centos dns服务器配置
下载最新的BIND 9.7.0b3
http://www.bind.com/pub/bind9/
编译安装
./configure –prefix=/usr/local/named –enable-threads –with-dlz-mysql –disable-openssl-version-check
建立localhost.zone
[root@vi named]# pwd
/usr/local/named
[root@vi named]# vim localhost.zone
$TTL 86400
@ IN SOA @ root (
42 ; serial (d. adams)
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum
IN NS @
IN A 127.0.0.1
IN AAAA ::1
建立named.ca 。可以通过dig >named.ca获取
[root@vi named]# pwd
/usr/local/named
[root@vi named]# vim named.ca
. 518400 IN NS L.ROOT-SERVERS.NET.
. 518400 IN NS M.ROOT-SERVERS.NET.
. 518400 IN NS A.ROOT-SERVERS.NET.
. 518400 IN NS B.ROOT-SERVERS.NET.
. 518400 IN NS C.ROOT-SERVERS.NET.
;; ADDITIONAL SECTION:
A.ROOT-SERVERS.NET. 3600000 IN A 198.41.0.4
A.ROOT-SERVERS.NET. 3600000 IN AAAA 2001:503:ba3e::2:30
B.ROOT-SERVERS.NET. 3600000 IN A 192.228.79.201
C.ROOT-SERVERS.NET. 3600000 IN A 192.33.4.12
D.ROOT-SERVERS.NET. 3600000 IN A 128.8.10.90
E.ROOT-SERVERS.NET. 3600000 IN A 192.203.230.10
F.ROOT-SERVERS.NET. 3600000 IN A 192.5.5.241
F.ROOT-SERVERS.NET. 3600000 IN AAAA 2001:500:2f::f
G.ROOT-SERVERS.NET. 3600000 IN A 192.112.36.4
H.ROOT-SERVERS.NET. 3600000 IN A 128.63.2.53
H.ROOT-SERVERS.NET. 3600000 IN AAAA 2001:500:1::803f:235
I.ROOT-SERVERS.NET. 3600000 IN A 192.36.148.17
J.ROOT-SERVERS.NET. 3600000 IN A 192.58.128.30
J.ROOT-SERVERS.NET. 3600000 IN AAAA 2001:503:c27::2:30
K.ROOT-SERVERS.NET. 3600000 IN A 193.0.14.129
K.ROOT-SERVERS.NET. 3600000 IN AAAA 2001:7fd::1
L.ROOT-SERVERS.NET. 3600000 IN A 199.7.83.42
M.ROOT-SERVERS.NET. 3600000 IN A 202.12.27.33
M.ROOT-SERVERS.NET. 3600000 IN AAAA 2001:dc3::35
;; Query time: 110 msec
;; SERVER: 198.41.0.4#53(198.41.0.4)
;; WHEN: Tue Feb 26 15:05:57 2008
;; MSG SIZE rcvd: 615
建立正向解析文件 viyin.net.zone
[root@vi named]# pwd
/usr/local/named
[root@vi named]# vim viyin.net.zone
$TTL 86400
@ IN SOA viyin.net. root.viyin.net. (
42 ; serial (d. adams)
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum
IN NS ns.viyin.net.
ns IN A 192.168.1.200
www IN A 192.168.1.200
反向解析文件
[root@vi named]# pwd
/usr/local/named
[root@vi named]# vim 1.168.192.local
$TTL 86400
@ IN SOA viyin.net. root.viyin.net. (
1997022700 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS ns.viyin.net.
