DNS配置
[[email protected] ~]# cat /etc/hosts //本地hosts文件,与windows的类似
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
[[email protected] ~]# cat /etc/resolv.conf //查看域名服务器
nameserver 114.114.114.114
[[email protected] ~]# yum list |grep bind
[[email protected] ~]# yum install -y bind
[[email protected] ~]# vim /etc/named.conf //查看配置文件
[[email protected] ~]# vim /var/named/named.ca //查看根域文件
[[email protected] ~]# cat/var/named/named.localhost
$TTL 1D (生存周期)
@ IN SOA @ rname.invalid. (
(域名)(IN)(记录授权)(主机名)(管理员邮箱) 0 ; serial
1D ; refresh(刷新时间主与从)
1H ; retry(失败后1h,后再同步)
1W ; expire(一周后失效)
3H) ; minimum(缓存3H)
NS @
A 127.0.0.1
AAAA ::1
[[email protected] ~]# cat /etc/named.conf
[[email protected] ~]# cat/etc/named.rfc1912.zones //查看域名zones文件
[[email protected] ~]# /etc/init.d/named start
[[email protected] ~]# dig @127.0.0.1 localhost //测试域名localhost,解析成127.0.0.1
localhost. 86400 IN A 127.0.0.1
[[email protected] ~]# cat/var/named/named.loopback //查看反向解析文件
$TTL 1D
@ IN SOA @ rname.invalid. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS @
A 127.0.0.1
AAAA ::1
PTR localhost.
[[email protected] ~]# dig @127.0.0.1 -x127.0.0.1
1.0.0.127.in-addr.arpa. 86400 IN PTR localhost.
//反向解析测试,127.0.0.1解析为localhost
自定义一个域
[[email protected] ~]# vim /etc/named.conf
zone "123.com"IN {
type master;
file "123.com.zone";
};
//末行加以上配置
[[email protected] ~]# named-checkconf //检测主配置文件有无错误
[[email protected] ~]# cat/var/named/named.localhost
[[email protected] ~]# vim /var/named/123.com.zone
$TTL 1D
@ IN SOA @ admin.123.com. (
20150723 ; serial
1D ; refresh
1H ;retry
1W ; expire
3H) ; minimum
IN NS ns.123.com.
ns IN A 192.168.137.23
www IN A 11.11.11.11
IN MX 5 mail.123.com.
mail IN A 192.168.137.23
[[email protected] ~]# named-checkzone"123.com" /var/named/123.com.zone
zone 123.com/IN: loaded serial 20150723
OK
//检测配置文件无错误
[[email protected] ~]# vim /etc/named.conf
listen-on port 53 { 127.0.0.1;192.168.137.23; };
//添加一个监听的主机
[[email protected] ~]# /etc/init.d/named restart
[[email protected] ~]# dig @192.168.137.23mail.123.com
mail.123.com. 86400 IN A 192.168.137.23
[[email protected] ~]# dig @192.168.137.23www.123.com
www.123.com. 86400 IN A 11.11.11.11
//可被解析出
做反向解析配置
[[email protected] ~]# vim /etc/named.conf
zone "123.com" IN {
type master;
file "123.com.zone";
};
zone"137.168.192.in-addr.arpa" IN {
type master;
file "137.168.192.zone";
};
[[email protected] ~]# vim/var/named/137.168.192.zone
$TTL 1D
@ IN SOA @ admin.123.com. (
20150723 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H) ; minimum
IN NS ns.123.com.
23 IN RPT ns.123.com.
23 IN RPT mail.123.com.
[[email protected] ~]# named-checkconf
[[email protected] ~]# named-checkzone"123.com" /var/named/123.com.zone
zone 123.com/IN: loaded serial 20150723
OK
[[email protected] ~]# named-checkzone"137.168.192.in-addr.arpa" /var/named/137.168.192.zone
zone 137.168.192.in-addr.arpa/IN: loaded serial20150723
OK
[[email protected] ~]# /etc/init.d/named restart
[[email protected] ~]# dig @192.168.137.23-x192.168.137.23
23.137.168.192.in-addr.arpa. 86400 IN PTR ns.123.com.
23.137.168.192.in-addr.arpa. 86400 IN PTR mail.123.com.
//反解析成功
DNS主从配置
另开一台虚拟机
从上:
[[email protected] ~]# ifconfig
eth0 inet addr:192.168.137.21
[[email protected] ~]# yum install -y bind
[[email protected] ~]# vim /etc/named.conf
// listen-on port 53 {127.0.0.1; }; //注释了默认注释所有地址
// listen-on-v6 port 53 {::1; };
zone "123.com"IN {
type slave;
file "slaves/123.com.zone";
masters { 192.168.137.23; };
};
zone"137.168.192.in-addr.arpa" IN {
type slave;
file "slaves/137.168.192.zone";
masters { 192.168.137.23; };
};
[[email protected] ~]# /etc/init.d/named start
[[email protected] ~]# ls /var/named/slaves/ //查看有无文件生成,已产生
123.com.zone 137.168.192.zone
[[email protected] ~]# cat/var/named/slaves/123.com.zone
$ORIGIN .
