RHEL6.5配置DNS服务

1、实用标准文档RHEL6.5酉己置DNSB务By fengming_cool本实验将配置正向 DNSB务和反向的DNSB务（一）配置前的准备先用redhat6.5的模板机克隆一台新的虚拟机克隆完成后，挂载光盘镜像到/mnt/cdrom/目录mount /dev/cdrom /mnt/cdrom/rootnode *# mount /dev/cdrom /mnt/cdrom/mount: block device /dev/srO is write-protected, mounting read-only配置虚拟机的IP地址，可以使用 system-config-network-tui的命令配置

2、，或者直接更改网卡的配置文件 /etc/sysconfig/network-scripts/ifcfg-eth0此处使用修改配置文件的方法更改IP地址，DNS虚拟机的IP地址配置为22如下所示：DEVICE=eth0TYPE=EthernetONBOOT=yesNM_CONTROLLED=yesBOOTPROTO=noneIPADDR=22PREFIX=24GATEWAY=DNS1=22DEFROUTE=yesIPV4_FAILURE_FATAL=yesIPV6INIT=noNAME="Syste

3、m eth0"眄ICE=ethOTYPEEthernetONBOOT=yesNM CONTROLLEDyesB00TPRQT0=noneIPADDR=192 168+0.222此处根据实际情况对1田也址，子网薄码、网关、DNS进行修改051=192.168.04222DEFROUTEyesIPV4 FAILURE FATAL=yesIPV6lNlT=noNAHE="System ethG"保存退出后，使用 service network restart命令重启网络服务service network restartrooWnode Desktop# service

4、network restartShutting down interface ethG： Device state: 3 (disconnected)LOKShutting do师 loopback interface:OKBringing up loopback interface:okjBringing up interface etho： Active connection state: activatedActive connection path:eedeskt口p/NtwokHanag/ActivmCGnnc:tiQn/2_I OK 修改主机名，编辑文件 /etc/sysconfi

5、g/network 为DNS vi /etc/sysconfig/network 修改 HOSTNAME=DNS 使用cat命令查看一下配置文件 (root0node *# cat /etc/sysconfig/network NETWORKING=yes HOSTNAHE=DNS GATEWAY=使用命令hostname DNS更改显示的主机名后，退出重新登录即可 hostname DNS 修改/etc/hosts 文件 vi /etc/hosts添加一行22 DNS使用cat命令查看/etc/hosts 文件 rootDNS »# ca

6、t /etc/hosts 127.040.1 localhost Iccalhosttlocaldomain localhost4 Iocalhost4.1ocaIdomain4 :1localhost Iccalhosttlocaldomain localhostfi localhostfiilocaldomain6192,160.0.222 DNS(二)搭建DNS服务安装bind和bind-chroot 软件包 yum -y install bind bind-chroot文案大全raotDN5 -# yum -y install bind bind-chrootLoaded plugin

7、s: product-id, refresh-packagekitf security, subscription-managerThis system is not becription-nanager HigkAvaila btlity LoadBalancer ResilientStorage scalableihiLesystem ServerSetting up Installregistered to Red Hat Subscription Management, to register.| 3.9 kB 3.9 kE 3.9 kE| i.S KB| 3.9 kBProcessY

8、oucan use su 00:06 .日。出(360:0Q .R户solving D?pprdenciPS-> Running transaction check> Package bind.xB6_61 32:9*B.2 ®.17.cl,4.6 will be installed-> Package bind-chroot.K96 E4 32:9.8.2-Q417.rcl.el.6 446 will be installed-a Finished Dependency ResolutionDependencies ResoLvedPackageArchVersi

9、onRepositoryEi zeInstalling ibindxBG 6432:9.8.2-0.17.rcl.elG 4.6Server4. Mbind-ch rootxS6 6432:9.8.2-e.l7.rcl.el6_4.6server71 kTransaction SummaryInstall 2 Package(s)Total download size: 4.9 MInstalled size： 7.3 MDownloading Packages：Total55 MB/S | 4,® ME 0。：。0备份/etc/named.conf 文件cp -p /etc/nam

10、ed.conf /etc/named.conf.bakrootON5 T# cp -p /etc/named.conf /etc/named.conf.bak修改named服务的配置文件/etc/named.confvi /etc/named.conf修改下面几行listen-on port 53 any; ;allow-query any; ;将下面几行注释掉dnssec-enable yes;dnssec-validation yes;dnssec-lookaside auto;bindkeys-file "/etc/named.iscdlv.key"managed-k

11、eys-directory "/var/named/dynamic"include "/etc/named.root.key"使用cat命令查看下/etc/named.conf 文件 cat /etc/named.confrootDNS T# cat /etc/named.conf/ named,conf/ Provided by Red Hat bind package to configure the ISC BIND named(8 DNS/ server as a caching only nameserver (a号 a localhost D

12、NS resolver only)./ ./ See /usr/share/doc/bind/sample/ for example named configuration files./ options li*n-口l port 53 rny： ;listen-on-v6 port 53 ： ： 1； )；tlir ectoi y"/vdi /named*1;dump-fileM/var/named/data/cachedump.db"；statisTics-fHe"/var/named/data/namedstats.txt"nemstatistie

13、s-file "Nar/named/data/naned mem stats.txt1'-Uw-queuyf，ny； );recursion yes;/dnssec-enable yes；/dnssec- validation yes；/dnssec-lookaside auto；方框中为需要修改或注释掉的内容/* Path t。 1SC 口LV key */77 bindkeys file Vetc/named.iscdlv.key"/managed-keys-directory "/var/ramed/dynamic"T;logging ch

