centos的两三事之dns服务器的配置
2014-08-20 14:38
411 查看
基本要求:
Dns:要保证即能够解析内网域名bigcloud.local的解析,又能解析互联网的域名。主DNS服务器:ZZSRV1.BIGCLOUD.LOCAL辅助DNS服务器:ZZSRV2.BIGCLOUD.LOCAL包含以下域的信息:1、bigcloud.local域的信息:| FQDN | IP地址 | 备注 |
| zzsrv1. | 192.168.188.11 | DNS服务器 |
| zzsrv2.bigcloud.local | 192.168.188.12 | DNS服务器 |
| ftp.bigcloud.local | 192.168.188.11 | |
| mailsrv1.bigcloud.local | 192.168.188.22 | |
| smtp.bigcloud.local | 192.168.188.22 | |
| pop3.bigcloud.local | 192.168.188.22 | |
| www.bigcloud.local | 192.168.188.11 | |
| crm.bigcloud.local | 192.168.188.11 |
实验环境
服务器安装
[root@zzsrv1 ssh]# cat /etc/redhat-release\CentOS Linux release 7.0.1406 (Core)
[root@zzsrv1 ssh]# uname -a
Linux zzsrv1.bigcloud.local 3.10.0-123.el7.x86_64 #1 SMP Mon Jun 30 12:09:22 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux
服务器基本配置
[root@zzsrv1 ssh]# vi /etc/sysconfig/network-scripts/ifcfg-eno16777728TYPE=Ethernet
BOOTPROTO=static
DEFROUTE=yes
PEERDNS=yes
PEERROUTES=yes
IPV4_FAILURE_FATAL=yes
NAME=eno16777728
ONBOOT=yes
IPADDR=192.168.188.11
NETMASK=255.255.255.0
GATEWAY=192.168.188.2
修改主机名
[root@zzsrv1 ssh]# vi /etc/hostname centos不同于linux的是(vi /etc/sysconfig/network)
zzsrv1.bigcloud.local
修改主机名后应该重新启动机器后机器名才可以生效
[root@zzsrv1 ~]#reboot
关闭selinux
[root@zzsrv1 ~]# vi /etc/sysconfig/selinux
SELINUX=disabled
DNS 客户机配置
[root@zzsrv1 ~]# ifconfigeno16777728: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.188.11 netmask 255.255.255.0 broadcast 192.168.188.255
inet6 fe80::20c:29ff:fe2b:6773 prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:2b:67:73 txqueuelen 1000 (Ethernet)
RX packets 5372 bytes 498900 (487.2 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 3898 bytes 572732 (559.3 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 0 (Local Loopback)
RX packets 202 bytes 21304 (20.8 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 202 bytes 21304 (20.8 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
指向自己:
[root@zzsrv1 ~]# vi /etc/resolv.conf
# Generated by NetworkManager
search bigcloud.local
nameserver 192.168.188.11
主DNS服务器配置
[root@zzsrv1 ~]# mkdir /mnt/cdrom[root@zzsrv1 ~]#mount /dev/cdrom /mnt/cdrom/
mount: /dev/sr0 is write-protected, mounting read-only
[root@zzsrv1 Packages]# ls bind*
bind-9.9.4-14.el7.x86_64.rpm bind-libs-lite-9.9.4-14.el7.x86_64.rpm
bind-chroot-9.9.4-14.el7.x86_64.rpm bind-license-9.9.4-14.el7.noarch.rpm
bind-dyndb-ldap-3.5-4.el7.x86_64.rpm bind-utils-9.9.4-14.el7.x86_64.rpm
bind-libs-9.9.4-14.el7.x86_64.rpm
[root@zzsrv1 Packages]# rpm -Uvh bind-9.9.4-14.el7.x86_64.rpm bind-libs-9.9.4-14.el7.x86_64.rpm
warning: bind-9.9.4-14.el7.x86_64.rpm: Header V3 RSA/SHA256 Signature, key ID f4a80eb5: NOKEY
Preparing... ################################# [100%]
Updating / installing...
