0、初始化系统
setenforce 0
sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config
service iptables stop
service iptables status
cat >>/etc/security/limits.conf<<LOP
* soft nproc 65536
* hard nproc 65536
* soft nofile 65536
* hard nproc 65536
LOP
1、安装bind软件
yum install -y bind-utils bind bind-devel bind-chroot
rpm -qa |grep bind
2、修改配置文件/etc/named.conf
cp /etc/named.conf /etc/named.confbak
> /etc/named.conf
cat >>/etc/named.conf<<LOP
options {
listen-on port 53 {any;};
directory "/var/named/chroot/etc/";
pid-file "/var/named/chroot/var/run/named/named.pid";
allow-query { any; };
Dump-file "/var/named/chroot/var/log/binddump.db";
Statistics-file "/var/named/chroot/var/log/named_stats";
zone-statistics yes;
memstatistics-file "log/mem_stats";
empty-zones-enable no;
forwarders {114.114.114.114;8.8.8.8; };
};
key "rndc-key" {
algorithm hmac-md5;
secret "i+69SOgdBXaaWtLVc3dTZQ==";
};
controls {
inet 127.0.0.1 port 953
allow { 127.0.0.1; } keys { "rndc-key"; };
};
logging {
channel warning {
file "/var/named/chroot/var/log/dns_warning" versions 10 size 10m;
severity warning;
print-category yes;
print-severity yes;
print-time yes;
};
channel general_dns {
file "/var/named/chroot/var/log/dns_log" versions 10 size 100m;
severity info;
print-category yes;
print-severity yes;
print-time yes;
};
category default {
warning;
};
category queries {
general_dns;
};
};
include "/var/named/chroot/etc/view.conf";
LOP
3、修改配置文件/etc/rndc.key
cat >>/etc/rndc.key<<LOP
key "rndc-key" {
algorithm hmac-md5;
secret "i+69SOgdBXaaWtLVc3dTZQ==";
};
LOP
4、修改配置文件/etc/rndc.conf
cat >>/etc/rndc.conf<<LOP
# Start of rndc.conf
key "rndc-key" {
algorithm hmac-md5;
secret "i+69SOgdBXaaWtLVc3dTZQ==";
};
options {
default-key "rndc-key";
default-server 127.0.0.1;
default-port 953;
};
LOP
5、修改配置文件/var/named/chroot/etc/view.conf
cat >>/var/named/chroot/etc/view.conf<<LOP
# ***config /var/named/chroot/etc/view.conf***
view "View" {
# ixfr-from-differences yes;
zone "liang.com" {
type master;
file "liang.com.zone";
allow-transfer {
10.124.124.91;
};
notify yes;
also-notify {
10.124.124.91;
};
};
};
LOP
6、在从DNS服务器配置/var/named/chroot/etc/view.conf
cat >>/var/named/chroot/etc/view.conf<<LOP
view "SlaveView" {
zone "liang.com" {
type slave;
masters {10.124.124.90;};
file "slave.liang.com.zone";
};
}
LOP
7、修改配置文件/var/named/chroot/etc/liang.com.zone
cat >>/var/named/chroot/etc/liang.com.zone<<LOP
$ORIGIN .
$TTL 3600 ; 1 hour
liang.com IN SOA op.liang.com. dns.liang.com. (
2000 ; serial
900 ; refresh (15 minutes)
600 ; retry (10 minutes)
86400 ; expire (1 day)
3600 ; minimum (1 hour)
)
NS op.liang.com.
$ORIGIN liang.com.
op A 10.124.124.81
glusterfs1 A 10.124.124.81
glusterfs2 A 10.124.124.82
glusterfs3 A 10.124.124.83
glusterfs4 A 10.124.124.84
LOP
8、修改文件权限
chown -R named.named /var/named/
9、启动DNS服务
/etc/init.d/named start
10、设置开启启动
chkconfig named on
11、查看DNS监听端口
netstat -nlup
netstat -nltp
12、测试,@指定dns解析
dig @127.0.0.1 liang.com
13、配置DNS
cat >>/etc/resolv.conf<<LOP
options timeout:1 attempts:1 rotate
nameserver 10.124.124.81
LOP
14、重新加载配置文件
rndc reload