- 论坛徽章:
- 0
|
login as: root
[email=root@192.168.0.252's]root@192.168.0.252's[/email]
password:
Last login: Fri Jul 11 02:51:43 2008 from 192.168.0.1
[root@localhost ~]# rpm -qa |grep bind //查询本机安装的bind软件包
bind-utils-9.3.3-7.el5
bind-chroot-9.3.3-7.el5
kdebindings-3.5.4-1.fc6
bind-9.3.3-7.el5
ypbind-1.19-7.el5
bind-libs-9.3.3-7.el5
__________________________________________________________________________________________________________
命令介绍:rpm命令
Linux下用rpm命令来安装rpm软件包。
rpm -qa 软件包名称 (参数介绍:查询系统是否安装了某一rpm软件包,可以用-qa参数)
rpm -ivh 软件包名称 (参数介绍:-i : install,安装软件。
-v : verify,检测套件是否正确安装。
-h : hash,安装时在屏幕依次打印hash表示(即#符号)显示安装进度)
rpm -ql 软件包名称 (参数介绍:列出某一rpm软件包内的文件信息,用-ql参数)
—————————————————————————————————————————————————————
[root@localhost ~]# rpm -ql bind-9.3.3-7.el5 //查看bind-9.3.3-7.el5在系统中安装文件信息
/etc/dbus-1/system.d/named.conf
/etc/logrotate.d/named
/etc/rc.d/init.d/named
/etc/sysconfig/named
/usr/sbin/bind-chroot-admin
......
现在还必须装上两个包:caching-nameserver-9.3.3-7.el5.i386.rpm和xinetd-2.3.14-10.el5.i386.rpm
插入光盘(我的Red Hat Enterprise Llinux 5 的安装光盘只有一张)
[root@localhost ~]# cd /media
[root@localhost media]# ls
[root@localhost media]# mkdir cdrom
[root@localhost media]# ls
cdrom
[root@localhost media]# mount /dev/cdrom /media/cdrom //挂载光盘到/media/cdrom目录下
mount: block device /dev/cdrom is write-protected, mounting read-only
[root@localhost media]# cd cdrom
[root@localhost cdrom]# ls
Cluster README-or.html RELEASE-NOTES-ml.html
ClusterStorage README-pa.html RELEASE-NOTES-mr.html
EULA README-pt_BR.html RELEASE-NOTES-or.html
eula.en_US README-ru.html RELEASE-NOTES-pa.html
GPL README-si.html RELEASE-NOTES-pt_BR.html
images README-ta.html RELEASE-NOTES-ru.html
isolinux README-te.html RELEASE-NOTES-si.html
README-as.html README-zh_CN.html RELEASE-NOTES-ta.html
README-bn.html README-zh_TW.html RELEASE-NOTES-te.html
README-de.html RELEASE-NOTES-as.html RELEASE-NOTES-zh_CN.html
README-en RELEASE-NOTES-bn.html RELEASE-NOTES-zh_TW.html
README-en.html RELEASE-NOTES-de.html RPM-GPG-KEY-fedora
README-es.html RELEASE-NOTES-en RPM-GPG-KEY-fedora-test
README-fr.html RELEASE-NOTES-en.html RPM-GPG-KEY-redhat-auxiliary
README-gu.html RELEASE-NOTES-es.html RPM-GPG-KEY-redhat-beta
README-hi.html RELEASE-NOTES-fr.html RPM-GPG-KEY-redhat-former
README-it.html RELEASE-NOTES-gu.html RPM-GPG-KEY-redhat-release
README-ja.html RELEASE-NOTES-hi.html Server (进这个目录)
README-kn.html RELEASE-NOTES-it.html TRANS.TBL
README-ko.html RELEASE-NOTES-ja.html VT
README-ml.html RELEASE-NOTES-kn.html
README-mr.html RELEASE-NOTES-ko.html
[root@localhost cdrom]# cd Server/ //关于服务的软件包放在Server目录下
[root@localhost Server]# ls ca* //列出以ca开头的软件包
