1.安装DNS包
yum -y install bind
2.配置
设定/etc/named.conf, 只更改颜色标示部分
cat /etc/named.conf |grep -v ^#|grep -v ^$|grep -v ^// options { listen-on port 53 { any; }; listen-on-v6 port 53 { ::1; }; directory "/var/named"; dump-file "/var/named/data/cache_dump.db"; statistics-file "/var/named/data/named_stats.txt"; memstatistics-file "/var/named/data/named_mem_stats.txt"; secroots-file "/var/named/data/named.secroots"; recursing-file "/var/named/data/named.recursing"; allow-query { any; }; recursion yes; dnssec-enable yes; dnssec-validation yes; managed-keys-directory "/var/named/dynamic"; pid-file "/run/named/named.pid"; session-keyfile "/run/named/session.key"; /* https://fedoraproject.org/wiki/Changes/CryptoPolicy */ include "/etc/crypto-policies/back-ends/bind.config"; }; logging { channel default_debug { file "data/named.run"; severity dynamic; }; }; zone "." IN { type hint; file "named.ca"; }; include "/etc/named.rfc1912.zones"; include "/etc/named.root.key";
2.设定区域解析定向文件,我这里一个域 有三个网段,所以对不同的网段指定了不同的解析文件,蓝色标识的是解析文件
cat /etc/named.rfc1912.zones |grep -v ^// zone "localhost.localdomain" IN { type master; file "named.localhost"; allow-update { none; }; }; zone "inno.com" IN { type master; file "inno.com.zone"; allow-update { none; }; }; zone "localhost" IN { type master; file "named.localhost"; allow-update { none; }; }; zone "1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN { type master; file "named.loopback"; allow-update { none; }; }; zone "1.0.0.127.in-addr.arpa" IN { type master; file "named.loopback"; allow-update { none; }; }; zone "1.168.192.in-addr.arpa" IN { type master; file "1.168.192.arpa"; }; zone "100.168.192.in-addr.arpa" IN { type master; file "100.168.192.arpa"; }; zone "10.10.10.in-addr.arpa" IN { type master; file "10.10.10.arpa"; }; zone "0.in-addr.arpa" IN { type master; file "named.empty"; allow-update { none; }; };
3.域解析文件在目录、/var/named
copy -a /var/named/named.localhost /var/named/inno.com.zone
更改如下,请注意标颜色部分的格式,否则会出错
[root@love named]# cat inno.com.zone $TTL 1D @ IN SOA inno.com root.inno.com. ( 0 ; serial 1D ; refresh 1H ; retry 1W ; expire 3H ) ; minimum @ IN NS ns.inno.com. ns IN A 192.168.1.100 gzcity IN A 192.168.1.51 hzcity IN A 192.168.1.52 gzcity-vip IN A 192.168.1.55 hzcity-vip IN A 192.168.1.56 myscan IN A 192.168.1.60 myscan IN A 192.168.1.61 gzcity-priv1 IN A 10.10.10.2 gzcity-priv2 IN A 192.168.100.3 hzcity-priv1 IN A 10.10.10.4 hzcity-priv2 IN A 192.168.100.5
4.IP反向解析文件
copy -a /var/named/named.loopback /var/name/100.168.192.arpa 注意标点符号,以下只是一个例子,有几个网段就可以建几个网段的文件,但是要注册到/etc/named.rfc1912.zones 文件中
root@love named]# cat 100.168.192.arpa $TTL 1D @ IN SOA inno.com. root.inno.com. ( 0 ; serial 1D ; refresh 1H ; retry 1W ; expire 3H ) ; minimum NS ns.inno.com. ns A 192.168.100.100 3 PTR gzcity-priv2.inno.com. 5 PTR hzcity-priv2.inno.com. 7 PTR nycity-priv2.inno.com. 9 PTR xacity-priv2.inno.com.
5. 重新起动 域名解析服务
systemctl restart named
6. 域名解析地址
[root@win200 named]# cat /etc/resolv.conf # Generated by NetworkManager search inno.com nameserver 192.168.68.100