环境:RedHat AS4 Update4
主机名:server1
主机地址:192.168.1.10
1. 修改 /etc/hosts
adsl.gehouse.cn 为连接外网的ADSL路由器的地址
注意:域名解析的顺序由/etc/host.conf 指定,先从hosts解析, 再从bind解析。
2. 修改 /etc/resolv.conf
3. 修改 /etc/named.conf
这是一个链接文件,原文件位于 /var/named/chroot/etc/)
添加正向解析域
zone "gehouse.cn" IN {
type master;
file "gehouse.cn.zone";
allow-update { none; };
};
正向解析域文件名:gehouse.cn.zone
添加反向解析域
zone "1.168.192.in-addr.arpa" IN {
type master;
file "named.gehouse.cn";
allow-update { none; };
};
反向解析域文件名 named.gehouse.cn
完整 /etc/named.conf 如下:
# vi /etc/named.conf
//
// named.conf for Red Hat caching-nameserver
//
options {
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
/*
* If there is a firewall between you and nameservers you want
* to talk to, you might need to uncomment the query-source
* directive below. Previous versions of BIND always asked
* questions using port 53, but BIND 8.1 uses an unprivileged
* port by default.
*/
// query-source address * port 53;
};
//
// a caching only nameserver config
//
controls {
inet 127.0.0.1 allow { localhost; } keys { rndckey; };
};
zone "." IN {
type hint;
file "named.ca";
};
zone "localdomain" IN {
type master;
file "localdomain.zone";
allow-update { none; };
};
zone "localhost" IN {
type master;
file "localhost.zone";
allow-update { none; };
};
zone "gehouse.cn" IN {
type master;
file "gehouse.cn.zone";
allow-update { none; };
};
zone "0.0.127.in-addr.arpa" IN {
type master;
file "named.local";
allow-update { none; };
};
zone "1.168.192.in-addr.arpa" IN {
type master;
file "named.gehouse.cn";
allow-update { none; };
};
zone "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN {
type master;
file "named.ip6.local";
allow-update { none; };
};
zone "255.in-addr.arpa" IN {
type master;
file "named.broadcast";
allow-update { none; };
};
zone "0.in-addr.arpa" IN {
type master;
file "named.zero";
allow-update { none; };
};
include "/etc/rndc.key";
// named.conf for Red Hat caching-nameserver
//
options {
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
/*
* If there is a firewall between you and nameservers you want
* to talk to, you might need to uncomment the query-source
* directive below. Previous versions of BIND always asked
* questions using port 53, but BIND 8.1 uses an unprivileged
* port by default.
*/
// query-source address * port 53;
};
//
// a caching only nameserver config
//
controls {
inet 127.0.0.1 allow { localhost; } keys { rndckey; };
};
zone "." IN {
type hint;
file "named.ca";
};
zone "localdomain" IN {
type master;
file "localdomain.zone";
allow-update { none; };
};
zone "localhost" IN {
type master;
file "localhost.zone";
allow-update { none; };
};
zone "gehouse.cn" IN {
type master;
file "gehouse.cn.zone";
allow-update { none; };
};
zone "0.0.127.in-addr.arpa" IN {
type master;
file "named.local";
allow-update { none; };
};
zone "1.168.192.in-addr.arpa" IN {
type master;
file "named.gehouse.cn";
allow-update { none; };
};
zone "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN {
type master;
file "named.ip6.local";
allow-update { none; };
};
zone "255.in-addr.arpa" IN {
type master;
file "named.broadcast";
allow-update { none; };
};
zone "0.in-addr.arpa" IN {
type master;
file "named.zero";
allow-update { none; };
};
include "/etc/rndc.key";
4. 创建正向解析域文件 gehouse.cn.zone (RedHat AS4 要求文件位于 /var/named/chroot/var/named)
vi /var/named/chroot/var/named/gehouse.cn.zone
$TTL 86400
@ IN SOA ns1.gehouse.cn. admin.gehouse.cn. (
2007041601 ; serial (d. adams)
6H ; refresh (6 hourse)
1H ; retry (1 hourse)
1W ; expiry (1 week)
1D ) ; minimum (1 day)
IN NS ns1.gehouse.cn.
IN A 192.168.1.10
ns1 IN A 192.168.1.10
www IN CNAME ns1.gehouse.cn.
mail IN CNAME ns1.gehouse.cn.
ftp IN CNAME ns1.gehouse.cn.
svn IN CNAME ns1.gehouse.cn.
mysql IN CNAME ns1.gehouse.cn.
ldap IN CNAME ns1.gehouse.cn.
dotproject IN CNAME ns1.gehouse.cn.
repo IN CNAME ns1.gehouse.cn.
添加主机 ns1.gehouse.cn@ IN SOA ns1.gehouse.cn. admin.gehouse.cn. (
2007041601 ; serial (d. adams)
6H ; refresh (6 hourse)
1H ; retry (1 hourse)
1W ; expiry (1 week)
1D ) ; minimum (1 day)
IN NS ns1.gehouse.cn.