14、annel default debug file "data/named k run"； severity dynamic;h zone “/ IN type hint；file hl named. ca"；include "/etc/named, rfc 1912 .zones"：方植中为需要修改或注释掉的内容/include */etc/named.root.key备份/etc/named.fc1912.zones 文件cp -p /etc/named.fc1912.zones,.bakIs -l /etc/named.fc1912.zon

15、es*rootDNS -# cp -p /etc/named.rfcl912.zonesr.bak2Qt)N5 -j# Is -I /etc/named,rfcl12.zone5*-rv-r 1 root named 931 Jun 21 2067 /etc/named.rfC1912.zones-rw-r 1 root named 931 Jun 21 2067 /etc/named.rfC1912.zones i bak修改/etc/named.fc1912.zones 文件vi /etc/named.fc1912.zones添加下面几行zone "" IN type

16、master;file ".zone"allow-update none; ;；使用tail 命令查看/etc/named.rfc1912.zones 中添加的内容tail /etc/named.rfc1912.zonesroatDNS '# tail /etc/named.rfc1912.zones type master;file " nampd Tempty'1 ； aUoW-Update none; ;);zone "H, IN type master； file "test,com.zone'1 allow-u

17、pdate none； ；h复制出.zone 文件，注意文件的属组和权限cd /var/named/cp -p named.localhost .zonell named.localhost .zoneroot0DNS -# cd /var/named/rootDNS named# cp -p naued.localhcst test.con.zoneQQtDN0 naned# ll named.localhost .zone-rw-r1 root named 152 Jun 21 2907 named.localticst-rw-r 1 root named 152 Jun 21 2067

18、.zone编辑 .zone 文件(在/var/named/ 下)vi .zone将内容修改如下：$TTL 1D IN SOA rname.invalid.(0; serial1D;refresh1H;retry1W;expire3H );minimumNS A 22www A 60ftp A 61bbs CNME ftp. MX 5 .mail A 62$GENERATE 1-100 stu$ A 10.0.0.$使用 cat 命令查看 /var/named/.zone 文件cat /var/named/.

19、zonerootDNS named# cat /var/named/.zone mail A 192416&,0.162$TTL ID IK SOANS A wwwAftpAbbsCNAMEtest. con)H rname.invalid.(0 ID 1H 1W3H )192.16B.0.222192.16S.0.160193168.8,161 ftpMX 5 mail-.;serial;refresh;retry;expire:minimumGENERATE 1*10G StuS A 1040.0.$重启DNS服务service named restartrootDNS named

20、# service named restartStopping named: OK Starting named： OK 配置named服务开机自动启动chkconfig named onroot0DMS -# chkconfig named on修改 /etc/resolv.confvi /etc/resolv.conf内容如下domain search nameserver 22使用cat命令查看彳改后的/etc/resolv.conf 文件cat /etc/resolv.confrootDNS named# cat /etc/resolv.conf> Gene

21、rated by NetworkManagerdomain search nameserver 192*168.0.222下面进行测试nslookup rootDNS n白rredl#/Lc丽口白Server:192.168.&.222Address:192.163. El222#53Name： Address: 192,168.0.1660CtDNS nzned#M玉Icokup> （Tei I. test. comServer：192,163.222Address：132.168,e+222#53Name： mail*te5t<comAddress： 192.168.0

22、.162> Ttu97cest .coiirServer：22Add ress:132,1四，®.2NZ#53Mame:5tu9S.test.conAddress: 1®.6.99> bbs . test. tolnServer：22Address;192.16B,0.222#53Iob5 .test, com canonical name - fta * test < com*Name: Address： 61> rit i（三）搭建反向 DNS服务确保bind和bind-chroo

23、t包安装完成修改/etc/named.rfc1912.zones 文件vi /etc/named.rfc1912.zones增加下面内容zone ”0.168.192." IN type master;file "192.168.0.zone"allow-update none; ;使用 tail 命令查看 /etc/named.rfc1912.zones 文件tail -12 /etc/named.rfc1912.zonesrootDNS named# tail -12 /etc/named.rfcl912.zones zone '

24、;test-com" IN type master;file "test .com. ;one*'allow-update none; ;)；zone "G,168.192," LN type master;file M12.169.0.zoreH; allow-update none; ;)；创建192.168.0.zone 文件，注意文件的属组和权限 cd /var/named cp named.localhost 192.168.0.zone -p ll named.localhost 192.168.0.zoner

25、aotDNS named# rootDNS named# rootDNS named# -rwr -1OOt -rw- r 1 rootcd /var/namedcp named.localhost 192.168.6.zone -pll named.localhost 192.16B.0.zone named 152 Jun 21 2007 192.163.9.zone named 152 Jun 21 2007 named -localhost编辑文件 /var/named/192.168.0.zonevi /var/named/192.168.0.zone修改文件内容如下$TTL 1D IN SOA rname.invalid.(使用 cat 命令查看 /var/named/192.168.0.zonecat /var/named/192.168.0.zone01D1H1W3H )NS .222 PTR .160 PTR .161 PTR .162 PTR . $GENERATE 1-100 $;serial;refresh;retry;expire;minimumPTR teacher$.文件160l&l162；5Ei己I;refresh;retry;expire；mi