Linux DNS服务配置:
 
1.  安装; 需要下面两个包
bind-9.3.6-4.P1.el5.i386.rpm
bind-chroot-9.3.6-4.P1.el5.i386.rpm
[root@test Server]# rpm -ivh bind-9.3.6-4.P1.el5.i386.rpm
warning: bind-9.3.6-4.P1.el5.i386.rpm: Header V3 DSA signature: NOKEY, key ID 37017186
Preparing...                ########################################### [100%]
   1:bind                   ########################################### [100%]
[root@test Server]# rpm -ivh bind-chroot-9.3.6-4.P1.el5.i386.rpm
warning: bind-chroot-9.3.6-4.P1.el5.i386.rpm: Header V3 DSA signature: NOKEY, key ID 37017186
Preparing...                ########################################### [100%]
   1:bind-chroot            ########################################### [100%]
<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" />

 

2.  安装成功后,bind9的程序目录存放在 var/named中,由于RadHat安全性考虑,使用chroot环境,所有真正的程序在/var/named/chroot/下。默认没有主配置文件,然后先创建一个:
[root@test etc]# vi named.conf

 

# /etc/named.conf
#
# Template file for BIND labs.
# Remember to replace each X with your stu number!
# Please note three different comment styles are used for
# illustrative purposes .ly

 

options {
        directory "/var/named";
        allow-query { any; };
        listen-on { any; };
        recursion yes;
        version "Hello!";
};

 

#include "/etc/rndc.key";
controls {
        inet 127.0.0.1 allow { localhost; } keys { rndckey; };
};

 

 zone "." {
        type hint;
        file "named.root";
};
3.  获取named.root,上层顶级域(GTLD)的服务器地址。
cd  /var/named/chroot/var/named
wget  ftp//ftp.rs.internic.net/domain/named.root  #如果没有这个文件,named是启动不了的。
4.  启动named
[root@test named]# /etc/init.d/named start
启动 named[确定]
如果系统中有named服务或/var/log/messages的日志显示bind正常启动那么一台DNS缓存服务器就建立成功了。

[root@test named]# ps -ef |grep na*

root     15672 15372  0 16:15 pts/2    00:00:00 grep named.root  

或者如下:

[root@test named]# tail -f /var/log/messages

Oct 27 16:11:42 test named[15652]: found 2 CPUs, using 2 worker threads

Oct 27 16:11:42 test named[15652]: using up to 4096 sockets

Oct 27 16:11:42 test named[15652]: loading configuration from '/etc/named.conf'

Oct 27 16:11:42 test named[15652]: using default UDP/IPv4 port range: [1024, 65535]

Oct 27 16:11:42 test named[15652]: using default UDP/IPv6 port range: [1024, 65535]

Oct 27 16:11:42 test named[15652]: listening on IPv4 interface lo, 127.0.0.1#53

Oct 27 16:11:42 test named[15652]: listening on IPv4 interface eth0, 192.168.100.4#53

Oct 27 16:11:42 test named[15652]: command channel listening on 127.0.0.1#953

Oct 27 16:11:42 test named[15652]: the working directory is not writable

Oct 27 16:11:42 test named[15652]: running

5.  测试域名

接下来我们模拟一个顶级com域(yanglei.com),配置邮件路由记录,地址解析记录,spf记录,当然这些解析只限于这台DNS服务器,这些记录在互联网中没有效果,但是适用于企业内部适用。

  首先添加yanglei.com这个域名的区域:  红色部分表示新添加的域名。

 [root@test etc]# vi named.conf

 

# /etc/named.conf

#

# Template file for BIND labs.

# Remember to replace each X with your stu number!

# Please note three different comment styles are used for

# illustrative purposes .ly

 

options {

        directory "/var/named";

        allow-query { any; };

        listen-on { any; };

        recursion yes;

        version "Hello!";

};

 

#include "/etc/rndc.key";

controls {

        inet 127.0.0.1 allow { localhost; } keys { rndckey; };

};

 

 zone "." {

        type hint;

        file "named.root";

};

 

zone "yanglei.com" {

      type master;

      file "yanglei.com.zone";

};

 

       Type代表这个区域的类型,比如master代表此域名为主域,slave则为辅域。File代表这个区域的数据存放目录,编辑这个文件,添加各种AMX等记录。添加如下:
      [root@test etc]# vi /var/named/chroot/var/named/yanglei.com.zone

 