cachefilesd-0.7-6.el5.i386.rpm castor-0.9.5-1jpp.7.i386.rpm
caching-nameserver-9.3.3-7.el5.i386.rpm castor-demo-0.9.5-1jpp.7.i386.rpm
(这个是我们要安装的软件包)
cadaver-0.22.3-4.el5.i386.rpm castor-doc-0.9.5-1jpp.7.i386.rpm
cairo-1.2.4-1.fc6.i386.rpm castor-javadoc-0.9.5-1jpp.7.i386.rpm
cairo-devel-1.2.4-1.fc6.i386.rpm castor-test-0.9.5-1jpp.7.i386.rpm
cairo-java-1.0.5-3.fc6.i386.rpm castor-xml-0.9.5-1jpp.7.i386.rpm
cairo-java-devel-1.0.5-3.fc6.i386.rpm
[root@localhost Server]# rpm -ivh caching-nameserver-9.3.3-7.el5.i386.rpm //安装caching-nameserver-9.3.3-7.el5.i386.rpm包,关于rpm -ivh命令,上面有介绍
warning: caching-nameserver-9.3.3-7.el5.i386.rpm: Header V3 DSA signature: NOKEY , key ID 37017186
Preparing... ########################################### [100%]
1:caching-nameserver ########################################### [100%]
[root@localhost Server]# ls xine*
xinetd-2.3.14-10.el5.i386.rpm
[root@localhost Server]# rpm -qa xinetd-2.3.14-10.el5.i386.rpm //安装xinetd-2.3.14-10.el5.i386.rpm 包
[root@localhost Server]# rpm -ivh xinetd-2.3.14-10.el5.i386.rpm
warning: xinetd-2.3.14-10.el5.i386.rpm: Header V3 DSA signature: NOKEY, key ID 3 7017186
Preparing... ########################################### [100%]
1:xinetd ########################################### [100%]
[root@localhost Server]# rpm -ql caching-nameserver-9.3.3-7.el5 //列出caching-nameserver-9.3.3-7.el5.i386.rpm包内的文件信息
/etc/named.caching-nameserver.conf //这个文件相当于其他版本中Linux中的/etc/named.conf文件
/etc/named.rfc1912.zones //这个模板配置文件
/usr/share/doc/caching-nameserver-9.3.3
.......
[root@localhost media]# umount /dev/cdrom /media/cdrom //用umount卸载光盘,卸载光盘时一定要推出挂载光盘的目录cdrom
umount: /dev/hdc: not mounted
umount: /dev/hdc: not mounted
[root@localhost media]# ls cdrom
[root@localhost media]# cd cdrom
[root@localhost cdrom]# ls //cdrom目录中没有内容,证明卸载成功
[root@localhost cdrom]# cd
[root@localhost ~]# cd /var/named/chroot/etc
[root@localhost etc]# ls
localtime named.caching-nameserver.conf named.rfc1912.zones rndc.key
[root@localhost etc]# vi named.caching-nameserver.conf
(named.caching-nameserver.conf其实这个文件相当于/etc/named.conf文件,是不用修改的。但也可以修改,修改的地方按我下面操作。
这个文件如不修改,要这样操作:cp named.caching-nameserver.conf /etc/named.conf 。文件修改之后DNS做不成功也不奇怪,请往下
看,下面有例子)
[root@localhost etc]# more named.caching-nameserver.conf //这个文件中要修改四个地方
//
// named.caching-nameserver.conf
//
// Provided by Red Hat caching-nameserver package to configure the
// ISC BIND named(8) DNS server as a caching only nameserver
// (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
// DO NOT EDIT THIS FILE - use system-config-bind or an editor
// to create named.conf - edits to this file will be lost on
// caching-nameserver package upgrade.
