dns服务器安装文档,dns服务器安装配置文档

dns服务器安装配置文档

(10页)

本资源提供全文预览，点击全文预览即可全文预览,如果喜欢文档就下载吧，查找使用更方便哦！

9.9 积分

DNS服务器安装配置记录!1!1.环境说明说明:主机IP地址安装的程序主DNS服务器132.37.4.177采用编译安装从DNS服务器132.37.4.133Yum安装测试服务器132.37.5.1962.编译安装配置DNS主服务器2.1.安装所需软件包wgct ftp://ftp.isc.Org/isc/bind9/9.7.3/bind-9.7.3.tar.gztar zxvf bind_9? 7. 3? tar. gzcd bind~9. 7. 3? /configure --prefix=/usr/local/named --enable-threads makemake install2.2.创建rndc.conf文件，用bind自带程序生成cd /usr/local/named/usr/local/named/sbin/rndc-corogen >/usr/local/named/etc/rndc.conf2.3.把rndc.conf中的key信息输出到named.conf中cd etc/tail -10 rndc.conf I head -9 I sed -e s/#\ //g > named.conf24 [email protected] etc」# more named.conf key Mmdc-keyn {algorithm hmac-md5;secret ”GEmI3jnSB+BOTeOlgIHiQA==“；}；controls {inet www.wenku365.com port 953allow { 127.0.0.1; } keys { "mdc-kcy"; };}；//include ,7etc/rndc.keyH;acl slave_servers { 132.37.4.133; };options {listen-on port 53 { any; };//listen-on-v6 port 53 { ::1; };directory n/usr/local/named/etc11;//dump-file ”/vai7namcd/data/cachc_dump?db";//statistics-file ,7var/named/data/named_stats.txtn;//memstatistics-file ,7var/named/data/named_mem_stats.txtu; allow?query { any; };allow-transfer { slave_servers;);recursion yes;dnssec-enable yes;dnssec-validation no; dnssec-lookaside auto;// rate-limit {// qps-scale 5000;// };forwarders {221.7」2&68;}；/* Path to ISC DLV key *///bindkeys-file '7etc/named.iscdlv.keyn;// man aged-key s-di rectory ,7var/named/dynamicH;logging {channel default_debug {file Hdata/named.run°; severity dynamic;zone 罗 IN {type hint;file "namcd.ca”；}；include ,7usr/IocaI/named/etc/named.rfc 1912.zonesH;//include u/etc/named.root.keyH;2.5 创建 localhostzonemkdir /usr/local/namcd/var/namcdcd /usr/local/named/var/named vim localhost.zone写入$TTL 86400SORIGIN localhost.@ID IN SOA@ root (42;serial(d. adams)3H;refresh15M;retry1W;expiryID);minimumIDIN [email protected] [email protected].ca文件中dig -t NS ?>/usr/local/named/var/named/named.ca2.7 创建文件 named.localvim [email protected] rootJocalhost.( 2011060500; Serial60;Refresh60;Retry60;Expire60);MinimumINNSlocalhost.1INPTRlocalhost ?2.8 创建 zone$TTL 86400@ INSOAns. woego. cn. root? woego.cn.(42;serial (d.adams)仅作为序列号而已3H;refresh服务器的更新时间15M;retry重新更新时间1可隔1W;expiry多久之后宣布失败ID )；minimum相当于缓存记忆时间@ INNSns. woego. cn.ns INA132. 37. 4. 177WWWINA132. 37. 5. 200121.31.30. 74analyzcuatINA132. 37. 5. 199121.31.41.24analyzeINA132. 37. 5.210121.31.41.23imageINA132.37. 5. 203121.31.41.42telINA132. 37. 5. 186121.31.41.32cashieruatINA132. 37. 5. 198121.31.41.40payopenINA132. 37. 5. 209121.31.41.35serviceINA132. 37. 5. 186121.31.41.38wofinanceINA132.37. 5. 207121.31.41.39wofinancesuatINA132. 37. 5. 206121.31.41.43loginINA132. 37. 5. 200121.31.30. 74uatloginINA132. 37. 5. 205121.31.41.57testINA132. 37. 5. 205121.31.41.57openINA132.37. 5. 202121.31.41.55payINA132. 37. 5. 202121.31.41.54INA132. 37. 5. 200121.31.30. 74testshoplINA132. 37. 5. 205121.31.41.57testshop2INA132. 37. 5. 205121.31.41.57testshop3INA132. 37. 5. 205121.31.41.57testshopdINA132. 37. 5. 205121.31.41.57testshop5INA132. 37. 5. 205121.31.41.572.9 启动 bind/usr/local/named/sbin/named -gc /usr/local/named/etc/named.conf &3 yum安装配置DNS从服务器3.1 安装所需软件包yum install bind bind-devel bind-libs bind-utils bind-chroot3.2 修改/etc/named.conf配置文件[[email protected] ~]# more /etc/named.conf named.conf Provided by Red Hat bind package to configure the ISC BIND named(8) DNS// server as a caching only nameserver (as a localhost DNS resolver only). See /usr/share/doc/bind*/sample/ for example named configuration files?