使用bind搭建DNS服务器
这篇帖子对我帮助很大:http://www.360doc.com/content/11/0809/01/7470455_139044478.shtml
1. 安装bind
yum install -y bind
cp /etc/named.conf/etc/named.conf.bak
>/etc/named.conf
vim /etc/named.conf
加入如下配置:
options {
directory "/var/named";
};
zone "." IN {
type hint;
file "named.ca";
};
zone "localhost" IN {
type master;
file"localhost.zone";
};
zone "0.0.127.in-addr.arpa" IN {
type master;
file "named.local";
};
chown named /etc/named.conf
cd /var/named/
dig -t NS . > named.ca
vim localhost.zone //加入
$TTL 86400
@ IN SOA localhost. admin.localhost. (
2013081601
1H
10M
7D
1D
)
@ IN NS localhost.
localhost. IN A 127.0.0.1
vim named.local //加入
$TTL 86400
@ IN SOA localhost. admin.localhost. (
2013081601
1H
10M
7D
1D
)
@ IN NS localhost.
1 IN PTR localhost
检测配置是否有问题: named-checkconf
检测正解析: named-checkzone "localhost"/var/named/localhost.zone
检测反解析: named-checkzone "0.0.127.in-addr.arpa"/var/named/named.local
rndc-confgen -r /dev/urandom -a // 这一步是生成 rndc.key, 如果没有这个key namd 是启动不了的。
chown named:named /etc/rndc.key
/etc/init.d/named start
netstat -lnp |grepnamed // 查看一下named进程是否监听了53端口
首先测试正向解析:dig @127.0.0.1 localhost.
接着测试反解析:dig @127.0.0.1 -x 127.0.0.1
2. 增加一个域名(zone)
vim /etc/named.conf //增加
zone "abc.com" IN {
type master;
file "abc.com.zone";
};
zone"137.168.192.in-addr.arpa" IN {
type master;
file "192.168.zone";
};
编辑zone文件: vim /var/named/abc.com.zone//增加
$TTL 600
@ IN SOA abc.com. root.abc.com. (
2013081601
1H
10M
7D
1D
)
IN NS ns.abc.com.
IN MX 10 mail.abc.com.
ns IN A 192.168.0.11
www IN A 192.168.137.73
mail IN A 192.168.137.10
bbs IN CNAME www.abc.com.
编辑反解析文件: vim /var/named/192.168.zone //增加
$TTL 600
@ IN SOA ns.abc.com. root.abc.com. (
2013081601
1H
10M
7D
1D
)
@ IN NS ns.abc.com.
10 IN PTR ns.abc.com.
11 IN PTR mail.abc.com.
73 IN PTR www.abc.com.
分别检测两个配置文件是否有问题:
named-checkzone "abc.com" abc.com.zone
named-checkzone"137.168.192.in-addr.arpa" 192.168.zone
重启named服务,测试 dig @127.0.0.1 www.abc.com
dig @127.0.0.1 -x 192.168.137.11
如果想通过浏览器访问,需要把网卡的DNS设置成DNS服务器的地址,这样才能解析到添加设置的域名。
在启动过程中可能会出现named 提示:启动named:[失败]但没有提示错误信息
解决方法:
#tail /var/log/messages
提示Oct 11 18:18:52 localhost named[9348]: could not configure root hints from 'named.ca': permission denied
Oct 11 18:18:52 localhost named[9348]: loading configuration: permission denied
Oct 11 18:18:52 localhost named[9348]: exiting (due to fatal error)
改变named.ca的权限# chmod 644 /var/named/chroot/var/named/named.ca
启动 named: [确定]
转载于:https://blog.51cto.com/881955/1642066