Linux下DNS服务器的搭建及区域委派!
2012-08-22 11:26
555 查看
示意图:
一、父域(gjp.com)的配置Red Hat Enterprise Linux 5.4[/i] 1.安装DNS [root@gjp99 ~]# mount /dev/cdrom /mnt/cdrom mount: block device /dev/cdrom is write-protected, mounting read-only [root@gjp99 ~]# cd /mnt/cdrom/Server [root@gjp99 Server]# ll bind* -r--r--r-- 64 root root 1001253 Jul 31 2009 bind-9.3.6-4.P1.el5.i386.rpm -r--r--r-- 64 root root 44959 Jul 31 2009 bind-chroot-9.3.6-4.P1.el5.i386.rpm -r--r--r-- 73 root root 2900989 Jul 31 2009 bind-devel-9.3.6-4.P1.el5.i386.rpm -r--r--r-- 73 root root 450930 Jul 31 2009 bind-libbind-devel-9.3.6-4.P1.el5.i386.rpm -r--r--r-- 76 root root 877241 Jul 31 2009 bind-libs-9.3.6-4.P1.el5.i386.rpm -r--r--r-- 64 root root 233804 Jul 31 2009 bind-sdb-9.3.6-4.P1.el5.i386.rpm -r--r--r-- 64 root root 173772 Jul 31 2009 bind-utils-9.3.6-4.P1.el5.i386.rpm [root@gjp99 Server]# rpm -ivh bind-9.3.6-4.P1.el5.i386.rpm warning: bind-9.3.6-4.P1.el5.i386.rpm: Header V3 DSA signature: NOKEY, key ID 37017186 Preparing... ########################################### [100%] 1:bind ########################################### [100%] [root@gjp99 Server]# rpm -ivh bind-chroot-9.3.6-4.P1.el5.i386.rpm warning: bind-chroot-9.3.6-4.P1.el5.i386.rpm: Header V3 DSA signature: NOKEY, key ID 37017186 Preparing... ########################################### [100%] 1:bind-chroot ########################################### [100%] [root@gjp99 Server]# rpm -ivh caching-nameserver-9.3.6-4.P1.el5.i386.rpm warning: caching-nameserver-9.3.6-4.P1.el5.i386.rpm: Header V3 DSA signature: NOKEY, key ID 37017186 Preparing... ########################################### [100%] 1:caching-nameserver ########################################### [100%] [root@gjp99 Server]# rpm -qip bind-9.3.6-4.P1.el5.i386.rpm [root@gjp99 Server]# rpm -ql bind* //查看安装的文件路径 /etc/dbus-1/system.d/named.conf /etc/logrotate.d/named /etc/named.conf /etc/rc.d/init.d/named /etc/rndc.conf /etc/rndc.key 2.DNS基本配置: [root@gjp99 Server]# cd /var/named/chroot/ [root@gjp99 chroot]# ls dev etc var [/b]
[root@gjp99 chroot]# cd etc [/b]
[root@gjp99 etc]# ll [/b]
total 16 [/b]
-rw-r--r-- 1 root root 405 Aug 2 21:30 localtime [/b]
-rw-r----- 1 root named 1230 Jul 30 2009 named.caching-nameserver.conf [/b]
-rw-r----- 1 root named 955 Jul 30 2009 named.rfc1912.zones [/b]
-rw-r----- 1 root named 113 Aug 20 19:29 rndc.key [/b]
[root@gjp99 etc]# cp -p named.caching-nameserver.conf named.conf [/b]
不加-p[/b]的话 [/b]所属组为root[/b],服务启动不了! //拷贝样例文件 [/b]
[root@gjp99 etc]# ll [/b]
total 20 [/b]
-rw-r--r-- 1 root root 405 Aug 2 21:30 localtime [/b]
-rw-r----- 1 root named 1230 Jul 30 2009 named.caching-nameserver.conf [/b]
-rw-r----- 1 root named 1230 Jul 30 2009 named.conf [/b]
