用BIND配置区域委派DNS服务

windup2
0 ℃
2019-10-17

整理文档很辛苦，赏杯茶钱您下走！

还剩 ... 页未读，继续阅读 >>

免费阅读已结束，点击下载阅读编辑剩下 ... 页

阅读已结束，您可以下载文档离线阅读编辑

资源描述

用BIND配置区域委派DNS服务撰写者信息：AlinFang(FangYunlin)MSN:cst05001@hotmail.comGTalk:cst05001@gmail.comBlog:修改日期：30Oct,2008第1次修改版权：GNU声明：本人实验笔记，非权威文档。如有错误请告知。十分感谢！正文：拓扑图实验环境：操作系统：RedHatEnterpriseLinux5update2网络：net:192.168.200.128/25org:192.168.200.0/25dnsserverroot:eth0:192.168.200.126/25eth1:192.168.200.254/25dnsserverorg:eth0:192.168.200.125/25dnsservernet:eth0:192.168.200.253/25对root服务器进行操作在root机上安装bind以及相关组件：[root@root-ns~]#yuminstall-ybindbind-chrootcaching-nameserverLoadingsecuritypluginLoadingrhnpluginpluginThissystemisnotregisteredwithRHN.RHNsupportwillbedisabled.SettingupInstallProcessParsingpackageinstallargumentsResolvingDependencies--Runningtransactioncheck---Packagebind-chroot.i38630:9.3.4-6.P1.el5settobeupdated---Packagecaching-nameserver.i38630:9.3.4-6.P1.el5settobeupdated---Packagebind.i38630:9.3.4-6.P1.el5settobeupdated--FinishedDependencyResolutionDependenciesResolved=============================================================================PackageArchVersionRepositorySize=============================================================================Installing:bind-chrooti38630:9.3.4-6.P1.el5Server41kcaching-nameserveri38630:9.3.4-6.P1.el5Server58kInstallingfordependencies:bindi38630:9.3.4-6.P1.el5Server959kTransactionSummary=============================================================================Install3Package(s)Update0Package(s)Remove0Package(s)Totaldownloadsize:1.0MDownloadingPackages:(1/3):bind-chroot-9.3.4-100%|=========================|41kB00:00(2/3):bind-9.3.4-6.P1.el100%|=========================|959kB00:00(3/3):caching-nameserver100%|=========================|58kB00:00Runningrpm_check_debugRunningTransactionTestFinishedTransactionTestTransactionTestSucceededRunningTransactionInstalling:bind#########################[1/3]Installing:bind-chroot#########################[2/3]Installing:caching-nameserver#########################[3/3]Installed:bind-chroot.i38630:9.3.4-6.P1.el5caching-nameserver.i38630:9.3.4-6.P1.el5DependencyInstalled:bind.i38630:9.3.4-6.P1.el5Complete![root@root-ns~]#BIND+bind-chroot+cachiing-namerserver之后，配置文件存放在这里[root@root-ns~]#cd/var/named/chroot/[root@root-nschroot]#pwd/var/named/chroot[root@root-nschroot]#配置named.conf[root@root-nschroot]#cdetc/[root@root-nsetc]#pwd/var/named/chroot/etc[root@root-nsetc]#lslocaltimenamed.caching-nameserver.confnamed.rfc1912.zonesrndc.key[root@root-nsetc]#mvnamed.caching-nameserver.confnamed.conf[root@root-nsetc]#vimnamed.conf这个是我的配置aclorg{192.168.200.0/25;};aclnet{192.168.200.128/25;};options{listen-onport53{127.0.0.1;org;net;};listen-on-v6port53{::1;};directory/var/named;dump-file/var/named/data/cache_dump.db;statistics-file/var/named/data/named_stats.txt;memstatistics-file/var/named/data/named_mem_stats.txt;query-sourceport53;query-source-v6port53;allow-query{localhost;org;net;};};logging{channeldefault_debug{filedata/named.run;severitydynamic;};};viewmy_resolver{match-clients{localhost;org;net;};match-destinations{localhost;};recursionyes;include/etc/named.zones;};配置name.zones[root@root-nsetc]#mvnamed.rfc1912.zonesnamed.zones[root@root-nsetc]#vimnamed.zones这个是我的配置zone.IN{typehint;filenamed.ca;};zonelocaldomainIN{typemaster;filelocaldomain.zone;allow-update{none;};};zonelocalhostIN{typemaster;filelocalhost.zone;allow-update{none;};};zone0.0.127.in-addr.arpaIN{typemaster;filenamed.local;allow-update{none;};};zone0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpaIN{typemaster;filenamed.ip6.local;allow-update{none;};};zone255.in-addr.arpaIN{typemaster;filenamed.broadcast;allow-update{none;};};zone0.in-addr.arpaIN{typemaster;filenamed.zero;allow-update{none;};};zone.IN{typemaster;fileroot.zone;allow-update{none;};};检查下配置的语法是否正确[root@root-nsetc]#named-checkconf-t/var/named/chroot/[root@root-nsetc]#配置zone文件[root@root-nsnamed]#lltotal36drwxrwx---2namednamed4096Aug262004data-rw-r-----1rootnamed198Feb292008localdomain.zone-rw-r-----1rootnamed195Feb292008localhost.zone-rw-r-----1rootnamed427Feb292008named.broadcast-rw-r-----1rootnamed1892Feb292008named.ca-rw-r-----1rootnamed424Feb292008named.ip6.local-rw-r-----1rootnamed426Feb292008named.local-rw-r-----1rootnamed427Feb292008named.zerodrwxrwx---2namednamed4096Jul272004slaves[root@root-nsnamed]#配置root.zone这个是我的配置$TTL86400@INSOA@root(42;serial(d.adams)3H;refresh15M;retry1W;expiry1D);minimumINNS@orgINNSns.orgnetINNSns.netINA127.0.0.1INAAAA::1ns.org.INA192.168.200.125ns.net.INA192.168.200.253检查文件权限以及语法是否正确[root@root-nsnamed]#llroot.zone-rw-r-----1rootroot295Oct3020:22root.zone[root@root-nsnamed]#chownroot.namedroot.zone[root@root-nsnamed]#named-checkzoneroot.zoneusage:named-checkzone[-djqvD][-cclass][-ooutput][-tdirectory][-wdirectory][-k(ignore|warn|fail)][-n(ignore|warn|fail)]zonenamefilename[root@root-nsnamed]#named-checkzone.root.zonezone./IN:loadedserial42OK[root@root-nsnamed]#启动BIND[root@root-nsnamed]#servicenamedrestartStoppingnamed:[OK]Startingnamed:[OK][root@root-nsnamed]#chkconfig--level35namedon[root@root-nsnamed]#BIND已经开始监听端口待命了[root@root-nsn