Linux DNS服务的搭建
redhat默认安装了bind软件,如果没有安装在光盘中找到bind的rpm包在copy到磁盘上面rpm -ivh bind.xxxxx.rpm 还有几个相关的rpm包,这里要注意它们之间的依赖性。没有实际操作过的朋友,最好在图形界面安装比较可靠。
1、dns服务搭建基础;
涉及到的相关文件有:/etc/named.conf(主配置文件),/var/named区域数据文件
配置指令:
[root@web root]#netconfig --------配置ip
netconfig 0.8.14 (C) 1999 Red Hat, Inc.
lqqqqqqqqqqqqqqqqqqqqu Configure TCP/IP tqqqqqqqqqqqqqqqqqqqqqk
x x
x Please enter the IP configuration for this machine. Each x
x item should be entered as an IP address in dotted-decimal x
x notation (for example, 1.2.3.4). x
x x
x [ ] Use dynamic IP configuration (BOOTP/DHCP) x
x x
x IP address: 172.16.3.123____ x
x Netmask: 255.255.0.0_____ x
x Default gateway (IP): ________________ x
x Primary nameserver: 172.16.3.123____ ------dns指向自己 x
x x
x lqqqqk lqqqqqqk x
x x OK x x Back x x
x mqqqqj mqqqqqqj x
x x
x x
mqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqj
<Tab>/<Alt-Tab> between elements | <Space> selects | <F12> next screen
[root@web root]# service network restart
正在关闭接口 eth0: [ 确定 ]
关闭环回接口: [ 确定 ]
设置网络参数: [ 确定 ]
弹出环回接口: [ 确定 ]
弹出界面 eth0: [ 确定 ]
[root@web root]#vi /etc/named.conf
//
controls {
// generated by named-bootconf.pl
options {
directory "/var/named";
/*
* If there is a firewall between you and nameservers you want
* to talk to, you might need to uncomment the query-source
* directive below. Previous versions of BIND always asked
* questions using port 53, but BIND 8.1 uses an unprivileged
* port by default.
*/
// query-source address * port 53;
};
//
// a caching only nameserver config
//
controls {
inet 127.0.0.1 allow { localhost; } keys { rndckey; };
};
zone "." IN {
type hint;
file "named.ca";
};
zone "localhost" IN {
type master;
file "localhost.zone";
allow-update { none; };
};
zone "0.0.127.in-addr.arpa" IN {
type master;
file "named.local";
allow-update { none; };
};
zone "yahoo.com" IN { -----这是添加的区域 正向区域 #注意空格
type master; -----代表主要区域
file "yahoo.com.dns";-----这是区域数据文件名
allow-update { none; };
};
Zone “3.16.172.in-addr.arpa” IN { ------ 反向区域
Type master;
File “172.16.3.cev”;
Allow-update{ none };
};
include "/etc/rndc.key";
:wq
[root@web root]# cd /var/named
[root@web named]# ls
localhost.zone named.ca named.local yahoo.com.dns
[root@web named]#cp named.local yahoo.com.dns
[root@web named]#vi yahoo.com.dns
TTL 86400
@ IN SOA web.yahoo.com. root.yahoo.com. (
1997022700 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS web.yahoo.com. ----名称服务器
web IN A 172.16.3.123 -------A纪录
www IN A 172.16.3.123
:wq
[root@web named]#cp named.local 172.16.3.cev
[root@web named]#vi 172.16.3.cev
$TTL 86400
@ IN SOA web.yahoo.com. root.yahoo.com. (
1997022700 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS web.yahoo.com.
123 IN PTR [url]www.yahoo.com..[/url]
123 IN PTR web.yahoo.com..
[root@web named]# service named start
[root@web named]# ? ]
[root@web named]# host [url]www.yahoo.com[/url]
[url]www.yahoo.com[/url] has address 172.16.3.123
[root@web named]# host 172.16.3.123
123.3.16.172.in-addr.arpa domain name pointer web.yahoo.com.
123.3.16.172.in-addr.arpa domain name pointer [url]www.yahoo.com.[/url]
2.Linux 与 Linux 之间互作主辅
环境:linux1和linux2
Linux1:ip 172.16.3.123 dns指向自己 主要区域yahoo.com辅助区域eyou.com
Linux2:ip 172.16.3.122 dns指向自己 主要区域eyou.com 辅助区域yahoo.com
开始配置; Linux1
[root@linux1 root]# vi /etc/named.conf
// generated by named-bootconf.pl
options {
directory "/var/named";
/*
* If there is a firewall between you and nameservers you want
* to talk to, you might need to uncomment the query-source
* directive below. Previous versions of BIND always asked
* questions using port 53, but BIND 8.1 uses an unprivileged
* port by default.