IN A 192.168.1.10
ns1 IN A 192.168.1.10
www IN CNAME ns1.gehouse.cn.
mail IN CNAME ns1.gehouse.cn.
ftp IN CNAME ns1.gehouse.cn.
svn IN CNAME ns1.gehouse.cn.
mysql IN CNAME ns1.gehouse.cn.
ldap IN CNAME ns1.gehouse.cn.
dotproject IN CNAME ns1.gehouse.cn.
repo IN CNAME ns1.gehouse.cn.
添加别名 www.gehouse.cn 指向ns1.gehouse.cn,也可以添加另外的主机地址,如:
kylin IN A 192.168.1.145
5. 创建反向解析域文件 named.gehouse.cn (RedHat AS4 要求文件位于 /var/named/chroot/var/named)
vi /var/named/chroot/var/named/named.gehouse.cn
10 IN PTR ftp.gehouse.cn.
$TTL 86400
@ IN SOA ns1.gehouse.cn. admin.gehouse.cn. (
1997022700 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS ns1.gehouse.cn.
10 IN PTR ns1.gehouse.cn.
10 IN PTR www.gehouse.cn.
10 IN PTR ftp.gehouse.cn.
10 IN PTR mail.gehouse.cn.
10 IN PTR svn.gehouse.cn.
10 IN PTR mysql.gehouse.cn.
10 IN PTR ldap.gehouse.cn.
10 IN PTR dotproject.gehouse.cn.
$TTL 86400
@ IN SOA ns1.gehouse.cn. admin.gehouse.cn. (
1997022700 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS ns1.gehouse.cn.
10 IN PTR ns1.gehouse.cn.
10 IN PTR www.gehouse.cn.
10 IN PTR ftp.gehouse.cn.
10 IN PTR mail.gehouse.cn.
10 IN PTR svn.gehouse.cn.
10 IN PTR mysql.gehouse.cn.
10 IN PTR ldap.gehouse.cn.
10 IN PTR dotproject.gehouse.cn.
6. 重新启动DNS服务,或重新加载域名解析规则
# /etc/init.d/named stop
# /etc/init.d/named start
或
# /etc/init.d/named restart
或
# /etc/init.d/named reload
7. 查询域名测试
[root@server1 named]# nslookup
> server
Default server: gehouse.cn
Address: 192.168.1.10#53
Default server: adsl.gehouse.cn
Address: 192.168.1.2#53
> www.gehouse.cn
Server: gehouse.cn
Address: 192.168.1.10#53
www.gehouse.cn canonical name = ns1.gehouse.cn.
Name: ns1.gehouse.cn
Address: 192.168.1.10
> mysql.gehouse.cn
Server: gehouse.cn
Address: 192.168.1.10#53
mysql.gehouse.cn canonical name = ns1.gehouse.cn.
Name: ns1.gehouse.cn
Address: 192.168.1.10
> 192.168.1.10
Server: gehouse.cn
Address: 192.168.1.10#53
10.1.168.192.in-addr.arpa name = www.gehouse.cn.
10.1.168.192.in-addr.arpa name = ldap.gehouse.cn.
10.1.168.192.in-addr.arpa name = mail.gehouse.cn.
10.1.168.192.in-addr.arpa name = mysql.gehouse.cn.
10.1.168.192.in-addr.arpa name = dotproject.gehouse.cn.
10.1.168.192.in-addr.arpa name = ftp.gehouse.cn.
10.1.168.192.in-addr.arpa name = ns1.gehouse.cn.
10.1.168.192.in-addr.arpa name = svn.gehouse.cn.
> exit
> server
Default server: gehouse.cn
Address: 192.168.1.10#53
Default server: adsl.gehouse.cn
Address: 192.168.1.2#53
> www.gehouse.cn
Server: gehouse.cn
Address: 192.168.1.10#53
www.gehouse.cn canonical name = ns1.gehouse.cn.
Name: ns1.gehouse.cn
Address: 192.168.1.10
> mysql.gehouse.cn
Server: gehouse.cn
Address: 192.168.1.10#53
mysql.gehouse.cn canonical name = ns1.gehouse.cn.
Name: ns1.gehouse.cn
Address: 192.168.1.10
> 192.168.1.10
Server: gehouse.cn
Address: 192.168.1.10#53
10.1.168.192.in-addr.arpa name = www.gehouse.cn.
10.1.168.192.in-addr.arpa name = ldap.gehouse.cn.
10.1.168.192.in-addr.arpa name = mail.gehouse.cn.
10.1.168.192.in-addr.arpa name = mysql.gehouse.cn.
10.1.168.192.in-addr.arpa name = dotproject.gehouse.cn.
10.1.168.192.in-addr.arpa name = ftp.gehouse.cn.
10.1.168.192.in-addr.arpa name = ns1.gehouse.cn.
10.1.168.192.in-addr.arpa name = svn.gehouse.cn.
> exit
测试成功,则说明配置DNS成功了。