1. 安装DNS所需的包:
[root@rac3 CentOS]# rpm -ivh bind-9.3.6-20.P1.el5.x86_64.rpm
warning: bind-9.3.6-20.P1.el5.x86_64.rpm: Header V3 DSA signature: NOKEY, key ID e8562897
Preparing... ########################################### [100%]
1:bind ########################################### [100%]
[root@rac3 CentOS]# rpm -ivh bind-chroot-9.3.6-20.P1.el5.x86_64.rpm
warning: bind-chroot-9.3.6-20.P1.el5.x86_64.rpm: Header V3 DSA signature: NOKEY, key ID e8562897
Preparing... ########################################### [100%]
1:bind-chroot ########################################### [100%]
[root@rac3 CentOS]# rpm -ivh caching-nameserver-9.3.6-20.P1.el5.x86_64.rpm
warning: caching-nameserver-9.3.6-20.P1.el5.x86_64.rpm: Header V3 DSA signature: NOKEY, key ID e8562897
Preparing... ########################################### [100%]
1:caching-nameserver ########################################### [100%]
2. 相关配置说明:
DNS的守护进程
/usr/sbin/named
/usr/sbin/rndc
DNS的脚本
/etc/init.d/named
DNS的端口
53 953(tcp udp)
DNS的配置文件
/var/named/chroot/etc/named.conf(主配置文件)
/var/named/chroot/*
3. 配置
3.1 复制NAMED.CONF文件
由于安装了CHROOT环境, 所以DNS主配置文件应该在/VAR/NAMED/CHROOT/ETC目录下:
[root@rac3 CentOS]# cd /var/named/chroot/
[root@rac3 chroot]# ls
dev etc var
[root@rac3 chroot]# cd etc/
[root@rac3 etc]# ls
localtime named.caching-nameserver.conf named.rfc1912.zones rndc.key
查看NAMED.CACHING-NAMESERVER.CONF文件:
[root@rac3 etc]# cat named.caching-nameserver.conf
//
// named.caching-nameserver.conf
//
// Provided by Red Hat caching-nameserver package to configure the
// ISC BIND named(8) DNS server as a caching only nameserver
// (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
// DO NOT EDIT THIS FILE - use system-config-bind or an editor
// to create named.conf - edits to this file will be lost on
// caching-nameserver package upgrade.
//
。。。。。
这里提示不要直接的编辑该文件, 去创建一个NAMED.CONF文件, 然后编辑NAMED.CONF文件, 当有了NAMED.CONF, 将不再读取这个文件。
复制:
[root@rac3 etc]# cp -p named.caching-nameserver.conf named.conf
[root@rac3 etc]#
修改:
[root@rac3 etc]# vi named.conf
options { --代表全局配置
listen-on port 53 { any; }; --DNS服务监听在所有接口, 这里在修改之前为127.0.0.1
listen-on-v6 port 53 { ::1; }; --iPV6监听在本地回环接口
directory "/var/named"; --ZONE文件的存放目录, 指的是CHROOT环境下面的/VAR/NAMED
dump-file "/var/named/data/cache_dump.db"; --存放缓存的信息
statistics-file "/var/named/data/named_stats.txt"; --统计用户的访问状态
memstatistics-file "/var/named/data/named_mem_stats.txt"; --每一次访问耗费了多数内存的存放文件
// Those options should be used carefully because they disable port
// randomization
// query-source port 53;
// query-source-v6 port 53;
allow-query { any; }; --允许查询的客户端。 修改以前为LOCALHOST
allow-query-cache { any; }; --允许哪些客户端来查询缓存, ANY表示允许任何人
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
--定义日志的存放位置在/VAR/NAMED/CHROOT/VAR/NAMED/DATA/目录下
view localhost_resolver { --定放视图功能
match-clients { any; }; --是指匹配的客户端, 修改以前为LOCALHOST
match-destinations { any; }; --是指匹配的目标, 修改以前为LOCALHOST
recursion yes;
include "/etc/named.rfc1912.zones";
};
3.3 定义ZONE文件(编辑NAMED.RFC1912.ZONES文件)
[root@rac3 etc]# vi named.rfc1912.zones
zone "." IN {
type hint;
file "named.ca";
};
zone "localdomain" IN {
type master;
file "localdomain.zone";
allow-update { none; };
};
zone "localhost" IN {
type master;
file "localhost.zone";
allow-update { none; };
};
zone "0.0.127.in-addr.arpa" IN {
type master;
file "named.local";
allow-update { none; };
};
zone "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN {
type master;
file "named.ip6.local";
allow-update { none; };
};
zone "255.in-addr.arpa" IN {
type master;
file "named.broadcast";
allow-update { none; };
};
zone "0.in-addr.arpa" IN {
type master;
file "named.zero";
allow-update { none; };
};
--添加的正向解析域
zone "sz-smallD.com" IN {
type master;
file "rac.sz-smallD.zone";
allow-update { none; };
};
--添加的反向解析域
zone "3.168.192.in-addr.arpa" IN {
type master;
file "rac.szsmalld.local";
allow-update { none; };
};
这里需要注意的是,反向解析从左到右读取ip地址时是以相反的方向解释的,所以需要将ip地址反向排列。这里,192.168.3.*网段的反向解析域名为"3.168.192.in-addr.arpa”。
3.4. 复制模板文件:
[root@rac3 named]# cp -p localhost.zone rac.sz-smallD.zone
[root@rac3 named]# cp -p named.local rac.szsmalld.local
3.5. 定义正向解析数据文件:
[root@rac3 named]# vi rac.sz-smallD.zone
$TTL 86400
@ IN SOA @ root.sz-smallD.com (
42 ; serial (d. adams)
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum
IN NS sz-smallD.com
rac-scan IN A 192.168.3.122
rac-scan IN A 192.168.3.128
3.6. 定义反向解析数据文件
[root@rac3 named]# vi rac.szsmalld.local
$TTL 86400
@ IN SOA sz-smallD.com. root.sz-smallD.com. (
1997022700 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS sz-smallD.com.
122 IN PTR rac-scan.sz-smallD.com.
128 IN PTR rac-scan.sz-smallD.com.
4. 验证DNS配置。
[root@rac3 named]# service named restart
Stopping named: [ OK ]
Starting named: [ OK ]
[root@rac3 named]#
[root@rac3 named]# nslookup 192.168.3.122
Server: 192.168.3.120
Address: 192.168.3.120#53
122.3.168.192.in-addr.arpa name = rac-scan.sz-smallD.com.
[root@rac3 named]# nslookup 192.168.3.128
Server: 192.168.3.120
Address: 192.168.3.120#53
128.3.168.192.in-addr.arpa name = rac-scan.sz-smallD.com.
[root@rac3 named]# nslookup rac-scan.sz-smallD.com
Server: 192.168.3.120
Address: 192.168.3.120#53
Name: rac-scan.sz-smallD.com
Address: 192.168.3.122
Name: rac-scan.sz-smallD.com
Address: 192.168.3.128