-rw-r----- 1 root named 955 Jul 30 2009 named.rfc1912.zones [/b]
-rw-r----- 1 root named 113 Aug 20 19:29 rndc.key [/b]
[root@gjp99 etc]# vim named.conf [/b]
options { [/b]
listen-on port 53 { any; }; //[/b]监听端口 [/b]
listen-on-v6 port 53 { ::1; }; [/b]
directory "/var/named";[/b]检测的真实路径:/var/named/chroot/var/named [/b]
dump-file "/var/named/data/cache_dump.db"; [/b]
statistics-file "/var/named/data/named_stats.txt"; [/b]
memstatistics-file "/var/named/data/named_mem_stats.txt"; [/b]
allow-query { any; }; //[/b]允许查询 [/b]
allow-query-cache { any; }; //[/b]允许查询缓存 [/b]
}; [/b]
logging { [/b]
channel default_debug { [/b]
file "data/named.run"; [/b]
severity dynamic; [/b]
}; [/b]
}; [/b]
view localhost_resolver { [/b]
match-clients { any; }; //[/b]匹配客户端 [/b]
match-destinations { any; }; //[/b]目的 [/b]
recursion yes; [/b]
include "/etc/named.rfc1912.zones"; // [/b]引用该文件 [/b]
}; [/b]
[root@gjp99 etc]# vim named.rfc1912.zones [/b]
增加以下信息: [/b]
zone "gjp.com" IN { [/b]
type master; [/b]
file "gjp.com.zone"; //[/b]要生成该文件 [/b]
allow-update { none; }; [/b]
}; [/b]
[root@gjp99 chroot]# cd var/named/ //[/b]注意准确路径 [/b]
[root@gjp99 named]# ll [/b]
total 36 [/b]
drwxrwx--- 2 named named 4096 Aug 26 2004 data [/b]
-rw-r----- 1 root named 198 Jul 30 2009 localdomain.zone [/b]
-rw-r----- 1 root named 195 Jul 30 2009 localhost.zone
-rw-r----- 1 root named 427 Jul 30 2009 named.broadcast [/b]
-rw-r----- 1 root named 1892 Jul 30 2009 named.ca [/b]
-rw-r----- 1 root named 424 Jul 30 2009 named.ip6.local [/b]
-rw-r----- 1 root named 426 Jul 30 2009 named.local [/b]
-rw-r----- 1 root named 427 Jul 30 2009 named.zero [/b]
drwxrwx--- 2 named named 4096 Jul 27 2004 slaves [/b]
[root@gjp99 named]# cp -p localhost.zone gjp.com.zone //-p[/b]可以换成-a [/b]
[root@gjp99 named]# ll [/b]
total 40 [/b]
drwxrwx--- 2 named named 4096 Aug 26 2004 data [/b]
-rw-r----- 1 root named 195 Jul 30 2009 gjp.com.zone [/b]
-rw-r----- 1 root named 198 Jul 30 2009 localdomain.zone [/b]
-rw-r----- 1 root named 195 Jul 30 2009 localhost.zone [/b]
-rw-r----- 1 root named 427 Jul 30 2009 named.broadcast [/b]
-rw-r----- 1 root named 1892 Jul 30 2009 named.ca //[/b]根指示文件 [/b]
-rw-r----- 1 root named 424 Jul 30 2009 named.ip6.local [/b]
-rw-r----- 1 root named 426 Jul 30 2009 named.local [/b]
-rw-r----- 1 root named 427 Jul 30 2009 named.zero [/b]
drwxrwx--- 2 named named 4096 Jul 27 2004 slaves [/b] [root@gjp99 named]#vim gjp.com.zone[/b]
[/b]
[/b]
[root@gjp99 named]# named-checkzone gjp.com gjp.com.zone [/b]
zone gjp.com/IN: loaded serial 42 OK [/b]
[root@gjp99 named]# named-checkconf /var/named/chroot/etc/named.conf [/b]
[root@gjp99 named]# service named start [/b]
Starting named: [ OK ] [/b]
[root@gjp99 ~]# tail -f /var/log/messages //[/b]监控日志情况 [/b]
