os | rhel 7.2 |
server | 192.168.1.150 |
client | 192.168.1.152 |
# yum -y install bind bind-chroot bind-utils caching-nameserver
# rndc-confgen > /etc/rndc.conf
# chgrp named /etc/rndc.conf
# chmod 640 /etc/rndc.conf
# tail -11 /etc/rndc.conf >> /etc/named.conf
# vi /etc/sysconfig/named # 关闭ipv6
OPTIONS="-4" |
# vi /etc/named.conf
options { listen-on port 53 { any; }; # 监听主机所有地址 53 端口 #listen-on-v6 port 53 { ::1; }; directory "/var/named"; dump-file "/var/named/data/cache_dump.db"; statistics-file "/var/named/data/named_stats.txt"; memstatistics-file "/var/named/data/named_mem_stats.txt"; allow-query { any; }; # 任何人都可以申请查询请求 forwarders { 192.168.1.1; # 解析不了的丢给这边,上层服务器 } recursion yes; dnssec-enable yes; dnssec-validation yes; bindkeys-file "/etc/named.iscdlv.key"; managed-keys-directory "/var/named/dynamic"; pid-file "/run/named/named.pid"; session-keyfile "/run/named/session.key"; }; logging { channel default_debug { file "data/named.run"; severity dynamic; }; }; zone "." IN { type hint; file "named.ca"; }; include "/etc/named.rfc1912.zones"; include "/etc/named.root.key"; # Use with the following in named.conf, adjusting the allow list as needed: key "rndc-key" { algorithm hmac-md5; secret "h1APCmb0iG5Y/dstFk6sRA=="; }; controls { inet 127.0.0.1 port 953 allow { 127.0.0.1; } keys { "rndc-key"; }; }; |
# vi /etc/named.rfc1912.zones # 添加zone
zone "wxhp.cn" IN { type master; file "wxhp.cn.zone"; }; zone "1.168.192.in-addr.arpa" IN { type master; file "1.168.192.zone"; }; zone "wxjy.cn" IN { type master; file "wxjy.cn.zone"; }; |
# cd /var/named/
# cp named.localhost wxhp.cn.zone
# vi wxhp.cn.zone
$TTL 1D @ IN SOA ns.wxhp.cn. root ( 2017101301 ; serial 1D ; refresh 1H ; retry 1W ; expire 3H ) ; minimum @ IN NS ns.wxhp.cn. ns IN A 192.168.1.150 |
# cp named.localhost 1.168.192.zone
# vi 1.168.192.zone
$TTL 1D @ IN SOA ns.wxhp.cn. root ( 2017101302 ; serial 1D ; refresh 1H ; retry 1W ; expire 3H ) ; minimum @ IN NS ns.wxhp.cn. 150 IN PTR ns.wxhp.cn. 151 IN PTR www.wxjy.cn. |
# cp -a wxhp.cn.zone wxjy.cn.zone
# vi wxjy.cn.zone
$TTL 1D @ IN SOA ns.wxhp.cn. root ( 2017101303 ; serial 1D ; refresh 1H ; retry 1W ; expire 3H ) ; minimum @ IN NS ns.wxhp.cn. www IN A 192.168.1.151 |
# chown :named *
# named-checkconf /etc/named.conf # 测试配置文件有无报错
# named-checkzone 1.168.192 1.168.192.zone
# named-checkzone wxhp.cn wxhp.cn.zone
# named-checkzone wxjy.cn wxjy.cn.zone
#systemctl enable named && systemctl start named
# rndc status # 可以通过 rndc reload 重新加载配置文件
# 客户端配置:
# vi /etc/resolv.conf
nameserver 192.168.1.150 |
# nslookup
> 192.168.1.150 Server: 192.168.1.150 Address: 192.168.1.150#53 150.1.168.192.in-addr.arpa name = ns.wxhp.cn. > ns.wxhp.cn Server: 192.168.1.150 Address: 192.168.1.150#53 Name: ns.wxhp.cn Address: 192.168.1.150 > 192.168.1.151 Server: 192.168.1.150 Address: 192.168.1.150#53 151.1.168.192.in-addr.arpa name = www.wxjy.cn. > www.wxjy.cn Server: 192.168.1.150 Address: 192.168.1.150#53 Name: www.wxjy.cn Address: 192.168.1.151 |