1、安裝
本文選擇rpm方式安裝,以下爲所需軟件列表
bind-9
bind-utils
bind-chroot
listen-on port 53 { 127.0.0.1; }; //監聽端口,也可寫爲 { 127.0.0.1; 192.168.139.46; }
listen-on-v6 port 53 { ::1; }; //對ip6支持
directory "/var/named"; //區域文件存儲目錄
dump-file "/var/named/data/cache_dump.db"; //dump cach的目錄directory
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
pid-file "/var/run/named/named.pid"; //存着named的pid
forwarders { 168.95.1.1; 139.175.10.20; }; // 如果域名服務器無法解析時,將請求交由168.95.1.1; 139.175.10.20來解析
allow-query { any; }; //指定允許進行查詢的主機,當然是要所有的電腦都可以查啦
allow-transfer { none; }; //指定允許接受區域傳送請求的主機,說明白一點就是輔dns定義,比如輔dns的ip是192.168.139.5,那麼可以這樣定義{ 192.168.139.5; },要不然主輔dns不能同步,當然,{}裏的也可以用下面提到的acl。
};
logging { //指定服務器日誌記錄的內容和日誌信息來源
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
// 這裏定義一個acl列表
acl "acl1" {
192.168.139.0/200; 192.168.1.0/200
};
view localhost_resolver { //定義一個視圖
match-clients { any; }; //查詢者的源地址,any表示localhost_resolver視圖對任何主機開放,如果寫成{ acl1; },那麼就只有acl1表裏的ip可以遞歸查詢了
match-destinations { any; }; //查詢者的目標地址,這裏也可以寫成{ localhost; acl1; }
recursion yes; //設置進行遞歸查詢
include "/etc/named.rfc1912.zones"; //包含文件,這裏也就是載入/etc/named.rfc1912.zones
};
Zone “abccom”IN 表示主域名服務器
筆者所使用的配置:
named.conf
[root@localhost ~]# cat /var/named/chroot/etc/named.conf
// Default named.conf generated by install of bind-9.3.2-4.1
acl "corpnets" {184.187.177.128/27;192.168.100.0/24;};
options
{
directory "/var/named";
listen-on port 53 { 192.168.100.15; };
forwarders{ 202.106.0.20;219.141.136.10;8.8.8.8;202.106.196.115;202.106.46.151; };
allow-query{ 192.168.100.0/24; };
};
zone "." IN
{
type hint;
file "named.ca";
};
zone "saf.com.cn" IN
{
type master;
file "named.saf.com";
allow-update{192.168.100.0/24;};
};
include "/etc/rndc.key";
區域配置文件/var/named/chroot/var/named/named.saf.com 配置:
[root@localhost ~]# cat /var/named/chroot/var/named/named.ndtech.com
$ttl 600
@ IN SOA dns.ndtech.com.cn. root.dns ( 2007031401 3H 15M 1W 1D )
@ IN NS dns.ndtech.com.cn.
@ IN NS domain.ndtech.com.cn.
dns IN A 192.168.100.15
domain IN A 192.168.100.2
@ IN MX 10 mail
www IN A 192.168.100.33
bug IN A 187.168.100.130
pop3 IN A 187.187.177.131
smtp IN A 187187.177.131
mail IN A 187.187.177.131
ccc IN A 192.168.100.64