安装最简单的DNS服务器

 

OS：redhat5.4 64bit

  

1.首先检查DNS需要的rpm报

[root@ntpdns named]# rpm -qa | grep bind

ypbind-1.19-12.el5

bind-chroot-9.3.6-4.P1.el5

bind-libs-9.3.6-4.P1.el5

bind-utils-9.3.6-4.P1.el5

kdebindings-3.5.4-6.el5

bind-9.3.6-4.P1.el5

  

[root@ntpdns etc]# rpm -qa | grep caching

caching-nameserver-9.3.6-4.P1.el5

  

2.配置本地IP地址

[root@ntpdns etc]# cat /etc/sysconfig/network-scripts/ifcfg-eth0

# Intel Corporation 82545EM Gigabit Ethernet Controller (Copper)

DEVICE=eth0

BOOTPROTO=none

HWADDR=00:0c:29:c2:f5:ee

ONBOOT=yes

DHCP_HOSTNAME=ntpdns

IPADDR=192.168.80.254

NETMASK=255.255.255.0

GATEWAY=192.168.80.1

TYPE=Ethernet

  

  

3.关闭防火墙和selinux

[root@ntpdns etc]# service iptables status

防火墙已停

[root@ntpdns etc]# cat /etc/sysconfig/selinux

# This file controls the state of SELinux on the system.

# SELINUX= can take one of these three values:

# enforcing - SELinux security policy is enforced.

# permissive - SELinux prints warnings instead of enforcing.

# disabled - SELinux is fully disabled.

SELINUX=disabled

# SELINUXTYPE= type of policy in use. Possible values are:

# targeted - Only targeted network daemons are protected.

# strict - Full SELinux protection.

SELINUXTYPE=targeted

  

  

4编辑name.conf文件

[root@ntpdns etc]# cd /var/named/chroot/etc/

cp -p named.caching-nameserver.conf named.conf

编辑named.conf

cat named.conf

options {

listen-on port 53 { any; };

listen-on-v6 port 53 { ::1; };

directory "/var/named";

dump-file "/var/named/data/cache_dump.db";

statistics-file "/var/named/data/named_stats.txt";

memstatistics-file "/var/named/data/named_mem_stats.txt";

  

// Those options should be used carefully because they disable port

// randomization

// query-source port 53;

// query-source-v6 port 53;

  

allow-query { 192.168.80.0/24; };

allow-query-cache { any; };

};

logging {

channel default_debug {

file "data/named.run";

severity dynamic;

};

};

view localhost_resolver {

match-clients { any; };

match-destinations { any; };

recursion yes;

include "/etc/named.rfc1912.zones";

};

  

  

5编辑named.rfc1912.zones文件

[root@ntpdns etc]# cat named.rfc1912.zones

// named.rfc1912.zones:

//

// Provided by Red Hat caching-nameserver package

//

// ISC BIND named zone configuration for zones recommended by

// RFC 1912 section 4.1 : localhost TLDs and address zones

//

// See /usr/share/doc/bind*/sample/ for example named configuration files.

//

zone "." IN {

type hint;

file "named.ca";

};

zone "junshi.com" IN {

type master;

file "junshi.com.zone";

allow-update { none; };

};

zone "80.168.192.in-addr.arpa" IN {

type master;

file "192.168.80.local";

allow-update { none; };

};

  

6 编辑zone文件和local文件

cd /var/named/chroot/var/named/

cp -a localhost.zone junshi.com.zone

cp -a named.local 192.168.80.local

  

[root@ntpdns named]# cat junshi.com.zone

$TTL 86400

@ IN SOA junshi.com. root.junshi.com (

42 ; serial (d. adams)

3H ; refresh

15M ; retry

1W ; expiry

1D ) ; minimum

@ IN NS www.junshi.com.

www.junshi.com. IN A 192.168.80.254

www.junshi.com. IN A 192.168.80.253

www.junshi.com. IN A 192.168.80.252

IN AAAA ::1

  

  

[root@ntpdns named]# cat 192.168.80.local

$TTL 86400

@ IN SOA www.junshi.com. root.junshi.com. (

1997022700 ; Serial

28800 ; Refresh

14400 ; Retry

3600000 ; Expire

86400 ) ; Minimum

IN NS www.junshi.com.

254 IN PTR www.junshi.com.

253 IN PTR www.junshi.com.

252 IN PTR www.junshi.com.

  

  

service named restart

nslookup www.junshi.com