*/
// query-source address * port 53;
};
//
// a caching only nameserver config
//
controls {
inet 127.0.0.1 allow { localhost; } keys { rndckey; };
};
zone "." IN {
type hint;
file "named.ca";
};
zone "localhost" IN {
type master;
file "localhost.zone";
allow-update { none; };
};
zone "0.0.127.in-addr.arpa" IN {
type master;
file "named.local";
allow-update { none; };
};
zone "yahoo.com" IN {
type master ; ------主要区域
file "yahoo.com.dns";
allow-update { none; };
};
zone "eyou.com" IN {
type slave; -----辅助区域
file "eyou.com.dns";
masters { 172.16.3.122; }; 主服务器的ip地址
};
include "/etc/rndc.key";
-- 插入 --
[root@linux1 root]# cd /var/named/
[root@linux1 named]#cp named.local yahoo.com.dns
[root@linux1 named]# ls
172.16.3.cev localhost.zone named.ca named.local yahoo.com.dns
[root@linux1 named]#vi yahoo.com.dns
$TTL 86400
@ IN SOA linux1.yahoo.com. root.yahoo.com. (
1997022700 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS linux1.yahoo.com.
Linux1 IN A 172.16.3.123
www IN A 172.16.3.123
[root@linux1 named]# service named start
[root@linux1 named]# ]
[root@linux1 named]# iptables –F -----------关防火墙
Linux2
[root@linux2 root]# vi /etc/named.conf
// generated by named-bootconf.pl
options {
directory "/var/named";
/*
* If there is a firewall between you and nameservers you want
* to talk to, you might need to uncomment the query-source
* directive below. Previous versions of BIND always asked
* questions using port 53, but BIND 8.1 uses an unprivileged
* port by default.
*/
// query-source address * port 53;
};
//
// a caching only nameserver config
//
controls {
inet 127.0.0.1 allow { localhost; } keys { rndckey; };
};
zone "." IN {
type hint;
file "named.ca";
};
zone "localhost" IN {
type master;
file "localhost.zone";
allow-update { none; };
};
zone "0.0.127.in-addr.arpa" IN {
type master;
file "named.local";
allow-update { none; };
};
zone "eyou.com" IN {
type master;
file "eyou.com.dns";
allow-update { none; };
};
zone "yahoo.com" IN {
type slave;
file "yahoo.com.dns";
masters { 172.16.3.123; };
};
include "/etc/rndc.key";
[root@linux2 root]#
[root@linux2 root]# cd /var/named/
[root@linux2 named]# ls
localhost.zone named.ca named.local
[root@linux2 named]# cp named.local eyou.com.dns
[root@linux2 named]# vi eyou.com.dns
$TTL 86400
@ IN SOA linux2.eyou.com. root.eyou.com. (
1997022700 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS linux2.eyou.com.
linux2 IN A 172.16.3.122
[root@linux2 named]# service named start
[root@linux2 named]# ]
[root@linux2 named]# iptables -F
[root@linux2 named]#
[root@linux2 named]# ls
eyou.com.dns localhost.zone named.ca named.local yahoo.com.dns
yahoo.com.dns是服务启动后自动复制过来的
[root@linux2 named]#
Linux1也多了一个文件eyou.com.dns自动复制过来
[root@linux1 named]# ls
eyou.com.dns localhost.zone named.ca named.local yahoo.com.dns
[root@linux1 named]#
3.dns 子域和委派 <Linux---Linux之间>
环境:linux1和linux2
Linux1 ip 172.16.3.123 父域 yahoo.com dns指向自己
Linux2 ip
172.16.3.122 子域 zz.yahoo.com dns指向自己
Linux1
[root@linux1 named]# vi /etc/named.conf 添加
zone "yahoo.com" IN {
type master;
file "yahoo.com.dns";
allow-update { none; };
};
[root@linux1 named]# ls
localhost.zone named.ca named.local yahoo.com.dns
[root@linux1 named]#vi yahoo.com.dns
$TTL 86400
@ IN SOA linux1.yahoo.com. root.yahoo.com. (
1997022700 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS linux1.yahoo.com.
zz IN NS linux2.zz.yahoo.com. ------名称服务器指向子域
linux1 IN A 172.16.3.123
www IN A 172.16.3.123
linux2.zz IN A 172.16.3.122 ----------子域的A记录
[root@linux1 named]# service named start
Linux 2
[root@linux2 named]# vi /etc/named.conf
// generated by named-bootconf.pl
options {
directory "/var/named";
forwarders { 172.16.3.123; }; ------------转发到父域
/*
* If there is a firewall between you and nameservers you want
* to talk to, you might need to uncomment the query-source
* directive below. Previous versions of BIND always asked
* questions using port 53, but BIND 8.1 uses an unprivileged
* port by default.
