下载:http://www.isc.org/software/bind/980-p2/download/bind980-p2zip
一.安装BIND
在系统中使用rpm –qa |grep bind查看有没有安装BIND包。如果没有安装,则将系统盘挂载,使用rpm –ivh *bind* 安装。
或: yum install bind bind-chroot bind-utils
二.启动BIND
service named start
chkconfig --level 35 named on
三.试验拓扑
试验拓扑如下图,使用bob.com域:
四.配置Master DNS
1. 编辑DNS的主配置文件named.conf
vi /etc/named.conf
options {
directory "/var/named";
};
zone "." IN {
type hint;
file "named.ca";
};
zone "localhost" IN {
type master;
file "localhost.zone";
allow-update { none; };
};
zone "0.0.127.in-addr.arpa" IN {
type master;
file "named.local";
allow-update { none; };
};
zone "bob.com" IN {
type master;
file "bob.com.dns";
allow-update { none; };
allow-transfer { 192.168.120.241; };
};
zone "120.168.192.in-addr.arpa" IN {
type master;
file "bob.com.rev";
allow-update { none; };
allow-transfer { 192.168.120.241; };
};
include "/etc/rndc.key" ;
2. 编辑区域数据文件
vi /var/named/chroot/var/named/bob.com.dns
$TTL 86400
$ORIGIN bob.com.
@ IN SOA bob.com. root.bob.com. (
2 ; serial
120 ; refresh
14400 ; retry
3600000 ; expiry
86400 ) ; minimum
IN NS bob.com.
master IN A 192.168.120.240
slave IN A 192.168.120.241
www IN A 192.168.120.250
vi /var/named/chroot/var/named/bob.com.rev
$TTL 86400
@ IN SOA bob.com. root.bob.com. (
2 ; Serial
120 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS bob.com.
240 IN PTR master.bob.com.
241 IN PTR slave.bob.com.
chown named.named /var/named/chroot/var/named/bob.com.*
3. 测试
① 在Master DNS上使用host命令查看信息:
[root@master /]# host [url]www.bob.com[/url]
[url]www.bob.com[/url] has address 192.168.120.250
[root@master /]# host master.bob.com
master.bob.com has address 192.168.120.240
[root@master /]# host slave.bob.com
slave.bob.com has address 192.168.120.241
② 在Master DNS上使用nslookup命令查看信息:
[root@master /]# nslookup
Server: 192.168.120.240
Address: 192.168.120.240#53
Name: [url]www.bob.com[/url]
Address: 192.168.120.250
> master.bob.com
Server: 192.168.120.240
Address: 192.168.120.240#53
Name: master.bob.com
Address: 192.168.120.240
> 192.168.120.250
Server: 192.168.120.240
Address: 192.168.120.240#53
250.120.168.192.in-addr.arpa name= [url]www.bob.com[/url] .
③ 在用户pc上将DNS指向192.168.120.240,然后访问 [url]www.bob.com[/url]
4. 查看日志
[root@master /]#service named start
[root@master /]#cat /var/log/messages |grep named
Sep 8 18:24:35 master named[15322]: starting BIND 9.2.4 -u named -t /var/named/chroot
Sep 8 18:24:35 master named[15322]: using 1 CPU
Sep 8 18:24:35 master named[15322]: loading configuration from '/etc/named.conf'
Sep 8 18:24:35 master named[15322]: listening on IPv4 interface lo, 127.0.0.1#53
Sep 8 18:24:35 master named[15322]: listening on IPv4 interface eth0, 192.168.120.240#53
Sep 8 18:24:35 master named[15322]: command channel listening on 127.0.0.1#953
Sep 8 18:24:35 master named[15322]: command channel listening on ::1#953
Sep 8 18:24:35 master named[15322]: zone 0.0.127.in-addr.arpa/IN: loaded serial 1997022700
Sep 8 18:24:35 master named[15322]: zone 120.168.192.in-addr.arpa/IN: loaded serial 2
Sep 8 18:24:35 master named[15322]: zone bob.com/IN: loaded serial 2
Sep 8 18:24:35 master named[15322]: zone localhost/IN: loaded serial 42
