Redhat DNS Bind配置详解

一、软件包

1. bind-9.5.0b2.tar.gz

2. openssl-0.9.8o.tar.tar

二、安装步骤

1． Tar zxvf openssl-0.9.8o.tar.tar

2． Cd openssl-0.9.8o

3． ./config–prefix=/usr/local/openssl

4． Make

5． Make install

6． tar zxvf bind-9.5.0b2.tar.gz

7． Cd bind-9.5.0b2

8． ./configure –prefix=/usr/local/named –with-openssl=/usr/local/openssl –enable-threads

9． Make

10． Make install

11． Cd /usr/local/named

12． Sbin/rndc-confgen >etc/rndc.conf

13． Tail -10 etc/rndc.conf |head -9 |sed s/#\//g >etc/named.conf

14． cd etc

15． Vi named.conf

16． 输入以下内容

17． key "rndc-key" {

18． algorithm hmac-md5;

19． secret "lE6aLaApPjAyBIQsAqqQhQ==";

20． };

21．

22． controls {

23． inet 127.0.0.1 port 953

24． allow { 127.0.0.1; } keys { "rndc-key"; };

25． };

26．

27． options {

28． directory "/var/named"; //域名文件存放的绝对路径

29． pid-file "named.pid"; //如果bind启动，自动会在/var/named目录生成一个named.pid文件，打开文件就是named进程的ID

30． };

31．

32． zone "." IN {

33． type hint; //根域名服务器

34． file "named.root"; //存放在/var/named目录，文件名为named.root

35． };

36．

37． zone "localhost" IN {

38． type master; //类型为主域名服务器

39． file "localhost.zone"; //本地正向解析的文件

40． allow-update { none; };

41． };

42．

43． zone "0.0.127.in-addr.arpa" IN {

44． type master; //类型为主域名服务器

45． file "named.local"; //本地反向解析的文件

46． allow-update { none; };

47． };

48．

49． zone "test.com" IN { //建立test.com域

50． type master;

51． file "test.zone"; //test.com域映射IP地址可在此文件编写

52． allow-update { none; };

53． };

54．

55．

56． zone "1.168.192.in-addr.arpa" in { //反向解析

57． type master;

58． file "test.local"; //存放反向解析的文件

59． allow-update { none; };

60． };

61．

62． zone "witer666.com" IN { //建立test.com域

63． type master;

64． file "witer666.zone"; //test.com域映射IP地址可在此文件编写

65． allow-update { none; };

66． };

67．

68．

69． zone "2.168.192.in-addr.arpa" in { //反向解析

70． type master;

71． file "witer666.local"; //存放反向解析的文件

72． allow-update { none; };

73． };

74． Mkdir /var/named

75． Cd /var/named

76． Vi localhost.zone

77． 输入以下内容

78． $TTL 86400

79． $ORIGIN localhost.

80． @ 1D IN SOA @ root (

81． 42 ; serial (d. adams)

82． 3H ; refresh

83． 15M ; retry

84． 1W ; expiry

85． 1D ) ; minimum

86．

87． 1D IN NS @

88． 1D IN A 127.0.0.1

89． Vi named.local

90． 输入以下内容

91． $TTL 86400

92． @ IN SOA localhost. root.localhost. (

93． 1997022700 ; Serial

94． 28800 ; Refresh

95． 14400 ; Retry

96． 3600000 ; Expire

97． 86400 ) ; Minimum

98． IN NS localhost.

99． 1 IN PTR localhost.

100． Vi named.root

101． ftp://rs.internic.net/domain/下载最新的named.root文件内容

102． Vi test.zone

103． 输入以下内容并保存

104． $ttl 1D

105． @ IN SOA test.com. root.test.com. (

106． 1053891162

107． 3H

108． 15M

109． 1W

110． 1D )

111． IN NS test.com.

112． IN MX 5 test.com.

