|
首先要成功安装Centos操作系统,最新版本是Centos 6.4版本,最小化安装。 [root@localhost named]# ifconfig -a
eth1 Link encap:Ethernet HWaddr 00:15:5D:01:69:2C
inet addr:192.168.1.251 Bcast:192.168.1.255 Mask:255.255.255.0 inet6 addr: f180::225:5cff:fe01:691c/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:10252 errors:0 dropped:0 overruns:0 frame:0 TX packets:5782 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:9993401 (9.5 MiB) TX bytes:471402 (460.3 KiB) lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:21 errors:0 dropped:0 overruns:0 frame:0 TX packets:21 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:1944 (1.8 KiB) TX bytes:1944 (1.8 KiB) 可以看到本地网卡是eth1和lookback,编辑eth1网卡。 [root@localhost named]# vi /etc/sysconfig/network-scripts/ifcfg-eth1
DEVICE=eth1 #网卡设备名称
BOOTPROTO=static #静态IP IPADDR=192.168.1.251 #静态ip地址 NETMASK=255.255.255.0 #子网掩码 GATEWAY=192.168.1.1 #网关
如果配置正确的情况是,现在是可以上网的,ping 一个ip地址测试下。但是无法进行域名解析,因此需要设置本机的dns。 加入内容:
nameserver 8.8.8.8 #DNS服务器
nameserver 8.8.4.4 #备用DNS服务器 此时,网络已经配置完毕,让我们开启bind配置之旅吧!
[root@localhost ~]# yum install bind
//
// named.conf // // Provided by Red Hat bind package to configure the ISC BIND named(8) DNS // server as a caching only nameserver (as a localhost DNS resolver only). // // See /usr/share/doc/bind*/sample/ for example named configuration files. // options { listen-on port 53 { any; }; listen-on-v6 port 53 { ::1; }; directory "/var/named"; #服务器工作目录,配置文件相对路径 dump-file "/var/named/data/cache_dump.db"; #默认服务器存放数据库文件 statistics-file "/var/named/data/named_stats.txt"; #默认统计信息路径 memstatistics-file "/var/named/data/named_mem_stats.txt"; #默认内存使用统计文件 allow-query { any; }; #可查询主机 allow-query-cache { any; }; #缓存 recursion yes; #是否允许递归查询 dnssec-enable yes; dnssec-validation yes; dnssec-lookaside auto; /* Path to ISC DLV key */ bindkeys-file "/etc/named.iscdlv.key"; managed-keys-directory "/var/named/dynamic"; }; //logging { // channel default_debug { // file "data/named.run"; // severity dynamic; // }; //}; logging { channel default_debug { file "data/named.run"; severity dynamic; }; channel gsquery { file "data/query.log" versions 3 size 20m; severity info; print-time yes; print-category yes; print-severity yes; }; category queries { gsquery; }; }; zone "." IN { type hint; file "named.ca"; }; include "/etc/named.rfc1912.zones"; include "/etc/named.root.key"; 到此基本上DNS服务器可以跑起来了。哦,不要忘记去把/etc/resolv.conf修改为自己这台服务器的IP哦!~下面开始创建域以及域文件。 可以直接修改named.conf,也可以在named.rfc1912.zones下面创建,我喜欢在named.rfc1912.zones下面创建。
[root@localhost etc]# vi /var/named/chroot/etc/named.rfc1912.zones 均可修改,我们创建一个a.com的域
zone "a.com" IN {
type master; file "a.com.zone"; allow-update { none; }; };
然后在
$TTL 1D
$TTL 600 @ IN SOA ns.a.com admin.a.com. ( 0 ; serial 1D ; refresh 1H ; retry 1W ; expire 3H ) ; minimum IN NS ns IN A 192.168.1.250 IN AAAA ::1 www IN A 192.168.1.191 ns IN A 192.168.1.250 qwer IN A 4.3.2.1
注意第二行哦!!@ IN SOA a.com admin.a.com.是非常重要的哦!~
zone "a.com" IN { #这个是正向
type master; file "a.com.zone"; allow-update { none; }; }; zone "1.168.192.in-addr.arpa" IN { #这个是反向 type master; file "192.168.1.zone"; allow-update { none; }; };
然后再来创建一个名字为192.168.1.zone的文件。
$TTL 1D
@ IN SOA a.com admin.a.com. ( 0 ; serial 1D ; refresh 1H ; retry 1W ; expire 3H ) ; minimum NS @ A 127.0.0.1 AAAA ::1 250 IN PTR ns.a.com. 1.2.3.4 IN PTR qwer.a.com. 基本创建完成,经过测试正向、反向都正确。参考了很多网络文章,不一一列举,本地配置成功。
哦,对了。不要忘记开启防火墙的TCP、UDP 53端口哦!!
-A INPUT -m state --state NEW -m tcp -p tcp --dport 53 -j ACCEPT
-A INPUT -m state --state NEW -m udp -p udp --dport 53 -j ACCEPT (责任编辑:IT) |