一、搭建dns环境
[root@localhost ~]# yum install -y bind [root@localhost ~]# cp /etc/named.conf /etc/named.conf.bak [root@localhost ~]# >/etc/named.conf [root@localhost ~]# vim /etc/named.conf //加入 options { directory "/var/named"; }; zone "." IN { type hint; file "named.ca"; }; zone "localhost" IN { type master; file "localhost.zone"; }; zone "0.0.127.in-addr.arpa" IN { type master; file "named.local"; }; [root@localhost ~]# chown named /etc/named.conf [root@localhost ~]# cd /var/named/ [root@localhost named]# dig -t NS . > named.ca //yum install -y bind-utils [root@localhost named]# vim localhost.zone //加入 @ IN SOA localhost. admin.localhost. ( 2013081601 1H 10M 7D 1D ) @ IN NS localhost. localhost. IN A 127.0.0.1 [root@localhost named]# vim named.local //加入 $TTL 86400 @ IN SOA localhost. admin.localhost. ( 2013081601 1H 10M 7D 1D ) @ IN NS localhost. 1 IN PTR localhost [root@localhost named]# named-checkconf //检测配置是否有问题 [root@localhost named]# named-checkzone "localhost" /var/named/localhost.zone //检测正解析 [root@localhost named]# named-checkzone "0.0.127.in-addr.arpa" /var/named/named.local //检测反解析 [root@localhost named]# rndc-confgen -r /dev/urandom -a //这一步是生成 rndc.key, 如果没有这个key namd 是启动不了的 [root@localhost named]# chown named:named /etc/rndc.key [root@localhost named]# /etc/init.d/named start [root@localhost named]# netstat -lnp |grep named // 查看一下named进程是否监听了53端口 //测试 [root@localhost named]# dig @127.0.0.1 localhost. //测试正向解析 [root@localhost named]# dig @127.0.0.1 -x 127.0.0.1 //测试反向解析
二、增加一个域名
[root@localhost ~]# vim /etc/named.conf //加入 zone "abc.com" IN { type master; file "abc.com.zone"; }; zone "137.168.192.in-addr.arpa" IN { type master; file "192.168.zone"; }; [root@localhost ~]# vim /var/named/abc.com.zone //加入 $TTL 600 @ IN SOA abc.com. root.abc.com. ( 2013081601 1H 10M 7D 1D ) IN NS ns.abc.com. IN MX 10 mail.abc.com. ns IN A 192.168.0.11 www IN A 192.168.137.73 mail IN A 192.168.137.10 bbs IN CNAME www.abc.com. [root@localhost ~]# vim /var/named/192.168.zone //加入 $TTL 600 @ IN SOA ns.abc.com. root.abc.com. ( 2013081601 1H 10M 7D 1D ) @ IN NS ns.abc.com. 10 IN PTR ns.abc.com. 11 IN PTR mail.abc.com. 73 IN PTR www.abc.com. //检测两个配置文件是否有问题 [root@localhost ~]# named-checkzone "abc.com" abc.com.zone [root@localhost ~]# named-checkzone "137.168.192.in-addr.arpa" 192.168.zone [root@localhost ~]# /etc/init.d/named restart [root@localhost ~]# dig @127.0.0.1 www.abc.com [root@localhost ~]# dig @127.0.0.1 -x 192.168.137.11
三、配置DNS转发
[root@localhost ~]# vim /etc/named.conf //在options{} 里面增加 forward first; forwarders { 8.8.8.8; }
四、配置主从
//从上设置,另外一个机器 [root@localhost ~]# yum install -y bind //主上拷贝配置文件到从上,此处ip为slave ip [root@localhost ~]# scp /etc/named.conf 192.168.11.10:/etc/ [root@localhost ~]# scp /var/named/named.local /var/named/localhost.zone 192.168.11.10:/var/named //从上设置,另外一个机器 [root@localhost ~]# vim /etc/named.conf //修改 options { directory "/var/named"; }; zone "." IN { type hint; file "named.ca"; }; zone "localhost" IN { type master; file "localhost.zone"; }; zone "0.0.127.in-addr.arpa" IN { type master; file "named.local"; }; #此处以下将master修改为slave和slave的信息 zone "abc.com" IN { type slave; file "slaves/abc.com.zone"; masters { 192.168.0.11; #server端ip }; }; zone "137.168.192.in-addr.arpa" IN { type slave; file "slaves/192.168.zone"; masters { 192.168.0.11; }; }; [root@localhost ~]# rndc-confgen -r /dev/urandom -a [root@localhost ~]# chown named:named /etc/rndc.key [root@localhost ~]# /etc/init.d/named start /*启动成功后, 在从上 /var/named下会生成slaves目录, 而在这个目录下,会有192.168.zone, abc.com.zone这两个文件,内容是和主上的一样的 */ //从上测试 [root@localhost ~]# dig @127.0.0.1 www.abc.com
五、测试主从同步
//主上 [root@localhost ~]# vim /var/named/abc.com.zone //文件最尾增加 123 IN A 1.1.1.1 //修改第三行数字串,{用于做标记}。只能变大,不能变小 2013081601 -> 2013081602 [root@localhost ~]# /etc/init.d/named restart /*从经常同步会特别慢,此时进行特殊操作*/ //主上设置 [root@localhost ~]# vim /etc/named.conf //abc.com的zone中增加 notify yes; also-notify { 192.168.0.12; };