关于bind的搭建配置,网上有很多文章,也写得很详尽。我在搭建的过程中遇到了些问题,特意记录下来。
总的来说注意3个点:
使用yum安装bind,配置文件都在/var/named/chroot下.默认可能在/etc下有named.conf和named.rfc1912.zones,把这两个文件移动到/var/named/chroot/etc/下,做软链到/etc下
防火墙要开放tcp和udp的53端口
配置文件的权限为named
安装
yum install caching-nameserver* bind-chroot*
配置
配置主要就四个文件:
named.conf
named.rfc1912.zones
正向解析test.net.zone
反向解析111.33.168.192.local
named.conf文件,路径如下:
/etc/named.conf -> /var/named/chroot/etc/named.conf
配置内容如下,这里注意listen-on port,allow-query都要设置为any或者允许使用这个DNS服务器的网段。
options {
listen-on port 53 { any;};
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { any;};
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
view localhost_resolver {
match-clients { any;};
match-destinations { any;};
recursion yes;
include "/etc/named.rfc1912.zones";
};
named.rfc1912.zones配置文件,路径同上:
/etc/named.rfc1912.zones -> /var/named/chroot/etc/named.rfc1912.zones
在改文件末尾添加正向解析和反向解析,例如:
zone "test.net" IN {
type master;
file "test.net.zone";
allow-update { none; };
};
zone "111.33.168.192.in-addr.arpa" IN {
type master;
file "111.33.168.192.local";
allow-update { none; };
};
正向解析文件test.net.zone,路径如下:
/var/named/chroot/var/named/test.net.zone
内容如下:
$TTL 86400
@ IN SOA dns.test.net. root.test.net. (
42 ; serial (d. adams)
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum
IN NS dns.test.net.
dns IN A 192.168.33.111
www IN A 192.168.33.111
web IN A 192.168.33.111
反向解析文件111.33.168.192.local,路径如下:
/var/named/chroot/var/named/t111.33.168.192.local
内容如下:
$TTL 86400
@ IN SOA dns.test.net. root.test.net. (
1997022700 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS dns.test.net.
1 IN PTR www.test.net.
到这里配置就完成了,使用named-chkconfig 检查下配置是否正确,如无报错,即可启动named服务了。
开放防火墙
最后如果服务器开启了防火墙,记得把tcp,udp的53端口号开放。