使用BIND来搭建简单的主辅DNS服务器

下载:http://www.isc.org/software/bind/980-p2/download/bind980-p2zip

一.安装BIND

在系统中使用rpm –qa |grep bind查看有没有安装BIND包。如果没有安装,则将系统盘挂载,使用rpm –ivh *bind* 安装。
 
或: yum install bind bind-chroot bind-utils 
 
二.启动BIND
service named start
chkconfig --level 35 named on
 
三.试验拓扑
试验拓扑如下图,使用bob.com域:
 
四.配置Master DNS
1. 编辑DNS的主配置文件named.conf
vi /etc/named.conf
options {
             directory "/var/named";
};
zone "." IN {
             type hint;
             file "named.ca";
};
zone "localhost" IN {
              type master;
             file "localhost.zone";
             allow-update { none; };
};
zone "0.0.127.in-addr.arpa" IN {
              type master;
             file "named.local";
             allow-update { none; };
};
zone "bob.com" IN {
             type master;
             file "bob.com.dns";
             allow-update { none; };
             allow-transfer { 192.168.120.241; };
};
zone "120.168.192.in-addr.arpa" IN {
             type master;
             file "bob.com.rev";
             allow-update { none; };
             allow-transfer { 192.168.120.241; };
};
include "/etc/rndc.key"
 
2. 编辑区域数据文件
vi /var/named/chroot/var/named/bob.com.dns
$TTL 86400
$ORIGIN bob.com.
@    IN   SOA   bob.com.   root.bob.com. (
                                                    2 ;              serial
                                                    120 ;          refresh
                                                    14400 ;      retry
                                                    3600000 ; expiry
                                                    86400 ) ;    minimum
                      IN   NS     bob.com.
master          IN   A      192.168.120.240
slave             IN    A       192.168.120.241
www            IN    A      192.168.120.250
 
vi /var/named/chroot/var/named/bob.com.rev
$TTL 86400
@   IN    SOA bob.com. root.bob.com. (
                                                    2 ;               Serial
                                                    120 ;         Refresh
                                                    14400 ;      Retry
                                                    3600000 ; Expire
                                                    86400 ) ;    Minimum
                     IN NS      bob.com.
240                IN PTR     master.bob.com.
241               IN PTR     slave.bob.com.
250               IN PTR    [url]www.bob.com[/url] .
 
chown named.named /var/named/chroot/var/named/bob.com.*
 
3. 测试
在Master DNS上使用host命令查看信息:
[root@master /]# host [url]www.bob.com[/url]
[url]www.bob.com[/url] has address 192.168.120.250
[root@master /]# host master.bob.com
master.bob.com has address 192.168.120.240
[root@master /]# host slave.bob.com
slave.bob.com has address 192.168.120.241
 
在Master DNS上使用nslookup命令查看信息:
[root@master /]# nslookup
Server: 192.168.120.240
Address: 192.168.120.240#53
Address: 192.168.120.250
> master.bob.com
Server: 192.168.120.240
Address: 192.168.120.240#53
Name: master.bob.com
Address: 192.168.120.240
> 192.168.120.250
Server: 192.168.120.240
Address: 192.168.120.240#53
250.120.168.192.in-addr.arpa name= [url]www.bob.com[/url] .
 
在用户pc上将DNS指向192.168.120.240,然后访问 [url]www.bob.com[/url]
 
4. 查看日志
[root@master /]#service named start
[root@master /]#cat /var/log/messages |grep named
Sep 8 18:24:35 master named[15322]: starting BIND 9.2.4 -u named -t /var/named/chroot
Sep 8 18:24:35 master named[15322]: using 1 CPU
Sep 8 18:24:35 master named[15322]: loading configuration from '/etc/named.conf'
Sep 8 18:24:35 master named[15322]: listening on IPv4 interface lo, 127.0.0.1#53
Sep 8 18:24:35 master named[15322]: listening on IPv4 interface eth0, 192.168.120.240#53
Sep 8 18:24:35 master named[15322]: command channel listening on 127.0.0.1#953
Sep 8 18:24:35 master named[15322]: command channel listening on ::1#953
Sep 8 18:24:35 master named[15322]: zone 0.0.127.in-addr.arpa/IN: loaded serial 1997022700
Sep 8 18:24:35 master named[15322]: zone 120.168.192.in-addr.arpa/IN: loaded serial 2
Sep 8 18:24:35 master named[15322]: zone bob.com/IN: loaded serial 2
Sep 8 18:24:35 master named[15322]: zone localhost/IN: loaded serial 42
Sep 8 18:24:35 master named[15322]: named startup succeeded
Sep 8 18:24:35 master named[15322]: running
 