用实机测试(hostonly [/b]与 vmware1 [/b]连接) [/b]
[/b]
[/b]
[root@gjp99 named]# vim /etc/resolv.conf //[/b]编辑过之后,在linux[/b]下才能使用nslookup[/b]
[/b]
[/b]
[root@gjp99 named][/b] # rndc reload //[/b]无需重启服务,只改变更新的! [/b]
server reload successful [/b]
[root@gjp99 named]# nslookup www.gjp.com [/b]
Server: 192.168.2.100 [/b]
Address: 192.168.2.100#53 [/b][/b]
Name: www.gjp.com [/b]
Address: 192.168.2.100 [/b] 二、配置子域bj.gjp.com[/b]
[root@gjp99 etc]# pwd [/b]
/var/named/chroot/etc [/b]
[root@gjp99 etc]# vim named.rfc1912.zones [/b]
增加以下信息: [/b]
zone "bj.gjp.com" IN { [/b]
type master; [/b]
file "bj.gjp.com.zone"; [/b]
allow-update { none; }; [/b]
}; [/b]
[root@gjp99 ~]# cd /var/named/chroot/var/named [/b]
[root@gjp99 named]# cp -p gjp.com.zone bj.gjp.com.zone [/b]
[root@gjp99 named]# ll [/b]
total 44 [/b]
-rw-r----- 1 root named 274 Aug 20 20:11 bj.gjp.com.zone [/b]
drwxrwx--- 2 named named 4096 Aug 20 20:23 data [/b]
-rw-r----- 1 root named 274 Aug 20 20:11 gjp.com.zone [/b]
-rw-r----- 1 root named 198 Jul 30 2009 localdomain.zone [/b]
-rw-r----- 1 root named 195 Jul 30 2009 localhost.zone [/b]
-rw-r----- 1 root named 427 Jul 30 2009 named.broadcast [/b]
-rw-r----- 1 root named 1892 Jul 30 2009 named.ca [/b]
-rw-r----- 1 root named 424 Jul 30 2009 named.ip6.local [/b]
-rw-r----- 1 root named 426 Jul 30 2009 named.local [/b]
-rw-r----- 1 root named 427 Jul 30 2009 named.zero [/b]
drwxrwx--- 2 named named 4096 Jul 27 2004 slaves [/b]
[root@gjp99 named]# vim bj.gjp.com.zone [/b]
[/b]
[/b]
[root@gjp99 etc]# rndc reload [/b]
server reload successful [/b]
[root@gjp99 etc]# nslookup www.bj.gjp.com [/b]
Server: 192.168.2.100 [/b]
Address: 192.168.2.100#53 [/b]
[/b]
Name: www.bj.gjp.com [/b]
Address: 192.168.3.100 [/b]
Windows[/b]下 [/b]
三、委派子域 sh.gjp.com[/b]
[/b]
[root@gjp99 named][/b]# vim gjp.com.zone [/b]
[/b]
[/b]
[root@gjp99 named]# rndc reload [/b]
server reload successful [/b]
四、将被委派的主机配置: [/b]Red Hat Enterprise Linux 5.3[/i][/b] [/b]
主机IP [/b]
[/b]
[/b]
Ping [/b]父域所在的主机IP [/b]
[/b]
[/b]
[/b]
[/b]
安装 [/b]过程与父域主机相同 [/b]
[root@www etc]# cp -p named.caching-nameserver.conf named.conf [/b]
[root@www etc]# pwd [/b]
/var/named/chroot/etc [/b]
[root@www etc]# cat named.conf [/b]
options { [/b]
listen-on port 53 { any; }; [/b]
listen-on-v6 port 53 { ::1; }; [/b]
directory "/var/named"; [/b]
dump-file "/var/named/data/cache_dump.db"; [/b]
statistics-file "/var/named/data/named_stats.txt"; [/b]
memstatistics-file "/var/named/data/named_mem_stats.txt"; [/b]
allow-query { any; }; [/b]
}; [/b]
logging { [/b]
channel default_debug { [/b]
file "data/named.run"; [/b]
severity dynamic; [/b]
}; [/b]
}; [/b]
view localhost_resolver { [/b]
match-clients { any; }; [/b]
