一、安装
yum install bind-utils.x86_64
yum install bind
二、配置
vim /etc/named.conf
编辑文件内容为:
############################################################
options {
listen-on port 53 { 127.0.0.1;192.168.4.103; };
directory "/var/named";
allow-query { any; };
};
zone "." IN {
type hint;
file "named.ca";
};
zone "example.com" IN {
type master;
file "example.com.zone";
};
include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";
###########################################################
[root@server03 Desktop]# cd /var/named/
[root@server03 named]# cp named.localhost example.com.zone -p
[root@server03 named]# vim example.com.zone
修改为:
###############################################################
$TTL 1D
@ IN SOA @ root.server03.example.com. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS @
A 127.0.0.1
server03 IN A 192.168.4.103
###################################################################
[root@server03 named]# /etc/init.d/named restart
指定DNS服务器:
[root@server03 named]# vim /etc/sysconfig/network-scripts/ifcfg-eth0
添加:
DNS1=192.168.4.254
重启网卡:
[root@server03 named]# /etc/init.d/network restart
测试:
[root@server03 named]# nslookup server03
Server: 192.168.4.103
Address: 192.168.4.103#53
Name: server03.example.com
Address: 192.168.4.103
[root@server03 named]# nslookup server03.example.com
Server: 192.168.4.103
Address: 192.168.4.103#53
Name: server03.example.com
Address: 192.168.4.103
三、将ip地址解析成域名
编辑name.conf文件:
添加内容:
zone "4.168.192.in-addr.arpa" IN {
type master;
file "192.168.4.zone";
};
[root@server03 named]# pwd
/var/named
[root@server03 named]# cp example.com.zone 192.168.4.zone -p
编辑192.168.4.zone 文件:
修改为:
$TTL 1D
@ IN SOA @ root.server03.example.com. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS @
A 127.0.0.1
103 IN PTR server03.example.com.
重启named
[root@server03 named]# /etc/init.d/named restart
测试:
[root@server03 named]# nslookup 192.168.4.103
Server: 192.168.4.103
Address: 192.168.4.103#53
103.4.168.192.in-addr.arpa name = server03.example.com.
四、让DNS服务器变得安全
安装bind-chroot
!!!停止named服务
[root@server03 named]# service named stop
安装:
[root@server03 named]# yum install bind-chroot
[root@server03 named]# cd /var/named/chroot/etc/
[root@server03 etc]# cp /etc/named* ./ -p
[root@server03 etc]# cd ../var/named/
[root@server03 named]# ls 为空为正常
[root@server03 named]# cp -rp /var/named/* ./
[root@server03 named]# rm -rf chroot/
[root@server03 named]# ls
192.168.4.zone dynamic named.ca named.localhost slaves
data example.com.zone named.empty named.loopback
不能有chroot
[root@server03 named]# cd /var/named
[root@server03 named]# pwd
/var/named
[root@server03 named]# rm -rf example.com.zone
[root@server03 named]# rm -rf 192.168.4.zone
重启服务:
[root@server03 etc]# /etc/init.d/named restart
Stopping named: [ OK ]
Starting named: [ OK ]
验证:
[root@server03 etc]# nslookup server03.example.com
Server: 192.168.4.103
Address: 192.168.4.103#53
Name: server03.example.com
Address: 192.168.4.103
[root@server03 etc]# nslookup 192.168.4.103
Server: 192.168.4.103
Address: 192.168.4.103#53
103.4.168.192.in-addr.arpa name = server03.example.com.
现在named.comf 使用的是/var/named/chroot/etc/named.conf
Ok!
原文地址:http://blog.csdn.net/cuipengchong/article/details/39319589
