一.安装:
1.bind bindutils bind-chroot
2.caching-nameserver
二.基于caching-nameserver模板的配置
vi /var/name/chroot/etc/name.rfc1912.zones
1.建立正解zone
zone “sl.com” IN{
type master;
file “sl.com.zone”;
allow-update { none; };
};
2.建立反解zone
zone “0.168.192.in-addr.arpa” IN{
type master;
file “192.168.0.zone”
allow-update { none; };
};
三./var/named/chroot/var/named建zone文件
1.sl.com.zone
; Specify the time-to-live( TTL ) for the zone
$TTL 86400 ; 1 Day ( we could have used 1D )
; Begin Start Of Authority resource record
sl.com. IN SOA server1.sl.com. root.server1.sl.com. (
2003040100 ; serial number
1H ; refresh slave
5M ; retry query
1W ; expire
1M ; negative TTL
)
; Specify our name servers
; !!WARNING: You can not use CNAMEs for RDATA here !!
; owner TTL CL type RDATA
@ IN NS server1.sl.com.
; Specify our mail exchangers
; !!WARNING: You can not use CNAMEs for RDATA here !!
; owner TTL CL type RDATA
@ IN MX 10 server1.sl.com.
; This is broken and against RFC but must be done to placate the masses
; owner TTL CL type RDATA
sl.com. IN A 192.168.0.1
; List our CNAME records ( aliases ) here
; owner TTL CL type RDATA
mail.sl.com. 3600 IN CNAME server1.sl.com.
kerberos.sl.com. 3600 IN CNAME server1.sl.com.
stellaluna.sl.com. 3600 IN CNAME server1.sl.com.
wwwX.sl.com. 3600 IN CNAME station19.sl.com.
; List our A records ( hosts ) here
; owner TTL CL type RDATA
server1 IN A 192.168.0.1
station2 IN A 192.168.0.2
station3 IN A 192.168.0.3
station4 IN A 192.168.0.4
station5 IN A 192.168.0.5
station6 IN A 192.168.0.6
station7 IN A 192.168.0.7
station8 IN A 192.168.0.8
station9 IN A 192.168.0.9
station10 IN A 192.168.0.10
station11 IN A 192.168.0.11
station12 IN A 192.168.0.12
station13 IN A 192.168.0.13
station14 IN A 192.168.0.14
station15 IN A 192.168.0.15
station16 IN A 192.168.0.16
station17 IN A 192.168.0.17
station18 IN A 192.168.0.18
station19 IN A 192.168.0.19
station20 IN A 192.168.0.20
; Okay, my fingers are getting tired. BIND 8.1 and BIND 9.1 and later supports
; a shortcut. $GENERATE creates a record for each value in the
; numerical range specified in the first argument, replacing any $
; in the template with the current value of the iterator.
; Set up the rest of the station records.
$GENERATE 21-254 station$ A 192.168.0.$
; Set up CNAMEs for www1.example.com and so on.
$GENERATE 2-254 www$ CNAME station$
; Delegate owner1.example.com and so on to the individual stations.
$GENERATE 2-254 domain$.sl.com. NS station$.sl.com.
; The $GENERATE shortcut is normally used to simplify delegating
; subnets on a non-octet boundary. (This is for non-traditional
2. 192.168.0.zone
; Specify the time-to-live( TTL ) for the zone
$TTL 86400 ; 1 Day ( we could have used 1D )
; Begin Start Of Authority resource record
0.168.192.IN-ADDR.ARPA. IN SOA server1.sl.com. root.server1.sl.com.(
2003040100 ; serial number
1H ; refresh slave
5M ; retry query
1W ; expire
1M ; negative TTL
)
; Specify our name servers
; !!WARNING: You can not use CNAMEs for RDATA here !!
; owner TTL CL type RDATA
@ IN NS server1.sl.com.
; List our PTR records ( rev lookup ) here
; owner TTL CL type RDATA
1.0.168.192.IN-ADDR.ARPA. IN PTR server1.sl.com.
2 IN PTR station2.sl.com.
3 IN PTR station3.sl.com.
四.访问权限设置
vi /var/named/chroot/etc/named.caching-nameserver.conf
options {
listen-on port 53 { 192.168.0.0/24; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
query-source port 53;
query-source-v6 port 53;
allow-query { 192.168.0.0/24; };
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
view localhost_resolver {
match-clients { 192.168.0.0/24; };
match-destinations { 192.168.0.0/24; };
recursion yes;
include "/etc/named.rfc1912.zones";
};
检查配置档:
1。 named-checkconf /var/named/chroot/etc/named.conf
2. named-checkzone sl.com.zone /var/named/chroot/var/named/sl.com.zone
五. slave DNS
1. vi /var/named/chroot/etc/name.rfc1912.zones
zone “sl.com” IN{
type slave;
masters { 192.168.0.1;};
file “slaves/sl.com.zone”;
allow-update { none; };
};
2.vi /etc/resolv.conf
nameserver 192.168.0.1
service named restart
3. cd /var/named/chroot/var/named/slaves
ls -la