RedHat AS4 Update4 DNS (bind 9) 配置
经过简单研究,在RedHat AS4 下成功配置了 DNS,现整理如下:
环境:RedHat AS4 Update4
主机名:server1
主机地址:192.168.1.10
1. 修改 /etc/hosts
# Do not remove the following line, or various programs
# that require network functionality will fail.
127.0.0.1 server1 localhost.localdomain localhost
192.168.1.10 gehouse.cn gehouse.cn
192.168.1.2 adsl.gehouse.cn adsl.gehouse.cn
gehouse.cn 为域名
adsl.gehouse.cn 为连接外网的ADSL路由器的地址
注意:域名解析的顺序由/etc/host.conf 指定,先从hosts解析, 再从bind解析。
order hosts,bind
2. 修改 /etc/resolv.conf
nameserver gehouse.cn
nameserver adsl.gehouse.cn
先由本机的域名服务器geshouse.cn搜索,再从adsl.gehouse.cn搜索
3. 修改 /etc/named.conf
这是一个链接文件,原文件位于 /var/named/chroot/etc/)
[root@server1 ~]# ll /etc/named.conf
lrwxrwxrwx 1 root root 32 Mar 9 21:50 /etc/named.conf -> /var/named/chroot/etc/named.conf
添加正向解析域
zone "gehouse.cn" IN {
type master;
file "gehouse.cn.zone";
allow-update { none; };
};
正向解析域文件名:gehouse.cn.zone
添加反向解析域
zone "1.168.192.in-addr.arpa" IN {
type master;
file "named.gehouse.cn";
allow-update { none; };
};
反向解析域文件名 named.gehouse.cn
完整 /etc/named.conf 如下:
# vi /etc/named.conf
4. 创建正向解析域文件 gehouse.cn.zone (RedHat AS4 要求文件位于 /var/named/chroot/var/named)
vi /var/named/chroot/var/named/gehouse.cn.zone
添加别名 www.gehouse.cn 指向ns1.gehouse.cn,也可以添加另外的主机地址,如:
kylin IN A 192.168.1.145
5. 创建反向解析域文件 named.gehouse.cn (RedHat AS4 要求文件位于 /var/named/chroot/var/named)
vi /var/named/chroot/var/named/named.gehouse.cn
6. 重新启动DNS服务,或重新加载域名解析规则
# /etc/init.d/named stop
# /etc/init.d/named start
或
# /etc/init.d/named restart
或
# /etc/init.d/named reload
7. 查询域名测试
测试成功,则说明配置DNS成功了。
环境:RedHat AS4 Update4
主机名:server1
主机地址:192.168.1.10
1. 修改 /etc/hosts
# Do not remove the following line, or various programs# that require network functionality will fail.127.0.0.1 server1 localhost.localdomain localhost192.168.1.10 gehouse.cn gehouse.cn192.168.1.2 adsl.gehouse.cn adsl.gehouse.cnadsl.gehouse.cn 为连接外网的ADSL路由器的地址
注意:域名解析的顺序由/etc/host.conf 指定,先从hosts解析, 再从bind解析。
order hosts,bind2. 修改 /etc/resolv.conf
nameserver gehouse.cnnameserver adsl.gehouse.cn3. 修改 /etc/named.conf
这是一个链接文件,原文件位于 /var/named/chroot/etc/)
[root@server1 ~]# ll /etc/named.conflrwxrwxrwx 1 root root 32 Mar 9 21:50 /etc/named.conf -> /var/named/chroot/etc/named.conf添加正向解析域
zone "gehouse.cn" IN {
type master;
file "gehouse.cn.zone";
allow-update { none; };
};
正向解析域文件名:gehouse.cn.zone
添加反向解析域
zone "1.168.192.in-addr.arpa" IN {
type master;
file "named.gehouse.cn";
allow-update { none; };
};
反向解析域文件名 named.gehouse.cn
完整 /etc/named.conf 如下:
# vi /etc/named.conf
//
// named.conf for Red Hat caching-nameserver
//
options {
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
/*
* If there is a firewall between you and nameservers you want
* to talk to, you might need to uncomment the query-source
* directive below. Previous versions of BIND always asked
* questions using port 53, but BIND 8.1 uses an unprivileged
* port by default.
