linux服务器dns配置安装 Linux安装DNS服务

文章插图

文章插图
RHEL 7 上安装DNS服务器可以实现域名与IP的双向解析，即通过域名可以找到主机IP，也可以通过IP找到域名。在postfix搭建邮件服务器中，需要用到DNS正向解析与反向解析，因此DNS服务器大有可为。
首先需要安装bind，它是named服务的依赖，我们搭建DNS服务器就是要使用named服务，无需像有些文章所说的安装bind-chroot，另外我们需要通过一些命令比如nslookup,dig来检验我们的DNS服务是否正常，我们需要安装bind-utils，整个DNS服务器的安装，就只需要安装bind、bind-utils，剩下的就是配置正向解析与反向解析。
1.安装bind、bind-utils

[[email protected] ~]# yum install -y bind bind-utils已加载插件：langpacks, product-id, subscription-managerThis system is not registered to Red Hat Subscription Management. You can use subscription-manager to register.aa| 4.1 kB00:00:00软件包 32:bind-utils-9.9.4-14.el7.x86_64 已安装并且是最新版本正在解决依赖关系--> 正在检查事务---> 软件包 bind.x86_64.32.9.9.4-14.el7 将被 安装--> 解决依赖关系完成依赖关系解决=============================================================================================================================================================================================== Package架构版本源大小===============================================================================================================================================================================================正在安装: bindx86_6432:9.9.4-14.el7aa1.8 M事务概要===============================================================================================================================================================================================安装1 软件包总下载量：1.8 M安装大小：4.3 MDownloading packages:Running transaction checkRunning transaction testTransaction test succeededRunning transaction正在安装: 32:bind-9.9.4-14.el7.x86_641/1验证中: 32:bind-9.9.4-14.el7.x86_641/1 已安装:bind.x86_64 32:9.9.4-14.el7完毕！[[email protected] ~]# systemctl is-active namedinactive[[email protected]~]#

2.配置/etc/named.conf

 vim /etc/named.conf #编辑配置文件10 options { 11listen-on port 53 { 127.0.0.1; };#127.0.0.1更改为any 12listen-on-v6 port 53 { ::1; }; 13directory"/var/named"; 14dump-file"/var/named/data/cache_dump.db"; 15statistics-file "/var/named/data/named_stats.txt"; 16memstatistics-file "/var/named/data/named_mem_stats.txt";17allow-query{localhost;};#localhost更改为any

3.配置/etc/named.rfc1912.zones增加一个正向解析与一个反向解析的配置，可以拷贝其他的zone 配置，如下所示opsnote.com和68.168.192.in-addr.arpa两个zone是新增的

4.创建正向和反向文件
拷贝/var/named/目录下named.localhost和named.loopback分别为我们在named.rfc1912.zones中设置的正向解析文件opsnote和反向解析文件opsnote.zone，注意文件名的对应

[[email protected] ~]# cd /var/named/[[email protected] named]# lsdatadynamicnamed.canamed.emptynamed.localhostnamed.loopbackslaves[[email protected] named]# cp -p named.localhost opsnote[[email protected] named]# cp -p named.loopback opsnote.zone[[email protected] named]# lsdatadynamicnamed.canamed.emptynamed.localhostnamed.loopbackopsnoteopsnote.zoneslaves[[email protected] named]#

5.修改正向和反向文件
修改opsnote文件

[[email protected] named]# cat opsnote$TTL 1D@IN SOAopsnote.com. rname.invalid. (0; serial1D; refresh1H; retry1W; expire3H ); minimumNS@A127.0.0.1AAAA::1NSns.opsnote.com.nsINA 192.168.10.135wwwINA 192.168.10.201ftpINA 192.168.10.202[[email protected] named]#

修改opsnote.zone文件

[[email protected] named]# cat opsnote.zone $TTL 1D@IN SOAopsnote.com. rname.invalid. (0; serial1D; refresh1H; retry1W; expire3H ); minimumNS@A127.0.0.1AAAA::1PTRlocalhost.NSns.opsnote.com.nsA192.168.68.135201PTRwww.opsnote.com.202PTRftp.opsnote.com.[[email protected] named]#