match-destinations { any; }; [/b]
recursion yes; [/b]
include "/etc/named.rfc1912.zones"; [/b]
}; [/b]
[root@www etc]# vim named.rfc1912.zones [/b]
增加以下记录: [/b]
26 zone "sh.gjp.com" IN { [/b]
27 type master; [/b]
28 file "sh.gjp.com.zone"; [/b]
29 allow-update { none; }; [/b]
30 }; [/b]
产生 sh.gjp.com.zone [/b]文件 [/b]
[root@www named]# pwd [/b]
/var/named/chroot/var/named [/b]
[root@www named]# cp -p localdomain.zone sh.gjp.com.zone [/b] [root@www named]#vim sh.gjp.com.zone
[/b]
[/b]
[root@www named]# service named start [/b]
启动 named[/b]: [[/b]确定] [/b]
[root@www named]# vim /etc/resolv.conf [/b]
[/b]
[/b]
[root@www named]# rndc reload [/b]
server reload successful [/b]
[root@www named]# nslookup www.sh.gjp.com [/b]
Server: 192.168.2.12 [/b]
Address: 192.168.2.12#53 [/b]
[/b]
Name: www.sh.gjp.com [/b]
Address: 192.168.4.100 [/b]
在父域主机上测试: [/b]
[root@gjp99 named]# rndc flush //[/b]清缓存! [/b]
[root@gjp99 named]# nslookup www.sh.gjp.com [/b]
Server: 192.168.2.100 [/b]
Address: 192.168.2.100#53 [/b]
[/b]
Non-authoritative answer: [/b]
Name: www.sh.gjp.com [/b]
Address: 192.168.4.100 [/b]
RHEL 5.3[/b]被委派端: [/b] 无条件转发:[/b]
[root@www ~]# cd /var/named/chroot/etc [/b]
[root@www etc]# vim named.conf [/b]
[/b]
[/b]
无条件转发:forwarders {[/b]空格ip ; [/b]空格}[/b]; [/b]
[root@www etc]# nslookup www.gjp.com [/b]
Server: 192.168.2.12 [/b]
Address: 192.168.2.12#53 [/b]
[/b]
Non-authoritative answer: [/b]
Name: www.gjp.com [/b]
Address: 192.168.2.100 [/b]
[/b]
[root@www etc]# nslookup www.bj.gjp.com [/b]
Server: 192.168.2.12 [/b]
Address: 192.168.2.12#53 [/b]
[/b]
Non-authoritative answer: [/b]
Name: www.bj.gjp.com [/b]
Address: 192.168.3.100 [/b]
有条件转发: [/b]
[root@www etc]# pwd [/b]
/var/named/chroot/etc [/b]
先删除上面的无条件转发:forwarders{ } [/b]
[root@www etc]# vim named.rfc1912.zones [/b]
增加如下信息: [/b]
26 zone "gjp.com" IN { [/b]
27 type forward; [/b]
28 forwarders { 192.168.2.100; }; [/b]
29 }; [/b]
[root@www etc]# rndc reload [/b]
server reload successful [/b]
[root@www etc]# rndc flush [/b]
[root@www etc]# nslookup www.gjp.com [/b]
Server: 192.168.2.12 [/b]
Address: 192.168.2.12#53 [/b]
[/b]
Non-authoritative answer: [/b]
Name: www.gjp.com [/b]
Address: 192.168.2.100 [/b][/b]
[root@www etc]# nslookup www.bj.gjp.com [/b]
Server: 192.168.2.12 [/b]
Address: 192.168.2.12#53 [/b]
[/b]
Non-authoritative answer: [/b]
Name: www.bj.gjp.com [/b]
Address: 192.168.3.100 [/b]
四、用一台XP[/b]系统测试: [/b]
1.把DNS[/b]指向被委派的主机:(RHEL 5.3) [/b]
[/b]
[/b]
[/b]
[/b]
2.把DNS指向父域所在的dns服务器IP
[/b]
[/b]
[/b]
[/b]
