DNS服务器配置实例
来自CloudWiki
目录
需求
配置符合下列条件的服务器:
- 域名为linux.net,网段地址为10.0.0.0/24
- 主域名服务器的地址为10.0.0.3,主机名为dns.linux.net
- 需要解析的服务器包括:www.linux.net,ftp.linux.net,mail.linux.net
编辑主配置文件
vi /etc/named.conf
options {
listen-on port 53 { 10.0.0.3; };#本机IP
...
allow-query {any; };
...
};
:
vi /etc/named.rfc1912.zones
将下列内容添加到该文件中
zone "linux.net" IN {
type master;
file "linux.net";
};
zone "0.0.10.in-addr.arpa" IN {
type master;
file "db.0.0.10";
};
zone "0.0.127.in-addr.arpa" IN {
type master;
file "named.loopback";
};
思考:linux系统中配置DNS服务器时,若需要添加一个主域名服务器解析区域,应该使用什么type ?
配置正向区域数据库文件
[root@maxin yum.repos.d]# cd /var/named/chroot/var/named
[root@maxin named]# vi linux.net
$TTL 1D
@ IN SOA dns.linux.net. root.dns.linux.net. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
IN NS dns.linux.net.
IN MX 10 mail.linux.net.
dns IN A 10.0.0.3(本机IP)
www IN A 10.0.0.3(本机IP)
ftp IN A 10.0.0.20
mail IN A 10.0.0.21
配置反向区域数据库文件
[root@maxin named]# cd /var/named/chroot/var/named
[root@maxin named]# ls
chroot data dynamic linux.net named.ca named.empty named.localhost named.loopback slaves
[root@maxin named]# vi db.0.0.10
@ IN SOA dns.linux.net. root.dns.linux.net. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
IN NS dns.linux.net.
3 IN PTR dns.linux.net.
3 IN PTR www.linux.net.
20 IN PTR ftp.linux.net.
21 IN PTR mail.linux.net.
配置本机反向区域文件
上文同一目录下,新建文件named.local
@ IN SOA dns.linux.net. root.dns.linux.net. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
IN NS dns.linux.net.
1 IN PTR localhost.
启动DNS服务
[root@maxin named]# service named restart
Stopping named: umount: /var/named/chroot/var/named: device is busy.
(In some cases useful info about processes that use
the device is found by lsof(8) or fuser(1))
[ OK ]
Starting named: [ OK ]
[root@maxin named]# ps aux|grep named
named 5006 0.0 0.4 47712 9380 ? Ssl 05:40 0:00 /usr/sbin/named -u named -t /var/named/chroot
root 5017 0.0 0.0 4312 720 pts/0 S+ 05:41 0:00 grep named
客户端配置
Linux客户端
为了简化环境,可在DNS服务器上进行客户端配置
vi /etc/resolv.conf
search linux.net nameserver 10.0.0.3
cd /etc/sysconfig/network-scripts
vi ifcfg-eth0 修改:
DNS1=10.0.0.47
service network restart
Windows客户端
用浏览器(最好用浏览器的隐身模式)输入配的网址,打开相应的网页:
测试DNS服务
测试DNS命令
nslookup www.linux.net
Server: 10.0.0.3 Address: 10.0.0.3#53 Name: www.linux.net Address: 10.0.0.10
使用交互式方法查询:
[root@maxin network-scripts]# nslookup > server Default server: 10.0.0.3 Address: 10.0.0.3#53 > dns.linux.net Server: 10.0.0.3 Address: 10.0.0.3#53 Name: dns.linux.net Address: 10.0.0.47 > 10.0.0.20 Server: 10.0.0.3 Address: 10.0.0.3#53 20.0.0.10.in-addr.arpa name = ftp.linux.net. > set type=mx > linux.net Server: 10.0.0.3 Address: 10.0.0.3#53 linux.net mail exchanger = 10 mail.linux.net. > exit
[root@maxin network-scripts]# nslookup
> set debug
> mail.linux.net
Server: 10.0.0.3
Address: 10.0.0.3#53
------------
QUESTIONS:
mail.linux.net, type = A, class = IN
ANSWERS:
-> mail.linux.net
internet address = 10.0.0.21
ttl = 86400
AUTHORITY RECORDS:
-> linux.net
nameserver = dns.linux.net.
ttl = 86400
ADDITIONAL RECORDS:
-> dns.linux.net
internet address = 10.0.0.3
ttl = 86400
------------
Name: mail.linux.net
Address: 10.0.0.21
> www.linux.net
Server: 10.0.0.3
Address: 10.0.0.3#53
------------
QUESTIONS:
www.linux.net, type = A, class = IN
ANSWERS:
-> www.linux.net
internet address = 10.0.0.10
ttl = 86400
AUTHORITY RECORDS:
-> linux.net
nameserver = dns.linux.net.
ttl = 86400
ADDITIONAL RECORDS:
-> dns.linux.net
internet address = 10.0.0.3
ttl = 86400
------------
Name: www.linux.net
Address: 10.0.0.10
> set nodebug
> exit
host命令:
[root@maxin network-scripts]# host www.linux.net www.linux.net has address 10.0.0.10 [root@maxin network-scripts]# host 10.0.0.21 21.0.0.10.in-addr.arpa domain name pointer mail.linux.net. [root@maxin network-scripts]# host -a mail.linux.net Trying "mail.linux.net" ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 24437 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1 ;; QUESTION SECTION: ;mail.linux.net. IN ANY ;; ANSWER SECTION: mail.linux.net. 86400 IN A 10.0.0.21 ;; AUTHORITY SECTION: linux.net. 86400 IN NS dns.linux.net. ;; ADDITIONAL SECTION: dns.linux.net. 86400 IN A 10.0.0.3 Received 82 bytes from 10.0.0.47#53 in 0 ms
dig命令:
[root@maxin network-scripts]# dig mail.linux.net ; <<>> DiG 9.7.0-P2-RedHat-9.7.0-5.P2.el6 <<>> mail.linux.net ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 8103 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1 ;; QUESTION SECTION: ;mail.linux.net. IN A ;; ANSWER SECTION: mail.linux.net. 86400 IN A 10.0.0.21 ;; AUTHORITY SECTION: linux.net. 86400 IN NS dns.linux.net. ;; ADDITIONAL SECTION: dns.linux.net. 86400 IN A 10.0.0.3 ;; Query time: 0 msec ;; SERVER: 10.0.0.47#53(10.0.0.47) ;; WHEN: Thu Oct 25 05:59:51 2018 ;; MSG SIZE rcvd: 82 [root@maxin network-scripts]# dig -x 10.0.0.10 ; <<>> DiG 9.7.0-P2-RedHat-9.7.0-5.P2.el6 <<>> -x 10.0.0.10 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 32382 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1 ;; QUESTION SECTION: ;10.0.0.10.in-addr.arpa. IN PTR ;; ANSWER SECTION: 10.0.0.10.in-addr.arpa. 10800 IN PTR www.linux.net. ;; AUTHORITY SECTION: 0.0.10.in-addr.arpa. 10800 IN NS dns.linux.net. ;; ADDITIONAL SECTION: dns.linux.net. 86400 IN A 10.0.0.3 ;; Query time: 0 msec ;; SERVER: 10.0.0.47#53(10.0.0.47) ;; WHEN: Thu Oct 25 05:59:59 2018 ;; MSG SIZE rcvd: 101
