這是DNS SERVER架設
首先:
先要安裝bind套件:#yum -y install bind bind-libs bind-chroot bind-utils
接下來要編修目錄檔:#vim /etc/named.conf
options { listen-on port 53 { any; }; //listen-on-v6 port 53 { ::1; };(該行把它註解掉) directory "/var/named"; dump-file "/var/named/data/cache_dump.db"; statistics-file "/var/named/data/named_stats.txt"; memstatistics-file "/var/named/data/named_mem_stats.txt"; allow-query { localhost; 192.168.100.0/24; }; recursion yes; (上面打自己本機的ip網段) dnssec-enable yes; dnssec-validation yes; dnssec-lookaside auto; bindkeys-file "/etc/named.iscdlv.key"; managed-keys-directory "/var/named/dynamic"; pid-file "/run/named/named.pid"; session-keyfile "/run/named/session.key"; }; logging { channel default_debug { file "data/named.run"; severity dynamic; }; }; include "/etc/named.rfc1912.zones"; include "/etc/named.root.key"; zone "." IN { type hint; file "named.ca"; }; //設定所管轄的網域名稱對IP正解析 zone "example.com" IN { type master; file "example.zone"; }; //設定所管轄的網域名稱對IPv4反解析 zone "100.168.192.in-addr.arpa" IN { type master; file "example.reverse"; };
接下來換編修這個目錄檔:
#vim /var/named/example.zone $TTL 10 @ IN SOA dns1.example.com. root ( 2016032901; 1H; 2D; 3W; 10 ) @ IN NS dns1.example.com. @ IN A 192.168.XXX.XXX @ IN MX 10 mail dns1.example.com. IN A 192.168.XXX.XXX(本機IP位置) mail IN A 192.168.XXX.XXX(本機IP位置) ftp IN A 192.168.XXX.XXX(本機IP位置) www IN A 192.168.XXX.XXX(本機IP位置)
接下來要編修另一個目錄檔:
#vim /var/named/example.reverse
$TTL 10 @ IN SOA dns1.example.com. root ( 2016032901; 1H; 2D; 3W; 10 ) @ IN NS dns1.example.com. xxx IN PTR dns1.example.com. xxx IN PTR mail.example.com. xxx IN PTR www.example.com. xxx IN PTR ftp.example.com.
(ps xxx為ip後三碼)
接下來開啟防火牆設定:
#firewall-cmd --permanent --add-service=dns
#firewall-cmd --reload
啟動DNS SERVER的服務:
#systemctl stop named #systemctl disable named #systemctl enable named-chroot #systemctl start named-chroot接ㄒ來是設定本機查詢的DNS SERVER:#vim /etc/resolv.conf search example.com nameserver 192.168.100.183下面是一些檢測工具:
沒有留言:
張貼留言