本文共 3454 字,大约阅读时间需要 11 分钟。
一、安装
# yum install -y bind bind-chroot ypbind bind-utils
# rpm -qa |grep bind bind-libs-9.3.6-16.P1.el5 bind-utils-9.3.6-16.P1.el5 ypbind-1.19-12.el5_6.1 bind-9.3.6-16.P1.el5 bind-chroot-9.3.6-16.P1.el5 # yum install -y caching-nameserver-9.3.* //安装后可启动named # service named start # netstat -antup //TCP 53\953端口开放,953提供给rndc工具用来管理DNS服务器二、
1.主区域配置
# cd /var/named/chroot/etc //以下操作均在此路径下
# cp -p named.caching-nameserver.conf named.conf //注意加 -p 所属组不变 # cp -p named.rfc1912.zones named.rfc1912.zones_back # vim named.conf ### 配置内容如下: options { listen-on port 53 { any; }; listen-on-v6 port 53 { ::1; }; directory "/var/named"; dump-file "/var/named/data/cache_dump.db"; statistics-file "/var/named/data/named_stats.txt"; memstatistics-file "/var/named/data/named_mem_stats.txt";// Those options should be used carefully because they disable port
// randomization // query-source port 53; // query-source-v6 port 53;allow-query { any; };
allow-query-cache { any; }; }; logging { channel default_debug { file "data/named.run"; severity dynamic; }; }; view localhost_resolver { match-clients { any; }; match-destinations { any; }; recursion yes; include "/etc/named.rfc1912.zones"; };### 结束 ###
# vim named.rfc1912.zones
### 配置内容如下: zone "." IN { type hint; file "named.ca"; };zone "laowafang.com" IN {
type master; file "test.com.zone"; allow-update { none; }; };zone "146.147.119.in-addr.arpa" IN {
type master; file "test.com.local"; allow-update { none; }; }; ### 结束 ###2.区域文件配置
# cd /var/named/chroot/var/named //以下操作均在此路径下
# cp -p localhost.zone test.com.zone //拷贝正向文件 # cp -p named.local test.com.local //拷贝反向文件# vim test.com.zone
### 配置内容如下: $TTL 86400 @ IN SOA @ root ( 42 ; serial (d. adams) 3H ; refresh 15M ; retry 1W ; expiry 1D ) ; minimumIN NS dns.test.com.
IN MX 10 mail.test.com. www1 IN A 119.147.146.249 www2 IN A 119.147.146.20 www IN CNAME www1.test.com. ### 结束 #### vim test.com.local
### 配置内容如下: $TTL 86400 @ IN SOA dns.test.com. root.test.com. ( 1997022700 ; Serial 28800 ; Refresh 14400 ; Retry 3600000 ; Expire 86400 ) ; Minimum IN NS dns.test.com. 104 IN PTR www1.test.com. 105 IN PTR www2.test.com. ### 结束 #### ln -s /var/named/chroot/etc/named.conf /etc/ //创建软连接
# ll /etc/name* //查看连接是否创建成功 # service named restart # tail /var/log/messages //查看日志存在 running 及成功启动三、测试
[root@localhost ~]# nslookup www1.test.com
Server: 119.147.146.249 Address: 119.147.146.249#53 Name: www1.test.com Address: 119.147.146.249四、rndc工具使用
用rndc可以在不停止DNS服务器工作的情况下进行数据的更新,使配置生效。953提供给rndc工具用来管理DNS服务器。
# rndc-confgen > /etc/rndc.conf //生产配置文件
### 配置内容如下: # Start of rndc.conf key "rndckey" { algorithm hmac-md5; secret "xO/qxwFJjYE41OrsbEAexQ=="; };options {
default-key "rndckey"; default-server 127.0.0.1; default-port 953; }; # End of rndc.conf# Use with the following in named.conf, adjusting the allow list as needed:
# key "rndckey" { # algorithm hmac-md5; # secret "xO/qxwFJjYE41OrsbEAexQ=="; # }; # # controls { # inet 127.0.0.1 port 953 # allow { 127.0.0.1; } keys { "rndckey"; }; # }; # End of named.conf ### 结束 #### vim /etc/named.conf //拷贝有 # 号注释的内容到named.conf末尾
### 添加内容如下: ### rndc.conf 2011-08-26 ### key "rndckey" { algorithm hmac-md5; secret "xO/qxwFJjYE41OrsbEAexQ=="; };controls {
inet 127.0.0.1 port 953 allow { 127.0.0.1; } keys { "rndckey"; }; }; ### configure end ### ### 结束 #### service named restart
# rndc reload //修改完.zone文件,使用rndc工具加载即可,
本文出自 “” 博客,请务必保留此出处