下面的例子是以公网IP(172.16.0.80/29),局域网IP(192.168.0.0/24),域名(wscon.cn)作说明。在配置你自己的服务器时,请使用你自己的IP和域名。
# vim /etc/named.conf
options {
directory "/var/named";
# query range
allow-query { localhost; 192.168.0.0/24; };
# transfer range
allow-transfer { localhost; 192.168.0.0/24; };
# recursion range
allow-recursion { localhost; 192.168.0.0/24; };
};
controls {
inet 127.0.0.1 allow { localhost; } keys { rndckey; };
};
# here is the section for internal informations
vimew "internal" {
match-clients {
localhost;
192.168.0.0/24;
};
zone "." IN {
type hint;
file "named.ca";
};
# set zones for internal
zone "wscon.cn" IN {
type master;
file "wscon.cn.lan";
allow-update { none; };
};
# set zones for internal
zone "0.168.192.in-addr.arpa" IN {
type master;
file "0.168.192.db";
allow-update { none; };
};
zone "localdomain" IN {
type master;
file "localdomain.zone";
allow-update { none; };
};
zone "localhost" IN {
type master;
file "localhost.zone";
allow-update { none; };
};
zone "0.0.127.in-addr.arpa" IN {
type master;
file "named.local";
allow-update { none; };
};
zone "255.in-addr.arpa" IN {
type master;
file "named.broadcast";
allow-update { none; };
};
zone "0.in-addr.arpa" IN {
type master;
file "named.zero";
allow-update { none; };
};
};
vimew "external" {
match-clients {
any;
};
zone "." IN {
type hint;
file "named.ca";
};
# set zones for external
zone "wscon.cn" IN {
type master;
file "wscon.cn.wan";
allow-update { none; };
};
# set zones for external *note
zone "80.0.16.172.in-addr.arpa" IN {
type master;
file "80.0.16.172.db";
allow-update { none; };
};
};
include "/etc/rndc.key";
# *note : For How to write for reverse resolvimng, Write network address reversely like below.
the case for 192.168.0.0/24
network address? 192.168.0.0
range of network? 192.168.0.0 - 192.168.0.255
how to write? 0.168.192.in-addr.arpa
case of 172.16.0.80/29
network address? 172.16.0.80
range of network? 172.16.0.80 - 172.16.0.87
how to write? 80.0.16.172.in-addr.arp
创建zone文件以便服务器能解析域名IP。
# vim /var/named/wscon.cn.lan $TTL 86400 @ IN SOA ns.wscon.cn. root.wscon.cn. ( 2007041501 ;Serial 3600 ;Refresh 1800 ;Retry 604800 ;Expire 86400 ;Minimum TTL ) # define name server IN NS ns.wscon.cn. # internal IP address of name server IN A 192.168.0.17 # define mail exchanger IN MX 10 ns.wscon.cn. # define IP address and hostname ns IN A 192.168.0.17
<pre class="prism-Highlight prism-language-bash"># vim /var/named/wscon.cn.wan $TTL 86400 @ IN SOA ns.wscon.cn. root.wscon.cn. ( 2007041501 ;Serial 3600 ;Refresh 1800 ;Retry 604800 ;Expire 86400 ;Minimum TTL ) # define name server IN NS ns.wscon.cn. # external IP address of name server IN A 172.16.0.82 # define Mail exchanger IN MX 10 ns.wscon.cn. # define IP address and hostname ns IN A 172.16.0.82创建zone文件使服务器能够反向解析IP到域名。
# vim /var/named/0.168.192.db $TTL 86400 @ IN SOA ns.wscon.cn. root.wscon.cn. ( 2007041501 ;Serial 3600 ;Refresh 1800 ;Retry 604800 ;Expire 86400 ;Minimum TTL ) # define name server IN NS ns.wscon.cn. # define range that this domain name in IN PTR wscon.cn. # define IP address and hostname IN A 255.255.255.0 17 IN PTR ns.wscon.cn.
# vim /var/named/80.0.16.172.db $TTL 86400 @ IN SOA ns.wscon.cn. root.wscon.cn. ( 2007041501 ;Serial 3600 ;Refresh 1800 ;Retry 604800 ;Expire 86400 ;Minimum TTL ) # define name server IN NS ns.wscon.cn. # define range that this domain name in IN PTR wscon.cn. # define IP address and hostname IN A 255.255.255.248 82 IN PTR ns.wscon.cn.
# yum -y install bind-chroot # /etc/rc.d/init.d/named start # systemctl enable named
<pre class="prism-highlight prism-language-markup"># dig ns.wscon.cn. ; <<>> DiG 9.3.4 <<>> ns.wscon.cn. ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 54592 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 0 ;; QUESTION SECTION: ;ns.wscon.cn. IN A ;; ANSWER SECTION: ns.wscon.cn. 86400 IN A 192.168.0.17 ;; AUTHORITY SECTION: wscon.cn. 86400 IN NS ns.wscon.cn. ;; Query time: 0 msec ;; SERVER: 192.168.0.17#53(192.168.0.17) ;; WHEN: Thu Mar 8 19:35:19 2007 ;; MSG SIZE rcvd: 68 # dig -x 192.168.0.17 ; <<>> DiG 9.3.4 <<>> -x 192.168.0.17 ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 45743 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1 ;; QUESTION SECTION: ;17.0.168.192.in-addr.arpa. IN PTR ;; ANSWER SECTION: 17.0.168.192.in-addr.arpa. 86400 IN PTR ns.wscon.cn. ;; AUTHORITY SECTION: 0.168.192.in-addr.arpa. 86400 IN NS ns.wscon.cn. ;; ADDITIONAL SECTION: ns.wscon.cn. 86400 IN A 192.168.0.17 ;; Query time: 0 msec ;; SERVER: 192.168.0.17#53(192.168.0.17) ;; WHEN: Thu Mar 8 19:37:50 2007 ;; MSG SIZE rcvd: 107
配置从DNS服务器比较简单。下面的例子主DNS是“ns.wscon.cn”,从DNS是“ns.example.info”。
# vim /var/named/wscon.cn.wan $TTL 86400 @ IN SOA ns.wscon.cn. root.wscon.cn. ( # update serial 2007041501 ;Serial 3600 ;Refresh 1800 ;Retry 604800 ;Expire 86400 ;Minimum TTL ) IN NS ns.wscon.cn. # add name server IN NS ns.example.info. IN A 172.16.0.82 IN MX 10 ns.wscon.cn. ns IN A 172.16.0.82 # rndc reload server reload successful
# vim /etc/named.conf
# add these lines below
zone "wscon.cn" IN {
type slave;
masters { 172.16.0.82; };
file "slaves/wscon.cn.wan";
};
# rndc reload
server reload successful
# ls /var/named/slaves
wscon.cn.wan # zone file in master DNS has been just transfered
设置别名记录,如果你想为你的主机设置另一个名称,在zone文件定义CNAME记录
<pre class="prism-highlight prism-language-bash"># vim /var/named/server-Linux.info.wan $TTL 86400 @ IN SOA ns.server-linux.info. root.server-linux.info. ( # update serial 2007041501 ;Serial 3600 ;Refresh 1800 ;Retry 604800 ;Expire 86400 ;Minimum TTL ) IN NS ns.server-linux.info. IN A 172.16.0.82 IN MX 10 ns.server-linux.info. ns IN A 172.16.0.82 # aliase IN CNAME server's name FTP IN CNAME ns.server-linux.info. # rndc reload server reload successful