113． www IN A 192.168.1.100

114． www IN A 192.168.1.102

115． news IN A 192.168.1.101

116． china IN A 198.182.196.56

117． Vi test.local

118． 输入以下内容保存

119． $TTL 86400

120． @ IN SOA test.com. root.test.com.(

121． 20031001;

122． 7200;

123． 3600;

124． 43200;

125． 86400);

126． @ IN NS test.com.

127． 100 IN PTR www.test.com.

128． Vi witer666.local

129． 输入以下内容并保存

130． $TTL 86400

131． @ IN SOA witer666.com. root.witer666.com.(

132． 20031001;

133． 7200;

134． 3600;

135． 43200;

136． 86400);

137． @ IN NS witer666.com.

138． 100 IN PTR www.witer666.com.

139． Vi witer666.zone

140． 输入以下内容并保存

141． $ttl 1D

142． @ IN SOA test.com. root.witer666.com. (

143． 1053891166

144． 3H

145． 15M

146． 1W

147． 1D )

148． IN NS witer666.com.

149． IN MX 5 witer666.com.

150． www IN A 192.168.2.100

151． www IN A 192.168.2.102

152． news IN A 192.168.2.101

153． china IN A 192.168.2.58

154． Echo “nameserver 211.71.191.26” >/etc/resolv.conf//配置本地机DNS服务器为本地机IP地址

155． 启动named

156． /usr/local/named/sbin/named &

157． 查看是否有错误信息

158． Tail /var/log/message

159． Jun 25 14:28:48 localhost named[18506]: zone 2.168.192.in-addr.arpa/IN: loaded serial 20031001

160． Jun 25 14:28:48 localhost named[18506]: zone test.com/IN: NS 'test.com' has no address records (A or AAAA)

161． Jun 25 14:28:48 localhost named[18506]: zone test.com/IN: test.com/MX 'test.com' has no address records (A or AAAA)

162． Jun 25 14:28:48 localhost named[18506]: zone test.com/IN: loaded serial 1053891162

163． Jun 25 14:28:48 localhost named[18506]: zone witer666.com/IN: NS 'witer666.com' has no address records (A or AAAA)

164． Jun 25 14:28:48 localhost named[18506]: zone witer666.com/IN: witer666.com/MX 'witer666.com' has no address records (A or AAAA)

165． Jun 25 14:28:48 localhost named[18506]: zone witer666.com/IN: loaded serial 1053891166

166． Jun 25 14:28:48 localhost named[18506]: zone localhost/IN: loaded serial 42

167． Jun 25 14:28:48 localhost named[18506]: running［正常启动］

168． Jun 25 14:28:48 localhost named[18506]: zone witer666.com/IN: sending notifies (serial 1053891166)

169． Host www.witer666.com查看正向解析是否正常

170． 显示内容如下

171． www.witer666.com has address 192.168.2.100

172． www.witer666.com has address 192.168.2.102

173． Dig –x 192.168.2.100查看反向解析是否正常

174． 显示内容如下

175．

176． ; <<>> DiG 9.7.1 <<>> -x 192.168.2.100

177． ;; global options: +cmd

178． ;; Got answer:

179． ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 63485

180． ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 0

181．

182． ;; QUESTION SECTION:

183． ;100.2.168.192.in-addr.arpa. IN PTR

184．

185． ;; ANSWER SECTION:

186． 100.2.168.192.in-addr.arpa. 86400 IN PTR www.witer666.com.

187．

188． ;; AUTHORITY SECTION:

189． 2.168.192.in-addr.arpa. 86400 IN NS witer666.com.

190．

191． ;; Query time: 0 msec

192． ;; SERVER: 211.71.191.26#53(211.71.191.26)

193． ;; WHEN: Fri Jun 25 14:31:13 2010

194． ;; MSG SIZE rcvd: 88

195． DNS服务器配置OK，一切正常

三、相关命令

1./usr/local/named/sbin/named &

2.host www.test.com

3.nslookup www.test.com

4.dig –x 192.168.2.100

5./usr/local/named/sbin/rndc reload

6.ping 192.168.2.100