由于我这里只是测试所以直接做的是master 跟yum 安装的
1 yum install bind -y
2 修改主配置文件: 我的配置文件如下
options {
listen-on port 53 { any; }; #修改为any
# listen-on-v6 port 53 { ::1; }; #注
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { any; };#修改为any (要不然报错client 172.16.14.42#59464: query (cache) ‘www.baidu.com/A/IN‘ denied 意思很明显)
recursion yes;
#添加如下转发
forwarders {
8.8.8.8;
202.96.128.68;
};
dnssec-enable yes;
dnssec-validation yes;
dnssec-lookaside auto;
/* Path to ISC DLV key */
bindkeys-file "/etc/named.iscdlv.key";
managed-keys-directory "/var/named/dynamic";
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
zone "." IN {
type hint;
file "named.ca";
};
#一下是我的测试域名
zone "test.com" IN {
type master;
file "test.com.zone";
allow-update {none;};
};
zone "100.168.192.in-addr.arpa" IN {
type master;
file "192.168.100.zone";
allow-update {none;};
};
include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";
3 创建区域配置文件
[root@localhost named]# cat test.com.zone
$TTL 1D
@ IN SOA @ ns.test.com. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
@ IN NS ns.test.com.
@ IN MX 5 mail.test.com.
ns IN A 172.16.7.207
www IN A 172.16.7.207
4 创建反向解析区域配置文件
[root@localhost named]# cat 192.168.100.zone
$TTL 86400 ; 1 hour
@ IN SOA ns.test.com. root (
132 ; serial
900 ; refresh (15 minutes)
600 ; retry (10 minutes)
86400 ; expire (1 day)
3600 ; minimum (1 hour)
)
@ IN NS ns.test.com.
207 IN PTR ns.test.com.
207 IN PTR mail.test.com.
207 IN PTR www.test.com.
注:如果你还有要解析的域名直接添加就好了以上类似
5 然后来启动你的named服务,你自己的DNS 必须保证能上网,这些你去测试就OK 了
测试
[root@localhost ~]# cat /etc/resolv.conf
nameserver 172.16.7.207
search localdomain
[root@localhost ~]# dig
; <<>> DiG 9.3.6-P1-RedHat-9.3.6-20.P1.el5 <<>>
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 44857
;; flags: qr rd ra; QUERY: 1, ANSWER: 13, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;. IN NS
;; ANSWER SECTION:
. 517891 IN NS f.root-servers.net.
. 517891 IN NS e.root-servers.net.
. 517891 IN NS b.root-servers.net.
. 517891 IN NS j.root-servers.net.
. 517891 IN NS a.root-servers.net.
. 517891 IN NS m.root-servers.net.
. 517891 IN NS c.root-servers.net.
. 517891 IN NS h.root-servers.net.
. 517891 IN NS i.root-servers.net.
. 517891 IN NS k.root-servers.net.
. 517891 IN NS g.root-servers.net.
. 517891 IN NS d.root-servers.net.
. 517891 IN NS l.root-servers.net.
;; Query time: 1 msec
;; SERVER: 172.16.7.207#53(172.16.7.207)
;; WHEN: Wed Oct 8 23:14:48 2014
;; MSG SIZE rcvd: 228
其实要搭建个DNS 服务器很简单,只要控制你这个三个配置文件就OK 了,其他根的区域你默认就好,还有的是要配置一个从的DNS服务器以后有时间下写写
写的不好别喷...
本文出自 “信不信由你” 博客,请务必保留此出处http://312461613.blog.51cto.com/965442/1561241
原文地址:http://312461613.blog.51cto.com/965442/1561241
