Linux怎么搭建DNS服务器
Posted
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了Linux怎么搭建DNS服务器相关的知识,希望对你有一定的参考价值。
Linux搭建DNS服务器简要步骤:1
简要步骤:
1.在bind的主配置文件中添加该域
2.在/var/named中创建该域的zone文件
3.编辑zone文件,添加需要的信息
4.检测防火墙或selinux设置
5.启动bind服务,重启网络服务
6.用户端测试域名解析
END
搭建DNS服务器详细步骤:
1
1、安装DNS服务器组件
安装bind
yum install -y bind bind-chroot bind-utils
2
2、编辑DNS主配置文件
vi /etc/named.conf修改主配置文件,如下图:
修改完毕,保存退出
3
3、接着修改named.rfc1912.zones文件,vi /etc/named.rfc1912.zones,如下图:
4
4、添加设置DNS正向解析
修改zone配置文件,正向解析:
cd /var/named/
cp named.localhost szlpt.cn.zone
vi szlpt.cn.zone(要和主配置文件[/etc/named.rfc1912.zones]里面定义的zone文件名一致)
5
5、修改zone配置文件,反向解析:
cd /var/named/
cp named.localhost 32.168.192.zone
vi 0.168.192.zone(要和主配置[/etc/named.rfc1912.zones]文件里面定义的zone文件名一致)
6
6、更改防火墙设置和selinux设置
Getenforce(查看selinux是否开启)
setenforce 0
vi /etc/sysconfig/iptables #配置防火墙端口
-AINPUT -m state --state NEW -m tcp -p tcp --dport 53 -j ACCEPT
-AINPUT -m state --state NEW -m udp -p udp --dport 53 -j ACCEPT
-AINPUT -m state --state NEW -m tcp -p tcp --dport 953 -j ACCEPT
service iptables restart #重启防火墙,使规则生效
7
7、启动DNS服(注意DNS服务名称在linux是叫做bind)
service named start
8
8、测试检测域信息是否正常(重要)
检查之前先看下 配置文件有没有读取权限 ll /var/named
(如果没有读取全线, chmod +r /var/named/* 即可)
9
9、检查bind文件配置过程中容易出错
以下命令用以检查bind配置文件及zone文件语法
named-checkconf /etc/named.conf
named-checkzone szlpt.cn /var/named/ szlpt.cn.zone
10
10、启动重启DNS服务,查看服务状态
service named restart
service network restart
用户端测试解析,通过nslookup进行测试。
END
注意事项
以上经验截图是以centos系统版本为例,其他linux版本配置文件可能有所不同。根据实际情况修改
本经验小编亲测截图,如果您觉得对您有帮助,就点击支持我吧。点击关注“咗嚛”,及时获取最新经验资讯! 参考技术A 你没有做具体描述,如果你重启named服务都正常,不知道你/etc/resolv.conf下配的什么,host测试下后,看下/var/log/message日志提示
Linux DNS服务器搭建和DNS 客户端配置
操作系统版本:
[root@node named]# cat /etc/redhat-release
Red Hat Enterprise Linux Server release 6.6 (Santiago)
Linux下设置DNS的位置主要是,
1网卡设置配置文件里面DNS服务器地址设置,
2.系统默认DNS服务器地址设置。
3,hosts文件指定
生效顺序是:
1 hosts文件
2 网卡配置文件DNS服务地址
3 /etc/resolv.conf
安装DNS
yum install bind -y
1 [root@gs2node named]# cat /etc/named.conf 2 // 3 // named.conf 4 // 5 // Provided by Red Hat bind package to configure the ISC BIND named(8) DNS 6 // server as a caching only nameserver (as a localhost DNS resolver only). 7 // 8 // See /usr/share/doc/bind*/sample/ for example named configuration files. 9 // 10 11 options { 12 listen-on port 53 { any; }; 13 listen-on-v6 port 53 { ::1; }; 14 directory "/var/named"; 15 dump-file "/var/named/data/cache_dump.db"; 16 statistics-file "/var/named/data/named_stats.txt"; 17 memstatistics-file "/var/named/data/named_mem_stats.txt"; 18 allow-query { any; }; 19 recursion yes; 20 21 dnssec-enable yes; 22 dnssec-validation yes; 23 dnssec-lookaside auto; 24 25 /* Path to ISC DLV key */ 26 bindkeys-file "/etc/named.iscdlv.key"; 27 28 managed-keys-directory "/var/named/dynamic"; 29 }; 30 31 logging { 32 channel default_debug { 33 file "data/named.run"; 34 severity dynamic; 35 }; 36 }; 37 38 zone "." IN { 39 type hint; 40 file "named.ca"; 41 }; 42 43 include "/etc/named.rfc1912.zones"; 44 include "/etc/named.root.key";
