首页 > 代码库 > 搭建服务器之DNS
搭建服务器之DNS
DNS服务器,实用软件为bind,服务守护进程为named,一下记录一下自己的搭建过程:
1.yum install bind* 其中包括bind本身软件,测试dns的一些工具dig,nslookup等,还有chroot
2.vim /etc/named.conf
options { listen-on port 53 { any; }; listen-on-v6 port 53 { any; }; directory "/var/named"; dump-file "/var/named/data/cache_dump.db"; statistics-file "/var/named/data/named_stats.txt"; memstatistics-file "/var/named/data/named_mem_stats.txt"; allow-query { any; }; recursion yes; dnssec-enable yes; dnssec-validation yes; dnssec-lookaside auto; /* Path to ISC DLV key */ bindkeys-file "/etc/named.iscdlv.key"; managed-keys-directory "/var/named/dynamic";};logging { channel default_debug { file "data/named.run"; severity dynamic; };};zone "." IN { type hint; file "named.ca";};zone "workstation." IN { type master; file "named.workstation";};
在此笔者设置了一个workstation的顶级域,文件位于/var/named下。文件内容如下:
$TTL 600@ IN SOA master.workstation. afu.master.workstation. ( 2014091901 3H 15M 1W 1D)@ IN NS master.workstation.master.workstation. IN A 10.103.25.156www.workstation. IN A 10.103.27.166nfs.workstation. IN A 10.103.25.34ftp.workstation. IN CNAME www.workstation.samba.workstation. IN CNAME nfs.workstation.~
实验用笔者未设置反解文件,以上配置即可让局域网内主机取得域名解析服务了。
3.service named start
chkconfig named on
设置开机启动解析服务
4.开启防火墙53端口,vim /etc/sysconfig/iptables
*filter:INPUT ACCEPT [0:0]:FORWARD ACCEPT [0:0]:OUTPUT ACCEPT [0:0]-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT-A INPUT -p icmp -j ACCEPT-A INPUT -i lo -j ACCEPT-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT-A INPUT -m state --state NEW -m tcp -p tcp --dport 53 -j ACCEPT-A INPUT -m state --state NEW -m udp -p udp --dport 53 -j ACCEPT-A INPUT -j REJECT --reject-with icmp-host-prohibited-A FORWARD -j REJECT --reject-with icmp-host-prohibitedCOMMIT~
service iptables restart
5.将客户端dns地址指向本机。解析内网www.workstation。或者外网www.baidu.com成功。
搭建服务器之DNS
声明:以上内容来自用户投稿及互联网公开渠道收集整理发布,本网站不拥有所有权,未作人工编辑处理,也不承担相关法律责任,若内容有误或涉及侵权可进行投诉: 投诉/举报 工作人员会在5个工作日内联系你,一经查实,本站将立刻删除涉嫌侵权内容。