Red Hat Enterprise Linux Server release 5.5 (Tikanga) 上搭建DNS服务器

软件环境:Red Hat Enterprise Linux Server release 5.5 (Tikanga)

0、本机IP地址

[root@rhels5532 ~]# ifconfig
eth0      Link encap:Ethernet  HWaddr 08:00:27:4B:27:5A  
          inet addr:192.168.1.210  Bcast:192.168.1.255  Mask:255.255.255.0
          inet6 addr: fe80::a00:27ff:fe4b:275a/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:61765 errors:0 dropped:0 overruns:0 frame:0
          TX packets:80 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:6013360 (5.7 MiB)  TX bytes:13070 (12.7 KiB)

eth1      Link encap:Ethernet  HWaddr 08:00:27:97:2E:A5  
          inet addr:192.168.56.10  Bcast:192.168.56.255  Mask:255.255.255.0
          inet6 addr: fe80::a00:27ff:fe97:2ea5/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:4829 errors:0 dropped:0 overruns:0 frame:0
          TX packets:5507 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:408357 (398.7 KiB)  TX bytes:948999 (926.7 KiB)

lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:70 errors:0 dropped:0 overruns:0 frame:0
          TX packets:70 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:7752 (7.5 KiB)  TX bytes:7752 (7.5 KiB)

[root@rhels5532 ~]# 

1、安装DNS软件包

[root@rhels5532 etc]# yum install bind*
Loaded plugins: rhnplugin, security
This system is not registered with RHN.
RHN support will be disabled.
Setting up Install Process
Package 30:bind-sdb-9.3.6-4.P1.el5_4.2.i386 already installed and latest version
Package 30:bind-chroot-9.3.6-4.P1.el5_4.2.i386 already installed and latest version
Package 30:bind-devel-9.3.6-4.P1.el5_4.2.i386 already installed and latest version
Package 30:bind-libs-9.3.6-4.P1.el5_4.2.i386 already installed and latest version
Package 30:bind-9.3.6-4.P1.el5_4.2.i386 already installed and latest version
Package 30:bind-utils-9.3.6-4.P1.el5_4.2.i386 already installed and latest version
Package 30:bind-libbind-devel-9.3.6-4.P1.el5_4.2.i386 already installed and latest version
Nothing to do
[root@rhels5532 etc]# yum install caching*
Loaded plugins: rhnplugin, security
This system is not registered with RHN.
RHN support will be disabled.
Setting up Install Process
Resolving Dependencies
--> Running transaction check
---> Package caching-nameserver.i386 30:9.3.6-4.P1.el5_4.2 set to be updated
--> Finished Dependency Resolution

Dependencies Resolved

==============================================================================================================================================
 Package                                 Arch                      Version                                    Repository                 Size
==============================================================================================================================================
Installing:
 caching-nameserver                      i386                      30:9.3.6-4.P1.el5_4.2                      base                       61 k

Transaction Summary
==============================================================================================================================================
Install       1 Package(s)
Upgrade       0 Package(s)

Total download size: 61 k
Is this ok [y/N]: y
Downloading Packages:
Running rpm_check_debug
Running Transaction Test
Finished Transaction Test
Transaction Test Succeeded
Running Transaction
  Installing     : caching-nameserver                                                                                                     1/1 

Installed:
  caching-nameserver.i386 30:9.3.6-4.P1.el5_4.2                                                                                               

Complete!

2、配置/var/named/chroot/etc/named.conf 文件

先拷贝生成该文件

[root@rhels5532 etc]# pwd
/var/named/chroot/etc
[root@rhels5532 etc]# ll
total 24
-rw-r--r-- 1 root root  3519 Feb 27  2006 localtime
-rw-r----- 1 root named 1230 Jan 18  2010 named.caching-nameserver.conf
-rw-r----- 1 root named  955 Jan 18  2010 named.rfc1912.zones
-rw-r----- 1 root named  113 Dec  2 18:59 rndc.key
[root@rhels5532 etc]# cp -p named.caching-nameserver.conf named.conf

修改后的文件内容如下

[root@rhels5532 etc]# vi named.conf 
//
// named.caching-nameserver.conf
//
// Provided by Red Hat caching-nameserver package to configure the
// ISC BIND named(8) DNS server as a caching only nameserver
// (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
// DO NOT EDIT THIS FILE - use system-config-bind or an editor
// to create named.conf - edits to this file will be lost on
// caching-nameserver package upgrade.
//
options {
        listen-on port 53 { any; };
        listen-on-v6 port 53 { ::1; };
        directory       "/var/named";
        dump-file       "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
        memstatistics-file "/var/named/data/named_mem_stats.txt";

        // Those options should be used carefully because they disable port
        // randomization
        // query-source    port 53;
        // query-source-v6 port 53;

        allow-query     { any; };
        allow-query-cache { any; };
};
logging {
        channel default_debug {
                file "data/named.run";
                severity dynamic;
        };
};
view localhost_resolver {
        match-clients      { any; };
        match-destinations { any; };
        recursion yes;
        include "/etc/named.rfc1912.zones";
};
~
~
~
"named.conf" 41L, 1200C written

说明:

  为简单起见,将该文件中的127.0.0.1、localhost 全部修改成any,且修改时,需
要注意左右两边留空格。修改部分在上述配置文件中以红色加粗标示。
  通过拷贝来生成/var/named/chroot/etc/named.conf 文件时,注意加上-p 选项,来保证文
件的权限问题,否则会导致DNS 服务启不来!

