RHEL5.4 DNS服务器配置详解二(2)

测试，这里的测试都指向server进行
[root@client ~]# dig @192.168.100.254
; <<>> DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5 <<>> @192.168.100.254
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 53530
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;                  IN      A

;; ANSWER SECTION:
           86400   IN      A       192.168.100.20

;; AUTHORITY SECTION:
           86400   IN      NS     

;; Query time: 23 msec
;; SERVER: 192.168.100.254#53(192.168.100.254)
;; WHEN: Sun Mar 14 07:54:43 2010
;; MSG SIZE rcvd: 69

[root@client ~]# dig ftp. @192.168.100.254  
; <<>> DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5 <<>> ftp. @192.168.100.254
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 3741
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;ftp.              IN      A

;; ANSWER SECTION:
ftp.       86400   IN      A       1.1.1.2

;; AUTHORITY SECTION:
           86400   IN      NS     
;; Query time: 14 msec
;; SERVER: 192.168.100.254#53(192.168.100.254)
;; WHEN: Sun Mar 14 07:36:33 2010
;; MSG SIZE rcvd: 73

[root@client ~]# dig @192.168.100.254

; <<>> DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5 <<>> @192.168.100.254
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 11705
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;              IN      A

;; ANSWER SECTION:
       86400   IN      A       1.1.1.1

;; AUTHORITY SECTION:
           86400   IN      NS     

;; Query time: 15 msec
;; SERVER: 192.168.100.254#53(192.168.100.254)
;; WHEN: Sun Mar 14 07:37:20 2010
;; MSG SIZE rcvd: 73

二：辅助DNS服务器的配置

[root@client ~]# grep -A 1 -B 1 'allow-transfer' /etc/named.conf //在client服务器上主配置文件全局配置中加入allow-transfer参数，不加的话默认运行任何IP进行传送，很不安全
allow-query     { any; };
allow-transfer {192.168.100.254;};
};

[root@client ~]# service named restart   //重启服务
Stopping named: [ OK ]
Starting named: [ OK ]

root@server ~]# tail -5 /etc/named.conf //在server主配置文件中加入辅助DNS服务器的配置，辅助DNS服务器也可以配置正向区域
zone "1.1.1.in-addr.arpa" IN {
type    slave;                //指定类型为slave
master 192.168.100.20;       //指定主服务器的IP
file    "slaves/1.1.1.zone"; //传送后的文件保存位置
};

[root@server ~]# ls /var/named/chroot/var/named/slaves/   //从主服务器传送过来的区域文件默认保存在这个位置，如果修改到其他位置，则需要注意修改selinux的布尔值
[root@server ~]# service named restart //重启服务
Stopping named: [ OK ]
Starting named: [ OK ]