文中有不对或者有不清楚的地方,请大家告诉我,谢谢!
使用BIND来搭建简单的主辅DNS服务器
一.安装BIND
在系统中使用rpm –qa |grep bind查看有没有安装BIND包。如果没有安装,则将系统盘挂载,使用rpm –ivh *bind* 安装。
二.启动BIND
service named start
chkconfig --level 35 named on
三.试验拓扑
试验拓扑如下图,使用bob.com域:
四.配置Master DNS
vi /etc/named.conf
2. 编辑区域数据文件
vi /var/named/chroot/var/named/bob.com.dns
vi /var/named/chroot/var/named/bob.com.rev
$TTL 86400
@ IN SOA bob.com. root.bob.com. (
2 ; Serial
120 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS bob.com.
240 IN PTR master.bob.com.
241 IN PTR slave.bob.com.
250 IN PTR [url]www.bob.com[/url].
chown named.named /var/named/chroot/var/named/bob.com.*
3. 测试
① 在Master DNS上使用host命令查看信息:
[root@master /]# host [url]www.bob.com[/url]
[url]www.bob.com[/url] has address 192.168.120.250
[root@master /]# host master.bob.com
master.bob.com has address 192.168.120.240
[root@master /]# host slave.bob.com
slave.bob.com has address 192.168.120.241
② 在Master DNS上使用nslookup命令查看信息:
[root@master /]# nslookup
Server: 192.168.120.240
Address: 192.168.120.240#53
Name: [url]www.bob.com[/url]
Address: 192.168.120.250
> master.bob.com
Server: 192.168.120.240
Address: 192.168.120.240#53
Name: master.bob.com
Address: 192.168.120.240
> 192.168.120.250
Server: 192.168.120.240
Address: 192.168.120.240#53
250.120.168.192.in-addr.arpa name=[url]www.bob.com[/url].
③ 在用户pc上将DNS指向192.168.120.240,然后访问
[url]www.bob.com[/url]
4. 查看日志
[root@master /]#service named start
[root@master /]#cat /var/log/messages |grep named
Sep 8 18:24:35 master named[15322]: starting BIND 9.2.4 -u named -t /var/named/chroot
Sep 8 18:24:35 master named[15322]: using 1 CPU
Sep 8 18:24:35 master named[15322]: loading configuration from '/etc/named.conf'
Sep 8 18:24:35 master named[15322]: listening on IPv4 interface lo, 127.0.0.1#53
Sep 8 18:24:35 master named[15322]: listening on IPv4 interface eth0, 192.168.120.240#53
Sep 8 18:24:35 master named[15322]: command channel listening on 127.0.0.1#953
Sep 8 18:24:35 master named[15322]: command channel listening on ::1#953
Sep 8 18:24:35 master named[15322]: zone 0.0.127.in-addr.arpa/IN: loaded serial 1997022700
Sep 8 18:24:35 master named[15322]: zone 120.168.192.in-addr.arpa/IN: loaded serial 2
Sep 8 18:24:35 master named[15322]: zone bob.com/IN: loaded serial 2
Sep 8 18:24:35 master named[15322]: zone localhost/IN: loaded serial 42
Sep 8 18:24:35 master named[15322]: named startup succeeded
Sep 8 18:24:35 master named[15322]: running
5. 注意事项
A.修改区域数据文件在每次存盘时要注意增加Serial值,主要用来让辅助服务器同步主服务器的区域数据文件。
B.使用绝对域名时千万别忘了后面要带"."。
C.主配置文件named.conf的";"不能少。
五.配置Slave DNS
1. 编辑DNS的主配置文件named.conf
vi /etc/named.conf
2. 修改从主DNS复制过来的区域文件存放目录的权限
cd /var/named/chroot/var/named/slaves
3. 测试
① 在Slave DNS上查看区域数据文件有没有从主DNS复制过来
[root@slave /]#ll /var/named/chroot/var/named/slaves
-rw------- 1 named named 406 Jun 13 23:50 bob.com.dns
-rw------- 1 named named 410 Jun 13 19:10 bob.com.rev
② 在Slave DNS上使用host命令查看信息
[root@slave /]# host [url]www.bob.com[/url]
[url]www.bob.com[/url] has address 192.168.120.250
[root@slave /]# host master.bob.com
master.bob.com has address 192.168.120.240
[root@slave /]# host slave.bob.com
slave.bob.com has address 192.168.120.241
③ 在slave DNS上使用nslookup命令查看信息
[root@slave /]# nslookup
Server: 192.168.120.241
Address: 192.168.120.241#53
Name: [url]www.bob.com[/url]
Address: 192.168.120.250
> master.bob.com
Server: 192.168.120.241
Address: 192.168.120.241#53
Name: master.bob.com
Address: 192.168.120.240
> 192.168.120.250
Server: 192.168.120.241
Address: 192.168.120.241#53
250.120.168.192.in-addr.arpa name=[url]www.bob.com[/url].
④ 在用户pc上将DNS指向192.168.120.241,然后访问
[url]www.bob.com[/url]
![clip_image005[1]](http://yuanbin.blog.51cto.com/attachment/200810/28/363003_1225192452uVoP.jpg)
4. 查看日志
[root@slaves /]#services named start
[root@slaves /]# cat /var/log/messages |grep named
Jun 14 00:04:48 slave named[10083]: starting BIND 9.2.4 -u named -t /var/named/chroot
Jun 14 00:04:48 slave named[10083]: using 1 CPU
Jun 14 00:04:48 slave named[10083]: loading configuration from '/etc/named.conf'
Jun 14 00:04:48 slave named[10083]: listening on IPv4 interface lo, 127.0.0.1#53
Jun 14 00:04:48 slave named[10083]: listening on IPv4 interface eth0, 192.168.120.241#53
Jun 14 00:04:48 slave named[10083]: command channel listening on 127.0.0.1#953
Jun 14 00:04:48 slave named[10083]: command channel listening on ::1#953
Jun 14 00:04:49 slave named[10083]: zone 0.0.127.in-addr.arpa/IN: loaded serial 1997022700
Jun 14 00:04:49 slave named[10083]: zone localhost/IN: loaded serial 42
Jun 14 00:04:49 slave named[10083]: named startup succeeded
Jun 14 00:04:49 slave named[10083]: running
Jun 14 00:04:49 slave named[10083]: zone 120.168.192.in-addr.arpa/IN: transferred serial 2
Jun 14 00:04:49 slave named[10083]: transfer of '120.168.192.in-addr.arpa/IN' from 192.168.120.240#53: end of transfer
Jun 14 00:04:49 slave named[10083]: zone bob.com/IN: transferred serial 2
Jun 14 00:04:49 slave named[10083]: transfer of 'bob.com/IN' from 192.168.120.240#53: end of transfer
5. 注意事项
A.从主DNS复制过来的区域文件存放目录的权限。
B.主配置文件named.conf的";"不能少。
本文转自yuanbin0710 51CTO博客,原文链接:http://blog.51cto.com/yuanbin/108627,如需转载请自行联系原作者
