RHEL5.4 DNS服务器配置详解二

本节中将详细介绍下DNS服务器的子域授权和辅助DNS的配置，在公网上根域服务器都是将cn.;edu.;hk.这样的顶级域名授权给相应的DNS服务器管理，而这些子域的DNS服务器的反向区域需要传送给根域名服务器，这是通过辅助DNS的区域传送来实现的。在下列的配置中server模拟根域名服务器的工作机制;client则模拟子域服务器，server IP:192.168.100.254/24 client IP:192.168.100.20/24

一：子域的授权
[root@server ~]# cat /var/named/chroot/var/named/6688.zone //在server服务器上指定子域的授权
$TTL    86400
@               IN SOA 6688.cc.       root.6688.cc. (
42              ; serial (d. adams)
3H              ; refresh
15M             ; retry
1W              ; expiry
1D )            ; minimum

@               IN NS                   6688.cc.
@               IN MX    10             6688.cc.
   IN NS                         //指定为该域的NS权威
   IN A                    192.168.100.20    //指定权威DNS服务器的IP
www             IN A                    192.168.100.254
ftp             IN CNAME                www

[root@server ~]# service named restart //重启服务
Stopping named: [ OK ]
Starting named: [ OK ]

[root@client ~]# grep -v '^//' /etc/named.conf |grep -v '//'   //client服务器主配置文件
options {
listen-on port 53 { 192.168.100.20; };
directory       "/var/named";

allow-query     { any; };
};
include "/etc/named.rfc1912.zones";

zone "www.6688.cc" IN {
type    master;
file    "www.6688.cc";
allow-update {none;};
};

zone "1.1.1.in-addr.arpa" IN {
type    master;
file    "1.1.1.zone";
allow-update {none;};
};

[root@client ~]# cat /var/named/chroot/var/named/www.6688.cc   //client服务器的正向区域文件
$TTL    86400
@               IN SOA        root. (
42              ; serial (d. adams)
3H              ; refresh
15M             ; retry
1W              ; expiry
1D )            ; minimum

@               IN NS          
@               IN A            192.168.100.20
www             IN A            1.1.1.1
ftp             IN A            1.1.1.2

[root@client ~]# cat /var/named/chroot/var/named/1.1.1.zone    //client服务器的反向区域文件
$TTL    86400
@       IN      SOA     root. (
1997022700 ; Serial
28800      ; Refresh
14400      ; Retry
3600000    ; Expire
86400 )    ; Minimum
@        IN      NS     
20       IN      PTR    
1        IN      PTR    
2        IN      PTR     ftp.

[root@client ~]# service named configtest    //测试配置文件
zone localdomain/IN: loaded serial 42
zone localhost/IN: loaded serial 42
zone 0.0.127.in-addr.arpa/IN: loaded serial 1997022700
zone 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN: loaded serial 1997022700
zone 255.in-addr.arpa/IN: loaded serial 42
zone 0.in-addr.arpa/IN: loaded serial 42
zone : loaded serial 42
zone 1.1.1.in-addr.arpa/IN: loaded serial 1997022700

[root@client ~]# service named restart   //重启服务
Stopping named: [ OK ]
Starting named: [ OK ]