/data
/var/named/dynamic
/var/named/named.ca
/var/named/named.empty
/var/named/named.localhost
/var/named/named.loopback
/var/named/slaves
3、使用chroot模式
cp -p /etc/named.conf /var/named/chroot/etc/
cp -p /var/named/named.* /var/named/chroot/var/named/
4、主配置文件
options {
// 修改ip地址
listen-on port 53 { 192.168.19.15; };
directory "/var/named"; // 相对路径使用chroot= /var/named/chroot/var/named/
// 允许别人访问
allow-query { any; };
recursion yes; // 递归查询
pid-file "/run/named/named.pid";
session-keyfile "/run/named/session.key";
};
zone "." IN {
type hint;
file "named.ca";
};
// include "/etc/named.rfc1912.zones";
// include "/etc/named.root.key";
5、启动
named-checkconf /var/named/chroot/etc/named.conf
systemctl enable named-chroot.service
systemctl start named-chroot.service
mv /usr/lib/systemd/system/named.service /opt/
6、正向解析
A 增加域
zone "baidu.com" IN {
type master;
file "baidu.com.zone";
}
B 增加配置文件
$TTL 3H
baidu.com. IN SOA ns1.baidu.com. rname.invalid. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS ns1.baidu.com.
ns1 A 192.168.19.15
www A 192.168.19.10
news CNAME www
// #修改文件权限chgrp named /var/named/chroot/var/named/baidu.com.zone
C 检测zone文件
named-checkzone baidu.com /var/named/chroot/var/named/baidu.com.zone
D 重启dns
systemctl restart named-chroot
E 测试
[root@xxx named]# nslookup www.baidu.com
Server: 192.168.19.15
Address: 192.168.19.15#53
Name: www.baidu.com
Address: 192.168.19.10
[root@xxx named]# nslookup news.baidu.com
Server: 192.168.19.15
Address: 192.168.19.15#53
news.baidu.com canonical name = www.baidu.com.
Name: www.baidu.com
Address: 192.168.19.10