1 [root@node named]# cat /etc/named.rfc1912.zones 2 // named.rfc1912.zones: 3 // 4 // Provided by Red Hat caching-nameserver package 5 // 6 // ISC BIND named zone configuration for zones recommended by 7 // RFC 1912 section 4.1 : localhost TLDs and address zones 8 // and http://www.ietf.org/internet-drafts/draft-ietf-dnsop-default-local-zones-02.txt 9 // (c)2007 R W Franks 10 // 11 // See /usr/share/doc/bind*/sample/ for example named configuration files. 12 // 13 14 zone "localhost.localdomain" IN { 15 type master; 16 file "named.localhost"; 17 allow-update { none; }; 18 }; 19 20 zone "localhost" IN { 21 type master; 22 file "named.localhost"; 23 allow-update { none; }; 24 }; 25 26 zone "1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN { 27 type master; 28 file "named.loopback"; 29 allow-update { none; }; 30 }; 31 32 zone "1.0.0.127.in-addr.arpa" IN { 33 type master; 34 file "named.loopback"; 35 allow-update { none; }; 36 }; 37 38 zone "0.in-addr.arpa" IN { 39 type master; 40 file "named.empty"; 41 allow-update { none; }; 42 }; 43 44 zone "cbf.com" IN{ 45 type master; 46 file "cbf.com.zone"; 47 }; 48 49 zone "4.168.192.in-addr.arpa" IN { 50 type master; 51 file "4.168.192.zone"; 52 };
1 [root@node named]# pwd 2 /var/named 3 [root@node named]# cat 4.168.192.zone 4 $TTL 1D 5 @ IN SOA ns.cbf.com. root ( 6 0 ;serial 7 1D ;refresh 8 1H ;retry 9 1w ;expire 10 3H ) ;minimum 11 IN NS ns.cbf.com. 12 92 IN PTR www.cbf.com. 13 14 [root@node named]# cat cbf.com.zone 15 $TTL 1D 16 @ IN SOA ns.cbf.com. root ( 17 0 ;serial 18 1D ;refresh 19 1H ;retry 20 1w ;expire 21 3H ) ;minimum 22 NS ns.cbf.com. 23 MX 5 mail.cbf.com. 24 www IN A 192.168.4.92 25 ns IN A 192.168.4.92 26 mail IN A 192.168.4.92 27 smtp IN A 192.168.4.92 28 pop3 IN A 192.168.4.92 29 pop IN A 192.168.4.92
检查防火墙状态
1 [root@node named]# service iptables status 2 iptables: Firewall is not running.
[root@node named]# getenforce
Disabled
检查53端口
1 [root@node named]# netstat -anlpe | grep named 2 tcp 0 0 192.168.1.70:53 0.0.0.0:* LISTEN 25 1291049098 17887/named 3 tcp 0 0 6.55.4.171:53 0.0.0.0:* LISTEN 25 1291049096 17887/named 4 tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN 25 1291049094 17887/named 5 tcp 0 0 127.0.0.1:953 0.0.0.0:* LISTEN 25 1291049103 17887/named 6 tcp 0 0 ::1:53 :::* LISTEN 25 1291049100 17887/named 7 tcp 0 0 ::1:953 :::* LISTEN 25 1291049104 17887/named 8 udp 0 0 192.168.1.70:53 0.0.0.0:* 25 1291049097 17887/named 9 udp 0 0 6.55.4.171:53 0.0.0.0:* 25 1291049095 17887/named 10 udp 0 0 127.0.0.1:53 0.0.0.0:* 25 1291049093 17887/named 11 udp 0 0 ::1:53 :::* 25 1291049099 17887/named 12 unix 2 [ ] DGRAM 1291049077 17887/named
启动DNS服务
service named start
==========================
本地测试
1 [root@node named]# service iptables status 2 iptables: Firewall is not running. 3 [root@node named]# getenforce 4 Disabled 5 [root@node named]# nslookup www.cbf.com 6 Server: 127.0.0.1 7 Address: 127.0.0.1#53 8 9 Name: www.cbf.com 10 Address: 192.168.4.92 11 12 [root@node named]# nslookup mail.cbf.com 13 Server: 127.0.0.1 14 Address: 127.0.0.1#53 15 16 Name: mail.cbf.com 17 Address: 192.168.4.92 18 19 [root@node named]# nslookup smtp.cbf.com 20 Server: 127.0.0.1 21 Address: 127.0.0.1#53 22 23 Name: smtp.cbf.com 24 Address: 192.168.4.92 25 26 [root@node named]# nslookup 192.168.4.92 27 Server: 127.0.0.1 28 Address: 127.0.0.1#53 29 30 92.4.168.192.in-addr.arpa name = www.cbf.com.
==========================
客户端测试
1 [root@node2 ~]# cat /etc/resolv.conf 2 nameserver <node IP> 3 [root@node2 ~]# nslookup 192.168.4.92 4 Server: 16.155.14.171 5 Address: 16.155.14.171#53 6 7 92.4.168.192.in-addr.arpa name = www.cbf.com. 8 9 [root@node2 ~]# nslookup www.cbf.com 10 Server: 16.155.14.171 11 Address: 16.155.14.171#53 12 13 Name: www.cbf.com 14 Address: 192.168.4.92
以上是关于Linux怎么搭建DNS服务器的主要内容,如果未能解决你的问题,请参考以下文章