//acl master_servers { 132.37.4.177; };options {listen-on port 53 { any; };//listen-on-v6 port 53 { ::1; };directory M/var/namcdM;dump-file M/var/named/data/cache_dump.dbH;statistics-file ,7var/named/data/named_stats.txtM;memstatistics-file ^/var/named/data/named^mem.stats.txt11; allow-query { any; };allow-transfcr { none; };recursion yes;dnssec-enable yes;dnssec-validation yes;dnsscc-lookasidc auto;forwarders {221.7.128.68;)；/* Path to ISC DLV key */bindkeys-file ,7etc/named.iscdIv.keyH; managed-keys-directory H/var/named/dynamicM;};logging {channel default_debug {file Hdata/named.runH;severity dynamic;};};zone IN {type hint;file Mnamed.caH;};include ,,/etc/named.rfc 1912.zones”；include M/etc/named.root.keyM;3.3 修改 etc/named.rfcl912.zones 配置文件[[[email protected] ?]# more /ctc/namcd.rfc 1912.zones// named.rfc 1912.zones: Provided by Red Hat caching-nameserver package〃// ISC BIND named zone configuration for zones recommended by// RFC 1912 section 4.1 : localhost TLDs and address zones// and http://www.ietf.org/internet-drafts/draft-ietf-dnsop-default-local-zones-02.txt// (c)2007 R W Franks See /usr/sharc/doc/bind*/sample/ for example named configuration files.zone Hlocalhost.localdomainn IN {type master;file Hnamed.localhostH;allow-update { none; };};zone Hlocalhostn IN {type master;file Mnamed.localhost0;al low-update { none; };//zone T.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa” IN {// type master;// file "named.loopback";// al low-update { none; };//}；//zone "1.0.0.127,in-addr.arpaH IN {// type master;// file "named.loopback";// allow-update { none; };//}；//zone nO.in-addr.arpan IN {// type master;// file nnamed.emptyH;// allow-update { none; };//}；〃添加正向woego内部解析zone "woego.cn0 IN { // 这个 zone 的名称type slave; //是什么类型masters {132.37.4.177;);file "slaves/woego.cn.zone"; // zone 文件名}；〃添加反向woego内部解析//zone ”5.37.132.in?addr.arpa” IN {// type slave;// masters {132.37.4.177; };// file Hslaves/132.37.5.zoneH;//}；〃添加正向主机解析zone "host" IN { // 这个 zone 的名称type slave; //是什么类型masters {132.37.4.177;);file "slaves/host.zone"; // zone 文件名〃添加正向海购内部解析zone ”haigou365.cn" IN { // 这个 zone 的名称 type slave; //是什么类型masters {132.37.4.177; };// zone文件名file nslaves/haigou365.cn.zoneH;34 启动named服务service named start3.5 查看从服务器上抓取到的zone文件[[email protected] slaves]# pwd/var/named/slaves[[email protected] slaves]# 117 17:00 haigou365.cn.zone7 16:53 host.zone7 16:53 woego.cn.zonetotal 12-rw-r-r- 1 named named 429 Jan -rw-r~r-? 1 named named 306 Jan -rw-r-■「一 1 named named 681 Jan [email protected] slaves]#4测试服务器验证4.1 修改测试服务器DNS地址[[email protected] ?]# vi /etc/resolv.confnameserver 132.37.4.177nameserver 132.37.4.1334.2 查看解析是否正确[[email protected] ?]# nslookup www.baidu.com 132.37.4.177 Server: 132.37.4.177Address: 132.37.4.177#53Non-authoritative answer:www.baidu.com canonical name = www.a.shifen.com.Name: www.a.shifen.comAddress: 112.80.248.73Name: www.a.shifen.comAddress: 112.80.248.74[[email protected] ?]# nslookup www.baidu.com 132.37.4.133Server: 132.37.4.133Address: 132.37.4.133#53Non?authoritative answer:www.baidu.com canonical name = www.a.shifen.com.Name: www.a.shifen.comAddress: 112.80.248.73Name: www.a.shifen.comAddress: 112.80.248.74[[email protected] ?]# nslookup www.woego.cn 132.37.4」77Server: 132.37.4.177Address: 132.37.4.177#53Name: www.woego.cnAddress: 132.37.5.200[[email protected] ~]# nslookup www.woego.cn 132.37.4.133Server: 132.37.4.133Address: 132.37.4」33#53Name: www.woego.cnAddress: 132.37.5.200[[email protected] ~]# nslookup pkgzkpweg.host 132.37.4」77Server: 132.37.4.177Address: 132.374177#53Name: pkgzkpweg.hostAddress: 132.37.6.69[[email protected] ?]# nslookup pkgzkpweg.host 132.37.4.133Server: 132.37.4.133Address: 132.37.4」33#53Name: pkgzkpweg.hostAddress: 132.37.6.694.3 使用queryperf进行压力测试Bind编译安装后，会生成queryperf文件，可以进行DNS服务器的压力测试工具, 使用方法如下：# queryperf -d input file -s server 关 键 词： dns 服务器 安装 配置 文档

 天天文库所有资源均是用户自行上传分享，仅供网友学习交流，未经上传用户书面授权，请勿作他用。