一、父域(gjp.com)的配置Red Hat Enterprise Linux 5.4[/i] 1.安装DNS [root@gjp99 ~]# mount /dev/cdrom /mnt/cdrom mount: block device /dev/cdrom is write-protected, mounting read-only [root@gjp99 ~]# cd /mnt/cdrom/Server [root@gjp99 Server]# ll bind* -r--r--r-- 64 root root 1001253 Jul 31 2009 bind-9.3.6-4.P1.el5.i386.rpm -r--r--r-- 64 root root 44959 Jul 31 2009 bind-chroot-9.3.6-4.P1.el5.i386.rpm -r--r--r-- 73 root root 2900989 Jul 31 2009 bind-devel-9.3.6-4.P1.el5.i386.rpm -r--r--r-- 73 root root 450930 Jul 31 2009 bind-libbind-devel-9.3.6-4.P1.el5.i386.rpm -r--r--r-- 76 root root 877241 Jul 31 2009 bind-libs-9.3.6-4.P1.el5.i386.rpm -r--r--r-- 64 root root 233804 Jul 31 2009 bind-sdb-9.3.6-4.P1.el5.i386.rpm -r--r--r-- 64 root root 173772 Jul 31 2009 bind-utils-9.3.6-4.P1.el5.i386.rpm [root@gjp99 Server]# rpm -ivh bind-9.3.6-4.P1.el5.i386.rpm warning: bind-9.3.6-4.P1.el5.i386.rpm: Header V3 DSA signature: NOKEY, key ID 37017186 Preparing... ########################################### [100%] 1:bind ########################################### [100%] [root@gjp99 Server]# rpm -ivh bind-chroot-9.3.6-4.P1.el5.i386.rpm warning: bind-chroot-9.3.6-4.P1.el5.i386.rpm: Header V3 DSA signature: NOKEY, key ID 37017186 Preparing... ########################################### [100%] 1:bind-chroot ########################################### [100%] [root@gjp99 Server]# rpm -ivh caching-nameserver-9.3.6-4.P1.el5.i386.rpm warning: caching-nameserver-9.3.6-4.P1.el5.i386.rpm: Header V3 DSA signature: NOKEY, key ID 37017186 Preparing... ########################################### [100%] 1:caching-nameserver ########################################### [100%] [root@gjp99 Server]# rpm -qip bind-9.3.6-4.P1.el5.i386.rpm [root@gjp99 Server]# rpm -ql bind* //查看安装的文件路径 /etc/dbus-1/system.d/named.conf /etc/logrotate.d/named /etc/named.conf /etc/rc.d/init.d/named /etc/rndc.conf /etc/rndc.key 2.DNS基本配置: [root@gjp99 Server]# cd /var/named/chroot/ [root@gjp99 chroot]# ls dev etc var [/b]
[root@gjp99 chroot]# cd etc [/b]
[root@gjp99 etc]# ll [/b]
total 16 [/b]
-rw-r--r-- 1 root root 405 Aug 2 21:30 localtime [/b]
-rw-r----- 1 root named 1230 Jul 30 2009 named.caching-nameserver.conf [/b]
-rw-r----- 1 root named 955 Jul 30 2009 named.rfc1912.zones [/b]
-rw-r----- 1 root named 113 Aug 20 19:29 rndc.key [/b]
[root@gjp99 etc]# cp -p named.caching-nameserver.conf named.conf [/b]
不加-p[/b]的话 [/b]所属组为root[/b],服务启动不了! //拷贝样例文件 [/b]
[root@gjp99 etc]# ll [/b]
total 20 [/b]
-rw-r--r-- 1 root root 405 Aug 2 21:30 localtime [/b]
-rw-r----- 1 root named 1230 Jul 30 2009 named.caching-nameserver.conf [/b]
-rw-r----- 1 root named 1230 Jul 30 2009 named.conf [/b]
-rw-r----- 1 root named 955 Jul 30 2009 named.rfc1912.zones [/b]
-rw-r----- 1 root named 113 Aug 20 19:29 rndc.key [/b]
[root@gjp99 etc]# vim named.conf [/b]
options { [/b]
listen-on port 53 { any; }; //[/b]监听端口 [/b]
listen-on-v6 port 53 { ::1; }; [/b]
