DNS
DNS
在/etc/named.conf中
options {
directory "/var/named";(告诉named进程要找数据文件在哪)
listen-on port 53 {192.168.1.1; }; (named坚挺的端口和ip地址)
allow-query { 192.168.1.0/24 }; 允许查询的客户端地址
recursion yes;
允许递归查询
};
zone "." IN {
type hint;(设置区域类型 hint 根域 master 主域
slave从域)
file "named.ca";(设置对应的根域地址数据库的文件)
};
zone "localhost" IN {
type master;
file "localhost.zone";(正向解析的文件 要手动创建)
};
zone "0.0.127.in-addr.arpa" IN {
type master;
file "named.local";(反向解析 要手动创建)
};
zone "gao.com" IN {
type master;
file "gao.com.zone";
allow-transfer { none; };
配置完之后要rndc reload 重读一下文件
};
zone "0.168.192.in-addr.arpa" IN {
type master;
file "hui.com.zone";
allow-transfer { none; };(允许下载区域数据库信息的从域名服务器的地址)
allow-update { none; };
(允许动态更新的客户端地址) };
dig -t NS . @a.root-servers.net > /var/named/name.ca(全球的根服务器的存放处)命令的解释:查找类型为Ns记录 . 代表根域的13个域名服务器是谁
@a.root-servers.ne 通过谁来找(如果不定义则从/etc/reslove.conf中找)
[root@station36 named]# service named configtest
_default/localhost/IN: unexpected end of input
dns_master_load: localhost.zone:2: unexpected end of line
dns_master_load: localhost.zone:1: unexpected end of input
localhost.zone:8: using RFC 1035 TTL semantics
zone localhost/IN: loading master file localhost.zone: unexpected end of input
zone 0.0.127.in-addr.arpa/IN: loaded serial 20110214
在/var/named/下vim localhost.zone 和named.local named.ca
在localhost.zone中
$TTL 86400
@
IN SOA localhost. root.localhost. (
1
1H
10M
7D
1D )
@
IN NS localhost.
localhost. IN
A 127.0.0.1
在named.local 中
$TTL 86400
@
IN SOA localhost. root.localhost. (
1
1H
10M
7D
1D )
@
IN NS localhost.
1 IN
PTR localhost.
在/var/named下建 gao.com.zone
chown :named gao.com.zone
$TTL 86400
@
IN SOA gao.com. root.gao.com. (
1
1H
10M
7D
1D )
IN NS ns.gao.com.
IN MX 10 mail.gao.com.
ns.gao.com. IN
A 192.168.0.36
mail.gao.com. IN
A 192.168.0.36
在/var/named下建 hui.com.zone
chown :named hui.com.zone
$TTL 86400
@
IN SOA gao.com. root.gao.com. (
1
1H
10M
7D
1D )
IN NS ns.gao.com.
36 IN
PTR ns.a.com.
36 IN
PTR mail.a.com.
要在/etc/reslove.conf中把域名服务器的地址改为你的主机地址
Service named configtest 语法测试
~
rndc flush 用rndc 清空缓存
rndc-confgen > /etc/rndc.conf 生成配置文件
tail /etc/rndc.conf | head -9 | sed 's/^#//g' >> /etc/named.conf截取配置文件中的内容到配置文件中
rndc stop 可以停止named的进程 但不能启动
rndc reload 重读配置文件
rndc status 状态 一共有多少个区域
dig -t axfr gao.com 把gao.com的记录全部传递
NS 域名服务器记录 用于设置当前域的DNS服务器的域名地址
MX 邮件服务器记录用于设置当前域的MAIL服务器的域名地址
A 地址记录 用于记录正向域名jiexi
从域名服务器:
定义从的地址
在/etc/named.conf
options {
directory "/var/named";
};
zone "." IN {
type hint;
file "named.ca";
};
zone "localhost" IN {
type master;
file "localhost.zone";
};
zone "0.0.127.in-addr.arpa" IN {
type master;
file "named.local";
};
zone "gao.com" IN {
type slave;
file "slaves/gao.com.zone";
masters { 192.168.0.36; };
};
zone "0.168.192.in-addr.arpa" IN {
type slave;
file "slaves/hui.com.zone";
masters { 192.168.0.36; };
};
scp 192.168.0.36:/var/named/localhost.zone /var/named/
scp 192.168.0.36:/var/named/named.ca /var/named/
在/var/named/slaves/gao.com.zone
$ORIGIN .
$TTL 86400
; 1 day
gao.com
IN SOA gao.com. root.gao.com. (
3 ; serial
3600 ; refresh (1 hour)
600 ; retry (10 minutes)
604800 ; expire (1 week)
86400 ; minimum (1 day)
)
NS ns.gao.com.
NS ns1.gao.com.
MX 10 mail.gao.com.
$ORIGIN gao.com.
bbs
A 192.168.0.33
ftp
A 192.168.0.35
mail
A 192.168.0.36
ns
A 192.168.0.36
ns1
A 192.168.0.82
在/var/named/slaves/hui.com.zone
$TTL 86400
@
IN SOA gao.com. root.gao.com. (
1
1H
10M
7D
1D )
IN NS ns.gao.com.
36 IN
PTR ns.a.com.
36 IN
PTR mail.a.com.
~
~
Zai /var/named目录要让named组写权限
Chmod g+w /var/naemd
父子域的配置
主域机上的配置
$TTL 86400
@
IN SOA gao.com. root.gao.com. (
3
1H
10M
7D
1D )
IN NS ns.gao.com.
IN NS ns1.gao.com.
IN MX 10 mail.gao.com.
ns.gao.com. IN
A 192.168.0.36
ns1.gao.com.
IN A 192.168.0.82
mail.gao.com. IN
A 192.168.0.36
ftp.gao.com.
IN A 192.168.0.35
bbs.gao.com.
IN A 192.168.0.33
cs.gao.com.
IN NS ns.cs.gao.com.
ns.cs.gao.com.
IN A 192.168.0.82
~
子域机上的配置
子域:
在/etc/named.conf下
options {
directory "/var/named";
querylog 1; (开启日志信息 开启此功能服务器的性能会下降0表示关闭)
version “you are luck dog”;
};
zone "." IN {
type hint;
file "named.ca";
};
zone "localhost" IN {
type master;
file "localhost.zone";
};
zone "0.0.127.in-addr.arpa" IN {
type master;
file "named.local";
};
zone "cs.gao.com" IN {
type master;
file "cs.gao.zone";
};
zone "gao.com" IN {
type forward;
forwarders { 192.168.0.36; };
};(定义一个转发域 说明转发给谁)
子域的正向解析
$TTL 86400
@
IN SOA cs.gao.com. root.cs.gao.com. (
3
1H
10M
7D
1D )
IN NS ns.cs.gao.com.
IN MX 10 mail.cs.gao.com.
ns.cs.gao.com. IN
A 192.168.0.82
mail.cs.gao.com. IN
A 192.168.0.33
ftp.cs.gao.com.
IN A 192.168.0.35
bbs.cs.gao.com.
IN A 192.168.0.33
以上的三个文件的属组都要是named.
dig txt chaos version.bind @127.0.0.1 可以显示bind的版本。