3.1 验证与安装DNS所需软件
[root@cloudstack ~]# rpm -qa | grep '^bind'
bind-libs-9.8.2-0.10.rc1.el6.x86_64
bind-9.8.2-0.10.rc1.el6.x86_64
bind-utils-9.8.2-0.10.rc1.el6.x86_64
bind-chroot-9.8.2-0.10.rc1.el6.x86_64
[root@cloudstack ~]#
[root@cloudstack ~]# yum install bind bind-utils
3.2 配置正项解析文件
[root@cloudstack named]# cp -p named.localhost named.cuc.edu.cn #-p的选项是将所有的文件关联的关系一起复制
[root@cloudstack named]# vi named.cuc.edu.cn
$TTL 1D
@ IN SOA @ rname.invalid. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS @
A 192.168.1.118 #主机的ip
AAAA ::1
named-checkzone cuc.edu.cn ./named.cuc.edu.cn (验证文件格式)
3.3 配置反向解析
[root@cloudstack named]# cp -p named.localhost 192.168.named
[root@cloudstack named]# vi 192.168.named
$TTL 1D
@ IN SOA @ rname.invalid. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS @
A 192.168.1.118
AAAA ::1
named-checkzone cuc.edu.cn ./ 192.168.named (验证文件格式)
3.4 配置/etc/named.conf文件(配置之前先把默认网关给配置了,/etc/sysconfig/network:GATEWAY=192.168.1.254)
[root@cloudstack named]# vi /etc/named.conf
//
// named.conf
//
// Provided by Red Hat bind package to configure the ISC BIND named(8) DNS
// server as a caching only nameserver (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
options {
listen-on port 53 { any; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { any; };
recursion yes;
dnssec-enable yes;
dnssec-validation yes;
dnssec-lookaside auto;
/* Path to ISC DLV key */
bindkeys-file "/etc/named.iscdlv.key";
managed-keys-directory "/var/named/dynamic";
forwarders{192.168.1.254;};
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
zone "." IN {
type hint;
file "named.ca";
};
zone "cuc.edu.cn" IN {
type master;
file "/var/named/named.cuc.edu.cn";
};
zone "168.192.in-addr.arpa" IN {
type master;
file "/var/named/192.168.named";
};
include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";
3.5 验证服务
[root@cloudstack named]# service named restart
Stopping named: [ OK ]
Generating /etc/rndc.key:^C # 然后就停在这里不动了,运行下面的命令导入key
[root@cloudstack named]# rndc-confgen -r /dev/urandom -a
wrote key file "/etc/rndc.key"
[root@cloudstack named]# service named restart
Stopping named: [ OK ]
Starting named: [ OK ]
[root@cloudstack named]# dig sina.com.cn
; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.10.rc1.el6 <<>> sina.com.cn
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 31543
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 4
;; QUESTION SECTION:
;sina.com.cn. IN A
;; ANSWER SECTION:
sina.com.cn. 29 IN A 202.108.33.60
;; AUTHORITY SECTION:
sina.com.cn. 9483 IN NS ns1.sina.com.cn.
sina.com.cn. 9483 IN NS ns2.sina.com.cn.
sina.com.cn. 9483 IN NS ns3.sina.com.cn.
sina.com.cn. 9483 IN NS ns4.sina.com.cn.
;; ADDITIONAL SECTION:
ns1.sina.com.cn. 1685 IN A 202.106.184.166
ns2.sina.com.cn. 1644 IN A 61.172.201.254
ns3.sina.com.cn. 1645 IN A 123.125.29.99
ns4.sina.com.cn. 1723 IN A 121.14.1.22
;; Query time: 4 msec
;; SERVER: 192.168.1.248#53(192.168.1.248)
;; WHEN: Sun Jun 9 16:30:09 2013
;; MSG SIZE rcvd: 181