1:bind-libs-32:9.9.4-14.el7 ################################# [ 50%]
2:bind-32:9.9.4-14.el7 ################################# [100%]
[root@zzsrv1 Packages]# rpm -qc bind
/etc/logrotate.d/named
/etc/named.conf
/etc/named.iscdlv.key
/etc/named.rfc1912.zones
/etc/named.root.key
/etc/rndc.conf
/etc/rndc.key
/etc/sysconfig/named
/var/named/named.ca
/var/named/named.empty
/var/named/named.localhost
/var/named/named.loopback
[root@zzsrv1 Packages]# systemctl restart named (不同于linux:service restart named)\
[root@zzsrv1 Packages]# ps aux |grep named
named 2382 0.5 2.2 168088 22452 ? Ssl 18:12 0:00 /usr/sbin/name -u named
root 2396 0.0 0.0 112640 964 pts/0 R+ 18:14 0:00 grep --color=au to named
修改配置(修改前先备份)
[root@zzsrv1 Packages]# cp /etc/named.conf /etc/named.conf.original
[root@zzsrv1 Packages]# vi /etc/named.conf (建议:先将原有配置注释,再写新的配置,一般模式在当前行
按yy后按p就能复制)
//listen-on port 53 { 127.0.0.1; };
listen-on port 53 { localhost; };
//allow-query { localhost; };
allow-query { any; };
//dnssec-enable yes;
dnssec-enable no;
//dnssec-validation yes;
dnssec-validation no;
dnssec-lookaside auto;
[root@zzsrv1 Packages]# systemctl restart named
[root@zzsrv1 Packages]# netstat -an | grep :53
tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:953 127.0.0.1:53625 TIME_WAIT
tcp 0 52 192.168.188.11:22 192.168.188.1:53653 ESTABLISHED
tcp6 0 0 ::1:53 :::* LISTEN
udp 0 0 127.0.0.1:53 0.0.0.0:*
udp 0 0 0.0.0.0:5353 0.0.0.0:*
udp6 0 0 ::1:53 :::*
[root@zzsrv1 Packages]# vi /etc/named.conf
末尾添加
zone "bigcloud.local" IN {
type master;
file "bigcloud.local.zone";
};
(一般模式下按G直接切换到最后一行)
[root@zzsrv1 Packages]# cd /var/named/
[root@zzsrv1 named]# ls
data dynamic named.ca named.empty named.localhost named.loopback slaves
[root@zzsrv1 named]# cp named.empty bigcloud.local.zone
[root@zzsrv1 named]# vi named.empty
$TTL 3H
@ IN SOA zzsrv1.bigcloud.local. rname.invalid. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS zzsrv1.bigcloud.local.
zzsrv1 A 192.168.188.11
ftp A 192.168.188.11
mailsrv1 A 192.168.188.22
www A 192.168.188.11
crm A 192.168.188.11
smtp CNAME mailsrvl.bigcloud.local.
pop3 CNAME mailsrvl.bigcloud.local.
[root@zzsrv1 named]# chown root:named /var/named/bigcloud.local.zone (修改权限让其可以访问)
[root@zzsrv1 named]# systemctl restart named
[root@zzsrv1 named]# rndc reload
server reload successful
举例一个解析对象
[root@zzsrv1 ~]# nslookup
> mailsrv1.bigcloud.local
Server: 192.168.188.11
Address: 192.168.188.11#53
Name: mailsrv1.bigcloud.local
Address: 192.168.188.22
[root@zzsrv1 named]# rndc status
version: 9.9.4-RedHat-9.9.4-14.el7 <id:8f9657aa>
CPUs found: 1
worker threads: 1
UDP listeners per interface: 1
number of zones: 102
debug level: 0
xfers running: 0
xfers deferred: 0
soa queries in progress: 0
query logging is OFF
recursive clients: 0/0/1000
tcp clients: 0/100
server is up and running
反向解析:
[root@zzsrv1 ~]# vi /etc/named.conf末尾添加
zone "188.168.192.in-addr.arpa" IN { (ip后三位倒着写)
type master;
file "192.168.188.zone";
};
[root@zzsrv1 named]# cp bigcloud.local.zone 192.168.188.zone
[root@zzsrv1 named]# vi 192.168.188.zone
$TTL 3H
@ IN SOA zzsrv1.bigcloud.local.zone. rname.invalid. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS zzsrv1.bigcloud.local.