注意：named配置文件在/etc目录下，而正向解析与反向解析文件均在/var/named文件夹下
6.更改正向和反向文件所有者
反向解析文件server.com.local的所属组不是named，那么将其修改为named
【linux服务器dns配置安装 Linux安装DNS服务】

[[email protected] named]# ll 总用量 24drwxrwx---. 2 named named6 1月29 2014 datadrwxrwx---. 2 named named6 1月29 2014 dynamic-rw-r-----. 1 rootnamed 2076 1月28 2013 named.ca-rw-r-----. 1 rootnamed152 12月 15 2009 named.empty-rw-r-----. 1 rootnamed152 6月21 2007 named.localhost-rw-r-----. 1 rootnamed168 12月 15 2009 named.loopback-rw-r-----. 1 rootnamed285 9月10 16:03 opsnote-rw-r-----. 1 rootnamed307 9月10 16:05 opsnote.zonedrwxrwx---. 2 named named6 1月29 2014 slaves[[email protected] named]# chown named opsnote opsnote.zone [[email protected] named]# ll 总用量 24drwxrwx---. 2 named named6 1月29 2014 datadrwxrwx---. 2 named named6 1月29 2014 dynamic-rw-r-----. 1 rootnamed 2076 1月28 2013 named.ca-rw-r-----. 1 rootnamed152 12月 15 2009 named.empty-rw-r-----. 1 rootnamed152 6月21 2007 named.localhost-rw-r-----. 1 rootnamed168 12月 15 2009 named.loopback-rw-r-----. 1 named named285 9月10 16:03 opsnote-rw-r-----. 1 named named307 9月10 16:05 opsnote.zonedrwxrwx---. 2 named named6 1月29 2014 slaves[[email protected]]#

7.启动服务

[[email protected] named]# cat /etc/resolv.conf # Generated by NetworkManagerdomain localdomainsearch localdomainnameserver 192.168.68.135[[email protected]]#systemctlstartnamed[[email protected] named]# firewall-cmd --add-service=dns success[[email protected] named]#

8.测试
在另外一台rhel 7（192.168.68.131）上面配置好DNS:192.168.68.135，测试

[[email protected] ~]# ifconfigens32ens32: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>mtu 1500inet 192.168.68.131netmask 255.255.255.0broadcast 192.168.68.255inet6 fe80::4c67:9a21:2e77:422aprefixlen 64scopeid 0x20<link>ether 00:0c:29:56:1a:03txqueuelen 1000(Ethernet)RX packets 1674bytes 1732919 (1.6 MiB)RX errors 0dropped 0overruns 0frame 0TX packets 607bytes 70284 (68.6 KiB)TXerrors0dropped0overruns0carrier0collisions0[[email protected] ~]# [[email protected] ~]# cat /etc/resolv.conf# Generated by NetworkManagersearch localdomainnameserver 192.168.68.135[[email protected] ~]# ping 192.168.68.135 -c1PING 192.168.68.135 (192.168.68.135) 56(84) bytes of data.64 bytes from 192.168.68.135: icmp_seq=1 ttl=64 time=1.60 ms--- 192.168.68.135 ping statistics ---1 packets transmitted, 1 received, 0% packet loss, time 0msrtt min/avg/max/mdev = 1.609/1.609/1.609/0.000 ms[[email protected] ~]# nslookup www.opsnote.comServer:192.168.68.135Address:192.168.68.135#53Name:www.opsnote.comAddress: 192.168.10.201[[email protected] ~]# nslookup ftp.opsnote.comServer:192.168.68.135Address:192.168.68.135#53Name:ftp.opsnote.comAddress: 192.168.10.202[[email protected] ~]# [[email protected] ~]# nslookup ns.opsnote.comServer:192.168.68.135Address:192.168.68.135#53Name:ns.opsnote.comAddress:192.168.10.135[[email protected] ~]#