时间:2015-06-28 00:00 来源:IT猫扑网|http://www.itmop.com/ 作者:网管联盟 我要评论(0)
一、DNS服务器安装
1、 软件列表
BIND 9.3.2
ftp://ftp.isc.org/isc/bind9/9.3.2/bind-9.3.2.tar.gz
ftp://ftp.isc.org/isc/bind9/9.4.0a6/bind-9.4.0a6.tar.gz
2、 安装BIND 9
安装BIND9:
# tar zxvf bind-9.3.2.tar.gz
# cd bind-9.3.2
# ./configure --prefix=/usr/local/named --disable-ipv6
# make && make install
建立BIND用户:
# groupadd bind
# useradd -g bind -d /usr/local/named -s /sbin/nologin bind
创建配置文件目录:
# mkdir –p /usr/local/named/etc
# chown bind:bind /usr/local/named/etc
# chmod 700 /usr/local/named/etc
二、named.conf的配置
创建主要的配置文件:
# vi /usr/local/named/etc/named.conf
===========================named.conf=======================
acl &trust-lan& { 127.0.0.1/8; 192.168.0.0/16;};
options {
directory &/usr/local/named/etc/&;
pid-file &/var/run/named/named.pid&;
version &0.0.0&;
datasize 40M;
allow-transfer {
&trust-lan&;};
recursion yes;
allow-notify {
&trust-lan&;
};
allow-recursion {
&trust-lan&;
};
auth-nxdomain no;
forwarders {
211.162.106.9;
211.162.106.254;};
};
#p#副标题#e#
logging {
channel warning
{ file &/var/log/named/dns_warnings& versions 3 size 1240k;
severity warning;
print-category yes;
print-severity yes;
print-time yes;
};
channel general_dns
{ file &/var/log/named/dns_logs& versions 3 size 1240k;
severity info;
print-category yes;
print-severity yes;
print-time yes;
};
category default { warning; };
category queries { general_dns; };
};
zone &.& {
type hint;
file &named.root&;
};
acl &CNC& {
58.16.0.0/16;
58.17.0.0/17;
58.17.128.0/17;
58.18.0.0/16;
58.19.0.0/16;
58.20.0.0/16;
58.21.0.0/16;
注:这些根据情况输入IP地址段
};
view &view_cnc& {
match-clients { CNC; };
zone &.& {
type hint;
file &named.root&;
};
zone &0.0.127.IN-ADDR.ARPA& {
type master;
file &localhost.rev&;
};
include &master/cnc.def&;
};
view &view_any& {
match-clients { any; };
zone &.& {
type hint;
file &named.root&;
};
zone &0.0.127.IN-ADDR.ARPA& {
type master;
file &localhost.rev&;
};
include &master/telecom.def&;
};
添加完成后,保存。
三、更新根区文件:
# cd /usr/local/named/etc/
# wget ftp://ftp.internic.org/domain/named.root
创建PID和日志文件:
# mkdir /var/run/named/
# chmod 777 /var/run/named/
# chown bind:bind /var/run/named/
# mkdir /var/log/named/
# touch /var/log/named/dns_warnings
# touch /var/log/named/dns_logs
# chown bind:bind /var/log/named/*
# mkdir master
# touch master/cnc.def
# touch master/telecom.def
#p#副标题#e#
生成rndc-key:
# cd /usr/local/named/etc/
# ../sbin/rndc-confgen > rndc.conf
把rndc.conf中:
# Use with the following in named.conf, adjusting the allow list as needed:
后面以的部分加到/usr/local/named/etc/named.conf中并去掉注释
运行测试:
# /usr/local/named/sbin/named -gc /usr/local/named/etc/named.conf &
状态检查:
# /usr/local/named/sbin/rndc status
四、建立启动脚本:
# vi /etc/init.d/named
============================== named.sh============================
#!/bin/bash
#
# named a network name service.
#
#
# chkconfig: 545 35 75
# description: a name server
#
if [ `id -u` -ne 0 ]
then
echo &ERROR:For bind to port 53,must run as root.&
exit 1
fi
case && in
start)
if [ -x /usr/local/named/sbin/named ]; then
/usr/local/named/sbin/named -u bind -c /usr/local/named/etc/named.conf && echo . && echo 'BIND9 server started.'
fi
;;
stop)
kill `cat /var/run/named/pid` && echo . && echo 'BIND9 server stopped.'