directory "/var/named";[/b]检测的真实路径:/var/named/chroot/var/named [/b]
dump-file "/var/named/data/cache_dump.db"; [/b]
statistics-file "/var/named/data/named_stats.txt"; [/b]
memstatistics-file "/var/named/data/named_mem_stats.txt"; [/b]
allow-query { any; }; //[/b]允许查询 [/b]
allow-query-cache { any; }; //[/b]允许查询缓存 [/b]
}; [/b]
logging { [/b]
channel default_debug { [/b]
file "data/named.run"; [/b]
severity dynamic; [/b]
}; [/b]
}; [/b]
view localhost_resolver { [/b]
match-clients { any; }; //[/b]匹配客户端 [/b]
match-destinations { any; }; //[/b]目的 [/b]
recursion yes; [/b]
include "/etc/named.rfc1912.zones"; // [/b]引用该文件 [/b]
}; [/b]
[root@gjp99 etc]# vim named.rfc1912.zones [/b]
增加以下信息: [/b]
zone "gjp.com" IN { [/b]
type master; [/b]
file "gjp.com.zone"; //[/b]要生成该文件 [/b]
allow-update { none; }; [/b]
}; [/b]
[root@gjp99 chroot]# cd var/named/ //[/b]注意准确路径 [/b]
[root@gjp99 named]# ll [/b]
total 36 [/b]
drwxrwx--- 2 named named 4096 Aug 26 2004 data [/b]
-rw-r----- 1 root named 198 Jul 30 2009 localdomain.zone [/b]
-rw-r----- 1 root named 195 Jul 30 2009 localhost.zone
-rw-r----- 1 root named 427 Jul 30 2009 named.broadcast [/b]
-rw-r----- 1 root named 1892 Jul 30 2009 named.ca [/b]
-rw-r----- 1 root named 424 Jul 30 2009 named.ip6.local [/b]
-rw-r----- 1 root named 426 Jul 30 2009 named.local [/b]
-rw-r----- 1 root named 427 Jul 30 2009 named.zero [/b]
drwxrwx--- 2 named named 4096 Jul 27 2004 slaves [/b]
[root@gjp99 named]# cp -p localhost.zone gjp.com.zone //-p[/b]可以换成-a [/b]
[root@gjp99 named]# ll [/b]
total 40 [/b]
drwxrwx--- 2 named named 4096 Aug 26 2004 data [/b]
-rw-r----- 1 root named 195 Jul 30 2009 gjp.com.zone [/b]
-rw-r----- 1 root named 198 Jul 30 2009 localdomain.zone [/b]
-rw-r----- 1 root named 195 Jul 30 2009 localhost.zone [/b]
-rw-r----- 1 root named 427 Jul 30 2009 named.broadcast [/b]
-rw-r----- 1 root named 1892 Jul 30 2009 named.ca //[/b]根指示文件 [/b]
-rw-r----- 1 root named 424 Jul 30 2009 named.ip6.local [/b]
-rw-r----- 1 root named 426 Jul 30 2009 named.local [/b]
-rw-r----- 1 root named 427 Jul 30 2009 named.zero [/b]
drwxrwx--- 2 named named 4096 Jul 27 2004 slaves [/b] [root@gjp99 named]#vim gjp.com.zone[/b]
[/b]
[/b]
[root@gjp99 named]# named-checkzone gjp.com gjp.com.zone [/b]
zone gjp.com/IN: loaded serial 42 OK [/b]
[root@gjp99 named]# named-checkconf /var/named/chroot/etc/named.conf [/b]
[root@gjp99 named]# service named start [/b]
Starting named: [ OK ] [/b]
[root@gjp99 ~]# tail -f /var/log/messages //[/b]监控日志情况 [/b]
用实机测试(hostonly [/b]与 vmware1 [/b]连接) [/b]
[/b]
[/b]
[root@gjp99 named]# vim /etc/resolv.conf //[/b]编辑过之后,在linux[/b]下才能使用nslookup[/b]
[/b]
[/b]
[root@gjp99 named][/b] # rndc reload //[/b]无需重启服务,只改变更新的! [/b]
server reload successful [/b]
