Loading... ### 安装 BIND 软件包 ## 1. 安装 ## 2. 配置 > 下面的例子是以公网IP(172.16.0.80/29),局域网IP(192.168.0.0/24),域名(wscon.cn)作说明。在配置你自己的服务器时,请使用你自己的IP和域名。 ```bash # vim /etc/named.conf options { directory "/var/named"; # query range allow-query { localhost; 192.168.0.0/24; }; # transfer range allow-transfer { localhost; 192.168.0.0/24; }; # recursion range allow-recursion { localhost; 192.168.0.0/24; }; }; controls { inet 127.0.0.1 allow { localhost; } keys { rndckey; }; }; # here is the section for internal informations vimew "internal" { match-clients { localhost; 192.168.0.0/24; }; zone "." IN { type hint; file "named.ca"; }; # set zones for internal zone "wscon.cn" IN { type master; file "wscon.cn.lan"; allow-update { none; }; }; # set zones for internal zone "0.168.192.in-addr.arpa" IN { type master; file "0.168.192.db"; allow-update { none; }; }; zone "localdomain" IN { type master; file "localdomain.zone"; allow-update { none; }; }; zone "localhost" IN { type master; file "localhost.zone"; allow-update { none; }; }; zone "0.0.127.in-addr.arpa" IN { type master; file "named.local"; allow-update { none; }; }; zone "255.in-addr.arpa" IN { type master; file "named.broadcast"; allow-update { none; }; }; zone "0.in-addr.arpa" IN { type master; file "named.zero"; allow-update { none; }; }; }; vimew "external" { match-clients { any; }; zone "." IN { type hint; file "named.ca"; }; # set zones for external zone "wscon.cn" IN { type master; file "wscon.cn.wan"; allow-update { none; }; }; # set zones for external *note zone "80.0.16.172.in-addr.arpa" IN { type master; file "80.0.16.172.db"; allow-update { none; }; }; }; include "/etc/rndc.key"; # *note : For How to write for reverse resolvimng, Write network address reversely like below. the case for 192.168.0.0/24 network address? 192.168.0.0 range of network? 192.168.0.0 - 192.168.0.255 how to write? 0.168.192.in-addr.arpa case of 172.16.0.80/29 network address? 172.16.0.80 range of network? 172.16.0.80 - 172.16.0.87 how to write? 80.0.16.172.in-addr.arp ``` ### 设置Zones > 创建zone文件以便服务器能解析域名IP。 ##### 1、内部zone文件 - 这个例子使用的是内网地址(192.168.0.0/24),域名(wscon.cn),请根据自己的具体情况配置。 ```bash # vim /var/named/wscon.cn.lan $TTL 86400 @ IN SOA ns.wscon.cn. root.wscon.cn. ( 2007041501 ;Serial 3600 ;Refresh 1800 ;Retry 604800 ;Expire 86400 ;Minimum TTL ) # define name server IN NS ns.wscon.cn. # internal IP address of name server IN A 192.168.0.17 # define mail exchanger IN MX 10 ns.wscon.cn. # define IP address and hostname ns IN A 192.168.0.17 ``` ##### 2、外部zone文件 - 这个例子使用的是外网地址(172.16.0.80/29),域名(wscon.cn),请替换成自己的。 ```bash <pre class="prism-highlight prism-language-bash"># vim /var/named/wscon.cn.wan $TTL 86400 @ IN SOA ns.wscon.cn. root.wscon.cn. ( 2007041501 ;Serial 3600 ;Refresh 1800 ;Retry 604800 ;Expire 86400 ;Minimum TTL ) # define name server IN NS ns.wscon.cn. # external IP address of name server IN A 172.16.0.82 # define Mail exchanger IN MX 10 ns.wscon.cn. # define IP address and hostname ns IN A 172.16.0.82 ``` - 创建zone文件使服务器能够反向解析IP到域名。 ##### 3、内部zone文件 - 这个例子使用的是内网地址(192.168.0.0/24),域名(wscon.cn),请使用自己的设置替换。 ```bash # vim /var/named/0.168.192.db $TTL 86400 @ IN SOA ns.wscon.cn. root.wscon.cn. ( 2007041501 ;Serial 3600 ;Refresh 1800 ;Retry 604800 ;Expire 86400 ;Minimum TTL ) # define name server IN NS ns.wscon.cn. # define range that this domain name in IN PTR wscon.cn. # define IP address and hostname IN A 255.255.255.0 17 IN PTR ns.wscon.cn. ``` ##### 4、外部zone文件 - 这例子使用外网地址(172.16.0.80/29),域名(wscon.cn),请替换成自己的。 ```bash # vim /var/named/80.0.16.172.db $TTL 86400 @ IN SOA ns.wscon.cn. root.wscon.cn. ( 2007041501 ;Serial 3600 ;Refresh 1800 ;Retry 604800 ;Expire 86400 ;Minimum TTL ) # define name server IN NS ns.wscon.cn. # define range that this domain name in IN PTR wscon.cn. # define IP address and hostname IN A 255.255.255.248 82 IN PTR ns.wscon.cn. ``` ### 启动BIND ##### 1、完成BIND的配置后,在启动named之前,还需要建立chroot环境。 ```bash # yum -y install bind-chroot # /etc/rc.d/init.d/named start # systemctl enable named ``` ##### 2、操作检验 - 确认服务器已经正确解析域名或IP地址。 ```bash <pre class="prism-highlight prism-language-markup"># dig ns.wscon.cn. ; <<>> DiG 9.3.4 <<>> ns.wscon.cn. ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 54592 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 0 ;; QUESTION SECTION: ;ns.wscon.cn. IN A ;; ANSWER SECTION: ns.wscon.cn. 86400 IN A 192.168.0.17 ;; AUTHORITY SECTION: wscon.cn. 86400 IN NS ns.wscon.cn. ;; Query time: 0 msec ;; SERVER: 192.168.0.17#53(192.168.0.17) ;; WHEN: Thu Mar 8 19:35:19 2007 ;; MSG SIZE rcvd: 68 # dig -x 192.168.0.17 ; <<>> DiG 9.3.4 <<>> -x 192.168.0.17 ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 45743 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1 ;; QUESTION SECTION: ;17.0.168.192.in-addr.arpa. IN PTR ;; ANSWER SECTION: 17.0.168.192.in-addr.arpa. 86400 IN PTR ns.wscon.cn. ;; AUTHORITY SECTION: 0.168.192.in-addr.arpa. 86400 IN NS ns.wscon.cn. ;; ADDITIONAL SECTION: ns.wscon.cn. 86400 IN A 192.168.0.17 ;; Query time: 0 msec ;; SERVER: 192.168.0.17#53(192.168.0.17) ;; WHEN: Thu Mar 8 19:37:50 2007 ;; MSG SIZE rcvd: 107 ``` > 配置从DNS服务器比较简单。下面的例子主DNS是“ns.wscon.cn”,从DNS是“ns.example.info”。 ##### 1、在主DNS服务器的zone文件作如下配置 ```bash # vim /var/named/wscon.cn.wan $TTL 86400 @ IN SOA ns.wscon.cn. root.wscon.cn. ( # update serial 2007041501 ;Serial 3600 ;Refresh 1800 ;Retry 604800 ;Expire 86400 ;Minimum TTL ) IN NS ns.wscon.cn. # add name server IN NS ns.example.info. IN A 172.16.0.82 IN MX 10 ns.wscon.cn. ns IN A 172.16.0.82 # rndc reload server reload successful ``` ##### 2、配置从DNS服务器 ```bash # vim /etc/named.conf # add these lines below zone "wscon.cn" IN { type slave; masters { 172.16.0.82; }; file "slaves/wscon.cn.wan"; }; # rndc reload server reload successful # ls /var/named/slaves wscon.cn.wan # zone file in master DNS has been just transfered ``` > 设置别名记录,如果你想为你的主机设置另一个名称,在zone文件定义CNAME记录 ```bash <pre class="prism-highlight prism-language-bash"># vim /var/named/server-Linux.info.wan $TTL 86400 @ IN SOA ns.server-linux.info. root.server-linux.info. ( # update serial 2007041501 ;Serial 3600 ;Refresh 1800 ;Retry 604800 ;Expire 86400 ;Minimum TTL ) IN NS ns.server-linux.info. IN A 172.16.0.82 IN MX 10 ns.server-linux.info. ns IN A 172.16.0.82 # aliase IN CNAME server's name ftp IN CNAME ns.server-linux.info. # rndc reload server reload successful ``` Last modification:August 3, 2020 © Allow specification reprint Support Appreciate the author AliPayWeChat Like 0 如果觉得我的文章对你有用,请随意赞赏