zone "localhost.localdomain" IN {
typemaster;
file "named.localhost";
allow-update { none; };
};
# 本地查询的定义;
zone "localhost" IN {
typemaster;
file "named.localhost";
allow-update { none; };
};
# 本地查询的定义;
zone "1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN {
typemaster;
file "named.loopback";
allow-update { none; };
};
#ipv6的反向解析zone的定义;
zone "1.0.0.127.in-addr.arpa" IN {
typemaster;
file "named.loopback";
allow-update { none; };
};
#ipv4的反向解析zone的定义;
zone "0.in-addr.arpa" IN {
typemaster;
file "named.empty";
allow-update { none; };
};
//下为我自己添加的zone;
zone "mysite.com" IN {
typemaster;//master,主DNS服务器;slave,铺助DNS服务器;forward,转发服务器;
file "mysite.com.zone";
//zone文件名;
allow-update { none; };
};
zone文件的说明
此文件定义了域名解析的主要内容:IP与域名的对应关系;
zone文件的group应修改为named,否则named服务无法读取你的zone文件;
以下面的内容为例,此内容为我为本次实验专门编写的;
文件名为mysite.com.zone;(mysite.com是站点域名。)
$ORIGIN mysite.com. ; Domain name
$TTL 86400;Time to Live (TTL)
// TTL,其他服务器缓存本服务器查询记录的保存时间;
@ IN SOA dns1.mysite.com. admin_mail.example.com. (
// @用于取代$ORIGIN,否则为zone文件名;
// IN为关键字;
// dns1.mysite.com. 主DNS服务器名,注意最后必须以“.”结尾;
// admin_mail.example.com. 管理员邮箱地址admin_mail@example.com;
// 必须以"."结尾,且管理员名后用"."取代"@";
2016010201; serial21600; refresh after 6 hours, or 6H3600; retry after 1 hour, or 1H604800; expire after 1 week, or 1W86400; minimum TTL of 1 day, or 1D
)
// SOA记录,Start of Authority,授权开始记录,必须是第一条;
// SOA的值(value)必须放在“()”内,各种值的内容见其注释;
;;IN NS dns1.mysite.com.
IN NS dns2.mysite.com.
// NS记录,指定DNS服务器名;
IN MX 10 mail1.mysite.com.
IN MX 20 mail2.mysite.com.
// MX记录,指定mail exchange服务器名;
;;
dns1 IN A 192.168.1.108
dns2 IN A 192.168.1.109
// A记录,指定DNS服务器的IP;
mail1 IN A 192.168.1.110
mail2 IN A 192.168.1.111
// A记录,指定邮件服务器的IP;
;;
www IN A 192.168.1.116IN A 192.168.1.118
// A记录;
// 指定www服务器的IP,系统会自动根据$ORIGIN补全服务器名;
;;
web IN CNAME www
// CNAME记录,指定web为www的别名,即“web.mysite.com”=“www.mysite.com”
;. IN CNAME www
// 一条错误的CNAME记录,被我注释掉了;
zone "mysite.com"IN {
type master;
file "mysite.com.zone";
allow-update { none; };
};
在/var/named/目录下创建mysite.com.zone文件:
$ORIGIN mysite.com. ; Domain name
$TTL 86400;Time to Live (TTL)
@ IN SOA dns1.mysite.com. admin_mail.example.com. (
2016010201; serial21600; refresh after 6 hours, or 6H3600; retry after 1 hour, or 1H604800; expire after 1 week, or 1W86400; minimum TTL of 1 day, or 1D
)
;;IN NS dns1.mysite.com.
IN NS dns2.mysite.com.
IN MX 10 mail1.mysite.com.
IN MX 20 mail2.mysite.com.
