named服务
/etc/nsswitch.conf #这个配置文件中定义了使用域名解析的方式的顺序。
|
1
2
|
#hosts: db files nisplus nis dns
hosts: files dns
#代表优先hosts文件,后dns服务,修改立即生效。
|
bind
/etc/named.conf 配置文件
/etc/named.rfc1912.zones zones的配置文件
|
1
2
3
4
5
6
7
8
|
options {
listen-on port 53 { 127.0.0.1; };
listen-on-v6 port 53 { ::1; };
directory
"/var/named"
;
dump-
file
"/var/named/data/cache_dump.db"
;
statistics-
file
"/var/named/data/named_stats.txt"
;
memstatistics-
file
"/var/named/data/named_mem_stats.txt"
;
allow-query { localhost; };
|
zone文件
|
1
2
3
4
5
|
zone
"localhost.localdomain"
IN {
type
master;
file
"named.localhost"
;
allow-update { none; };
};
|
正向解析
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
|
$TTL 1D
#缓存时间 1天(默认时间单位为秒)
@ IN SOA ns.baidu.com. root.ns.baidu.com(
0 ; serial
1D ; refresh
#检查的时间周期
1H ; retry
#重试时间周期
1W ; expire
#过期时间周期,到达过期时间辅助DNS自杀
3H ) ; minimum
@ NS ns.baidu.com.
ns A 172.25.0.11
www A 172.25.0.10
web CNAME www
mail A 172.25.0.13
@ MX 10 mail
#优先级0-99,数字越小优先级越高
|
反向解析
|
1
2
3
4
5
|
zone
"1.0.0.127.in-addr.arpa"
IN {
type
master;
file
"named.loopback"
;
allow-update { none; };
};
|
|
1
2
3
4
5
6
7
8
9
10
11
12
|
$TTL 1D
@ IN SOA ns.baidu.com. root.ns.baidu.com. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
@ NS ns.baidu.com.
ns A 192.168.2.103
191 PTR www.baidu.com.
103 PTR ns.baidu.com.
192 PTR mail.baidu.com.
|
ACL
允许dx访问,不允许lt访问
|
1
2
3
4
5
6
7
8
9
10
|
acl dx { 192.168.2.115; };
acl lt { 192.168.2.101; };
options {
listen-on port 53 { any; };
listen-on-v6 port 53 { any; };
directory
"/var/named"
;
dump-
file
"/var/named/data/cache_dump.db"
;
statistics-
file
"/var/named/data/named_stats.txt"
;
memstatistics-
file
"/var/named/data/named_mem_stats.txt"
;
allow-query { dx;!lt; };
|
配置主备DNS
主服务器配置文件添加allow-transfer
|
1
2
3
4
5
6
7
8
9
10
11
|
acl dx { 192.168.2.115; };
acl lt { 192.168.2.101; };
options {
listen-on port 53 { any; };
listen-on-v6 port 53 { any; };
directory
"/var/named"
;
dump-
file
"/var/named/data/cache_dump.db"
;
statistics-
file
"/var/named/data/named_stats.txt"
;
memstatistics-
file
"/var/named/data/named_mem_stats.txt"
;
allow-query { any; };
allow-transfer { dx; };
|
修改备用服务器区域配置文件
|
1
2
3
4
5
6
7
8
9
10
11
|
zone
"baidu.com"
IN {
type
slave;
file
"slaves/baidu.zone"
;
masters { 192.168.2.103; };
};
zone
"2.168.192.in-addr.arpa"
IN {
type
slave;
file
"slaves/zone.baidu"
;
masters { 192.168.2.103; };
};
|
VIEW
日志
本文转自 chomperwu 51CTO博客,原文链接:http://blog.51cto.com/chomper/1696415,如需转载请自行联系原作者
