溫馨提示×
您好,登錄后才能下訂單哦!
點擊 登錄注冊 即表示同意《億速云用戶服務條款》
您好,登錄后才能下訂單哦!
安裝DNS
rpm -ivh bind*.rpm
進入/etc/named/chroot/etc 設置named.conf
[root@localhost named]# vim /etc/named.conf
//
// named.conf
//
// Provided by Red Hat bind package to configure the ISC BIND named(8) DNS
// server as a caching only nameserver (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
options {
listen-on port 53 { any; };//監聽端口
listen-on-v6 port 53 { ::1; };/ipv6監聽端口
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { 192.168.2.0/24;192.168.4.0/24; };//允許訪問的IP段
allow-transfer { 192.168.2.1;};//配置主從DNS使用下發同步
recursion yes;
forwarders{192.168.119.2;114.114.114.114;};//當遇到自身沒有的域名映射IP時,向上一級請求
dnssec-enable yes;
dnssec-validation yes;
/* Path to ISC DLV key */
bindkeys-file "/etc/named.iscdlv.key";
managed-keys-directory "/var/named/dynamic";
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
view localhost_resolver {//解析器
match-clients { 192.168.4.0/24; };//可以使用該解析的IP段
match-destinations { localhost; };
# recursion yes;
include "/etc/baishan.zones";//指定zones位置
};
view localhost_resolver2 {
match-clients { 192.168.2.0/24; };
match-destinations { localhost; };
# recursion yes;
include "/etc/named.root.key";
include "/etc/named.rfc1912.zones";
};
配置zones
zone"4.168.192.in-addr.arpa" IN {
type master; //主從 關系時使用
file "4.168.192.in-addr.arpa";//正向解析
allow-update { none; };
};
zone"example.com" IN{
type master;
file "example.com";//指定反向解析文件名,在var/name下
allow-update{none;};
};
配置解析文件
正向
$TTL 1D
@ IN SOA example.com. admin.example.com. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS @
A 127.0.0.1
AAAA ::1
www IN A 192.168.4.131
~反向
$TTL 1D
@ IN SOA example.com. admin.example.com. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS @
A 127.0.0.1
AAAA ::1
131 IN PTR www.example.com.
檢測命令
使用named-checkconfig named.conf檢測錯誤
使用naned-checkzone 2.168.192.in-addr.arpa test.com
無錯誤后啟動DNS
Service named restart
分離解析
分離解析的域名服務器實際上還是主域名服務器,這里所說的分離解析主要針對不同的客戶端提供不同的解析記錄,如當dns同時為internet和內網提供服務時,可能需要內網用戶訪問公司的web服務和mail服務直接發往位于內網的web和mail服務器上,減輕服務器地址轉換的負擔在、/etc/named.conf
view "LAN" {
match-clients { 192.168.4.0/24; };\\該LAN只能是192.168.4.0/24訪問
zone "tech.org" IN {
type master;
file "tech.org.zone.lan";};
}
view "WAN" {
match-clients { any; };
zone "tech.org" IN {
type master;
file "tech.org.wan";};
};
免責聲明:本站發布的內容(圖片、視頻和文字)以原創、轉載和分享為主,文章觀點不代表本網站立場,如果涉及侵權請聯系站長郵箱:is@yisu.com進行舉報,并提供相關證據,一經查實,將立刻刪除涉嫌侵權內容。