;;
dns1 IN A 192.168.1.108
dns2 IN A 192.168.1.109
mail1 IN A 192.168.1.110
mail2 IN A 192.168.1.111;;
www IN A 192.168.1.116IN A 192.168.1.118;;
web IN CNAME www
;. IN CNAME www;;
(注意此zone与主DNS服务器中的定义不同之处。)
zone "mysite.com" IN {
type slave;
file "slaves/mysite.com";
# 文件存放目录为/var/named/slaves/mysite.com(自动同步生成。)
masters { 192.168.1.108; };
# 主DNS服务器IP;
};
测试铺助DSN服务器(192.168.1.109):
[root@mylinux7 ~]# dig -t A web.mysite.com @192.168.1.109; <<>> DiG 9.9.4-RedHat-9.9.4-29.el7_2.1 <<>> -t A web.mysite.com @192.168.1.109;; global options: +cmd;; Got answer:;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 40762;; flags: qr aa rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 2, ADDITIONAL: 3;; OPT PSEUDOSECTION:; EDNS: version: 0, flags:; udp: 4096;; QUESTION SECTION:;web.mysite.com. IN A;; ANSWER SECTION:
web.mysite.com. 86400IN CNAME www.mysite.com.
www.mysite.com. 86400IN A 192.168.1.118
www.mysite.com. 86400IN A 192.168.1.116;; AUTHORITY SECTION:
mysite.com. 86400IN NS dns2.mysite.com.
mysite.com. 86400IN NS dns1.mysite.com.
;; ADDITIONAL SECTION:
dns1.mysite.com. 86400IN A 192.168.1.108
dns2.mysite.com. 86400IN A 192.168.1.109;; Query time: 1 msec;; SERVER: 192.168.1.109#53(192.168.1.109);; WHEN: Sat Jan 02 18:00:23 EST 2016;; MSG SIZE rcvd: 163
测试铺助DNS服务器与主DNS服务器之间的同步:
修改主DNS服务器zone文件:
......
@ IN SOA dns1.mysite.com. admin_mail.example.com. (
2016010202; serial# 修改序列号;
......
ftp IN A 192.168.1.112IN A 192.168.1.113# 添加ftp记录;
......
[root@dns1 ~]# rndc reload
查看铺助DNS服务器的自动更新的zone:
$ORIGIN .
$TTL 86400; 1 day
mysite.comIN SOA dns1.mysite.com. admin_mail.example.com. (
2016010202; serial# 此为更新内容;21600; refresh (6 hours)3600; retry (1 hour)604800; expire (1 week)86400; minimum (1 day)
)
NS dns1.mysite.com.
NS dns2.mysite.com.
MX 10 mail1.mysite.com.
MX 20 mail2.mysite.com.
$ORIGIN mysite.com.
dns1 A 192.168.1.108
dns2 A 192.168.1.109
ftp A 192.168.1.112
A 192.168.1.113# 上面两条为更新内容;
mail1 A 192.168.1.110
mail2 A 192.168.1.111
web CNAME www
www A 192.168.1.116
A 192.168.1.118
试验三:在主DNS服务器上设置反向解析
修改named.rfc1912.zones文件, 添加如下内容:
zone "1.168.192.in-addr.arpa"IN {
type master;
file "1.168.192.in-addr.arpa.zone";
allow-update { none; };
};
注意:1.168.192是192.168.1的反写;
创建1.168.192.in-addr.arpa.zone文件:
$ORIGIN 1.168.192.in-addr.arpa.
# 1.168.192是192.168.1的反写,后面接“.in-addr.arpa.”。
$TTL 86400;Time to Live (TTL)
@ IN SOA dns1.mysite.com. admin_mail.example.com. (
2016010201; serial21600; refresh after 6 hours, or 6H3600; retry after 1 hour, or 1H604800; expire after 1 week, or 1W86400; minimum TTL of 1 day, or 1D
)
;;IN NS dns1.mysite.com.
IN NS dns2.mysite.com.
# NS记录;;;108IN PTR dns1.mysite.com.
109IN PTR dns2.mysite.com.
110IN PTR mail1.mysite.com.
111IN PTR mail2.mysite.com.
# 首列数字为IP;# 反向解析用的是PTR记录;;;116IN PTR www.mysite.com.
118IN PTR www.mysite.com.
112IN PTR ftp.mysite.com.
113IN PTR ftp.mysite.com.