上一章节主要是介绍了DNS概念,以下是做实验的结果
测试环境:
Linux: CentOS release 6.6 (Final)
Bind: Version: 9.8.2rc1-RedHat-9.8.2-0.30.rc1.el6_6.2
正常解析域:luhaigang.com和luhaigang.cn
反向解析域:77.1.10.in-addr.arpa
安装:
1:centos下直接yum安装稳定版本
[root@erickpuppet77_85 ~]#yum -y install bind*
2:配置
[root@erickpuppet77_85 ~]# less /etc/named.conf
options {
// listen-on port 53 { 127.0.0.1; };
// listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
// allow-query { localhost; };
recursion yes;
forwarders { 192.168.211.116; }; //这个是如果此dns服务器解析不到,转发到211.116这台服务器上去解析
forward only;
dnssec-enable yes;
dnssec-validation yes;
dnssec-lookaside auto;
/* Path to ISC DLV key */
bindkeys-file "/etc/named.iscdlv.key";
managed-keys-directory "/var/named/dynamic";
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
zone "." IN {
type hint;
file "named.ca";
};
include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";
3:配置named.rfc1912.zones 定义zone区域
[root@erickpuppet77_85 ~]# less /etc/named.rfc1912.zones
zone "localhost" IN {
type master;
file "named.localhost";
allow-update { none; };
};
zone "1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN {
type master;
file "named.loopback";
allow-update { none; };
};
zone "1.0.0.127.in-addr.arpa" IN {
type master;
file "named.loopback";
allow-update { none; };
};
zone "0.in-addr.arpa" IN {
type master;
file "named.empty";
allow-update { none; };
};
zone "luhaigang.com" IN {
type master;
file "luhaigang.com.zone"; //主要是定义zone的文件属性
allow-transfer { 192.168.7.74; };
}; //这个主要是luhaigang.com这个zone
zone "luhaigang.cn" IN {
type master;
file "luhaigang.cn.zone"; //主要是定义zone的文件属性
allow-transfer { 192.168.7.74; };
}; //这个主要是luhaigang.cn这个zone
zone "77.1.10.in-addr.arpa" IN {
type master;
file "77.1.10.zone"; //主要是定义zone的文件属性
allow-transfer { 192.168.7.74; };
}; //此主要是反向解析zone
4:看正向解析的两个文件 luhaigang.com.zone,luhaigang.cn.zone
[root@erickpuppet77_85 ~]# less /var/named/luhaigang.com.zone
$TTL 3600
$ORIGIN luhaigang.com.
@ IN SOA dns.luhaigang.com. admin.luhaigang.com. (
2015032315
1H
5M
3D
3H )
IN NS dns
IN MX 10 mail
dns IN A 10.1.77.85
mail IN A 10.1.77.89
www IN A 10.1.77.86
www IN A 10.1.77.87
www IN A 10.1.77.88
web IN CNAME www
[root@erickpuppet77_85 ~]# less /var/named/luhaigang.cn.zone
$TTL 3600
$ORIGIN luhaigang.cn.
@ IN SOA dns.luhaigang.cn. admin.luhaigang.cn. (
2015032315
1H
5M
3D
3H )
IN NS dns
IN MX 10 mail
dns IN A 10.1.77.85
mail IN A 10.1.77.89
www IN A 10.1.77.86
www IN A 10.1.77.87
www IN A 10.1.77.88
web IN CNAME www
5:设置反向区域文件 77.1.10.zone
[root@erickpuppet77_85 ~]# less /var/named/77.1.10.zone
$TTL 3600
$ORIGIN 77.1.10.in-addr.arpa.
@ IN SOA dns.luhaigang.com. admin.luhaigang.com. (
2015032315
1H
5M
3D
3H )
IN NS dns.luhaigang.com.
IN MX 10 mail.luhaigang.com.
85 IN PTR dns.luhaigang.com.
89 IN PTR mail.luhaigang.com.
86 IN PTR www.luhaigang.com.
87 IN PTR www.luhaigang.com.
88 IN PTR www.luhaigang.com.
OK:现在正向区域和反向区域的配置文件,及区域设置都已经设置完毕
5:测试是否自己的DNS可以解析
1:必须把自己的/etc/resolv.conf的域名服务器指向自己创建的dns服务器
[root@erickpuppet77_85 ~]# less /etc/resolv.conf
nameserver 10.1.77.85
2:现在可以把named启动
[root@erickpuppet77_85 ~]# /etc/init.d/named restart
停止 named:. [确定]
启动 named: [确定]
3:现在测试
[root@erickpuppet77_85 ~]# host -t A www.luhaigang.com
www.luhaigang.com has address 10.1.77.86
www.luhaigang.com has address 10.1.77.87
www.luhaigang.com has address 10.1.77.88
[root@erickpuppet77_85 ~]# host -t A www.luhaigang.cn
www.luhaigang.cn has address 10.1.77.88
www.luhaigang.cn has address 10.1.77.86
www.luhaigang.cn has address 10.1.77.87
[root@erickpuppet77_85 ~]#
正向解析可以正确的解析出来,底下解析反向区域
[root@erickpuppet77_85 ~]# host -t A 10.1.77.88
88.77.1.10.in-addr.arpa domain name pointer www.luhaigang.com.
[root@erickpuppet77_85 ~]# host -t A 10.1.77.89
89.77.1.10.in-addr.arpa domain name pointer mail.luhaigang.com.
[root@erickpuppet77_85 ~]#
OK 现在正向和反向区域都可以正常解析出来。
接下来会搞主从DNS服务器,待续..........
转载于:https://blog.51cto.com/zxj1988/1623850