03-DNS配置

1.查询DNS服务是否安装
# rpm -qa bind

2.安装DNS服务
# yum -y install bind

3.备份配置文件
# cp -p /etc/named.conf{,.bak}
# cp -p /etc/named.rfc1912.zones /etc/named.rfc1912.zones.bak

4.设置名称解析区域
# vim /etc/named.conf
options {
listen-on port 53 { any; };
// listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { any; };
recursion yes;

dnssec-enable no;
dnssec-validation no;
// dnssec-lookaside auto;

/* Path to ISC DLV key */
// bindkeys-file "/etc/named.iscdlv.key";

// managed-keys-directory "/var/named/dynamic";
};
(注意：缓存DNS服务器，配置到此结束)
# vim /etc/named.rfc1912.zones
zone "test.com" IN {
type master;
file "test.com.zone";
};

zone "6.168.192.in-addr.arpa" IN {
type master;
file "192.168.6.zone";
};

4.1.检查配置文件语法
# named-checkconf

5.创建和配置正向区域文件
# cp -p /var/named/named.localhost /var/named/test.com.zone
# vim /var/named/test.com.zone
$TTL 1D
@ IN SOA dns1.test.com. root.test.com. (
2018010602 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS dns1.test.com.
NS dns2.test.com.
MX 5 mail.test.com.
dns1 A 192.168.6.1
dns2 A 192.168.6.2
dhcp A 192.168.6.4
www A 192.168.6.5
ftp A 192.168.6.6
nfs A 192.168.6.7
mail A 192.168.6.8
test.com. A 192.168.6.5
*.test.com. A 192.168.6.5
pop3 CNAME mail
smtp CNAME mail

5.1.检查正向区域配置文件是否正确
# named-checkzone test.com /var/named/test.com.zone

6.创建和配置反向区域文件
# cp -p /var/named/named.loopback /var/named/192.168.6.zone
# vim /var/named/192.168.6.zone
$TTL 1D
@ IN SOA dns1.test.com. root.test.com. (
2018010602 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS dns1.test.com.
NS dns2.test.com.
1 PTR dns1
2 PTR dns2
4 PTR dhcp
5 PTR www
6 PTR ftp
7 PTR nfs
8 PTR mail
8 PTR pop3
8 PTR smtp

6.1.检查反向区域配置文件是否正确
# named-checkzone 6.168.192.in-addr.arpa /var/named/192.168.6.zone

7.重新启动DNS服务
# service named start

8.开机自动启动服务
# chkconfig named on

9.客户端测试
# dig -t A www.test.com @192.168.6.1
# host -t NS test.com @192.168.6.1
# nslookup
>server
>ftp.test.com
>set q=mx
>test.com

10.主从DNS服务器配置
主DNS服务器配置
# vim /etc/named.rfc1912.zones
zone "test.com" IN {
type master;
file "test.com.zone";
allow-transfer { 192.168.6.2; };
};

zone "6.168.192.in-addr.arpa" IN {
type master;
file "192.168.6.zone";
allow-transfer { 192.168.6.2; };
};
# service named restart || rndc reload

从DNS服务器配置
# yum -y install bind
# vim /etc/named.conf
(配置为缓存DNS服务器)
# vim /etc/named.rfc1912.zones
zone "test.com" IN {
type slave;
file "slaves/test.com.zone";
masters { 192.168.6.1; };
};

zone "6.168.192.in-addr.arpa" IN {
type slave;
file "slaves/192.168.6.zone";
masters { 192.168.6.1; };
};
# service named start
# ls /var/named/slave

11.父子域DNS服务器配置
父域DNS服务器配置
# vim /var/named/test.com.zone
(增加子域NS和A记录)
sub.test.com. NS ns1.sub.test.com.
ns1.sub.test.com. A 192.168.6.3
# rndc reload

子域DNS服务器配置
# vim /etc/named.conf
(配置为缓存DNS服务器)
# vim /etc/named.rfc1912.zones
//子域配置
zone "sub.test.com" IN {
type master;
file "sub.test.com.zone";
};
//子域转发父域解析的名称区域
zone "test.com" IN {
type forward;
forward only;
forwarders { 192.168.6.1; 192.168.6.2; };
};
# named-checkconf
# cp -p /var/named/named.localhost /var/named/sub.test.com.zone
# vim /var/named/sub.test.com.zone
$TTL 1D
@ IN SOA ns1.sub.test.com. root.sub.test.com. (
2018020101 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS ns1.sub.test.com.
A 127.0.0.1
AAAA ::1
ns1 A 192.168.6.3
www A 192.168.6.3
# named-checkzone sub.test.com /var/named/sub.test.com.zone
# service named start

12.注意：
(1)设置DNS服务器
# vim /etc/resolv.conf
search test.com
nameserver 192.168.6.1

(2)设置名称解析顺序
# vim /etc/nsswitch.conf
hosts: dns files

(3)查看日志
# tail /var/log/messages