3、配置Zone 文件,修改/var/named/chroot/etc/named.rfc1912.zones 文件

配置Zone 的目的是为了解析SCAN IP,在该文件末尾添加以下反向Zone:

zone "1.168.192.in-addr.arpa." IN {
        type master;
        file "0.168.192.in-addr.arpa";
        allow-update { none; };
};

配置反向Zone 之后的该文件内容如下:

[root@rhels5532 etc]# vi /var/named/chroot/etc/named.rfc1912.zones 
// named.rfc1912.zones:
//
// Provided by Red Hat caching-nameserver package
//
// ISC BIND named zone configuration for zones recommended by
// RFC 1912 section 4.1 : localhost TLDs and address zones
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
zone "." IN {
        type hint;
        file "named.ca";
};

zone "localdomain" IN {
        type master;
        file "localdomain.zone";
        allow-update { none; };
};

zone "localhost" IN {
        type master;
        file "localhost.zone";
        allow-update { none; };
};

zone "0.0.127.in-addr.arpa" IN {
        type master;
        file "named.local";
        allow-update { none; };
};

zone "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN {
        type master;
        file "named.ip6.local";
        allow-update { none; };
};

zone "255.in-addr.arpa" IN {
        type master;
        file "named.broadcast";
        allow-update { none; };
};

zone "0.in-addr.arpa" IN {
        type master;
        file "named.zero";
        allow-update { none; };
};

zone "1.168.192.in-addr.arpa." IN {
        type master;
        file "0.168.192.in-addr.arpa";
        allow-update { none; };
};
"named.rfc1912.zones" 55L, 1066C written

说明:

正常情况下还应该配置正向Zone 文件。这里,我们的RAC 双节点node1、node2
的域名domain 都设置为localdomain , 而默认情况下, 该配置文件
(/var/named/chroot/etc/named.rfc1912.zones)的第15 行到第20 行中已经自带下述正向Zone 文
件配置信息,所以无需再添加。

zone "localdomain" IN {
        type master;
        file "localdomain.zone";
        allow-update { none; };
};

4、 配置正、反向解析数据库文件。在/var/named/chroot/var/named 路径下进行配置
首先,生成正、反向解析数据库文件。

利用/var/named/chroot/var/named/localhost.zone 复制生成正向解析的数据库文件,

利用/var/named/chroot/var/named/localhost.zone 复制生成名为0.16.172.in-addr.arpa 的反向解析的数据库文件。

[root@rhels5532 named]# ll
total 44
drwxrwx--- 2 named named 4096 Aug 26  2004 data
-rw-r----- 1 root  named  198 Jan 18  2010 localdomain.zone
-rw-r----- 1 root  named  195 Jan 18  2010 localhost.zone
-rw-r----- 1 root  named  427 Jan 18  2010 named.broadcast
-rw-r----- 1 root  named 1892 Jan 18  2010 named.ca
-rw-r----- 1 root  named  424 Jan 18  2010 named.ip6.local
-rw-r----- 1 root  named  426 Jan 18  2010 named.local
-rw-r----- 1 root  named  427 Jan 18  2010 named.zero
drwxrwx--- 2 named named 4096 Jul 27  2004 slaves
[root@rhels5532 named]# cp -p named.local 1.168.192.in-addr.arpa
[root@rhels5532 named]# ll
total 48
-rw-r----- 1 root  named  426 Jan 18  2010 1.168.192.in-addr.arpa
drwxrwx--- 2 named named 4096 Aug 26  2004 data
-rw-r----- 1 root  named  198 Jan 18  2010 localdomain.zone
-rw-r----- 1 root  named  195 Jan 18  2010 localhost.zone
-rw-r----- 1 root  named  427 Jan 18  2010 named.broadcast
-rw-r----- 1 root  named 1892 Jan 18  2010 named.ca
-rw-r----- 1 root  named  424 Jan 18  2010 named.ip6.local
-rw-r----- 1 root  named  426 Jan 18  2010 named.local
-rw-r----- 1 root  named  427 Jan 18  2010 named.zero
drwxrwx--- 2 named named 4096 Jul 27  2004 slaves

说明:

