##############################-----服务器端----###############################
1. 安装bind
# yum install bind
2. 修改/etc/named.conf配置文件
# vim /etc/named.conf
options {
listen-on port 53 { any; }; //开启监听端口53,接受任意IP连接
listen-on-v6 port 53 { ::1; }; //支持IP V6
directory "/var/named"; //所有的正向反向区域文件都在这个目录下创建
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { 0.0.0.0/0; }; //允许任意IP查询
recursion yes;
dnssec-enable yes;
dnssec-validation yes;
dnssec-lookaside auto;
/* Path to ISC DLV key */
bindkeys-file "/etc/named.iscdlv.key";
managed-keys-directory "/var/named/dynamic";
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
zone "." IN {
type hint;
file "named.ca";
};
include "/etc/named.rfc1912.zones"; //主要配置文件
include "/etc/named.root.key";
3. 修改/etc/named.rfc1912.zones文件,添加duiyi.com的正向区域
# vim /etc/ named.rfc1912.zones
zone "localhost.localdomain" IN {
type master;
file "named.localhost";
allow-update { none; };
};
zone "localhost" IN {
type master;
file "named.localhost";
allow-update { none; };
};
zone "1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN {
type master;
file "named.loopback";
allow-update { none; };
};
zone "1.0.0.127.in-addr.arpa" IN {
type master;
file "named.loopback";
allow-update { none; };
};
zone "0.in-addr.arpa" IN {
type master;
file "named.empty";
allow-update { none; };
};
//duiyi.com的正向区域
zone "duiyi.com" IN {
type master;
file "named.duiyi.com";
allow-update { none; };
};
4. 创建正向区域资源文件
在配置named.conf时,指明的资源文件目录是/var/named,故先进入该目录。
# vim /var/named/named.duiyi.com
$TTL 1D
@ IN SOA duiyi.com. rname.invalid. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS @
A 127.0.0.1
AAAA ::1
www IN A 192.168.81.1
mail IN A 192.168.81.2
ftp IN A 192.168.81.3
5. 启动named服务
#service named start
6. 开机自启动
#service enable named
##############################-----客户端----###############################
操作系统:windows和linux都可以
IP地址:能够ping通DNS服务器的IP(192.168.81.133)都可以,
作用:测试DNS服务器是否正常工作。
# windows作为客户端测试
1.修改DNS:
2.ping 服务端ip(192.168.81.133),测试能否访问服务器
##############################-----服务器端----###############################
1. 安装bind
# yum install bind
2. 修改/etc/named.conf配置文件
# vim /etc/named.conf
options {
listen-on port 53 { any; }; //开启监听端口53,接受任意IP连接
listen-on-v6 port 53 { ::1; }; //支持IP V6
directory "/var/named"; //所有的正向反向区域文件都在这个目录下创建
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { 0.0.0.0/0; }; //允许任意IP查询
recursion yes;
dnssec-enable yes;
dnssec-validation yes;
dnssec-lookaside auto;
/* Path to ISC DLV key */
bindkeys-file "/etc/named.iscdlv.key";
managed-keys-directory "/var/named/dynamic";
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
zone "." IN {
type hint;
file "named.ca";
};
include "/etc/named.rfc1912.zones"; //主要配置文件
include "/etc/named.root.key";
3. 修改/etc/named.rfc1912.zones文件,添加duiyi.com的正向区域
# vim /etc/ named.rfc1912.zones
zone "localhost.localdomain" IN {
type master;
file "named.localhost";
allow-update { none; };
};
zone "localhost" IN {
type master;
file "named.localhost";
allow-update { none; };
};
zone "1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN {
type master;
file "named.loopback";
allow-update { none; };
};
zone "1.0.0.127.in-addr.arpa" IN {
type master;
file "named.loopback";
allow-update { none; };
};
zone "0.in-addr.arpa" IN {
type master;
file "named.empty";
allow-update { none; };
};
//duiyi.com的正向区域
zone "duiyi.com" IN {
type master;
file "named.duiyi.com";
allow-update { none; };
};
4. 创建正向区域资源文件
在配置named.conf时,指明的资源文件目录是/var/named,故先进入该目录。
# vim /var/named/named.duiyi.com
$TTL 1D
@ IN SOA duiyi.com. rname.invalid. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS @
A 127.0.0.1
AAAA ::1
www IN A 192.168.81.1
mail IN A 192.168.81.2
ftp IN A 192.168.81.3
5. 启动named服务
#service named start
6. 开机自启动
#service enable named
##############################-----客户端----###############################
操作系统:windows和linux都可以
IP地址:能够ping通DNS服务器的IP(192.168.81.133)都可以,
作用:测试DNS服务器是否正常工作。
# windows作为客户端测试
1.修改DNS:
2.ping 服务端ip(192.168.81.133),测试能否访问服务器
# ping 192.168.81.133
3.使用nslookup命令测试三个DNS解析能否成功
# Linux作为客户端测试:
1. 安装bind-utils包,以便能使用nslookup、dig和host工具
# yum install bind-utils
2. 修改DNS配置使用我们的DNS服务器
# vim /etc/resolv.conf
nameserver 192.168.81.133
nameserver 114.114.114.114
nameserver 8.8.8.8
3. 正向解析测试,使用nslookup命令测试三个DNS解析能否成功
# nslookup
>www.duiyi.com
...
...
>mail.duiyi.com
...
...
>ftp.duiyi.com
...
...
# Linux作为客户端测试:
1. 安装bind-utils包,以便能使用nslookup、dig和host工具
# yum install bind-utils
2. 修改DNS配置使用我们的DNS服务器
# vim /etc/resolv.conf
nameserver 192.168.81.133
nameserver 114.114.114.114
nameserver 8.8.8.8
3. 正向解析测试,使用nslookup命令(与windows测试一致)
# nslookup