200 IN PTR www.viyin.net.
配置named.conf
[root@vi etc]# pwd
/usr/local/named/etc
[root@vi etc]# vim named.conf
forwarders {
218.85.157.99;
210.34.80.3;
};
allow-query { any; };
};
logging {
channel default_debug {
file “named.run”;
severity dynamic;
};
};
//view localhost_resolver {
// match-clients { localhost; };
// match-destinations { localhost; };
// recursion yes;
// include “/etc/named.rfc1912.zones”;
//};
zone “.”{
type hint;
file “named.ca”;
};
zone “viyin.net” IN {
type master;
file “viyin.net.zone”;
allow-update { none; };
};
zone “1.168.192.in-addr.arpa” IN {
type master;
file “1.168.192.local”;
allow-update { none; };
};
启动测试,看下有无报错
[root@vi sbin]# ./named -g
12-Mar-2010 11:03:56.944 starting BIND 9.7.0b3 -g
12-Mar-2010 11:03:56.944 built with ‘–prefix=/usr/local/named’ ‘–enable-threads’ ‘–with-dlz-mysql’ ‘–disable-openssl-version-check’
12-Mar-2010 11:03:56.944 adjusted limit on open files from 1024 to 1048576
12-Mar-2010 11:03:56.945 found 4 CPUs, using 4 worker threads
12-Mar-2010 11:03:56.945 using up to 4096 sockets
12-Mar-2010 11:03:56.951 loading configuration from ‘/usr/local/named/etc/named.conf’
12-Mar-2010 11:03:56.951 reading built-in trusted keys from file ‘/usr/local/named/etc/bind.keys’
12-Mar-2010 11:03:56.952 using default UDP/IPv4 port range: [1024, 65535]
12-Mar-2010 11:03:56.953 using default UDP/IPv6 port range: [1024, 65535]
12-Mar-2010 11:03:56.954 listening on IPv4 interface lo, 127.0.0.1#53
12-Mar-2010 11:03:56.955 binding TCP socket: address in use
12-Mar-2010 11:03:56.955 listening on IPv4 interface eth0, 192.168.1.200#53
12-Mar-2010 11:03:56.956 binding TCP socket: address in use
12-Mar-2010 11:03:56.957 generating session key for dynamic DNS
12-Mar-2010 11:03:56.959 automatic empty zone: 0.IN-ADDR.ARPA
12-Mar-2010 11:03:56.959 automatic empty zone: 127.IN-ADDR.ARPA
12-Mar-2010 11:03:56.959 automatic empty zone: 254.169.IN-ADDR.ARPA
12-Mar-2010 11:03:56.959 automatic empty zone: 2.0.192.IN-ADDR.ARPA
12-Mar-2010 11:03:56.959 automatic empty zone: 255.255.255.255.IN-ADDR.ARPA
12-Mar-2010 11:03:56.959 automatic empty zone: 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA
12-Mar-2010 11:03:56.959 automatic empty zone: 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA
12-Mar-2010 11:03:56.959 automatic empty zone: D.F.IP6.ARPA
12-Mar-2010 11:03:56.959 automatic empty zone: 8.E.F.IP6.ARPA
12-Mar-2010 11:03:56.959 automatic empty zone: 9.E.F.IP6.ARPA
12-Mar-2010 11:03:56.959 automatic empty zone: A.E.F.IP6.ARPA
12-Mar-2010 11:03:56.959 automatic empty zone: B.E.F.IP6.ARPA
12-Mar-2010 11:03:56.963 none:0: open: /usr/local/named/etc/rndc.key: file not found
12-Mar-2010 11:03:56.963 couldn’t add command channel 127.0.0.1#953: file not found
12-Mar-2010 11:03:56.963 none:0: open: /usr/local/named/etc/rndc.key: file not found
12-Mar-2010 11:03:56.963 couldn’t add command channel ::1#953: file not found
12-Mar-2010 11:03:56.963 ignoring config file logging statement due to -g option
12-Mar-2010 11:03:56.964 zone 1.168.192.in-addr.arpa/IN: loaded serial 1997022700
12-Mar-2010 11:03:56.965 zone viyin.net/IN: loaded serial 42
12-Mar-2010 11:03:56.965 running
12-Mar-2010 11:03:56.965 zone 1.168.192.in-addr.arpa/IN: sending notifies (serial 1997022700)
12-Mar-2010 11:03:56.965 zone viyin.net/IN: sending notifies (serial 42)
启动成功。
[root@vi sbin]# ./named
测试正向反向解析
(C) 版权所有 1985-2003 Microsoft Corp.
C:\Documents and Settings\Administrator>nslookup
Default Server: cache-a.guangzhou.gd.cn
Address: 202.96.128.86
> server 192.168.1.200
Default Server: [192.168.1.200]
Address: 192.168.1.200
> www.viyin.net
Server: [192.168.1.200]
Address: 192.168.1.200
Name: www.viyin.net
Address: 192.168.1.200
> 192.168.1.1
Server: [192.168.1.200]
Address: 192.168.1.200
Name: xyz.viyin.net
Address: 192.168.1.1
>
感谢tiham铁汉!
http://www.tiham.com/2009/07/redhat-dns.html