在上述步骤③中我们没有配置正向Zone 文件,故只需生成反向解析数据库文件,正向解析数据库文件利用默认的localdomain.zone 文件。
生成的正、反向解析数据库文件名一定要同上述步骤③中定义的正、反向Zone 文件一致,否则DNS 出错!
然后,定义正、反向解析数据库文件。
在正向解析数据库文件localdomain.zone 末尾添加下述内容:

SCAN-CLUSTER    IN A            192.168.1.203

添加后内容如下:

[root@rhels5532 named]# vi localdomain.zone 
$TTL    86400
@               IN SOA  localhost root (
                                        42              ; serial (d. adams)
                                        3H              ; refresh
                                        15M             ; retry
                                        1W              ; expiry
                                        1D )            ; minimum
                IN NS           localhost
localhost       IN A            127.0.0.1
SCAN-CLUSTER    IN A            192.168.1.203

在反向解析数据库文件0.16.172.in-addr.arpa 末尾添加下述内容:

203     IN      PTR     SCAN-CLUSTER.localdomain

添加后内容如下:

[root@rhels5532 named]# vi 1.168.192.in-addr.arpa 
$TTL    86400
@       IN      SOA     localhost. root.localhost.  (
                                      1997022700 ; Serial
                                      28800      ; Refresh
                                      14400      ; Retry
                                      3600000    ; Expire
                                      86400 )    ; Minimum
        IN      NS      localhost.
1       IN      PTR     localhost.
203     IN      PTR     SCAN-CLUSTER.localdomain

>测试DNS服务器解析SCAN IP正常

首先,在DNS 服务器172.16.0.176 上启动DNS 服务:

[root@rhels5532 named]# /etc/init.d/named status
rndc: connect failed: 127.0.0.1#953: connection refused
named is stopped
[root@rhels5532 named]# /etc/init.d/named start
Starting named:                                            [  OK  ]
[root@rhels5532 named]# /etc/init.d/named status
number of zones: 7
debug level: 0
xfers running: 0
xfers deferred: 0
soa queries in progress: 0
query logging is OFF
recursive clients: 0/1000
tcp clients: 0/100
server is up and running
named (pid  3114) is running...
[root@rhels5532 named]# chkconfig named on

其次,在192.168.1.150这台机器的/etc/resolv.conf配置文件中添加如下配置信息

search localdomain
nameserver 192.168.1.210

添加之后

[root@BJRAC ~]# vi /etc/resolv.conf 
# Generated by NetworkManager


# No nameservers found; try putting DNS servers into your
# ifcfg files in /etc/sysconfig/network-scripts like so:
#
# DNS1=xxx.xxx.xxx.xxx
# DNS2=xxx.xxx.xxx.xxx
# DOMAIN=lab.foo.com bar.foo.com
search localdomain
nameserver 192.168.1.210

最后,测试SCAN IP是否成功

[root@BJRAC ~]# nslookup 192.168.1.203
Server:         192.168.1.210
Address:        192.168.1.210#53

203.1.168.192.in-addr.arpa      name = SCAN-CLUSTER.localdomain.1.168.192.in-addr.arpa.

[root@BJRAC ~]# nslookup SCAN-CLUSTER.localdomain.
Server:         192.168.1.210
Address:        192.168.1.210#53

Name:   SCAN-CLUSTER.localdomain
Address: 192.168.1.203

[root@BJRAC ~]# nslookup SCAN-CLUSTER
Server:         192.168.1.210
Address:        192.168.1.210#53

Name:   SCAN-CLUSTER.localdomain
Address: 192.168.1.203

出现上述信息,表示配置成功;

 

节点2配置DNS服务器参数

Last login: Mon Feb 17 18:03:29 2014 from 192.168.56.1
[root@CQRAC ~]# vi /etc/resolv.conf 
# Generated by NetworkManager


# No nameservers found; try putting DNS servers into your
# ifcfg files in /etc/sysconfig/network-scripts like so:
#
# DNS1=xxx.xxx.xxx.xxx
# DNS2=xxx.xxx.xxx.xxx
# DOMAIN=lab.foo.com bar.foo.com
search localdomain
nameserver 192.168.1.210
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
"/etc/resolv.conf" 11L, 272C written
[root@CQRAC ~]# nslookup 192.168.1.203
Server:         192.168.1.210
Address:        192.168.1.210#53

203.1.168.192.in-addr.arpa      name = SCAN-CLUSTER.localdomain.1.168.192.in-addr.arpa.

[root@CQRAC ~]# nslookup SCAN-CLUSTER.localdomain
Server:         192.168.1.210
Address:        192.168.1.210#53

Name:   SCAN-CLUSTER.localdomain
Address: 192.168.1.203

[root@CQRAC ~]# nslookup SCAN-CLUSTER
Server:         192.168.1.210
Address:        192.168.1.210#53

Name:   SCAN-CLUSTER.localdomain
Address: 192.168.1.203

[root@CQRAC ~]# 

 

 

posted @ 2014-02-18 17:44  ArcerZhang  阅读(2206)  评论(0编辑  收藏  举报