centos7配置DNS(BIND)

发表于 | 阅读 54 | 分类于 |
DNS简介:

DNS,Domain Name System,域名系统,用于Internet上域名和IP地址的相互映射,使得用户不用记忆主机IP地址,仅通过与之对应的域名就可以访问该主机。

关于BIND软件:

https://www.isc.org/downloads/bind/

下面是本地dns服务器搭建过程 - yum安装bind和bind-utils,后者包含dns查询工具dig

yum install bind bind-utils -y
  • 修改配置文件 named.conf shell vim /etc/named.conf 修改内容如下: python options { //修改监听IP listen-on port 53 { any; }; }; //建立正向解析域(本地域) zone "test.com" IN { type master; file "test.com.zone"; }; //建立反向解析域(本地域) zone "3.168.192.in-addr.arpa" IN { type master; file "3.168.192.zone"; };

检查配置语法正确与否:

named-checkconf
  • 创建区域文件

正向解析:

使用named.localhost文件的副本,更改属组为named。

cp named.localhost test.com.zone
chgrp named test.com.zone
vim test.com.zone

test.com.zone 内容如下:

$TTL 1D
    @       IN SOA  @ admin.test.com. (
                                        2017020601       ; serial
                                        1D      ; refresh
                                        1H      ; retry
                                        1W      ; expire
                                        3H )    ; minimum
            NS      ns.test.com.
            MX 5    mail.test.com.
    ns      A       192.168.3.60
    mail    A       192.168.3.61
    www     A       192.168.3.62
    bbs     A       192.168.3.63

检查语法正确与否:

named-checkzone "test.com" /var/named/test.com.zone

反向解析: 使用named.localhost文件的副本,更改属组为named。

cp named.localhost 3.168.192.zone
chgrp named 3.168.192.zone
vim 3.168.192.zone

3.168.192.zone 内容如下:

$TTL 1D
@       IN SOA  @ admin.dt.com. (
                                        2017020701      ; serial
                                        1D      ; refresh
                                        1H      ; retry
                                        1W      ; expire
                                        3H )    ; minimum
        IN NS   ns.dt.com.
60      IN PTR  ns.dt.com.
61      IN PTR  mail.dt.com.
62      IN PTR  www.dt.com.
63      IN PTR  bbs.dt.com.
  • 启动named,测试dns解析 shell systemctl start named python $ dig @192.168.3.60 bbs.test.com ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.47.rc1.el6_8.4 <<>> @192.168.3.60 bbs.test.com ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 16609 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1 ;; QUESTION SECTION: ;bbs.test.com. IN A ;; ANSWER SECTION: bbs.test.com. 86400 IN A 192.168.3.62 ;; AUTHORITY SECTION: test.com. 86400 IN NS ns.test.com. ;; ADDITIONAL SECTION: ns.test.com. 86400 IN A 192.168.3.60 ;; Query time: 0 msec ;; SERVER: 192.168.3.60#53(192.168.3.60) ;; WHEN: Wed Feb 8 13:28:57 2017 ;; MSG SIZE rcvd: 77
遇到的问题和解决方法
  • 修改完区域文件,重启named,出错: python Error in named configuration: dns_rdata_fromtext: test.com.zone:10: near 'mail.test.com.': not a valid number zone test.com/IN: loading from master file test.com.zone failed: not a valid number zone test.com/IN: not loaded due to errors. _default/test.com/IN: not a valid number zone 3.168.192.in-addr.arpa/IN: loaded serial 2017020701 zone localhost.localdomain/IN: loaded serial 0 zone localhost/IN: loaded serial 0 zone 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN: loaded serial 0 zone 1.0.0.127.in-addr.arpa/IN: loaded serial 0 zone 0.in-addr.arpa/IN: loaded serial 0 原因是正向解析区域文件中,MX记录缺少优先级,由“MX mail.test.com”改为“MX 5 mail.test.com”,不再报错。 - 使用named-checkzone检查区域文件,出错: pyton dns_rdata_fromtext: /var/named/test.com.zone:3: near '1D': not a valid number zone test.com/IN: loading from master file /var/named/test.com.zone failed: not a valid number zone test.com/IN: not loaded due to errors.

解决方法: 在第2行” IN SOA “后、” ( “前,添加” @ “或” test.com. “,正确语句如下:

@       IN SOA    @    admin.test.com. (
...

@       IN SOA    test.com.    admin.test.com. (
...
觉得不错,支持一下!

发表评论

0 条评论

    暂无评论