论坛徽章:: 0

电梯直达

1楼 [收藏(0)] [报告]

发表于 2008-02-28 12:05 |只看该作者 |倒序浏览

平台：redhat EL 5

第一步：软件下载：bind 9.4.2 地址 http://www.isc.org/index.pl

第二步：安装

         # tar zxvf bind-9.4.2.tar.gz
         # cd bind-9.4.2
         # ./configure --prefix=/usr/local/bind --sysconfdir=/etc
         # make
         # make install

第三步：配置

      生成/etc/rndc.conf
         #/usr/local/bind/sbin/rndc-confgen > /etc/rndc.conf
         # tail -10 /etc/rndc.conf|head -9|sed s/#\//g >>/etc/named.conf

         A）cache-only dns server 配置

            # vi /etc/named.conf

//this setting is only for forwarding dns server
options {
forward only;
forwarders {
211.94.69.34;
211.94.65.97;
};
pid-file "/usr/local/bind/var/run/named.pid";
};
key "rndc-key" {
algorithm hmac-md5;
secret "N2uQAFWNwrMIVKMapOFq0Q==";
};
controls {
inet 127.0.0.1 port 953
allow { 127.0.0.1; } keys { "rndc-key"; };
};

复制代码

B）完整 DNS SERVER 配置

            需要配置的文档大概如下几个：
               1./etc/named.conf
               2./etc/named/named.root
               3./etc/named/named.localhost
               4./etc/named/named.127.0.0
               5./etc/named/named.正解档案
               6./etc/named/named.反解档案

            hostname 与 ip地址规划 www.mysite.com ------> 192.168.0.105
                                             mail.mysite.com ------> 192.168.0.105
                                             ftp.mysite.com ------> 192.168.0.106
            编辑/etc/named.conf
                     # vi /etc/named.conf

// dns server
options {
directory "/etc/named";
forwarders {
211.94.69.34;
211.94.65.97;
};
pid-file "/usr/local/bind/var/run/named.pid";
allow-query { any; };
allow-transfer { none; };
};
zone "." {
type hint;
file "named.root";
};
zone "localhost" {
type master;
file "named.localhost";
};
zone "0.0.127.in-addr.arpa" {
type master;
file "named.127.0.0";
};
zone "mysite.com" {
type master;
file "named.mysite.com";
};
zone "0.168.192.in-addr.arpa" {
type master;
file "named.192.168.0";
};
key "rndc-key" {
algorithm hmac-md5;
secret "N2uQAFWNwrMIVKMapOFq0Q==";
};
controls {
inet 127.0.0.1 port 953
allow { 127.0.0.1; } keys { "rndc-key"; };
};

复制代码

建立目录/etc/named/  #mkdir /etc/named
                     先让自己的DNS服务器指向上游ISP提供的DNS服务器地址
               #echo "nameserver  211.94.69.34"> /etc/resolv.conf

                     获得 named.root 文档
               方法一、
               #ftp rs.internic.net
                        username anonymous
                        password:回车
                        ftp> cd domain
                        ftp> get named.root
                        ftp>bye

                     #cp named.root /etc/named

            方法二、
               #/usr/local/bind/bin/dig -t NS . >/etc/named/named.root

               编辑 /etc/named/named.localhost 文档

# vi /etc/named/named.localhost

$TTL 600

@    IN    SOA    localhost.    root.localhost. (

            20080228 ;serial

            28800 ;refresh

            14400 ;retry

            720000 ;expire

            86400 ;minimum

)

@             IN    NS    localhost.

localhost.    IN    A    127.0.0.1
复制代码
编辑/etc/named/named.127.0.0 文档
# vi /etc/named/named.127.0.0

$TTL 600

@    IN    SOA    localhost.    root.localhost. (

            20080228       ;serial

            28800          ;refresh

            14400          ;retry

            720000       ;expire

            86400          ;minium

)

@             IN    NS    localhost.

1             IN    PTR    localhost.
复制代码
编辑/etc/named/named.mysite.com正解文档
# vi /etc/named/named.mysite.com

$TTL 600

@    IN    SOA          mysite.com.    root.mysite.com. (

            20080228       ;serial

            28800          ;refresh

            14400          ;retry

            720000       ;expire

            86400          ;mininum

)

@                      IN    NS    mysite.com.

@                      IN    MX 10 mail.mysite.com.

mysite.com.          IN    A    192.168.0.105

www                   IN    A    192.168.0.105

mail                   IN    CNAME www

ftp                   IN    A    192.168.0.106
复制代码
编辑/etc/named/named.192.168.0反解文档
# vi /etc/named/named.192.168.0

$TTL 600

@    IN    SOA    mysite.com.    root.mysite.com. (

            20080228

            28800

            14400

            720000

            86400

)

@    IN    NS    mysite.com.

105    IN    PTR    mysite.com.

105    IN    PTR    [url]www.mysite.com.[/url]

106    IN    PTR    ftp.mysite.com.
复制代码

第四步：启动测试

让自己的DNS服务器指向自己
#echo "nameserver  127.0.0.1"> /etc/resolv.conf

启动bind
#/usr/local/bind/sbin/named

[root@localhost ~]# nslookup
> mysite.com
Server:       127.0.0.1
Address:       127.0.0.1#53
Name: mysite.com
Address: 192.168.0.105
> ftp.mysite.com
Server:       127.0.0.1
Address:       127.0.0.1#53
Name: ftp.mysite.com
Address: 192.168.0.106
> mail.mysite.com
Server:       127.0.0.1
Address:       127.0.0.1#53
mail.mysite.com canonical name = www.mysite.com.
Name: www.mysite.com
Address: 192.168.0.105
> set type=mx
> mysite.com
Server:       127.0.0.1
Address:       127.0.0.1#53
mysite.com    mail exchanger = 10 mail.mysite.com.
> set type=a
> www.mysite.com
Server:       127.0.0.1
Address:       127.0.0.1#53
Name: www.mysite.com
Address: 192.168.0.105
> 192.168.0.105
Server:       127.0.0.1
Address:       127.0.0.1#53
105.0.168.192.in-addr.arpa    name = www.mysite.com.
105.0.168.192.in-addr.arpa    name = mysite.com.
> 192.168.0.106
Server:       127.0.0.1
Address:       127.0.0.1#53
106.0.168.192.in-addr.arpa    name = ftp.mysite.com.
>