11 PTR zzsrev1
11 PTR ftp
22 PTR mailsrv1
11 PTR www
11 PTR crm
前面的是正向解析的后面的ip
[root@zzsrv1 named]# chown root:named /var/named/192.168.188.zone
[root@zzsrv1 named]# rndc reload
server reload successful
[root@zzsrv1 named]# rndc status
version: 9.9.4-RedHat-9.9.4-14.el7 <id:8f9657aa>
CPUs found: 1
worker threads: 1
UDP listeners per interface: 1
number of zones: 103
debug level: 0
xfers running: 0
xfers deferred: 0
soa queries in progress: 0
query logging is OFF
recursive clients: 0/0/1000
tcp clients: 0/100
server is up and running
[root@zzsrv1 named]# nslookup 192.168.188.22
Server: 192.168.188.11
Address: 192.168.188.11#53
22.188.168.192.in-addr.arpa name = mailsrv1.188.168.192.in-addr.arpa.
配置转发器:
[root@zzsrv1 named]# vi /etc/named.conf在全局配置语句 option 中添加 forwarders 配置,注意分号forwarders {202.102.224.68;202.102.227.68;};
[root@zzsrv1 named]# nslookup www.msn.com
Server: 192.168.188.11
Address: 192.168.188.11#53
Non-authoritative answer: 非权威回答
www.msn.com canonical name = us.co1.cb3.glbdns2.microsoft.com.
Name: us.co1.cb3.glbdns2.microsoft.com
Address: 131.253.13.140
辅助dns的安装
同1配置安装dns
在zzsrv1上修改(添加红色字体的)
[root@zzsrv1 named]# vi /var/named/bigcloud.local.zone
$TTL 3H
@ IN SOA zzsrv1.bigcloud.local.zone. rname.invalid. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS zzsrv1.bigcloud.local.
NS zzsrv2.bigcloud.local.
zzsrv1 A 192.168.188.11
zzsrv2 A 192.168.188.12
ftp A 192.168.188.11
mailsrv1 A 192.168.188.22
www A 192.168.188.11
crm A 192.168.188.11
smtp CNAME mailsrvl.bigcloud.local.
pop3 CNAME mailsrvl.bigcloud.local.
[root@zzsrv2 ~]# rndc reload
server reload successful
[root@zzsrv2 ~]# vi /etc/named.conf
在最后添加
zone "bigcloud.local" IN {
type slave;
file"bigcloud.local.zone";
masters{192.168.188.11;};
};
[root@zzsrv2 ~]# ll -d /var/named/
drwxr-x---. 5 root named 4096 Aug 17 05:01 /var/named/
[root@zzsrv2 ~]# chmod g+w /var/named/ (也可以chmod 770 /var/named/)
[root@zzsrv2 ~]# ll -d /var/named/
drwxrwx---. 5 root named 4096 Aug 17 05:01 /var/named/
[root@zzsrv2 ~]# systemctl restart named
[root@zzsrv2 ~]# rndc reload
server reload successful
[root@zzsrv2 ~]# ls /var/named/ -l
total 20
-rw-r--r-- 1 named named 634 Aug 13 01:40 bigcloud.local.zone
drwxrwx---. 2 named named 47 Aug 17 03:50 data
drwxrwx---. 2 named named 30 Aug 17 05:06 dynamic
-rw-r-----. 1 root named 2076 Jan 28 2013 named.ca
-rw-r-----. 1 root named 152 Dec 15 2009 named.empty
-rw-r-----. 1 root named 152 Jun 21 2007 named.localhost
-rw-r-----. 1 root named 168 Dec 15 2009 named.loopback
drwxrwx---. 2 named named 6 Jun 10 16:13 slaves
ps:辅助dns只需要主的dns同步过来就可以
[root@zzsrv2 ~]# ls /var/named/ -l
total 20
-rw-r--r-- 1 named named 634 Aug 13 01:40 bigcloud.local.zone
drwxrwx---. 2 named named 47 Aug 17 03:50 data
drwxrwx---. 2 named named 30 Aug 17 05:06 dynamic
-rw-r-----. 1 root named 2076 Jan 28 2013 named.ca
-rw-r-----. 1 root named 152 Dec 15 2009 named.empty
-rw-r-----. 1 root named 152 Jun 21 2007 named.localhost
-rw-r-----. 1 root named 168 Dec 15 2009 named.loopback
drwxrwx---. 2 named named 6 Jun 10 16:13 slaves
排错:
1.当nslookup不能用时候,少装一个rpm包.