[root@gjp99 named]# nslookup www.gjp.com [/b]
Server: 192.168.2.100 [/b]
Address: 192.168.2.100#53 [/b][/b]
Name: www.gjp.com [/b]
Address: 192.168.2.100 [/b] 二、配置子域bj.gjp.com[/b]
[root@gjp99 etc]# pwd [/b]
/var/named/chroot/etc [/b]
[root@gjp99 etc]# vim named.rfc1912.zones [/b]
增加以下信息: [/b]
zone "bj.gjp.com" IN { [/b]
type master; [/b]
file "bj.gjp.com.zone"; [/b]
allow-update { none; }; [/b]
}; [/b]
[root@gjp99 ~]# cd /var/named/chroot/var/named [/b]
[root@gjp99 named]# cp -p gjp.com.zone bj.gjp.com.zone [/b]
[root@gjp99 named]# ll [/b]
total 44 [/b]
-rw-r----- 1 root named 274 Aug 20 20:11 bj.gjp.com.zone [/b]
drwxrwx--- 2 named named 4096 Aug 20 20:23 data [/b]
-rw-r----- 1 root named 274 Aug 20 20:11 gjp.com.zone [/b]
-rw-r----- 1 root named 198 Jul 30 2009 localdomain.zone [/b]
-rw-r----- 1 root named 195 Jul 30 2009 localhost.zone [/b]
-rw-r----- 1 root named 427 Jul 30 2009 named.broadcast [/b]
-rw-r----- 1 root named 1892 Jul 30 2009 named.ca [/b]
-rw-r----- 1 root named 424 Jul 30 2009 named.ip6.local [/b]
-rw-r----- 1 root named 426 Jul 30 2009 named.local [/b]
-rw-r----- 1 root named 427 Jul 30 2009 named.zero [/b]
drwxrwx--- 2 named named 4096 Jul 27 2004 slaves [/b]
[root@gjp99 named]# vim bj.gjp.com.zone [/b]
[/b]
[/b]
[root@gjp99 etc]# rndc reload [/b]
server reload successful [/b]
[root@gjp99 etc]# nslookup www.bj.gjp.com [/b]
Server: 192.168.2.100 [/b]
Address: 192.168.2.100#53 [/b]
[/b]
Name: www.bj.gjp.com [/b]
Address: 192.168.3.100 [/b]
Windows[/b]下 [/b]
三、委派子域 sh.gjp.com[/b]
[/b]
[root@gjp99 named][/b]# vim gjp.com.zone [/b]
[/b]
[/b]
[root@gjp99 named]# rndc reload [/b]
server reload successful [/b]
四、将被委派的主机配置: [/b]Red Hat Enterprise Linux 5.3[/i][/b] [/b]
主机IP [/b]
[/b]
[/b]
Ping [/b]父域所在的主机IP [/b]
[/b]
[/b]
[/b]
[/b]
安装 [/b]过程与父域主机相同 [/b]
[root@www etc]# cp -p named.caching-nameserver.conf named.conf [/b]
[root@www etc]# pwd [/b]
/var/named/chroot/etc [/b]
[root@www etc]# cat named.conf [/b]
options { [/b]
listen-on port 53 { any; }; [/b]
listen-on-v6 port 53 { ::1; }; [/b]
directory "/var/named"; [/b]
dump-file "/var/named/data/cache_dump.db"; [/b]
statistics-file "/var/named/data/named_stats.txt"; [/b]
memstatistics-file "/var/named/data/named_mem_stats.txt"; [/b]
allow-query { any; }; [/b]
}; [/b]
logging { [/b]
channel default_debug { [/b]
file "data/named.run"; [/b]
severity dynamic; [/b]
}; [/b]
}; [/b]
view localhost_resolver { [/b]
match-clients { any; }; [/b]
match-destinations { any; }; [/b]
recursion yes; [/b]
include "/etc/named.rfc1912.zones"; [/b]
}; [/b]
[root@www etc]# vim named.rfc1912.zones [/b]
增加以下记录: [/b]
26 zone "sh.gjp.com" IN { [/b]
27 type master; [/b]
28 file "sh.gjp.com.zone"; [/b]