$TTL    3h
@               IN SOA  ns1.yanglei.com.  admin.yanglei.com. (
                                        2008120806      ; serial (d. adams)
                                        3H              ; refresh
                                        15M             ; retry
                                        1W              ; expiry
                                        1D )            ; minimum
 
                IN NS           ns1.yanglei.com.
 
ns1.yanglei.com. IN A 192.168.100.200
 
;Mail Server
yanglei.com. IN MX 5 mail.haha.com.
mail.yanglei.com. IN A 192.168.100.65
www.yanglei.com  IN A 192.168.100.65
SPF记录
yanglei.com  IN TXT v=spfl  ipv4:192.168.100.65    -all

 

$TTL 3h 代表该域名否定时间,即3个小时后,下面记录会全部失效,其他DNS服务器会重新查询该域名记录。
ns1.yanglei.com 实际是邮箱地址:admin@yanglei.com,域的管理员联系地址。
MX记录设置逻辑是首先MX记录指向某域名,某域名在设置A记录指向具体服务器的IP地址。

 

主域名   INinternet MXmail exchanger    5 (优先级)  xx.主域名
xx.主域名   INinternet  Aaddress

 

6.  重启named服务
[root@test etc]# /etc/init.d/named restart
停止 named[确定]
启动 named[确定]
       查看/var/log/messages ,出现如下,表示配置成功
[root@test etc]# tail -f /var/log/messages
Oct 27 16:11:42 test named[15652]: adjusted limit on open files from 1024 to 1048576
Oct 27 16:11:42 test named[15652]: found 2 CPUs, using 2 worker threads
Oct 27 16:11:42 test named[15652]: using up to 4096 sockets
Oct 27 16:11:42 test named[15652]: loading configuration from '/etc/named.conf'
Oct 27 16:11:42 test named[15652]: using default UDP/IPv4 port range: [1024, 65535]
Oct 27 16:11:42 test named[15652]: using default UDP/IPv6 port range: [1024, 65535]
Oct 27 16:11:42 test named[15652]: listening on IPv4 interface lo, 127.0.0.1#53
Oct 27 16:11:42 test named[15652]: listening on IPv4 interface eth0, 192.168.100.4#53
Oct 27 16:11:42 test named[15652]: command channel listening on 127.0.0.1#953
Oct 27 16:11:42 test named[15652]: the working directory is not writable
Oct 27 16:11:42 test named[15652]: running
Oct 27 16:50:18 test named[15652]: shutting down: flushing changes
Oct 27 16:50:18 test named[15652]: stopping command channel on 127.0.0.1#953
Oct 27 16:50:18 test named[15652]: no longer listening on 127.0.0.1#53
Oct 27 16:50:18 test named[15652]: no longer listening on 192.168.100.4#53
Oct 27 16:50:18 test named[15652]: exiting
Oct 27 16:50:21 test named[15795]: starting BIND 9.3.6-P1-RedHat-9.3.6-4.P1.el5 -u named -t /var/named/chroot
Oct 27 16:50:21 test named[15795]: adjusted limit on open files from 1024 to 1048576
Oct 27 16:50:21 test named[15795]: found 2 CPUs, using 2 worker threads
Oct 27 16:50:21 test named[15795]: using up to 4096 sockets
Oct 27 16:50:21 test named[15795]: loading configuration from '/etc/named.conf'
Oct 27 16:50:21 test named[15795]: using default UDP/IPv4 port range: [1024, 65535]
Oct 27 16:50:21 test named[15795]: using default UDP/IPv6 port range: [1024, 65535]
Oct 27 16:50:21 test named[15795]: listening on IPv4 interface lo, 127.0.0.1#53
Oct 27 16:50:21 test named[15795]: listening on IPv4 interface eth0, 192.168.100.4#53
Oct 27 16:50:21 test named[15795]: command channel listening on 127.0.0.1#953
Oct 27 16:50:21 test named[15795]: the working directory is not writable
Oct 27 16:50:21 test named[15795]: zone yanglei.com/IN: loaded serial 2008120806
Oct 27 16:50:21 test named[15795]: running
配置完成了。在本机上测试一下:
[root@test named]# ping www.yanglei.com
PING www.yanglei.com (192.168.100.65) 56(84) bytes of data.

 

--- www.yanglei.com ping statistics ---
2 packets transmitted, 0 received, 100% packet loss, time 1170ms
如果通了 就说明配置成功了。