//
options {
// listen-on port 53 { 127.0.0.1; }; //把这一行注释掉,在这一行的最前面划"//"
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
query-source port 53;
query-source-v6 port 53;
// allow-query { localhost; }; //把这一行注释掉
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
view localhost_resolver {
// match-clients { localhost; }; //把这一行注释掉
// match-destinations { localhost; }; //把这一行注释掉
recursion yes;
include "/etc/named.rfc1912.zones";
};
[root@localhost etc]# vi named.rfc1912.zones //接下来修改模板文件,创建自己想要域名
[root@localhost etc]# cat named.rfc1912.zones
// named.rfc1912.zones:
//
// Provided by Red Hat caching-nameserver package
//
// ISC BIND named zone configuration for zones recommended by
// RFC 1912 section 4.1 : localhost TLDs and address zones
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
zone "." IN {
type hint;
file "named.ca";
};
zone "localdomain" IN {
type master;
file "localdomain.zone";
allow-update { none; };
};
zone "localhost" IN {
type master;
file "localhost.zone";
allow-update { none; };
};
zone "0.0.127.in-addr.arpa" IN {
type master;
file "named.local";
allow-update { none; };
};
zone "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN {
type master;
file "named.ip6.local";
allow-update { none; };
};
zone "255.in-addr.arpa" IN {
type master;
file "named.broadcast";
allow-update { none; };
};
zone "0.in-addr.arpa" IN {
type master;
file "named.zero";
allow-update { none; };
};
zone "wnt.com" IN { //这是我创建的“wnt.com”的域名,我现在做的是正向的DNS(为什么要创建这个域名呢,因为我是清华万博的学员,哈哈。。。)
type master;
file "wnt.com.zone"; //我创建的区域文件名为“wnt.com.zone”
allow-update { none; };
};
[root@localhost etc]# cd /var/named
[root@localhost named]# pwd
/var/named
[root@localhost named]# ls //接下来在/var/named这个目录下创建区域配置文件,区域配置文件可以说是域名的档案
chroot data localdomain.zone localhost.zone named.broadcast named.ca named.ip6.local named.local named.zero slaves
[root@localhost named]# cp -p localhost.zone wnt.com.zone //为了使区域配置文件生效,我们需要复制一个系统里的区域配置文件的
模板,复制文件名为自己要创建的区域配置文件名。在这里我要创建的区域配置文件名为wnt.com.zone。复制的时候一定要注意连原文件的文件属性一起复制)
[root@localhost named]# ls -l
总计 60
drwxr-x--- 5 root named 4096 06-20 21:56 chroot
drwxrwx--- 2 named named 4096 2007-01-17 data
lrwxrwxrwx 1 root named 45 07-11 02:59 localdomain.zone -> /var/named/chroot//var/named/localdomain.zone
lrwxrwxrwx 1 root named 43 07-11 02:59 localhost.zone -> /var/named/chroot//var/named/localhost.zone
lrwxrwxrwx 1 root named 44 07-11 02:59 named.broadcast -> /var/named/chroot//var/named/named.broadcast
lrwxrwxrwx 1 root named 37 07-11 02:59 named.ca -> /var/named/chroot//var/named/named.ca
lrwxrwxrwx 1 root named 44 07-11 02:59 named.ip6.local -> /var/named/chroot//var/named/named.ip6.local
lrwxrwxrwx 1 root named 40 07-11 02:59 named.local -> /var/named/chroot//var/named/named.local
lrwxrwxrwx 1 root named 39 07-11 02:59 named.zero -> /var/named/chroot//var/named/named.zero
drwxrwx--- 2 named named 4096 2007-01-17 slaves
-rw-r----- 1 root named 195 2007-01-17 wnt.com.zone //这是我的区域配置文件
[root@localhost named]# vi wnt.com.zone
[root@localhost named]# more wnt.com.zone //这是我编辑后的区域配置文件
$TTL 86400
@ IN SOA
www.wnt.com
. root (
42 ; serial (d. adams)
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum
IN NS
www.wnt.com
.
