linux 建立域名伺服器
阿新 • • 發佈:2018-12-03
1.確定linux 系統版本和核心版本
[[email protected] ~]# cat /proc/version Linux version 2.6.32-754.3.5.el6.x86_64 ([email protected]) (gcc version 4.4.7 20120313 (Red Hat 4.4.7-23) (GCC) ) #1 SMP Tue Aug 14 20:46:41 UTC 2018 [[email protected] ~]# cat /etc/issue CentOS release 6.10 (Final) Kernel \r on an \m
2.安裝bind 和bind-utils
[[email protected] ~]# yum install -y bind && bind-utiles
3.檢查安裝哪些服務
[[email protected] ~]# rpm -qa | grep bind*
bind-libs-9.8.2-0.68.rc1.el6_10.1.x86_64
bind-9.8.2-0.68.rc1.el6_10.1.x86_64
binutils-2.20.51.0.2-5.43.el6.x86_64
rpcbind-0.2.0-16.el6.x86_64
[ [email protected] ~]#
4.編輯配置檔案
[[email protected] ~]# vi /etc/named.conf // // named.conf // // Provided by Red Hat bind package to configure the ISC BIND named(8) DNS // server as a caching only nameserver (as a localhost DNS resolver only). 1 // 2 // named.conf 3 // 4 // Provided by Red Hat bind package to configure the ISC BIND named(8) DNS 5 // server as a caching only nameserver (as a localhost DNS resolver only). 6 // 7 // See /usr/share/doc/bind*/sample/ for example named configuration files. 8 // 9 10 options { 11 # listen-on port 53 { 127.0.0.1; }; 12 listen-on port 53 { any; }; ##由於這裡監聽的地址是本機所以啟動之後只會本機當伺服器端本機當客戶端進行通訊;所以要改成外部地址或設定為any。 13 # listen-on-v6 port 53 { ::1; }; 14 directory "/var/named"; 15 dump-file "/var/named/data/cache_dump.db"; 16 statistics-file "/var/named/data/named_stats.txt"; 17 memstatistics-file "/var/named/data/named_mem_stats.txt"; 18 allow-query { any; }; #DNS定義完成之後允許誰來訪問,這裡定義的為所以IP訪問。 #這是定義全域性選項的,定義之後對所有區域都生效。 19 recursion yes; 20 21 dnssec-enable yes; 22 dnssec-validation yes; 23 24 /* Path to ISC DLV key */ 25 bindkeys-file "/etc/named.iscdlv.key"; 26 27 managed-keys-directory "/var/named/dynamic"; 28 }; 29 30 logging { 31 channel default_debug { 32 file "data/named.run"; 33 severity dynamic; 34 }; 35 }; 36 37 zone "." IN { 38 type hint; 39 file "named.ca"; 40 }; 41 42 include "/etc/named.rfc1912.zones"; 43 include "/etc/named.root.key"; 44
5.檢查是否存在語法錯誤(不顯示任何報錯資訊,證明是正確的)
[[email protected] ~]# named-checkconf
[[email protected] ~]#
6.編輯配置檔案
6.1編輯 vi /etc/named.rfc1912.zones檔案
1 // named.rfc1912.zones:
2 //
3 // Provided by Red Hat caching-nameserver package
4 //
5 // ISC BIND named zone configuration for zones recommended by
6 // RFC 1912 section 4.1 : localhost TLDs and address zones
7 // and http://www.ietf.org/internet-drafts/draft-ietf-dnsop-default-local-zones-02.txt
8 // (c)2007 R W Franks
9 //
10 // See /usr/share/doc/bind*/sample/ for example named configuration files.
11 //
12
#正向解析
13 zone "onezhai.cn" IN{
14 type master;
15 file "onezhai.cn.zone";
16 };
#反向解析
17 zone "59.168.192.in-addr.arpa" IN{
18 type master;
19 file "59.168.192.zone";
20 };
6.2編輯正向dns配置檔案
[[email protected] ~]# cd /var/named/
[[email protected] named]# cp -p named.localhost onezhai.cn.zone
[[email protected] named]# vi onezhai.cn.zone
1 $TTL 1D
2 @ IN SOA ns.onezhai.cn. root (
3 0 ; serial
4 1D ; refresh
5 1H ; retry
6 1W ; expire
7 3H ) ; minimum
8 @ IN NS ns.onezhai.cn.
9 @ IN MX 5 mail.onezhai.cn.
10 www IN A 192.168.59.104
11 ns IN A 192.168.59.104
12 mail IN A 192.168.59.104
13 smtp IN A 192.168.59.104
14 pop3 IN A 192.168.59.104
15 pop IN A 192.168.59.104
16
17
6.3 編輯反向配置檔案
[[email protected] named]# cp -p named.localhost 59.168.192.zone
1 $TTL 1D
2 @ IN SOA ns.onezhai.cn. root (
3 0 ; serial
4 1D ; refresh
5 1H ; retry
6 1W ; expire
7 3H ) ; minimum
8 @ IN NS ns.onezhai.cn.
9 192 IN PTR www.onezhai.cn.
~
6.4編輯配置檔案許可權
兩個配置檔案的所屬組必須要是named組
786937 -rwxrwxrwx. 1 root named 189 Oct 19 04:41 59.168.192.zone
786961 -rwxrwxrwx. 1 root named 367 Oct 19 04:04 onezhai.cn.zone
[[email protected] named]# ls -li
total 40
786937 -rwxrwxrwx. 1 root named 189 Oct 19 04:41 59.168.192.zone
786881 drwxr-x---. 7 root named 4096 Oct 19 03:46 chroot
786908 drwxrwx---. 2 named named 4096 Oct 19 04:04 data
786909 drwxrwx---. 2 named named 4096 Oct 20 04:05 dynamic
786910 -rw-r-----. 1 root named 3289 Apr 11 2017 named.ca
786911 -rw-r-----. 1 root named 152 Dec 15 2009 named.empty
786912 -rw-r-----. 1 root named 152 Jun 21 2007 named.localhost
786913 -rw-r-----. 1 root named 168 Dec 15 2009 named.loopback
786961 -rwxrwxrwx. 1 root named 367 Oct 19 04:04 onezhai.cn.zone
786915 drwxrwx---. 2 named named 4096 Aug 27 23:39 slaves
[[email protected] named]#
7.測試服務是否正常啟動
[[email protected] named]# vi /etc/resolv.conf
nameserver 192.168.59.104
[[email protected] named]# nslookup
> www.onezhai.cn
Server: 192.168.59.104
Address: 192.168.59.104#53
Name: www.onezhai.cn
Address: 192.168.59.104
> 192.168.59.104
Server: 192.168.59.104
Address: 192.168.59.104#53