因为内网换了路由器,这个路由器不支持静态域名解析服务。所以只能自己建立一个DNS服务。
DNS服务端软件选用bind,直接yum在线安装bind。此时会直接更新另外两个软件包bind-libs,bind-utils:
yum -y install bind
安装过程不放了。
装完以后,配置文件:/etc/named.conf(没有装bind-chroot,可以增加安全性,只是内网用就没装了)
编辑named.conf配置文件:
// // named.conf // // Provided by Red Hat bind package to configure the ISC BIND named(8) DNS // server as a caching only nameserver (as a localhost DNS resolver only). // // See /usr/share/doc/bind*/sample/ for example named configuration files. // options { listen-on port 53 { any; }; listen-on-v6 port 53 { ::1; }; directory "/var/named"; dump-file "/var/named/data/cache_dump.db"; statistics-file "/var/named/data/named_stats.txt"; memstatistics-file "/var/named/data/named_mem_stats.txt"; allow-query { any; }; //这里是域名的查询权限。默认这里是localhost,就是只允许本机查询。 recursion yes; dnssec-enable yes; dnssec-validation yes; dnssec-lookaside auto; /* Path to ISC DLV key */ bindkeys-file "/etc/named.iscdlv.key"; managed-keys-directory "/var/named/dynamic"; }; logging { channel default_debug { file "data/named.run"; severity dynamic; }; }; zone "." IN { type hint; file "named.ca"; }; // include "/etc/named/named.rfc1912.zones"; include "/etc/named/named.mydomain.cn.zone"; //因为这个文件是要用的,所以指定到这个文件 include "/etc/named.root.key";
然后看看named.mydomain.cn.zone这个文件,这个文件主要是为了添加域信息:
[root@localhost named]# more named.mydomain.cn.zone // named.rfc1912.zones: // // Provided by Red Hat caching-nameserver package // // ISC BIND named zone configuration for zones recommended by // RFC 1912 section 4.1 : localhost TLDs and address zones // and http://www.ietf.org/internet-drafts/draft-ietf-dnsop-default-local-zones-02.txt // (c)2007 R W Franks // // See /usr/share/doc/bind*/sample/ for example named configuration files. // zone "mydomain.cn" IN { type master; file "/etc/named/mydomain.cn.zone"; //这个文件里的内容就是解析条目的内容了 allow-update { none; }; };
mydomain.cn.zone文件里面的内容:
[root@localhost named]# more mydomain.cn.zone $TTL 1D @ IN SOA @ rname.invalid. ( 0 ; serial 1D ; refresh 1H ; retry 1W ; expire 3H ) ; minimum NS @ A 192.168.18.200 AAAA ::1 wiki IN A 192.168.18.200 //这三条就是我自己添加的需要解析的条目 pms IN A 192.168.18.200 design IN A 192.168.18.200
网上说这三条前面还要添加一条MX,这里没加也能成功解析了。添加了反而启动的时候报错,所以直接没要那条。
现在到其他主机上修改nameserver=192.168.18.200(因为我的DNS服务主机的IP也是这个),然后使用dig命令查看下:
root># dig wiki.mydomain.cn ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.17.rc1.el6_4.6 <<>> wiki.mydomain.cn ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 19423 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2 ;; QUESTION SECTION: ;wiki.mydomain.cn. IN A ;; ANSWER SECTION: wiki.mydomain.cn. 86400 IN A 192.168.18.200 //这里正确返回IP地址 ;; AUTHORITY SECTION: mydomain.cn. 86400 IN NS mydomain.cn. ;; ADDITIONAL SECTION: mydomain.cn. 86400 IN A 192.168.18.200 mydomain.cn. 86400 IN AAAA ::1 ;; Query time: 0 msec ;; SERVER: 192.168.18.200#53(192.168.18.200) ;; WHEN: Thu Aug 20 17:01:55 2015 ;; MSG SIZE rcvd: 105
到这里就解析成功了。
本文出自 “Davin” 博客,请务必保留此出处http://ydw1118.blog.51cto.com/3035216/1686576
centOS建立bind服务,做为内网DNS解析服务安装记录
原文地址:http://ydw1118.blog.51cto.com/3035216/1686576