www IN A 192.168.0.100
[root@localhost named]# named-checkconf
none:0: open: /etc/named.conf: file not found
————————————————————————————————————
使用BIND配置检查工具:
named-checkconf:检查named.conf文件。 (我们前面修改了named.caching-nameserver.conf文件后,使用这个工具检查发现问题,发现问题就按系统提示
的信息操作: cp /var/named/chroot/etc/named.caching-nameserver.conf /etc/named.conf
named-checkzone:检查数据库文件。关于这个命令的用法,请看下面的操作。
________________________________________________________________________
[root@localhost named]# cp /var/named/chroot/etc/named.caching-nameserver.conf /etc/named.conf
[root@localhost named]# named-checkconf //这回没出现提示了,证明这步我们做对了
[root@localhost named]# named-checkzone //我们只打这个命令,是得不到自己想要的结果的
usage: named-checkzone [-djqvD] [-c class] [-o output] [-t directory] [-w directory] [-k (ignore|warn|fail)] [-n (ignore|warn|fail)] zonename filename
[root@localhost named]# named-checkzone wnt.com.zone /var/named/wnt.com.zone //这个是 named-checkzone 工具用法的例子,系统没出现什么
提示,证明我们配置的区域文件没错
zone wnt.com.zone/IN: loaded serial 42
OK
[root@localhost named]# service named start //一切都配置好之后,启动named服务。我们什么都配置好了,但为什么named服务还是不能启动呢?我们看一下提示
启动 named:
named配置错误::
zone localdomain/IN: loaded serial 42
zone localhost/IN: loaded serial 42
zone 0.0.127.in-addr.arpa/IN: loaded serial 1997022700
zone 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN: loaded serial 1997022700
zone 255.in-addr.arpa/IN: loaded serial 42
zone 0.in-addr.arpa/IN: loaded serial 42
zone wnt.com/IN: loading master file wnt.com.zone: file not found //提示说wnt.com.zone这个文件找不到,为什么会出现这样的问题呢,请看下面的操作
localhost_resolver/wnt.com/IN: file not found
[失败]
[root@localhost named]# ls -l //我们现在是在/var/named目录下面,我们会发现
总计 60
drwxr-x--- 6 root named 4096 07-11 03:16 chroot
drwxrwx--- 2 named named 4096 2007-01-17 data
lrwxrwxrwx 1 root named 45 07-11 02:59 localdomain.zone -> /var/named/chroot//var/named/localdomain.zone //这是连接文件
lrwxrwxrwx 1 root named 43 07-11 02:59 localhost.zone -> /var/named/chroot//var/named/localhost.zone
lrwxrwxrwx 1 root named 44 07-11 02:59 named.broadcast -> /var/named/chroot//var/named/named.broadcast
lrwxrwxrwx 1 root named 37 07-11 02:59 named.ca -> /var/named/chroot//var/named/named.ca
lrwxrwxrwx 1 root named 44 07-11 02:59 named.ip6.local -> /var/named/chroot//var/named/named.ip6.local
lrwxrwxrwx 1 root named 40 07-11 02:59 named.local -> /var/named/chroot//var/named/named.local
lrwxrwxrwx 1 root named 39 07-11 02:59 named.zero -> /var/named/chroot//var/named/named.zero
drwxrwx--- 2 named named 4096 2007-01-17 slaves
-rw-r----- 1 root named 225 07-11 03:14 wnt.com.zone //我们创建的区域配置文件确实是通文件,这就是问题的所在,这时我们需要在这些连接文件的真实存放地点
创建一个一模一样的wnt.com.zone文件
[root@localhost named]# cd chroot/var/named
[root@localhost named]# pwd //现在我们所在的目录
/var/named/chroot/var/named
[root@localhost named]# ls //这时那些连接文件的原文件
data localdomain.zone localhost.zone named.broadcast named.ca named.ip6.local named.local named.zero slaves
[root@localhost named]# ls -l //注意看那些连接文件原文件的属性,和我在/var/named目录中建立的wnt.com.zone文件的属性一模一样
总计 72
drwxrwx--- 2 named named 4096 2004-08-26 data
-rw-r----- 1 root named 198 2007-01-17 localdomain.zone
-rw-r----- 1 root named 195 2007-01-17 localhost.zone
-rw-r----- 1 root named 427 2007-01-17 named.broadcast
-rw-r----- 1 root named 2518 2007-01-17 named.ca
-rw-r----- 1 root named 424 2007-01-17 named.ip6.local