5. 注意事项
A.修改区域数据文件在每次存盘时要注意增加Serial值,主要用来让辅助服务器同步主服务器的区域数据文件。
B.使用绝对域名时千万别忘了后面要带"."。
C.主配置文件named.conf的";"不能少。
 
五.配置Slave DNS
1. 编辑DNS的主配置文件named.conf
vi /etc/named.conf
options {
              directory "/var/named";
};
zone "." IN {
              type hint;
              file "named.ca";
};
zone "localhost" IN {
               type master;
              file "localhost.zone";
              allow-update { none; };
};
zone "0.0.127.in-addr.arpa" IN {
              type master;
              file "named.local";
              allow-update { none; };
};
zone "bob.com" IN {
              type slave;
              file "slaves/bob.com.dns";
              masters { 192.168.120.240; };
};
zone "120.168.192.in-addr.arpa" IN {
              type slave;
              file "slaves/bob.com.rev";
              masters { 192.168.120.240; };
};
include "/etc/rndc.key"
 
2. 修改从主DNS复制过来的区域文件存放目录的权限
cd /var/named/chroot/var/named/slaves
chmod 775 /var/named/chroot/var/named/slaves
chown named.named /var/named/chroot/var/named/slaves
 
3. 测试
在Slave DNS上查看区域数据文件有没有从主DNS复制过来
[root@slave /]#ll /var/named/chroot/var/named/slaves
-rw------- 1 named named 406 Jun 13 23:50 bob.com.dns
-rw------- 1 named named 410 Jun 13 19:10 bob.com.rev
 
在Slave DNS上使用host命令查看信息
[root@slave /]# host [url]www.bob.com[/url]
[url]www.bob.com[/url] has address 192.168.120.250
[root@slave /]# host master.bob.com
master.bob.com has address 192.168.120.240
[root@slave /]# host slave.bob.com
slave.bob.com has address 192.168.120.241
 
在slave DNS上使用nslookup命令查看信息
[root@slave /]# nslookup
Server: 192.168.120.241
Address: 192.168.120.241#53
Address: 192.168.120.250
> master.bob.com
Server: 192.168.120.241
Address: 192.168.120.241#53
Name: master.bob.com
Address: 192.168.120.240
> 192.168.120.250
Server: 192.168.120.241
Address: 192.168.120.241#53
250.120.168.192.in-addr.arpa name= [url]www.bob.com[/url] .
 
在用户pc上将DNS指向192.168.120.241,然后访问 [url]www.bob.com[/url]
 
4. 查看日志
[root@slaves /]#services named start
[root@slaves /]# cat /var/log/messages |grep named
Jun 14 00:04:48 slave named[10083]: starting BIND 9.2.4 -u named -t /var/named/chroot
Jun 14 00:04:48 slave named[10083]: using 1 CPU
Jun 14 00:04:48 slave named[10083]: loading configuration from '/etc/named.conf'
Jun 14 00:04:48 slave named[10083]: listening on IPv4 interface lo, 127.0.0.1#53
Jun 14 00:04:48 slave named[10083]: listening on IPv4 interface eth0, 192.168.120.241#53
Jun 14 00:04:48 slave named[10083]: command channel listening on 127.0.0.1#953
Jun 14 00:04:48 slave named[10083]: command channel listening on ::1#953
Jun 14 00:04:49 slave named[10083]: zone 0.0.127.in-addr.arpa/IN: loaded serial 1997022700
Jun 14 00:04:49 slave named[10083]: zone localhost/IN: loaded serial 42
Jun 14 00:04:49 slave named[10083]: named startup succeeded
Jun 14 00:04:49 slave named[10083]: running
Jun 14 00:04:49 slave named[10083]: zone 120.168.192.in-addr.arpa/IN: transferred serial 2
Jun 14 00:04:49 slave named[10083]: transfer of '120.168.192.in-addr.arpa/IN' from 192.168.120.240#53: end of transfer
Jun 14 00:04:49 slave named[10083]: zone bob.com/IN: transferred serial 2
Jun 14 00:04:49 slave named[10083]: transfer of 'bob.com/IN' from 192.168.120.240#53: end of transfer
 
5. 注意事项
A.从主DNS复制过来的区域文件存放目录的权限。
B.主配置文件named.conf的";"不能少。
此条目发表在article分类目录,贴了标签。将固定链接加入收藏夹。