主服务器配置:
- 安装:
yum -y install bind bind-utils - 配置:
- 修改主配置文件:
vim /etc/named.confoptions { listen-on port 53 { any; }; listen-on-v6 port 53 { ::1; }; directory "/var/named"; dump-file "/var/named/data/cache_dump.db"; statistics-file "/var/named/data/named_stats.txt"; memstatistics-file "/var/named/data/named_mem_stats.txt"; allow-query { test_name; }; forwarders { 8.8.8.8;114.114.114.114; }; recursion yes; dnssec-enable yes; dnssec-validation yes; bindkeys-file "/etc/named.iscdlv.key"; managed-keys-directory "/var/named/dynamic"; pid-file "/run/named/named.pid"; session-keyfile "/run/named/session.key"; }; acl test_name { 192.168.1.0/24; }; view "client1" { # 创建视图(可选) match-clients { 192.168.1.119; }; zone "." IN { type hint; file "named.ca"; }; zone "test_name.com" { type master; file "/etc/named/zones/test_name.com.zone"; }; zone "168.192.in-addr.arpa" { type master; file "/etc/named/zones/192.168.zone"; }; include "/etc/named.rfc1912.zones"; include "/etc/named.root.key"; }; logging { channel default_debug { file "data/named.run"; severity dynamic; }; }; - 创建存放域的文件夹:
mkdir -p /etc/named/zones - 创建正向解析域:
vim /etc/named/zones/test_name.com.zone$TTL 1D @ IN SOA ns1.test_name.com. admin.test_name.com. ( 3 ; Serial 604800 ; Refresh 86400 ; Retry 2419200 ; Expire 604800 ) IN NS ns1.test_name.com. # 注意这里前面一定要有缩进 ns1.test_name.com. IN A 192.168.1.81 www.test_name.com. IN A 192.168.1.81 blog.test_name.com. IN A 192.168.1.82 shop.test_name.com. IN A 192.168.1.83 - 创建反向解析域:
vim /etc/named/zones/192.168.zone$TTL 1D @ IN SOA ns1.test_name.com. admin.test_name.com. ( 3 ; Serial 604800 ; Refresh 86400 ; Retry 2419200 ; Expire 604800 ) IN NS ns1.test_name.com. # 注意这里前面一定要有缩进 81.1 IN PTR ns1.test_name.com. 81.1 IN PTR www.test_name.com. 82.1 IN PTR blog.test_name.com. 83.1 IN PTR shop.test_name.com.
- 修改主配置文件:
- 检查配置文件语法:
- 检查主配置文件语法:
named-checkconf - 检查正向解析域的语法:
named-checkzone test_name.com /etc/named/zones/test_name.com.zone - 检查反向解析域的语法:
named-checkzone 192.168.in-addr.arpa /etc/named/zones/192.168.zone
- 检查主配置文件语法:
- 启动服务:
systemctl start named - 防火墙配置:
iptables -I INPUT -p udp --dport 53 -j ACCEPT iptables -I INPUT -p tcp --dport 53 -j ACCEPT
- 安装:
从服务器配置:
- 安装(同主服务器配置)
- 配置:
- 修改主配置文件:
vim /etc/named.confoptions { listen-on port 53 { any; }; listen-on-v6 port 53 { ::1; }; directory "/var/named"; dump-file "/var/named/data/cache_dump.db"; statistics-file "/var/named/data/named_stats.txt"; memstatistics-file "/var/named/data/named_mem_stats.txt"; allow-query { test_name; }; forwarders { 8.8.8.8;114.114.114.114; }; recursion yes; dnssec-enable yes; dnssec-validation yes; bindkeys-file "/etc/named.iscdlv.key"; managed-keys-directory "/var/named/dynamic"; pid-file "/run/named/named.pid"; session-keyfile "/run/named/session.key"; }; acl test_name { 192.168.1.0/24; }; view "client1" { # 创建视图(可选) match-clients { 192.168.1.119; }; zone "." IN { type hint; file "named.ca"; }; zone "test_name.com" { type slave; masters { 192.168.1.81; }; file "/etc/named/zones/test_name.com.zone"; }; zone "168.192.in-addr.arpa" { type slave; masters { 192.168.1.81; }; file "/etc/named/zones/192.168.zone"; }; include "/etc/named.rfc1912.zones"; include "/etc/named.root.key"; }; logging { channel default_debug { file "data/named.run"; severity dynamic; }; }; - 创建存放域的文件夹(同主服务器配置)
- 创建正向解析域(同主服务器配置)
- 创建反向解析域(同主服务器配置)
- 修改主配置文件:
- 检查配置文件语法(同主服务器配置)
- 启动服务(同主服务器配置)
- 防火墙配置(同主服务器配置)
文档更新时间: 2024-04-20 10:57 作者:lee
