安装
配置文件
vim /etc/named.conf
acl slaves{ # 定义acl规则
10.0.2.11;
10.0.2.12;
};
acl clients{ # 定义acl规则
10.0.2.12/16;
};
options {
directory "/var/named"; # 工作目录
statistics-file "/var/named/stats"; #统计文件位置
allow-recursion {clients;}; # 允许递归查询的客户端。
#递归查询需要从根域一级一级查的查询(如baidu.com)。
#非递归查询:在当前的dns中就能直接获得结果的查询(如fang.com)。
#不在allow-recursion中的主机不能进行递归解析。但允许非递归查询。
listen-on port 53 {127.0.0.1;10.0.2.10;}; #监听哪些网卡,端口
};
zone "." IN { # 根域,当请求的域名是非本地域时,自动请求跟
type hint;
file "named.ca";
};
zone "localhost" IN { # localhost的解析
type master;
file "localhost.zone";
};
zone "0.0.127.in-addr.arpa" IN { # 127.0.0.* 网段的反解析(要倒着写)
type master;
file "named.local";
};
zone "fang.com" IN { # 配置fang.com域名的解析(用于内网)
type master; # master(主节点域,真正解析的域)
# slave(从节点域,同步master的域)
# forward(请求转发域)
# hint(默认解析域,一般指向根域)
file "fang.com.zone";
};
zone "0.10.in-addr.arpa" IN {
type master;
file "10.0.zone";
};
vim /var/named/fang.com.zone
$TTL 600
$ORIGIN fang.com.
@ IN SOA ns admin ( # SOA一定要出现在第一行,但可以在$TTL,$ORIGIN后面
1000000001 # 文件版本号,每次修改后续手动加1
1H # 刷新时间
10M # 重试时间按
1W # 过期 1周
1D ) # 让用户缓存一天
fang.com. IN NS ns # ns记录后面一定要有A记录
ns IN A 10.0.2.1
mail IN A 10.0.2.2 # 应为这个域名是内网域名,所以对应的ip都是内网ip
www IN A 10.0.2.3
www IN A 10.0.2.4
imap IN A 10.0.2.5
vim /var/named/named.ca
; <<>> DiG 9.9.4-P2-RedHat-9.9.4-12.P2 <<>> +norec NS . @a.root-servers.net
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 26229
;; flags: qr aa; QUERY: 1, ANSWER: 13, AUTHORITY: 0, ADDITIONAL: 24
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1472
;; QUESTION SECTION:
;. IN NS
;; ANSWER SECTION:
. 518400 IN NS a.root-servers.net.
. 518400 IN NS b.root-servers.net.
. 518400 IN NS c.root-servers.net.
. 518400 IN NS d.root-servers.net.
. 518400 IN NS e.root-servers.net.
. 518400 IN NS f.root-servers.net.
. 518400 IN NS g.root-servers.net.
. 518400 IN NS h.root-servers.net.
. 518400 IN NS i.root-servers.net.
. 518400 IN NS j.root-servers.net.
. 518400 IN NS k.root-servers.net.
. 518400 IN NS l.root-servers.net.
. 518400 IN NS m.root-servers.net.
;; ADDITIONAL SECTION:
a.root-servers.net. 518400 IN A 198.41.0.4
b.root-servers.net. 518400 IN A 192.228.79.201
c.root-servers.net. 518400 IN A 192.33.4.12
d.root-servers.net. 518400 IN A 199.7.91.13
e.root-servers.net. 518400 IN A 192.203.230.10
f.root-servers.net. 518400 IN A 192.5.5.241
g.root-servers.net. 518400 IN A 192.112.36.4
h.root-servers.net. 518400 IN A 128.63.2.53
i.root-servers.net. 518400 IN A 192.36.148.17
j.root-servers.net. 518400 IN A 192.58.128.30
k.root-servers.net. 518400 IN A 193.0.14.129
l.root-servers.net. 518400 IN A 199.7.83.42
m.root-servers.net. 518400 IN A 202.12.27.33
a.root-servers.net. 518400 IN AAAA 2001:503:ba3e::2:30
c.root-servers.net. 518400 IN AAAA 2001:500:2::c
d.root-servers.net. 518400 IN AAAA 2001:500:2d::d
f.root-servers.net. 518400 IN AAAA 2001:500:2f::f
h.root-servers.net. 518400 IN AAAA 2001:500:1::803f:235
i.root-servers.net. 518400 IN AAAA 2001:7fe::53
j.root-servers.net. 518400 IN AAAA 2001:503:c27::2:30
k.root-servers.net. 518400 IN AAAA 2001:7fd::1
l.root-servers.net. 518400 IN AAAA 2001:500:3::42
m.root-servers.net. 518400 IN AAAA 2001:dc3::35
;; Query time: 58 msec
;; SERVER: 198.41.0.4#53(198.41.0.4)
;; WHEN: Wed Apr 23 14:52:37 CEST 2014
;; MSG SIZE rcvd: 727
vim /var/named/localhost.zone
$TTL 600
@ IN SOA localhost. admin.localhost.(
1231231231
1H
10M
1W
1D )
IN NS localhost.
localhost. IN A 127.0.0.1
vim /var/named/named.local
$TTL 600
@ IN SOA localhost. admin.localhost.(
1231231231
1H
10M
1W
1D )
IN NS localhost.
1 IN PTR localhost.
vim /var/named/10.0.zone
$TTL 600
@ IN SOA dns.fang.com. admin.fang.com.(
1000000001
1H
10M
1W
1D )
IN NS dns.fang.com.
IN NS dns2.fang.com.
10.2 IN PTR dns.fang.com. # 反解析,对应ip 10.0.2.10
11.2 IN PTR dns2.fang.com.
12.2 IN PTR www.fang.com.
13.2 IN PTR www.fang.com.
配置管理客户端rndc