域名服务bind构建与应用配置(2)

 

 

首页服务器应用

背景:

阅读新闻

域名服务bind构建与应用配置

[日期:2013-04-02]   来源:Linux社区  作者:seneagle   [字体:]  

3 slave DNS服务器的配置

3.1 /etc/named.conf配置如下


//
// named.conf
//
// Provided by Red Hat bind package to configure the ISC BIND named(8) DNS
// server as a caching only nameserver (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
options {
listen-on port 53 { 172.16.100.70;192.168.4.70;};
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { any; };
recursion yes;
[root@Nodes01 ~]# cat /etc/named.conf
//
// named.conf
//
// Provided by Red Hat bind package to configure the ISC BIND named(8) DNS
// server as a caching only nameserver (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//

options {
listen-on port 53 { 172.16.100.70;192.168.4.70;};
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { any; };
recursion yes;

dnssec-enable yes;
dnssec-validation yes;
dnssec-lookaside auto;

/* Path to ISC DLV key */
bindkeys-file "/etc/named.iscdlv.key";

managed-keys-directory "/var/named/dynamic";
};

logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};

key "lan" {
algorithm hmac-md5 ;
secret "1Zgap+bwH5Yjtj0mo+Bj9g==";
};

key "wan"{
algorithm hmac-md5;
secret "1TK0ThAdgiQ8IrJBm+SQZA==";
};


view "lan" {
match-clients { 172.16.100.0/24; };
server 172.16.100.80 {keys lan;};
allow-transfer {key lan;};
zone "linuxidc.com" IN {
type slave;
masters {172.16.100.80;};
file "slaves/linuxidc.lan";
};

zone "100.16.172.in-addr.arpa." IN {
type slave;
masters {172.16.100.80;};
file "slaves/100.16.172.arpa";
};

};

view "wan"{

match-clients { any; };
server 192.168.4.44 {keys wan;};
allow-transfer {key wan;};
zone "linuxidc.com" IN {
type slave;
masters {192.168.4.44;};
file "slaves/linuxidc.wan";
};
zone "4.168.192.in-addr.arpa." IN {
type slave;
masters {192.168.4.44;};
file "slaves/4.168.192.arpa ";
};
};

3.2 key生成方法

以lan密钥为例


[root@master ~]# dnssec-keygen -a HMAC-MD5 -b 128 -n HOST "lan"
Klan.+157+47240
[root@master ~]# ls Klan.+157+47240.*
Klan.+157+47240.key Klan.+157+47240.private


4 重启named服务

service named restart

查看zone是否同步成功


[root@Nodes01 ~]# ls /var/named/slaves/ //同步成功zone文件
100.16.172.arpa 4.168.192.arpa linuxidc.lan linuxidc.wan


如果没同步成功,请查看日志/var/log/messages

linux

 

Hadoop 中 IPC 的源码分析

时间服务器NTP搭建

相关资讯       Bind  bind配置 

   

本文评论   查看全部评论 (0)


评论声明

尊重网上道德,遵守中华人民共和国的各项有关法律法规

承担一切因您的行为而直接或间接导致的民事或刑事法律责任

本站管理人员有权保留或删除其管辖留言中的任意内容

本站有权在网站内转载或引用您的评论

参与本评论即表明您已经阅读并接受上述条款

 

 

 

最新资讯

内容版权声明:除非注明,否则皆为本站原创文章。

转载注明出处:http://www.heiqu.com/159d27d484e988e80b04216d9fe42ecb.html