$TTL 86400 ; 1 day
123.com IN SOA 123.com. admin.123.com. (
20150723 ; serial
86400 ; refresh (1 day)
3600 ; retry (1 hour)
604800 ; expire (1 week)
10800 ; minimum (3 hours)
)
NS ns.123.com.
$ORIGIN 123.com.
mail A 192.168.137.23
ns A 192.168.137.23
www A 11.11.11.11
MX 5 mail
//查看该文件为从主上自动同步过来
主上:
[[email protected] ~]# vim/var/named/123.com.zone
20150723改成20150725
//没发生改变,该值会加1.从上以此判断有无改变
wang IN A 111.111.111.111 //增加一条记录
[[email protected] ~]# vim /etc/named.conf
zone "123.com" IN {
type master;
file "123.com.zone";
notify yes;
also-notify { 192.168.137.21; };
};
zone "137.168.192.in-addr.arpa"IN {
type master;
file "137.168.192.zone";
notify yes;
also-notify { 192.168.137.21; };
};
[[email protected] ~]# named-checkconf
[[email protected] ~]# /etc/init.d/named restart
[[email protected] ~]# dig @192.168.137.23wang.123.com
wang.123.com. 86400 IN A 111.111.111.111
从上:
[[email protected] ~]# dig @192.168.137.21wang.123.com
wang.123.com. 86400 IN A 111.111.111.111
[[email protected] ~]# cat/var/named/slaves/123.com.zone
$ORIGIN .
$TTL 86400 ; 1 day
123.com IN SOA 123.com. admin.123.com. (
20150725 ;serial
86400 ; refresh (1 day)
3600 ; retry (1 hour)
604800 ; expire (1 week)
10800 ; minimum (3 hours)
)
NS ns.123.com.
$ORIGIN 123.com.
mail A 192.168.137.23
ns A 192.168.137.23
wang A 111.111.111.111
www A 11.11.11.11
MX 5 mail
//已自动同步
配置参考
主上:
[[email protected] ~]# vim /etc/named.conf
//
// named.conf
//
// Provided by Red Hat bind package toconfigure the ISC BIND named(8) DNS
// server as a caching only nameserver (asa localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ forexample named configuration files.
//
options {
listen-on port 53 { 127.0.0.1;192.168.137.23; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { localhost; };
recursion yes;
dnssec-enable yes;
dnssec-validation yes;
dnssec-lookaside auto;
/* Path to ISC DLV key */
bindkeys-file "/etc/named.iscdlv.key";
managed-keys-directory "/var/named/dynamic";
};
logging {
channel default_debug {
file"data/named.run";
severity dynamic;
};
};
zone "." IN {
type hint;
file "named.ca";
};
include"/etc/named.rfc1912.zones";
include "/etc/named.root.key";
zone "123.com" IN {
type master;
file "123.com.zone";
notify yes;
also-notify { 192.168.137.21; };
};
zone "137.168.192.in-addr.arpa"IN {
type master;
file "137.168.192.zone";
notify yes;
also-notify { 192.168.137.21; };
};
[[email protected] ~]# vim/var/named/123.com.zone
$TTL 1D
@ IN SOA @ admin.123.com. (
20150725 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
IN NS ns.123.com.
ns IN A 192.168.137.23
www IN A 11.11.11.11
IN MX 5 mail.123.com.
mail IN A 192.168.137.23
wang IN A 111.111.111.111
[[email protected] ~]# vim/var/named/137.168.192.zone
$TTL 1D
@ IN SOA @ admin.123.com. (
20150723 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H) ; minimum
IN NS ns.123.com.
23 IN PTR ns.123.com.
23 IN PTR mail.123.com.
从上配置:
[[email protected] ~]# vim /etc/named.conf
//
// named.conf
//
// Provided by Red Hat bind package toconfigure the ISC BIND named(8) DNS
// server as a caching only nameserver (asa localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ forexample named configuration files.
//
options {
// listen-on port 53 { 127.0.0.1; };
// listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file"/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { localhost; };
recursion yes;
dnssec-enable yes;
dnssec-validation yes;
dnssec-lookaside auto;
/* Path to ISC DLV key */
bindkeys-file "/etc/named.iscdlv.key";
managed-keys-directory "/var/named/dynamic";
};
logging {
channel default_debug {
file"data/named.run";
severity dynamic;
};
};
zone "." IN {
type hint;
file "named.ca";
};
include"/etc/named.rfc1912.zones";
include "/etc/named.root.key";
zone "123.com" IN {
type slave;
file "slaves/123.com.zone";
masters { 192.168.137.23; };
};
zone "137.168.192.in-addr.arpa"IN {
type slave;
file "slaves/137.168.192.zone";
masters { 192.168.137.23; };
};