DNS服务器部署文档(for linux平台) 一.配置yum,以便安装软件包 yum全局文件编辑目录: /etc/yum.repos.d/rhel-source.repo [root@wanghong ~]# vim //etc/yum.repos.d/rhel-source.repo #[rhel-source] #name=Red Hat Enterprise Linux $releasever - $basearch - Source #baseurl= $releasever/en/os/SRPMS/ #enabled=0 #gpgcheck=1 #gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release
#[rhel-source-beta] #name=Red Hat Enterprise Linux $releasever Beta - $basearch - Source #baseurl= $releasever/en/os/SRPMS/ #enabled=0 #gpgcheck=1 #gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-beta,file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release [wanghong] Name=123 Baseurl=file:///mnt/Server enable=1 gpgcheck=0 备注: #是注释作用,在此对文件没用任何影响,可以去掉 二.安装DNS服务软件包 1.DNS服务软件包名如下: bind-9.3.3-7.el5.i386.rpm bind-chroot-9.3.3-7.el5.i386.rpm [root@wanghong~]#mount /dev/cdrom /mnt [root@wanghong~]#yum install bind bind-chroot 执行此过程,就可以正常的安装DNS服务包软件,或者用以下命令也可以正常安装DNS服务包软件 [root@wanghong~]#mount /dev/cdrom /mnt [root@wanghong~]#rpm -ivh bind-9.3.3-7.el5.i386.rpm --force [root@wanghong~]#rpm -ivh bind-chroot-9.3.3-7.el5.i386.rpm --force --foce 代表强制安装 2.编辑主配置文件 主配置文件目录: /etc/named.conf
[root@wanghong ~]# vim /etc/named.conf // // named.conf // // Provided by Red Hat bind package to configure the ISC BIND named(8) DNS // server as a caching only nameserver (as a localhost DNS resolver only). // // See /usr/share/doc/bind*/sample/ for example named configuration files. //
options { listen-on port 53 { any; }; 注释: 监听端口的DNS客户端主机 listen-on-v6 port 53 { ::1; }; directory "/var/named"; dump-file "/var/named/data/cache_dump.db"; statistics-file "/var/named/data/named_stats.txt"; memstatistics-file "/var/named/data/named_mem_stats.txt"; allow-query { any; }; 注释: 允许查询DNS的客户端主机 recursion yes; 注释: 是否允许客户端进行递归查询
dnssec-enable yes; dnssec-validation yes; dnssec-lookaside auto;
/* Path to ISC DLV key */ bindkeys-file "/etc/named.iscdlv.key"; };
logging { channel default_debug { file "data/named.run"; severity dynamic; }; };
zone "." IN { type hint; file "named.ca"; };
include "/etc/named.rfc1912.zones"; 按住ESC键,打入符号( :wq ) 保存配置文件信息 3. 编辑named.rfc1912.zones配置文件 [root@wanghong ~]# vim /etc/named.rfc1912.zones zone "openlab.com" IN { type master; file "test.com.zone"; };
zone "2.168.192.in-addr.arpa" IN { type master; file "2.168.192.zone"; }; 备注:红色区域为追加部份 4.创建两个文件配置文件 [root@wanghong ~]# cp -a /var/named/named.empty /var/named/test.com.zone [root@wanghong ~]# cp -a /var/named/named.empty /var/named/2.168.192.zone 5.编辑配置文件test.com.zone [root@wanghong ~]# vim /named/test.com.zone $TTL 3H @ IN SOA @ rname.invalid. ( 0 ; serial 1D ; refresh 1H ; retry 1W ; expire 3H ) ; minimum NS www.test.com. IN MX 5 mail.test.com. www IN A 192.168.2.1 mail IN A 192.168.2.2 ftp IN A 192.168.2.3 * IN A 192.168.2.4 备注:红色和蓝色区域为追加和更改区域 6.编辑配置文件2.168.192.zone [root@wanghong ~]# vim /named/2.168.192.zone $TTL 3H @ IN SOA @ rname.invalid. ( 0 ; serial 1D ; refresh 1H ; retry 1W ; expire 3H ) ; minimum NS www.openlab.com. 1 IN PTR www.openlab.com. 2 IN PTR mail.openlab.com. 3 IN PTR ftp.openlab.com. 备注:红色和蓝色区域为追加和更改区域 7.闭防火墙或清空防火墙 [root@wanghong ~]# service iptables stop [root@wanghong ~]# chkconfig iptables off 或者执行清空防火墙命令 [root@wanghong ~]# iptables -F [root@wanghong ~]# service iptables save 8.开始named服务 [root@wanghong ~]# service named start [root@wanghong ~]# chkconfig named on 9.测试DNS服务是否成功 找一客户端主机,把DNS配成DNS服务器IP地址: 192.168.2.* ,这里*为1(192.168.2.1) 执行nslookup命令,看是否能解板mail.tets.com / www.test.com / ftp.tet.com / ***.test.com