1. 主服务器配置:
    1. 安装:
      yum -y install bind bind-utils
    2. 配置:
      1. 修改主配置文件:
        vim /etc/named.conf
        options {
        listen-on port 53 {  any;  };
        listen-on-v6 port 53 { ::1;  };
        directory   "/var/named";
        dump-file   "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
        memstatistics-file "/var/named/data/named_mem_stats.txt";
        allow-query     { test_name;  };
        forwarders { 8.8.8.8;114.114.114.114;  };
        recursion yes;
        dnssec-enable yes;
        dnssec-validation yes;
        bindkeys-file "/etc/named.iscdlv.key";
        managed-keys-directory "/var/named/dynamic";
        pid-file "/run/named/named.pid";
        session-keyfile "/run/named/session.key";
        };
        acl test_name {
        192.168.1.0/24;
        };
        view "client1" {  #  创建视图(可选)
        match-clients {
        192.168.1.119;
        };
        zone "." IN {
        type hint;
        file "named.ca";
        };
        zone "test_name.com" {
        type master;
        file "/etc/named/zones/test_name.com.zone";
        };
        zone "168.192.in-addr.arpa" {
        type master;
        file "/etc/named/zones/192.168.zone";
        };
        include "/etc/named.rfc1912.zones";
        include "/etc/named.root.key";
        };
        logging {
        channel default_debug {
        file "data/named.run";
        severity dynamic;
        };
        };
      2. 创建存放域的文件夹:
        mkdir -p /etc/named/zones
      3. 创建正向解析域:
        vim /etc/named/zones/test_name.com.zone
        $TTL 1D
        @       IN      SOA     ns1.test_name.com. admin.test_name.com. (
        3         ; Serial
        604800     ; Refresh
        86400     ; Retry
        2419200     ; Expire
        604800 
        )
        IN NS ns1.test_name.com.  #  注意这里前面一定要有缩进
        ns1.test_name.com. IN A 192.168.1.81
        www.test_name.com. IN A 192.168.1.81
        blog.test_name.com. IN A 192.168.1.82
        shop.test_name.com. IN A 192.168.1.83
      4. 创建反向解析域:
        vim /etc/named/zones/192.168.zone
        $TTL 1D
        @       IN      SOA     ns1.test_name.com. admin.test_name.com. (
        3         ; Serial
        604800     ; Refresh
        86400     ; Retry
        2419200     ; Expire
        604800 
        )
        IN NS ns1.test_name.com.  #  注意这里前面一定要有缩进
        81.1 IN PTR ns1.test_name.com.
        81.1 IN PTR www.test_name.com.
        82.1 IN PTR blog.test_name.com.
        83.1 IN PTR shop.test_name.com.
    3. 检查配置文件语法:
      1. 检查主配置文件语法:
        named-checkconf
      2. 检查正向解析域的语法:
        named-checkzone test_name.com /etc/named/zones/test_name.com.zone
      3. 检查反向解析域的语法:
        named-checkzone 192.168.in-addr.arpa /etc/named/zones/192.168.zone
    4. 启动服务:
      systemctl start named
    5. 防火墙配置:
      iptables  -I  INPUT  -p  udp  --dport  53  -j  ACCEPT
      iptables  -I  INPUT  -p  tcp  --dport  53  -j  ACCEPT
  2. 从服务器配置:
    1. 安装(同主服务器配置)
    2. 配置:
      1. 修改主配置文件:
        vim /etc/named.conf
        options {
        listen-on port 53 {  any;  };
        listen-on-v6 port 53 { ::1;  };
        directory   "/var/named";
        dump-file   "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
        memstatistics-file "/var/named/data/named_mem_stats.txt";
        allow-query     { test_name;  };
        forwarders { 8.8.8.8;114.114.114.114;  };
        recursion yes;
        dnssec-enable yes;
        dnssec-validation yes;
        bindkeys-file "/etc/named.iscdlv.key";
        managed-keys-directory "/var/named/dynamic";
        pid-file "/run/named/named.pid";
        session-keyfile "/run/named/session.key";
        };
        acl test_name {
        192.168.1.0/24;
        };
        view "client1" {  #  创建视图(可选)
        match-clients {
        192.168.1.119;
        };
        zone "." IN {
        type hint;
        file "named.ca";
        };
        zone "test_name.com" {
        type slave;
        masters {
             192.168.1.81;
        };
        file "/etc/named/zones/test_name.com.zone";
        };
        zone "168.192.in-addr.arpa" {
        type slave;
        masters {
             192.168.1.81;
        };
        file "/etc/named/zones/192.168.zone";
        };
        include "/etc/named.rfc1912.zones";
        include "/etc/named.root.key";
        };
        logging {
        channel default_debug {
        file "data/named.run";
        severity dynamic;
        };
        };
      2. 创建存放域的文件夹(同主服务器配置)
      3. 创建正向解析域(同主服务器配置)
      4. 创建反向解析域(同主服务器配置)
    3. 检查配置文件语法(同主服务器配置)
    4. 启动服务(同主服务器配置)
    5. 防火墙配置(同主服务器配置)
文档更新时间: 2020-08-08 20:40   作者:lee