一、安装
# yum install -y bind bind-chroot ypbind bind-utils
# rpm -qa |grep bind
bind-libs-9.3.6-16.P1.el5
bind-utils-9.3.6-16.P1.el5
ypbind-1.19-12.el5_6.1
bind-9.3.6-16.P1.el5
bind-chroot-9.3.6-16.P1.el5
# yum install -y caching-nameserver-9.3.* //安装后可启动named
# service named start
# netstat -antup //TCP 53\953端口开放,953提供给rndc工具用来管理DNS服务器
二、
1.主区域配置
# cd /var/named/chroot/etc //以下操作均在此路径下
# cp -p named.caching-nameserver.conf named.conf //注意加 -p 所属组不变
# cp -p named.rfc1912.zones named.rfc1912.zones_back
# vim named.conf
### 配置内容如下:
options {
listen-on port 53 { any; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
// Those options should be used carefully because they disable port
// randomization
// query-source port 53;
// query-source-v6 port 53;
allow-query { any; };
allow-query-cache { any; };
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
view localhost_resolver {
match-clients { any; };
match-destinations { any; };
recursion yes;
include "/etc/named.rfc1912.zones";
};
### 结束 ###
# vim named.rfc1912.zones
### 配置内容如下:
zone "." IN {
type hint;
file "named.ca";
};
zone "laowafang.com" IN {
type master;
file "test.com.zone";
allow-update { none; };
};
zone "146.147.119.in-addr.arpa" IN {
type master;
file "test.com.local";
allow-update { none; };
};
### 结束 ###
2.区域文件配置
# cd /var/named/chroot/var/named //以下操作均在此路径下
# cp -p localhost.zone test.com.zone //拷贝正向文件
# cp -p named.local test.com.local //拷贝反向文件
# vim test.com.zone
### 配置内容如下:
$TTL 86400
@ IN SOA @ root (
42 ; serial (d. adams)
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum
IN NS dns.test.com.
IN MX 10 mail.test.com.
www1 IN A 119.147.146.249
www2 IN A 119.147.146.20
www IN CNAME www1.test.com.
### 结束 ###
# vim test.com.local
### 配置内容如下:
$TTL 86400
@ IN SOA dns.test.com. root.test.com. (
1997022700 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS dns.test.com.
104 IN PTR www1.test.com.
105 IN PTR www2.test.com.
### 结束 ###
# ln -s /var/named/chroot/etc/named.conf /etc/ //创建软连接
# ll /etc/name* //查看连接是否创建成功
# service named restart
# tail /var/log/messages //查看日志存在 running 及成功启动
三、测试
[root@localhost ~]# nslookup www1.test.com
Server: 119.147.146.249
Address: 119.147.146.249#53
Name: www1.test.com
Address: 119.147.146.249
四、rndc工具使用
用rndc可以在不停止DNS服务器工作的情况下进行数据的更新,使配置生效。953提供给rndc工具用来管理DNS服务器。
# rndc-confgen > /etc/rndc.conf //生产配置文件
### 配置内容如下:
# Start of rndc.conf
key "rndckey" {
algorithm hmac-md5;
secret "xO/qxwFJjYE41OrsbEAexQ==";
};
options {
default-key "rndckey";
default-server 127.0.0.1;
default-port 953;
};
# End of rndc.conf
# Use with the following in named.conf, adjusting the allow list as needed:
# key "rndckey" {
# algorithm hmac-md5;
# secret "xO/qxwFJjYE41OrsbEAexQ==";
# };
#
# controls {
# inet 127.0.0.1 port 953
# allow { 127.0.0.1; } keys { "rndckey"; };
# };
# End of named.conf
### 结束 ###
# vim /etc/named.conf //拷贝有 # 号注释的内容到named.conf末尾
### 添加内容如下:
### rndc.conf 2011-08-26 ###
key "rndckey" {
algorithm hmac-md5;
secret "xO/qxwFJjYE41OrsbEAexQ==";
};
controls {
inet 127.0.0.1 port 953
allow { 127.0.0.1; } keys { "rndckey"; };
};
### configure end ###
### 结束 ###
# service named restart
# rndc reload //修改完.zone文件,使用rndc工具加载即可,
本文出自 “屌丝运维男” 博客,请务必保留此出处http://navyaijm.blog.51cto.com/4647068/822156
