Linux__dns服务器搭建
一配置主机名
vi /etc/sysconf/network
http://
二配置host文件
192.168.202.10 http:// node1
192.168.202.11 http:// node2
192.168.2.10 http:// node1-priv
192.168.2.11 http:// node2-priv
192.168.202.90 http:// node1-vip
192.168.202.91 http:// node2-vip
192.168.202.135 http:// cluster
192.168.202.136 http:// cluster
三安装需求包
yum install bind*
也可以
rpm–Uvh bind-utils-*
rpm –Uvhkdebindings-*
rpm–Uvh bind-*
rpm–Uvhypbind-*
rpm–Uvh bind-libs-*
rpm–Uvh bind-chroot-*
rpm–Uvh caching-nameserver-*
四启动
servernamed start (stop restart)
查看进程
rndc status (stop)
五配置named.conf文件
#cd /usr/share/doc/bind-9.3.6/sample/etc
#cp /usr/share/doc/bind-9.3.6/sample/etc/* /var/named/chroot/etc
#ln–s /var/named/chroot/etc/named.conf /etc/named.conf
#ln–s /var/named/chroot/etc/named.root.hints /etc/named.root.hints
#cd /usr/share/doc/bind-9.3.6/sample/var/
#cp–r /usr/share/doc/bind-9.3.6/sample/var/* /var/named/chroot/var/
vi/var/named/chroot/etc/named.conf
view "localhost_resolver"
{
/* This view sets up named to be a localhost resolver ( caching only nameserver ).
* If all you want is a caching-only nameserver, then you need only define this view:
Linux__dns服务器搭建
*/
match-clients { localhost; };
match-destinations { localhost; };
recursion yes;
# all views must contain the root hints zone:
include "/etc/named.root.hints";
/* these are zones that contain definitions for all the localhost
* names and addresses, as recommended in RFC1912 - these names should * ONLY be served to localhost clients:
*/
zone "http://" {
type master;
file "http://";
};
zone "202.168.192.in-addr.arpa" IN {
type master;
file "named.192.168.202";
};
include "/etc/rndc.key"; (这个目录里面的密匙后面的哪儿可以用到)
};
view "internal"
{
/* This view will contain zones you want to serve only to "internal" clients
that connect via your directly attached LAN interfaces - "localnets" .
*/
match-clients { localnets; };
match-destinations { localnets; };
recursion yes;
// all views must contain the root hints zone:
include "/etc/named.root.hints";
// include "named.rfc1912.zones";
// you should not serve your rfc1912 names to non-localhost clients.
// These are your "authoritative" internal zones, and would probably
// also be included in the "localhost_resolver" view above :
zone "http://" {
type master;
file "http://";
};
Linux__dns服务器搭建
zone "202.168.192.in-addr.arpa" IN {
type master;
file "named.192.168.202";
};
zone "my.slave.internal.zone" {
type slave;
file "slaves/my.slave.internal.zone.db";
masters { /* put master nameserver IPs here */ 127.0.0.1; } ;
// put slave zones in the slaves/ directory so named can update them };
zone "my.ddns.internal.zone" {
type master;
allow-update { key ddns_key; };
file "slaves/my.ddns.internal.zone.db";
// put dynamically updateable zones in the slaves/ directory so named can update them
};
};
keyddns_key
{
algorithm hmac-md5;
secret "MNE1hiqdU52EOUbnxKfobZUG5y2S5BAqbvdHqHEygTCqEKtsbUWc2Yu2Key9"; };
view "external"
{
/* This view will contain zones you want to serve only to "external" clients
* that have addresses that are not on your directly attached LAN interface subnets:
*/
match-clients { any; };
match-destinations { any; };
recursion no;
// you'd probably want to deny recursion to external clients, so you don't
// end up providing free DNS service to all takers
allow-query-cache { none; };
// Disable lookups for any cached data and root hints
// all views must contain the root hints zone:
include "/etc/named.root.hints";
// These are your "authoritative" external zones, and would probably
Linux__dns服务器搭建
// contain entries for just your web and mail servers:
zone "my.external.zone" {
type master;
file "my.external.zone.db";
};
};
下面配置指定的两个文件:
#cd /var/named/chroot/var/named
http://
[root@node1 named]# cat http://
$TTL 300
@ SOA http://. http://. (
2003053013 ;serial (d. adams) 3600 ;refresh 900 ;retry 1209600 ;expiry 3600 ;minimum )
@ IN NS http://.
node1 IN A 192.168.202.10
cluster IN A 192.168.202.135
在创建配置另外一个:
vi name.192.168.202
[root@node1 named]# cat named.192.168.202
$TTL 300
@ SOA http://. http://. (
2003053013 ;serial (d. adams) 3600 ;refresh 900 ;retry 1209600 ;expiry 3600 ;minimum )
@ IN NS http://.
10 IN PTR http://.
135 IN PTR http://.
注:可以把这个文件再复制一份到/var/named/ 下面
Linux__dns服务器搭建
六配置/etc/resolv.conf
domain http://
search http://
nameserver 192.168.202.10
host http://
host 192.168.202.10
七重启named 服务
#server named restart # rndc reload
八用nslookup测试
[root@node1 named]# nslookup
> 192.168.202.10
Server: 192.168.202.10
Address: 192.168.202.10#53
10.202.168.192.in-addr.arpa name = http://. >my
Server: 192.168.202.10
Address: 192.168.202.10#53
** server can't find my: SERVFAIL
> http://
Server: 192.168.202.10
Address: 192.168.202.10#53
Name: http://
Address: 192.168.202.135
> http://
Server: 192.168.202.10
Address: 192.168.202.10#53
Name: http://
Address: 192.168.202.10
>exit
[root@node1 named]#