29 allow-update { none; }; [/b]
30 }; [/b]
产生 sh.gjp.com.zone [/b]文件 [/b]
[root@www named]# pwd [/b]
/var/named/chroot/var/named [/b]
[root@www named]# cp -p localdomain.zone sh.gjp.com.zone [/b] [root@www named]#vim sh.gjp.com.zone
[/b]
[/b]
[root@www named]# service named start [/b]
启动 named[/b]: [[/b]确定] [/b]
[root@www named]# vim /etc/resolv.conf [/b]
[/b]
[/b]
[root@www named]# rndc reload [/b]
server reload successful [/b]
[root@www named]# nslookup www.sh.gjp.com [/b]
Server: 192.168.2.12 [/b]
Address: 192.168.2.12#53 [/b]
[/b]
Name: www.sh.gjp.com [/b]
Address: 192.168.4.100 [/b]
在父域主机上测试: [/b]
[root@gjp99 named]# rndc flush //[/b]清缓存! [/b]
[root@gjp99 named]# nslookup www.sh.gjp.com [/b]
Server: 192.168.2.100 [/b]
Address: 192.168.2.100#53 [/b]
[/b]
Non-authoritative answer: [/b]
Name: www.sh.gjp.com [/b]
Address: 192.168.4.100 [/b]
RHEL 5.3[/b]被委派端: [/b] 无条件转发:[/b]
[root@www ~]# cd /var/named/chroot/etc [/b]
[root@www etc]# vim named.conf [/b]
[/b]
[/b]
无条件转发:forwarders {[/b]空格ip ; [/b]空格}[/b]; [/b]
[root@www etc]# nslookup www.gjp.com [/b]
Server: 192.168.2.12 [/b]
Address: 192.168.2.12#53 [/b]
[/b]
Non-authoritative answer: [/b]
Name: www.gjp.com [/b]
Address: 192.168.2.100 [/b]
[/b]
[root@www etc]# nslookup www.bj.gjp.com [/b]
Server: 192.168.2.12 [/b]
Address: 192.168.2.12#53 [/b]
[/b]
Non-authoritative answer: [/b]
Name: www.bj.gjp.com [/b]
Address: 192.168.3.100 [/b]
有条件转发: [/b]
[root@www etc]# pwd [/b]
/var/named/chroot/etc [/b]
先删除上面的无条件转发:forwarders{ } [/b]
[root@www etc]# vim named.rfc1912.zones [/b]
增加如下信息: [/b]
26 zone "gjp.com" IN { [/b]
27 type forward; [/b]
28 forwarders { 192.168.2.100; }; [/b]
29 }; [/b]
[root@www etc]# rndc reload [/b]
server reload successful [/b]
[root@www etc]# rndc flush [/b]
[root@www etc]# nslookup www.gjp.com [/b]
Server: 192.168.2.12 [/b]
Address: 192.168.2.12#53 [/b]
[/b]
Non-authoritative answer: [/b]
Name: www.gjp.com [/b]
Address: 192.168.2.100 [/b][/b]
[root@www etc]# nslookup www.bj.gjp.com [/b]
Server: 192.168.2.12 [/b]
Address: 192.168.2.12#53 [/b]
[/b]
Non-authoritative answer: [/b]
Name: www.bj.gjp.com [/b]
Address: 192.168.3.100 [/b]
四、用一台XP[/b]系统测试: [/b]
1.把DNS[/b]指向被委派的主机:(RHEL 5.3) [/b]
[/b]
[/b]
[/b]
[/b]
2.把DNS指向父域所在的dns服务器IP
[/b]
[/b]
[/b]
[/b]
相关文章推荐
- 搭建DNS服务器:正向解析区域、反向解析区域、主从DNS
- Linux下DNS服务器的搭建
- 随记:linux DNS服务器搭建
- Linux下DNS服务器的操作实例(正/反向解析,主/从服务器搭建)
- linux下DNS服务器的搭建
- DNS服务器搭建-Linux-Dnsmasq
- DNS服务器的讲解和在Linux系统下的搭建
- Linux下DNS服务器的搭建
- LINUX环境下DNS服务器的简单搭建教程
- 【Linux】DNS服务器搭建,主从服务器配置同步!
- Linux下搭建DNS 服务器
- Linux下DNS服务器的搭建
- Linux下DNS服务器的基本搭建
- linux学习笔记——DNS服务器的学习和搭建
- Linux—CentOS7.4-DNS二(搭建主、从域名同步服务器)
- Linux下使用 bind搭建DNS主从服务器
- Linux基础服务器搭建(一):DNS服务器
- Linux DNS (3)搭建DNS主从服务器
- linux下DNS服务器的搭建