RHEL6安装配置DNS服务
作者:Eric
微信:loveoracle11g
安装软件包
[root@rac1 ~]# yum -y install bind bind-chroot caching-nameserver
修改配置文件,将localhost和127.0.0.1修改为any。
[root@rac1 ~]# cp /etc/named.conf /etc/named.conf.bak
[root@rac1 ~]# vim /etc/named.conf
[root@rac1 ~]# cat /etc/named.conf
//
// named.conf
//
// Provided by Red Hat bind package to configure the ISC BIND named(8) DNS
// server as a caching only nameserver (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
options {
listen-on port 53 { any; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { any; };
recursion yes;
dnssec-enable yes;
dnssec-validation yes;
dnssec-lookaside auto;
/* Path to ISC DLV key */
bindkeys-file "/etc/named.iscdlv.key";
managed-keys-directory "/var/named/dynamic";
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
zone "." IN {
type hint;
file "named.ca";
};
include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";
配置正反向解析zone文件解析scanip,在named.rfc1912.zones末尾加上
zone "rac-scan" IN {
type master;
file "rac-scan.zone";
allow-update { none; };
};
zone "10.168.192.in-addr.arpa." IN {
type master;
file "10.168.192.in-addr.arpa";
allow-update { none; };
};
[root@rac1 ~]# cp /etc/named.rfc1912.zones /etc/named.rfc1912.zones.bak
[root@rac1 ~]# vim /etc/named.rfc1912.zones
[root@rac1 ~]# tail -11 /etc/named.rfc1912.zones
zone "rac-scan" IN {
type master;
file "rac-scan.zone";
allow-update { none; };
};
zone "10.168.192.in-addr.arpa." IN {
type master;
file "10.168.192.in-addr.arpa";
allow-update { none; };
};
将其余内容注释掉。
配置正,反向解析数据库文件,在反向解析文件中加入150 IN PTR rac-scan.
[root@rac1 ~]# cd /var/named/
[root@rac1 named]# cp -p named.localhost 10.168.192.in-addr.arpa
[root@rac1 named]# vim 10.168.192.in-addr.arpa
[root@rac1 named]# tail -1 10.168.192.in-addr.arpa
130 IN PTR rac-scan.
在正向解析文件中加入rac-scan IN A 192.168.10.130
[root@rac1 ~]# cd /var/named/
[root@rac1 named]# cp -p named.localhost rac-scan.zone
[root@rac1 named]# vim rac-scan.zone
[root@rac1 named]# cat rac-scan.zone
$TTL 86400
@ IN SOA localhost root (
42 ; serial (d. adams)
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum
IN NS localhost
localhost IN A 127.0.0.1
rac-scan IN A 192.168.10.130
将以上的两个文件及named.ca拷贝到/var/named/chroot/var/named/目录下
[root@rac1 named]# cp -a rac-scan.zone chroot/var/named/
[root@rac1 named]# cp -a 10.168.192.in-addr.arpa chroot/var/named/
[root@rac1 named]# cp -a named.ca chroot/var/named/
[root@rac1 named]# ll /var/named/chroot/var/named/
total 12
-rw-r----- 1 root named 183 Jul 11 17:07 10.168.192.in-addr.arpa
-rw-r----- 1 root named 2075 Apr 23 2014 named.ca
-rw-r--r-- 1 root named 524 Jul 11 17:07 rac-scan.zone
检查文件是否配置正确
[root@rac1 named]# named-checkzone rac-scan rac-scan.zone
zone rac-scan/IN: loaded serial 42
OK
[root@rac1 named]# named-checkzone rac-scan 10.168.192.in-addr.arpa
zone rac-scan/IN: loaded serial 0
OK
重启DNS服务
[root@rac1 named]# /etc/init.d/named restart
Stopping named: . [ OK ]
Starting named: [ OK ]
[root@rac1 ~]# cat /etc/resolv.conf
# Generated by NetworkManager
search localdomain
nameserver 192.168.10.130
[root@rac2 ~]# cat /etc/resolv.conf
# Generated by NetworkManager
search localdomain
nameserver 192.168.10.130