[root@zzsrv1 Packages]# nslookup-bash: nslookup: command not found
解决
[root@zzsrv1 Packages]# rpm -Uvh bind-utils-9.9.4-14.el7.x86_64.rpm
warning: bind-utils-9.9.4-14.el7.x86_64.rpm: Header V3 RSA/SHA256 Signature, key ID f4a80eb5: NOKEY
Preparing... ################################# [100%]
Updating / installing...
1:bind-utils-32:9.9.4-14.el7 ################################# [100%]
[root@zzsrv1 Packages]# nslookup
>
2.报错为:
[root@zzsrv1 named]# systemctl restart namedJob for named.service failed. See 'systemctl status named.service' and 'journalctl -xn' for details.
要进入配置文件看看你是否少添加了“.”和多加了空格
3.报错为:
(1);; connection timed out; trying next origin
;; connection timed out; no servers could be reached
[root@zzsrv1 named]# nslookup> server 192.168.188.11
Default server: 192.168.188.11
Address: 192.168.188.11#53
> mailsrv1.bigcloud.local
;; connection timed out; trying next origin
;; connection timed out; no servers could be reached
找不到
注意查看自己的配置文件:
[root@zzsrv1 ~]# vi /etc/named.conf
[root@zzsrv1 ~]# vi /var/named/bigcloud.local.zone
和selinux
[root@zzsrv1 ~]# vi /etc/sysconfig/selinux
[root@zzsrv1 ~]# vi /etc/resolv.conf
search bigcloud.local 自己的主机名
nameserver 192.168.188.11 指向自己的ip
(2)** server can't find 22.188.168.192.in-addr.arpa: SERVFAIL
这个错误看看配置文件的访问权限的问题辅助的dns同步不过来
关闭防火墙53端口端口
内容来自用户分享和网络整理,不保证内容的准确性,如有侵权内容,可联系管理员处理 
相关文章推荐
- Centos下DNS服务器的配置Cache-only(三)
- centOS7下DNS服务器的安装与配置
- DNS服务器的安装与配置(CentOS5.5版)
- CentOS上配置主DNS服务器的简易指南
- Centos7 DNS服务器搭建与配置
- Centos下DNS服务器的配置(一)
- centos DNS 服务器配置
- Centos 6.5 下DNS服务器的搭建与配置
- centos 6.4 DNS服务器主从配置
- Centos下DNS服务器的配置--Master/Slave(二)
- RedHat_(centos5.5)DNS详细配置说明—主服务器与辅助服务器配置
- centOS5.2 ---如何配置DNS
- Linux环境下DNS服务器的配置
- Centos 5配置dns出现的错误
- 配置DNS辅助服务器:DNS系列之四
- Linux下配置 DNS 服务器
- Windows 网络服务架构系列课程详解(二) ----DNS服务器的部署与配置 推荐
- CentOS 5 yum国内镜像服务器 配置文件[CentOS-Base.repo]
- Linux下DNS服务器的配置
- Centos 5 DNS服务配置