系統:redhat6
一、安裝必要軟件:
二、全局配置文件:(/etc/named.conf)
[root@linux115 etc]# vi named.conf
options {
listen-on port 53 { 210.*.241.115; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { any; }; //允許所有人查詢
//match-clients { any; }; //允許任意客戶端
//match-destinations { any; }; //允許任意目標
recursion yes;
dnssec-enable yes;
dnssec-validation yes;
dnssec-lookaside auto;
/* Path to ISC DLV key */
bindkeys-file "/etc/named.iscdlv.key";
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
view example_resolver {
match-clients { any; }; //指定提交DNS客戶端的源IP地址範圍
match-destinations { any; }; //指定提交DNS客戶端的目標IP地址範圍
recursion yes; //指定是否只允許遞歸查詢
include "/etc/named.zones"; //指定主配置文件
};
三、主配置文件(/etc/named.zones)
[root@linux115 etc]# vi named.zones
// named.rfc1912.zones:
//
// Provided by Red Hat caching-nameserver package
//
// ISC BIND named zone configuration for zones recommended by
// RFC 1912 section 4.1 : localhost TLDs and address zones
// and http://www.ietf.org/internet-drafts/draft-ietf-dnsop-default-local-zones-02.txt
// (c)2007 R W Franks
//
// See /usr/share/doc/bind*/sample/ for
zone "example.com" IN { //指定一個正向查詢區域
type master; //指定區域類型爲主要區域
file "example.com.zero"; //指定區域配置文件名爲"example.com.zero",路徑默認爲全局配置文件的“directory"路徑
allow-update { none; };
};
zone " 241.*.210.in-addr.arpa" IN { //指定一個反向查詢區域
type master; //指定區域類型爲主要區域
file "241 .*.210.local"; //指定區域配置文件名爲"241.38.210.local",路徑默認爲全局配置文件的“directory"
allow-update { none; };
};
四、區域配置文件:(在/var/named下)
正向:example.com.zero
[root@linux115 named]# vi example.com.zero
;指定默認的TTL值
$TTL 1D
;區域名稱 記錄類型 SOA 主域名服務器(FQDN) 管理員郵件地址(@用“.”代替)
@ IN SOA example.com. root.example.com. (
1 ; serial 序列號
1D ; refresh 刷新間隔
1H ; retry 重試間隔
1W ; expire 過期間隔
3H ) ; minimum TTL
;#(1)NS記錄:區域名稱 IN NS FQDN
IN NS example.com.
;#(2)A記錄:FQDN IN A IP地址
IN AAAA ::1
IN A 210.*.241.115
www IN A 210.*.241.115
mail IN A 210.*.241.115
上面配置解析:
; 用作註釋
@ 表示當前域
反向:241.*.210.local
[root@linux115 named]# vi 241.*.210.local
$TTL 1D
@ IN SOA localhost. root.localhost. (
1997022700 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
;#(1)NS記錄:區域名稱 IN NS FQDN
IN NS localhost.
;#(2)PTR資源記錄:IP地址 IN PTR FQDN
115 IN PTR www.example.com.
1 IN PTR mail.example.com.
五、啓動服務
service named restart
六、測試:
[root@linux115 email]# nslookup
> server 210.*.241.115
Default server: 210.*.241.115
Address: 210.*.241.115#53
> www.example.com
Server: 210.*.241.115
Address: 210.*.241.115#53
Name: www.example.com
Address: 210.*.241.115
> 210.*.241.115
Server: 210.*.241.115
Address: 210.*.241.115#53
115.241.*.210.in-addr.arpa name = www.example.com.
> 210.*.241.1
Server: 210.*.241.115
Address: 210.*.241.115#53
1.241.*.210.in-addr.arpa name = mail.example.com.
> mail.example.com
Server: 210.*.241.115
Address: 210.*.241.115#53
Name: mail.example.com
Address: 210.*.241.115
>
OK
如果上面過程有什麼錯誤的,歡迎指正。