*/
// query-source address * port 53;
};
//
// a caching only nameserver config
//
controls {
inet 127.0.0.1 allow { localhost; } keys { rndckey; };
};
zone "." IN {
type hint;
file "named.ca";
};
zone "localdomain" IN {
type master;
file "localdomain.zone";
allow-update { none; };
};
zone "localhost" IN {
type master;
file "localhost.zone";
allow-update { none; };
};
zone "gehouse.cn" IN {
type master;
file "gehouse.cn.zone";
allow-update { none; };
};
zone "0.0.127.in-addr.arpa" IN {
type master;
file "named.local";
allow-update { none; };
};
zone "1.168.192.in-addr.arpa" IN {
type master;
file "named.gehouse.cn";
allow-update { none; };
};
zone "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN {
type master;
file "named.ip6.local";
allow-update { none; };
};
zone "255.in-addr.arpa" IN {
type master;
file "named.broadcast";
allow-update { none; };
};
zone "0.in-addr.arpa" IN {
type master;
file "named.zero";
allow-update { none; };
};
include "/etc/rndc.key";
// named.conf for Red Hat caching-nameserver
//
options {
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
/*
* If there is a firewall between you and nameservers you want
* to talk to, you might need to uncomment the query-source
* directive below. Previous versions of BIND always asked
* questions using port 53, but BIND 8.1 uses an unprivileged
* port by default.
*/
// query-source address * port 53;
};
//
// a caching only nameserver config
//
controls {
inet 127.0.0.1 allow { localhost; } keys { rndckey; };
};
zone "." IN {
type hint;
file "named.ca";
};
zone "localdomain" IN {
type master;
file "localdomain.zone";
allow-update { none; };
};
zone "localhost" IN {
type master;
file "localhost.zone";
allow-update { none; };
};
zone "gehouse.cn" IN {
type master;
file "gehouse.cn.zone";
allow-update { none; };
};
zone "0.0.127.in-addr.arpa" IN {
type master;
file "named.local";
allow-update { none; };
};
zone "1.168.192.in-addr.arpa" IN {
type master;
file "named.gehouse.cn";
allow-update { none; };
};
zone "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN {
type master;
file "named.ip6.local";
allow-update { none; };
};
zone "255.in-addr.arpa" IN {
type master;
file "named.broadcast";
allow-update { none; };
};
zone "0.in-addr.arpa" IN {
type master;
file "named.zero";
allow-update { none; };
};
include "/etc/rndc.key";
4. 创建正向解析域文件 gehouse.cn.zone (RedHat AS4 要求文件位于 /var/named/chroot/var/named)
vi /var/named/chroot/var/named/gehouse.cn.zone
$TTL 86400
@ IN SOA ns1.gehouse.cn. admin.gehouse.cn. (
2007041601 ; serial (d. adams)
6H ; refresh (6 hourse)
1H ; retry (1 hourse)
1W ; expiry (1 week)
1D ) ; minimum (1 day)
IN NS ns1.gehouse.cn.
IN A 192.168.1.10
ns1 IN A 192.168.1.10
www IN CNAME ns1.gehouse.cn.
mail IN CNAME ns1.gehouse.cn.
ftp IN CNAME ns1.gehouse.cn.
svn IN CNAME ns1.gehouse.cn.
mysql IN CNAME ns1.gehouse.cn.
ldap IN CNAME ns1.gehouse.cn.
dotproject IN CNAME ns1.gehouse.cn.
repo IN CNAME ns1.gehouse.cn.
添加主机 ns1.gehouse.cn@ IN SOA ns1.gehouse.cn. admin.gehouse.cn. (
2007041601 ; serial (d. adams)
6H ; refresh (6 hourse)
1H ; retry (1 hourse)
1W ; expiry (1 week)
1D ) ; minimum (1 day)
IN NS ns1.gehouse.cn.
IN A 192.168.1.10
ns1 IN A 192.168.1.10
www IN CNAME ns1.gehouse.cn.
mail IN CNAME ns1.gehouse.cn.
ftp IN CNAME ns1.gehouse.cn.
svn IN CNAME ns1.gehouse.cn.
mysql IN CNAME ns1.gehouse.cn.
ldap IN CNAME ns1.gehouse.cn.
dotproject IN CNAME ns1.gehouse.cn.
repo IN CNAME ns1.gehouse.cn.