-rw-r----- 1 root named 426 2007-01-17 named.local
-rw-r----- 1 root named 427 2007-01-17 named.zero
drwxrwx--- 2 named named 4096 2004-07-27 slaves
[root@localhost named]# cp -p /var/named/wnt.com.zone /var/named/chroot/var/named/wnt.com.zone //现在我们把/var/named目录中的wnt.com.zone文件
连属性都一起复制到/var/named/chroot/var/named目录下
[root@localhost named]# service named start //现在重新启动named服务,能启动了
启动 named: [确定]
[root@localhost named]#
现在named服务能启动了,但我们需要在两个地方创建区域文件。如果我们直接在/var/named/chroot/var/named创建区域配置文件,不在/var/named
目录下创建文件,是否也能启动named服务呢?下面我们来做这个实验。
[root@localhost named]# pwd
/var/named/chroot/var/named
[root@localhost named]# cd /var/named
[root@localhost named]# ls
chroot localdomain.zone named.broadcast named.ip6.local named.zero wnt.com.zone
data localhost.zone named.ca named.local slaves
[root@localhost named]# rm wnt.com.zone //现在我把在/var/named目录下的wnt.com.zone文件给删掉
rm:是否删除 一般文件 “wnt.com.zone”? y
[root@localhost named]# ls
chroot data localdomain.zone localhost.zone named.broadcast named.ca named.ip6.local named.local named.zero slaves
[root@localhost named]# service named restart //现在重启named服务也能启动,这证明只要在/var/named/chroot/var/named下创建区域配置文件就可以了
停止 named: [确定]
启动 named: [确定]
[root@localhost named]#
[root@localhost named]# nslookup //现在,我们用nslookup来检验DNS是否成功
>
www.wnt.com
Server: 127.0.0.1
Address: 127.0.0.1#53
Name:
www.wnt.com
Address: 192.168.0.100
> exit
[root@localhost named]#
正向的DNS做成功了
接下来做反向的DNS
[root@localhost etc]# ls
localtime named.caching-nameserver.conf named.rfc1912.zones rndc.key
[root@localhost etc]# vi named.rfc1912.zones
[root@localhost etc]# less named.rfc1912.zones
[root@localhost etc]# tail named.rfc1912.zones
zone "wnt.com.zone" IN {
type master;
file "wnt.com.zone";
allow-update { none; };
};
zone "0.168.192.in-addr.arpa" IN { //这是我创建的wnt.com.zone的反向DNS
type master;
file "192.168.0.zone"; //数据库文件名为192.168.0.zone
allow-update { none; };
};
[root@localhost etc]# cd /var/named/chroot/var/named/ //我现在直接到/var/named/chroot/var/named创建区域配置文件
[root@localhost named]# ls
data localhost.zone named.ca named.local slaves
localdomain.zone named.broadcast named.ip6.local named.zero wnt.com.zone
[root@localhost named]# cp -p named.local 192.168.0.zone //我现在创建192.168.0.zone的文件
[root@localhost named]# ls
192.168.0.zone localdomain.zone named.broadcast named.ip6.local named.zero wnt.com.zone
data localhost.zone named.ca named.local slaves
[root@localhost named]# vi 192.168.0.zone
[root@localhost named]# more 192.168.0.zone
$TTL 86400
@ IN SOA
www.wnt.com
. root.www.wnt.com. (
1997022700 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS
www.wnt.com
.
100 IN PTR www.
[root@localhost named]# named-checkzone 192.168.0.zone /var/named/chroot/var/named/192.168.0.zone //用named-checkzone工具检查数据库文件,没出现错误提示
zone 192.168.0.zone/IN: loaded serial 1997022700
OK
[root@localhost named]# service named restart //现在重新启动named服务,成功了
停止 named: [确定]
启动 named: [确定]
[root@localhost named]# nslookup //用nslookup命令检查反向DNS是否成功
>
www.wnt.com
Server: 127.0.0.1
Address: 127.0.0.1#53
Name:
www.wnt.com
Address: 192.168.0.100
> 192.168.0.100
Server: 127.0.0.1
Address: 127.0.0.1#53
100.0.168.192.in-addr.arpa name = www.
> exit
[root@localhost named]#
哈哈,正反向的DNS都做成功了!
注明:这是清华万博学员某某的原创,欢迎大家观看!
本文来自ChinaUnix博客,如果查看原文请点:http://blog.chinaunix.net/u2/62303/showart_1078900.html |
|
免费注册
发表于 2008-07-11 15:14