一、安装
# yum install -y bind bind-chroot ypbind bind-utils
# rpm -qa |grep bind
bind-libs-9.3.6-16.p1.el5
bind-utils-9.3.6-16.p1.el5
ypbind-1.19-12.el5_6.1
bind-9.3.6-16.p1.el5
bind-chroot-9.3.6-16.p1.el5
# yum install -y caching-nameserver-9.3.* //安装后可启动named
# service named start
# netstat -antup //tcp 53\953端口开放,953提供给rndc工具用来管理dns服务器
二、
1.主区域配置
# cd /var/named/chroot/etc //以下操作均在此路径下
# cp -p named.caching-nameserver.conf named.conf //注意加 -p 所属组不变
# cp -p named.rfc1912.zones named.rfc1912.zones_back
# vim named.conf
### 配置内容如下:
options {
listen-on port 53 { any; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
// those options should be used carefully because they disable port
// randomization
// query-source port 53;
// query-source-v6 port 53;
allow-query { any; };
allow-query-cache { any; };
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
view localhost_resolver {
match-clients { any; };
match-destinations { any; };
recursion yes;
include "/etc/named.rfc1912.zones";
### 结束 ###
# vim named.rfc1912.zones
zone "." in {
type hint;
file "named.ca";
zone "laowafang.com" in {
type master;
file "test.com.zone";
allow-update { none; };
zone "146.147.119.in-addr.arpa" in {
file "test.com.local";
2.区域文件配置
# cd /var/named/chroot/var/named //以下操作均在此路径下
# cp -p localhost.zone test.com.zone //拷贝正向文件
# cp -p named.local test.com.local //拷贝反向文件
# vim test.com.zone
$ttl 86400
@ in soa @ root (
42 ; serial (d. adams)
3h ; refresh
15m ; retry
1w ; expiry
1d ) ; minimum
in ns dns.test.com.
in mx 10 mail.test.com.
www1 in a 119.147.146.249
www2 in a 119.147.146.20
www in cname www1.test.com.
# vim test.com.local
@ in soa dns.test.com. root.test.com. (
1997022700 ; serial
28800 ; refresh
14400 ; retry
3600000 ; expire
86400 ) ; minimum
in ns dns.test.com.
104 in ptr www1.test.com.
105 in ptr www2.test.com.
# ln -s /var/named/chroot/etc/named.conf /etc/ //创建软连接
# ll /etc/name* //查看连接是否创建成功
# service named restart
# tail /var/log/messages //查看日志存在 running 及成功启动
三、测试
[root@localhost ~]# nslookup www1.test.com
server: 119.147.146.249
address: 119.147.146.249#53
name: www1.test.com
address: 119.147.146.249
四、rndc工具使用
用rndc可以在不停止dns服务器工作的情况下进行数据的更新,使配置生效。953提供给rndc工具用来管理dns服务器。
# rndc-confgen > /etc/rndc.conf //生产配置文件
# start of rndc.conf
key "rndckey" {
algorithm hmac-md5;
secret "xo/qxwfjjye41orsbeaexq==";
default-key "rndckey";
default-server 127.0.0.1;
default-port 953;
# end of rndc.conf
# use with the following in named.conf, adjusting the allow list as needed:
# key "rndckey" {
# algorithm hmac-md5;
# secret "xo/qxwfjjye41orsbeaexq==";
# };
#
# controls {
# inet 127.0.0.1 port 953
# allow { 127.0.0.1; } keys { "rndckey"; };
# end of named.conf
# vim /etc/named.conf //拷贝有 # 号注释的内容到named.conf末尾
### 添加内容如下:
### rndc.conf 2011-08-26 ###
algorithm hmac-md5;
secret "xo/qxwfjjye41orsbeaexq==";
controls {
inet 127.0.0.1 port 953
allow { 127.0.0.1; } keys { "rndckey"; };
### configure end ###
# rndc reload //修改完.zone文件,使用rndc工具加载即可,
![终端环境之tmux[图]](data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=)