;;
restart)
echo .
echo &Restart BIND9 server&
stop
sleep 10
start
;;
*)
echo & start | stop | restart&
;;
esac
===============================named.sh============================
# chmod 755 /etc/init.d/named
# chown root:root /etc/init.d/named
# chkconfig --add named
# chkconfig named on
五、添加一个NS
在域名的管理网站上,设定NS服务器为你安装的DNS
六、添加一个域名
# cd /usr/local/named/etc/master
# mkdir cnc
# mkdir telecom
# vi cnc.def
添加
zone &724cn.com& {
type master;
file &master/cnc/724cn.com&;
};
# vi telecom.def
添加
zone &724cn.com& {
type master;
file &master/telecom/724cn.com&;
};
添加网通的解析,解析到的IP为61.45.55.78
#vi cnc/724cn.com
添加
$TTL 3600
$origin 724cn.com.
@ IN SOA ns.724cn.com. root.ns.724cn.com.(
2005121013 ;Serial
3600 ; Refresh ( seconds )
900 ; Retry ( seconds )
68400 ; Expire ( seconds )
15 );Minimum TTL for Zone ( seconds )
;
@ IN NS ns.724cn.com.
@ IN A 211.162.106.9
www IN A 211.162.106.9
;
;end
添加电信的解析,解析到的IP为210.75.1.178
#vi telecom/724cn.com
添加
#p#副标题#e#
$TTL 3600
$ORIGIN 724cn.com.
@ IN SOA ns.724cn.com. root.ns.724cn.com.(
2005121013 ;Serial
3600 ; Refresh ( seconds )
900 ; Retry ( seconds )
68400 ; Expire ( seconds )
15 );Minimum TTL for Zone ( seconds )
;
@ IN NS ns.724cn.com.
@ IN A 211.162.106.254
www IN A 211.162.106.254
;
;end
#/usr/local/named/sbin/rndc reload
OK,到此你的DNS服务器就算是跑起来了。试一下分别用网通和电信的线路ping一下吧.
附:获取IP地址范围方法:
1、 利用shell程序获取IP地址段
#!/bin/sh
FILE=/root/study/apnic/ip_apnic
rm -f $FILE
wget 关键词标签:linux,DNS配置
相关阅读 安装红帽子RedHat Linux9.0操作系统教程 Tomcat9.0如何安装_Tomcat9.0环境变量配置方法 多种操作系统NTP客户端配置 Linux操作系统修改IP Linux实现SCSI硬盘热插拔及在线识别 Linux下用CDMA modem拨号上网
热门文章
安装红帽子RedHat Linux9.0操作系统教程
Linux服务器:设计高性能网站架构-LLMP
使用Clonezilla迁移到虚拟Linux环境
Linux上的MRTG流量监控中心
Linux 双网卡绑定一个IP原理及实现
linux和windows等系统远程控制ubuntu桌面
人气排行 Linux下获取CPUID、硬盘序列号与MAC地址 dmidecode命令查看内存型号 linux tc实现ip流量限制 安装红帽子RedHat Linux9.0操作系统教程 linux下解压rar文件 lcx.exe、nc.exe、sc.exe入侵中的使用方法 Ubuntu linux 关机、重启、注销 命令 查看linux服务器硬盘IO读写负载 linux命令行浏览器的使用方法 Linux NFS服务固定端口及防火墙配置 U盘安装Ubuntu 10.04 Linux清除用户登录记录和命令历史方法
查看所有0条评论>>