本节中将介绍下如何构建一个本地的服务器,可以用来解析公网域名以及基本的正,反向区域的基本配置,这个之前也整理过,但总觉得好多地方都不够完善,毕竟这是最基础的网络服务,希望能在此有所补漏拾遗吧…
一:安装DNS服务器,实现基本的公网解析
[root@server1 ~]# yum grouplist |grep 'DNS' //使用包组方式安装DNS软件包
This system is not registered with RHN.
RHN support will be disabled.
DNS Name server
[root@server1 ~]# yum -y groupinstall "DNS Name server1"
Running Transaction
Installing : bind //DNS主程序软件包
Installing : bind-chroot //chroot软件包,安装上该软件包后DNS服务器的工作目录会自动切换为/var/named/chroot
[root@server1 named]# cat /etc/sysconfig/named |grep chroot |grep -v '^#'
ROOTDIR=/var/named/chroot
[root@server1 ~]# yum -y install caching-nameserver1 //缓存DNS服务器软件包,主要包含了一些配置文件
[root@server1 ~]# cd /var/named/chroot/etc/
[root@server1 etc]# cp named.caching-nameserver1.conf named.conf //将其复制为namd.conf,该文件即为DNS服务器主配置文件
[root@server1 etc]# ln -s /var/named/chroot/etc/named.conf /etc/ //将其软链接到/etc目录下
[root@server1 etc]# grep -v '^//' named.conf |grep -v '//' //修改配置文件如下
options {
listen-on port 53 { 192.168.100.254; }; //表示DNS服务器只监听在192.168.100.254这个网络接口上
directory "/var/named"; //DNS服务器工作目录,这里可不能写chroot下的目录哦
dump-file "/var/named/data/cache_dump.db"; //以下三行其实不重要,主要是定义一些缓存和静态文件的位置,可删除
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { any; }; //运行任何网段的IP进行查询,any是内置的访问对象,也可以指定具体的网段,可参考man
};
include "/etc/named.rfc1912.zones"; //include包含named.rfc1912.zones文件
[root@server1 etc]# head -20 named.rfc1912.zones |grep -v '^//' //该文件主要定义根域,localhost等的信息
zone "." IN {
type hint;
file "named.ca";
};
zone "localdomain" IN {
type master;
file "localdomain.zone";
allow-update { none; };
};
[root@server1 etc]# chown named.named named.conf //这步比较重要,DNS服务器默认是以named用户来启动的,若权限不对,启动服务将会出错
[root@server1 etc]# ping -c 2 //测试网络连通性
PING (203.208.37.104) 56(84) bytes of data.
64 bytes from bg-in-f104.1e100.net (203.208.37.104): icmp_seq=1 ttl=237 time=99.9 ms
64 bytes from bg-in-f104.1e100.net (203.208.37.104): icmp_seq=2 ttl=237 time=98.6 ms
[root@server1 etc]# service named start //试启动服务
Starting named: [ OK ]
[root@server1 ~]# tail -f /var/log/messages //监控日志
Mar 14 04:35:11 server1 named[8436]: starting BIND 9.3.6-P1-RedHat-9.3.6-4.P1.el5 -u named -t /var/named/chroot
Mar 14 04:35:11 server1 named[8436]: adjusted limit on open files from 1024 to 1048576
Mar 14 04:35:11 server1 named[8436]: found 2 CPUs, using 2 worker threads
Mar 14 04:35:11 server1 named[8436]: using up to 4096 sockets
Mar 14 04:35:11 server1 named[8436]: loading configuration from '/etc/named.conf' //载入配置文件
Mar 14 04:35:12 server1 named[8436]: using default UDP/IPv4 port range: [1024, 65535]
Mar 14 04:35:12 server1 named[8436]: using default UDP/IPv6 port range: [1024, 65535]
Mar 14 04:35:12 server1 named[8436]: listening on IPv4 interface eth1, 192.168.100.254#53 //监听IPV4,eth1上的53端口
Mar 14 04:35:12 server1 named[8436]: command channel listening on 127.0.0.1#953 //IPV4的本地回环接口的953端口,953主要用于rndc
Mar 14 04:35:12 server1 named[8436]: command channel listening on ::1#953 //同上,IPV6
Mar 14 04:35:12 server1 named[8436]: zone 0.in-addr.arpa/IN: loaded serial 42
Mar 14 04:35:12 server1 named[8436]: zone 0.0.127.in-addr.arpa/IN: loaded serial 1997022700
Mar 14 04:35:12 server1 named[8436]: zone 255.in-addr.arpa/IN: loaded serial 42
Mar 14 04:35:12 server1 named[8436]: zone 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN: loaded serial 1997022700
Mar 14 04:35:12 server1 named[8436]: zone localdomain/IN: loaded serial 42
Mar 14 04:35:12 server1 named[8436]: zone localhost/IN: loaded serial 42
Mar 14 04:35:12 server1 named[8436]: running //正常运行