添加别名 www.gehouse.cn 指向ns1.gehouse.cn,也可以添加另外的主机地址,如:
kylin IN A 192.168.1.145
5. 创建反向解析域文件 named.gehouse.cn (RedHat AS4 要求文件位于 /var/named/chroot/var/named)
vi /var/named/chroot/var/named/named.gehouse.cn
10 IN PTR ftp.gehouse.cn.
$TTL 86400
@ IN SOA ns1.gehouse.cn. admin.gehouse.cn. (
1997022700 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS ns1.gehouse.cn.
10 IN PTR ns1.gehouse.cn.
10 IN PTR www.gehouse.cn.
10 IN PTR ftp.gehouse.cn.
10 IN PTR mail.gehouse.cn.
10 IN PTR svn.gehouse.cn.
10 IN PTR mysql.gehouse.cn.
10 IN PTR ldap.gehouse.cn.
10 IN PTR dotproject.gehouse.cn.
$TTL 86400
@ IN SOA ns1.gehouse.cn. admin.gehouse.cn. (
1997022700 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS ns1.gehouse.cn.
10 IN PTR ns1.gehouse.cn.
10 IN PTR www.gehouse.cn.
10 IN PTR ftp.gehouse.cn.
10 IN PTR mail.gehouse.cn.
10 IN PTR svn.gehouse.cn.
10 IN PTR mysql.gehouse.cn.
10 IN PTR ldap.gehouse.cn.
10 IN PTR dotproject.gehouse.cn.
6. 重新启动DNS服务,或重新加载域名解析规则
# /etc/init.d/named stop
# /etc/init.d/named start
或
# /etc/init.d/named restart
或
# /etc/init.d/named reload
7. 查询域名测试
[root@server1 named]# nslookup
> server
Default server: gehouse.cn
Address: 192.168.1.10#53
Default server: adsl.gehouse.cn
Address: 192.168.1.2#53
> www.gehouse.cn
Server: gehouse.cn
Address: 192.168.1.10#53
www.gehouse.cn canonical name = ns1.gehouse.cn.
Name: ns1.gehouse.cn
Address: 192.168.1.10
> mysql.gehouse.cn
Server: gehouse.cn
Address: 192.168.1.10#53
mysql.gehouse.cn canonical name = ns1.gehouse.cn.
Name: ns1.gehouse.cn
Address: 192.168.1.10
> 192.168.1.10
Server: gehouse.cn
Address: 192.168.1.10#53
10.1.168.192.in-addr.arpa name = www.gehouse.cn.
10.1.168.192.in-addr.arpa name = ldap.gehouse.cn.
10.1.168.192.in-addr.arpa name = mail.gehouse.cn.
10.1.168.192.in-addr.arpa name = mysql.gehouse.cn.
10.1.168.192.in-addr.arpa name = dotproject.gehouse.cn.
10.1.168.192.in-addr.arpa name = ftp.gehouse.cn.
10.1.168.192.in-addr.arpa name = ns1.gehouse.cn.
10.1.168.192.in-addr.arpa name = svn.gehouse.cn.
> exit
> server
Default server: gehouse.cn
Address: 192.168.1.10#53
Default server: adsl.gehouse.cn
Address: 192.168.1.2#53
> www.gehouse.cn
Server: gehouse.cn
Address: 192.168.1.10#53
www.gehouse.cn canonical name = ns1.gehouse.cn.
Name: ns1.gehouse.cn
Address: 192.168.1.10
> mysql.gehouse.cn
Server: gehouse.cn
Address: 192.168.1.10#53
mysql.gehouse.cn canonical name = ns1.gehouse.cn.
Name: ns1.gehouse.cn
Address: 192.168.1.10
> 192.168.1.10
Server: gehouse.cn
Address: 192.168.1.10#53
10.1.168.192.in-addr.arpa name = www.gehouse.cn.
10.1.168.192.in-addr.arpa name = ldap.gehouse.cn.
10.1.168.192.in-addr.arpa name = mail.gehouse.cn.
10.1.168.192.in-addr.arpa name = mysql.gehouse.cn.
10.1.168.192.in-addr.arpa name = dotproject.gehouse.cn.
10.1.168.192.in-addr.arpa name = ftp.gehouse.cn.
10.1.168.192.in-addr.arpa name = ns1.gehouse.cn.
10.1.168.192.in-addr.arpa name = svn.gehouse.cn.
> exit
测试成功,则说明配置DNS成功了。