Sep 8 18:24:35 master named[15322]: named startup succeeded
Sep 8 18:24:35 master named[15322]: running
5. 注意事项
A.修改区域数据文件在每次存盘时要注意增加Serial值,主要用来让辅助服务器同步主服务器的区域数据文件。
B.使用绝对域名时千万别忘了后面要带"."。
C.主配置文件named.conf的";"不能少。
五.配置Slave DNS
1. 编辑DNS的主配置文件named.conf
vi /etc/named.conf
options {
directory "/var/named";
};
zone "." IN {
type hint;
file "named.ca";
};
zone "localhost" IN {
type master;
file "localhost.zone";
allow-update { none; };
};
zone "0.0.127.in-addr.arpa" IN {
type master;
file "named.local";
allow-update { none; };
};
zone "bob.com" IN {
type slave;
file "slaves/bob.com.dns";
masters { 192.168.120.240; };
};
zone "120.168.192.in-addr.arpa" IN {
type slave;
file "slaves/bob.com.rev";
masters { 192.168.120.240; };
};
include "/etc/rndc.key"
2. 修改从主DNS复制过来的区域文件存放目录的权限
cd /var/named/chroot/var/named/slaves
chmod 775 /var/named/chroot/var/named/slaves
chown named.named /var/named/chroot/var/named/slaves
3. 测试
① 在Slave DNS上查看区域数据文件有没有从主DNS复制过来
[root@slave /]#ll /var/named/chroot/var/named/slaves
-rw------- 1 named named 406 Jun 13 23:50 bob.com.dns
-rw------- 1 named named 410 Jun 13 19:10 bob.com.rev
② 在Slave DNS上使用host命令查看信息
[root@slave /]# host [url]www.bob.com[/url]
[url]www.bob.com[/url] has address 192.168.120.250
[root@slave /]# host master.bob.com
master.bob.com has address 192.168.120.240
[root@slave /]# host slave.bob.com
slave.bob.com has address 192.168.120.241
③ 在slave DNS上使用nslookup命令查看信息
[root@slave /]# nslookup
Server: 192.168.120.241
Address: 192.168.120.241#53
Name: [url]www.bob.com[/url]
Address: 192.168.120.250
> master.bob.com
Server: 192.168.120.241
Address: 192.168.120.241#53
Name: master.bob.com
Address: 192.168.120.240
> 192.168.120.250
Server: 192.168.120.241
Address: 192.168.120.241#53
④ 在用户pc上将DNS指向192.168.120.241,然后访问 [url]www.bob.com[/url]
4. 查看日志
[root@slaves /]#services named start
[root@slaves /]# cat /var/log/messages |grep named
Jun 14 00:04:48 slave named[10083]: starting BIND 9.2.4 -u named -t /var/named/chroot
Jun 14 00:04:48 slave named[10083]: using 1 CPU
Jun 14 00:04:48 slave named[10083]: loading configuration from '/etc/named.conf'
Jun 14 00:04:48 slave named[10083]: listening on IPv4 interface lo, 127.0.0.1#53
Jun 14 00:04:48 slave named[10083]: listening on IPv4 interface eth0, 192.168.120.241#53
Jun 14 00:04:48 slave named[10083]: command channel listening on 127.0.0.1#953
Jun 14 00:04:48 slave named[10083]: command channel listening on ::1#953
Jun 14 00:04:49 slave named[10083]: zone 0.0.127.in-addr.arpa/IN: loaded serial 1997022700
Jun 14 00:04:49 slave named[10083]: zone localhost/IN: loaded serial 42
Jun 14 00:04:49 slave named[10083]: named startup succeeded
Jun 14 00:04:49 slave named[10083]: running
Jun 14 00:04:49 slave named[10083]: zone 120.168.192.in-addr.arpa/IN: transferred serial 2
Jun 14 00:04:49 slave named[10083]: transfer of '120.168.192.in-addr.arpa/IN' from 192.168.120.240#53: end of transfer
Jun 14 00:04:49 slave named[10083]: zone bob.com/IN: transferred serial 2
Jun 14 00:04:49 slave named[10083]: transfer of 'bob.com/IN' from 192.168.120.240#53: end of transfer
5. 注意事项
A.从主DNS复制过来的区域文件存放目录的权限。
B.主配置文件named.conf的";"不能少。