bind軟件dns配置
DNS協議運行在UDP協議之上,使用端口號53。
安裝DNS軟件bind
yum install bind bind-utils bind-devel bind-chroot -y
#######################################################
bind-chroot為牢籠,我們是內部dns,為了方便不用設置
修改配置文件
vim /etc/named.conf
options {
listen-on port 53 { any; };#定義監聽的端口及ip地址
directory "/var/named";#全局目錄
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { any; };#允許查詢的ip地址
forwarder{ 114.114.114.114;); #轉發本地沒有的記錄
recursion yes; #是否允許遞歸查詢
dnssec-enable yes;
dnssec-validation yes;
bindkeys-file "/etc/named.iscdlv.key";
managed-keys-directory "/var/named/dynamic";
pid-file "/run/named/named.pid";
session-keyfile "/run/named/session.key";};
logging {
channel default_debug {
file "data/named.run";
};
};
zone "." IN {
type hint;
file "named.ca";
};
include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";
添加域
vim /etc/named.rfc1912.zones
zone "test.com" IN
{
type master;
file "test.com.zone";
allow-transfer{ 127.0.0.1;192.168.56.100;192.168.56.101; };
};
檢查語法是否正確,沒有提示錯誤就是正確的
named-checkconf
創建正向解析文件
vim /var/named/test.com.zone
$TTL 300;
@ IN SOA dns1.test.com admin.test.com(
2017032800 ; Serial #序列號,通常為日期
300 ; Refresh #刷新時間,即每隔多久到主服務器檢查一
1800 ; Retry #重試時間,?
604800 ; Expire #過期時間,
300 ; TTL #主服務器掛後,從服務器至多工作的時間?
)
;
IN NS dns1
IN NS dns2
dns1 IN A 192.168.56.100
dns2 IN A 192.168.56.20
檢查語法
named-checkzone test.com /var/named/test.com.zone
更改文件的組為named
chown root:named test.com.zone
啟動服務
systemctl start named.service
配置反向解析區域
vim /etc/named.rfc1912.zones
zone "56.168.192.in-addr.arpa" IN {
type master;
file "56.168.192.in-addr-arpa";
allow-transfer{ 127.0.0.1;192.168.56.100;192.168.56.101; };
};
配置反向解析文件
vim /var/named/56.168.192.in-addr-arpa
$TTL 43200;
@ 86400 IN SOA dns1.test.com. admin.test.com.(
201411;
1h;
5m;
7d;
1d;
)
IN NS dns1.test.com.
100 IN PTR dns1.test.com.
20 IN PTR dns2.test.com.
檢查配置文件
named-checkzone 56.168.192.in-addr.arpa /var/named/56.168.192.in-addr-arpa
更改文件的組為named
chown root:named 56.168.192.in-addr-arpa
重啟服務
systemctl restart named.service
測試反向解析
dig -x 192.168.56.100
#######################################################
配置從DNS服務器
yum install bind bind-utils bind-devel bind-chroot -y
啟動服務
systemctl restart named.service
復制主dns /etc/named.conf 到從DNS
#######################################################
修改配置文件
vim /etc/named.rfc1912.zones
zone "test.com" IN
{
type slave;
masters { 192.168.56.100; };
file "slaves/test.com.zone";
allow-transfer{ none; };
};
zone "56.168.192.in-addr.arpa" IN {
type slave;
masters { 192.168.56.100; };
file "slaves/56.168.192.in-addr-arpa";
allow-transfer{ none; };
};
#######################################################
修改主DNS正向解析文件,序列有+1並添加IN NS dns2
vim /var/named/test.com.zone
IN NS dns2dns2 IN A 192.168.56.20
修改DNS反向解析文件,序列號+1並添加dns2.test.com.
vim /var/named/56.168.192.in-addr-arpa
IN NS dns2.test.com.
重啟主DNS服務後從DNS就回多兩個文件
systemctl restart named.service
bind軟件dns配置