*/
// query-source address * port 53;
};
//
// a caching only nameserver config
//
controls {
inet 127.0.0.1 allow { localhost; } keys { rndckey; };
};
zone "." IN {
type hint;
file "named.ca";
};
zone "localhost" IN {
type master;
file "localhost.zone";
allow-update { none; };
};
zone "0.0.127.in-addr.arpa" IN {
type master;
file "named.local";
allow-update { none; };
};
zone "zz.yahoo.com" IN {
type master;
file "zz.yahoo.com.dns";
allow-update { none; };
};
include "/etc/rndc.key"; [root@linux2 root]# cd /var/named/
[root@linux2 named]# cp named.local zz.yahoo.com.dns
[root@linux2 named]# vi zz.yahoo.com.dns
$TTL 86400
@ IN SOA linux2.zz.yahoo.com. root.zz.yahoo.com. (
1997022700 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS linux2.zz.yahoo.com.
linux2 IN A 172.16.3.122
aa IN A 172.16.3.121
[root@linux2 named]# service named start
[root@linux2 named]# host linux1.yahoo.com
linux1.yahoo.com has address 172.16.3.123
[root@linux2 named]#
[root@linux2 named]# host linux2.zz.yahoo.com
linux2.zz.yahoo.com has address 172.16.3.122
[root@linux2 named]#
Linux1
[root@linux1 named]# host linux2.zz.yahoo.com
linux2.zz.yahoo.com has address 172.16.3.122
[root@linux1 named]# host aa.zz.yahoo.com
aa.zz.yahoo.com has address 172.16.3.121
[root@linux1 named]#
到此dns差不多已经全部搞定,而linux与windows之间dns互作主辅还需靠大家自己 有个疑问,随便什么人都可以搭建dns吗?这个东西不受管制么?这样的话我随便设置一个dns不需要到什么地方申报获得认可么,我搭建了dns就可以让自己的域名随便解析了?? 呵呵,这个是企业内部的DNS,肯定随你搭建了。 是说我申请域名就不用找域名供应商了么?不然我给自己的ip绑上相应的域名不会对internet上造成影响么? 如果是要搭建互联网的dns服务器,那肯定要找域名供应商拉,我所说的DNS搭建是在内网使用 很难阅读 呵呵
我好象看明白点什么了
是不是在自己网吧建立自己的代理服务器的时候就会用到这些的
在用Linux做平台建立我在这 <Tab>/<Alt-Tab> between elements | <Space> selects | <F12> next screen
[root@web root]# service network restart
正在关闭接口 eth0: [ 确定 ]
关闭环回接口: [ 确定 ]
设置网络参数: [ 确定 ]
弹出环回接口: [ 确定 ]
弹出界面 eth0: [ 确定 ]
到[root@web root]#vi /etc/named.conf
//
controls {
// generated by named-bootconf.pl
这一步 有点不明白
你能不能在说清楚点
谢谢 最近刚学会配置dns正好在看一下 复习一下 [quote]原帖由 [i]傻猪[/i] 于 2006-11-22 18:56 发表 [url=http://bbs.bitscn.com/redirect.php?goto=findpost&pid=427022&ptid=65364][img]http://bbs.bitscn.com/images/common/back.gif[/img][/url]
在用Linux做平台建立我在这 <Tab>/<Alt-Tab> between elements | <Space> selects | <F12> next screen
[root@web root]# service network restart
正在关闭接口 eth0: [ 确定 ]
关闭环回接口: [ 确定 ]
设置网络参数: [ 确定 ]
弹出环回接口: [ 确定 ]
弹出界面 eth0: [ 确定 ]
到[root@web root]#vi /etc/named.conf
//
controls {
// generated by named-bootconf.pl
这一步 有点不明白
你能不能在说清楚点
谢谢[/quote]
他这里好像少了个下标},不知道应该放哪里…… 呵呵,有难度 相当于在自己的机器上搭建服务器 太难阅读了!!YCT79YCT
页:
[1]
