ubuntu安装配置DNS server
2013-10-09 12:30
405 查看
2011-12-24 00:03:11| 分类:
OS | 标签:
|字号大中小 订阅
1. 在准备做DNS server的机器上(192.168.11.189)安装bind9
sudo apt-get install bind9
2. 修改配置文件/etc/bind/named.conf.local
//
// Do any local configuration here
//
// Consider adding the 1918 zones here, if they are not used in your
// organization
//include "/etc/bind/zones.rfc1918";
zone "deamon.com"{
type master;
file "/etc/bind/db.deamon.com";
};
zone "11.168.192.in-addr.arpa"{
type master;
file "/etc/bind/db.deamon.com";
};
3.创建文件/etc/bind/db.deamon.com
; DNS db for deamon.com domain
;
$TTL 604800
@ IN SOA deamon.com. root.localhost. (
1 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
86400 ) ; Negative Cache TTL
; name to IP
IN NS dns1 ; dns server 1
IN NS dns2 ; dns server 2
@ IN A 192.168.11.178 ; deamon.com
dns1 IN A 192.168.11.189
dns2 IN A 192.168.11.1
deamon1 IN A 192.168.11.178
deamon2 IN A 192.168.11.179
deamon3 IN A 192.168.11.180
deamon4 IN A 192.168.11.181
deamon5 IN A 192.168.11.182
deamon6 IN A 192.168.11.183
; IP to name
178 IN PTR deamon1.deamon.com
179 IN PTR deamon2.deamon.com
180 IN PTR deamon3.deamon.com
181 IN PTR deamon4.deamon.com
182 IN PTR deamon5.deamon.com
183 IN PTR deamon6.deamon.com
4. 修改配置文件/etc/bind/named.conf,用于转发本DNS Server不能解析的域名。在11.10中,只需要在named.conf.options中添加下面的配置。
options {
directory "/var/cache/bind";
// If there is a firewall between you and nameservers you want
// to talk to, you may need to fix the firewall to allow multiple
// ports to talk. See http://www.kb.cert.org/vuls/id/800113
// If your ISP provided one or more IP addresses for stable
// nameservers, you probably want to use them as forwarders.
// Uncomment the following block, and insert the addresses replacing
// the all-0's placeholder.
forwarders {
192.168.11.1;
};
auth-nxdomain no; # conform to RFC1035
listen-on-v6 { any; };
};
5. 重启bind9服务
sudo service bind9 restart
6. 在需要做域名解析的机器中修改文件/etc/resolv.conf设置DNS server IP
# Generated by NetworkManager
nameserver 192.168.11.189
由于该文件会在重启后被系统更改,需要运行下面命令来防止系统重启后修改。
sudo chattr +i /etc/resolv.conf
NOTE: in ubuntu12.04, don't support chattr for such file, need update the resolve.conf with the following steps:-
(1) sudo resolvconf -u
(2) vi /etc/resolvconf/resolv.conf.d/base
nameserver 192.168.11.189
(3) sudo resolvconf -u
The /etc/resolv.conf will be updated based on the base file in step 2.
7.验证DNS配置
hadoop@deamon6:~$ nslookup
> deamon3.deamon.com
Server: 192.168.11.189
Address: 192.168.11.189#53
Name: deamon3.deamon.com
Address: 192.168.11.180
> 192.168.11.183
Server: 192.168.11.189
Address: 192.168.11.189#53
183.11.168.192.in-addr.arpa name = deamon6.deamon.com.11.168.192.in-addr.arpa.
8.配置子域,添加子域sns.deamon.com
8.1 修改zone文件/etc/bind/zones/db.deamon.com
; DNS db for deamon.com domain
;
$TTL 604800
@ IN SOA deamon.com. root.localhost. (
; Do not modify the following lines!
20111115003
604800
86400
2419200
86400
);
;name to IP
IN NS dns
@ IN A 192.168.145.73
dns IN A 192.168.87.100
;SNS subdomain
sns IN NS sns-act
sns-act IN A 192.168.145.69
8.2 修改conf文件/etc/bind/named.conf.local
//
// Do any local configuration here
//
zone "deamon.com" {
type master;
file "/etc/bind/zones/db.deamon.com";
};
zone "iot01.deamon.com"{
type forward;
forwarders { 192.168.145.69;};
};
8.3 修改option文件/etc/bind/named.conf.options
options {
directory "/var/cache/bind";
// If there is a firewall between you and nameservers you want
// to talk to, you may need to fix the firewall to allow multiple
// ports to talk. See http://www.kb.cert.org/vuls/id/800113
// If your ISP provided one or more IP addresses for stable
// nameservers, you probably want to use them as forwarders.
// Uncomment the following block, and insert the addresses replacing
// the all-0's placeholder.
//forwarders {
// 192.168.145.69;
//};
auth-nxdomain no; # conform to RFC1035
listen-on-v6 { any; };
allow-query { any; };
};
NOTE:
1. two commands to validate the configuration files
named-checkconf named.conf.local
named-checkzone zonename luqdlab.com.db
2. To check the log of DNS server, look into the file /var/log/syslog
3. When configure the subdomain, must pay attention to the name.conf.options. If don't add the <allow-query { any; };>, main DNS server will reply the DNS query for address in subdomain with the address of
name server of subdomain.
i.e. main DNS server will not query the address to name server of the subdomain, just send back the address of the name server of subdomain. With the <allow-query>, main DNS server will query the address recursively
and send back the actual IP address.
相关文章推荐
- ubuntu/centos Server 安装完成后,开启SSH,配置IP地址,DNS
- ubuntu安装配置DNS server
- Ubuntu 关于DNS Server的安装及配置简单笔记
- ubuntu服务器上SSH Server的安装和配置
- Server 2008 R2 安装活动目录和配置DNS及故障解决
- Ubuntu Server 13.10 安装配置图解教程
- ubuntu 12.04 server + OPENACS(TR069)安装配置日记
- linux(ubuntu server)下安装配置tomcat6
- ubuntu server 16.04的安装 以及配置网络还有ssh服务
- 【原创】ubuntu dhcp-server 安装、配置
- ubuntu server14.04LTS下手动模拟DNS并配置虚拟主机以及配置过程遇到的问题的解决方法
- Ubuntu 14.04.2 LTS 配置 DNS server
- 温故知新,ubuntu 11.10 server IP,mask,gateway,dns配置
- Ubuntu 16.04.1 Server 64bit 系统安装后的网络配置(Vmware Workstation 12.5 & Windows 10 X64 环境)
- Ubuntu Server 16.04下MySQL 8.0的安装与配置
- 在Ubuntu Server上源码安装OpenERP(odoo) 8.0,并配置wsgi和nginx运行环境
- Ubuntu Server 14.04 安装后的各种需要修改的蛋疼配置(在Vmware12.0中)