CentOS6.5下DNS服务器搭建与配置

一、安装机器情况

192.168.1.70(dns 主节点)

192.168.1.71(dns 从节点)

二、主节点DNS的安装及配置

1. DNS服务器所需的软件包安装

yum -y install bind bind-chroot bind-util bind-libs

2.DNS服务器的主配置文件

options {
        listen-on port 53 { any; };           //需要修改any
        #listen-on-v6 port 53 { any; };
        directory       "/var/named";
        dump-file       "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
        memstatistics-file "/var/named/data/named_mem_stats.txt";
        allow-query     { any; };             //需要修改any
        recursion yes;

        dnssec-enable yes;
        dnssec-validation yes;
        dnssec-lookaside auto;
        forwarders { 8.8.8.8; } ;
        /* Path to ISC DLV key */
        bindkeys-file "/etc/named.iscdlv.key";

        managed-keys-directory "/var/named/dynamic";
};

logging {
        channel default_debug {
                file "data/named.run";
                severity dynamic;
        };
};

zone "." IN {
        type hint;
        file "named.ca";
};

include "/etc/named.rfc1912.zones";            //zone配置文件
include "/etc/named.root.key";

[root@localhost ~]# ls -lh /etc/named.conf           主配置文件权限如下（红色字体）

-rw-r----- 1 root named 934 10月 21 23:06 /etc/named.conf

[root@localhost ~]# service named restart             DNS的服务名称为named

停止 named：.                                              [确定]

启动 named：                                               [确定]

[root@localhost ~]# netstat -ltunp |grep named        查看端口监听状态

tcp        0      0 192.168.1.24:53             0.0.0.0:*            LISTEN      8049/named          

tcp        0      0 127.0.0.1:953               0.0.0.0:*            LISTEN      8049/named          

tcp        0      0 ::1:53                      :::*                 LISTEN      8049/named          

tcp        0      0 ::1:953                     :::*                 LISTEN      8049/named          

udp        0      0 192.168.1.24:53             0.0.0.0:*                        8049/named      

3.配置entminer.zone

vim /etc/named.rfc1912.zones

#新建entminer zone
zone "entminer.com" IN{
        type master;
        file "/var/named/entminer.com.zone";   //entminer.zone 具体文件位置

　　　allow-transfer {192.168.1.71;};       // 指定从（辅助）域名服务器IP
};

4.entminer.com.zone 具体配置

$TTL 86400
@ IN SOA @ root (
2013051800 ; serial (d. adams)
28800 ; refresh
14400 ; retry
3600000 ; expiry
86400 ) ; minimum
@ IN NS y3.entminer.com.

IN A 192.168.1.70    //本地dns ip
y3 IN A 116.114.19.84

5.修改/etc/resolv.conf

vim /etc/resolv.conf

nameserver 192.168.1.70
nameserver 192.168.0.1

6.测试 y3.entminer.com

[root@master named]# nslookup
> y3.entminer.com
Server:         192.168.1.70
Address:        192.168.1.70#53

Name:   y3.entminer.com
Address: 116.114.19.84

注意事项

客户端必须要跟服务器端通信（能ping通）及关闭selinux

 

三、从节点DNS的安装及配置

1. DNS服务器所需的软件包安装

yum -y install bind bind-chroot bind-util bind-libs

2. 修改主节点配置文件(192.168.1.70)

vim /etc/named.conf

listen-on port 53 { any; };
        #listen-on-v6 port 53 { any; };
        allow-transfer { 192.168.1.71; };    //增加从节点ip
        directory       "/var/named";
        dump-file       "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
        memstatistics-file "/var/named/data/named_mem_stats.txt";
        allow-query     { any; };
        recursion yes;

        dnssec-enable yes;
        dnssec-validation yes;
        dnssec-lookaside auto;
        forwarders { 8.8.8.8; } ;
        /* Path to ISC DLV key */
        bindkeys-file "/etc/named.iscdlv.key";

        managed-keys-directory "/var/named/dynamic";

3. 修改从节点配置文件(192.168.1.71)

　　vim /etc/named.conf

l　　isten-on port 53 { 192.168.1.70; };   //主节点ip
        #listen-on-v6 port 53 { ::1; };
        directory       "/var/named";
        dump-file       "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
        memstatistics-file "/var/named/data/named_mem_stats.txt";
        allow-query     { any; };
        recursion yes;

        dnssec-enable yes;
        dnssec-validation yes;
        dnssec-lookaside auto;

        /* Path to ISC DLV key */
        bindkeys-file "/etc/named.iscdlv.key";

        managed-keys-directory "/var/named/dynamic";

4.修改详细zone配置文件

vim /etc/named.rfc1912.zones 

#新建entminer zone
zone "entminer.com" IN{
        type slave;
        masters {192.168.1.70;};
        file "slaves/entminer.com.zone";
};

zone "1.168.192.in-addr.arpa" IN {
    type slave;
    masters {192.168.1.70;};
    file "slaves/1.168.192.zone";
};

chmod 770 /var/named/slaves

 vim /etc/resolv.conf

nameserver 192.168.1.70
nameserver 192.168.1.71

service named restart ok

文件已经同步