Linux DNS (BIND) Subdomain authorization

Source: Internet
Author: User
Tags subdomain

A zone may have primary DNS, from DNS, subdomain DNS, this section with the primary DNS authorization subdomain for example explained.

Subdomain Authorization configuration process:

1. Edit the primary DNS forward zone file

[[email protected] named]# vim dove.com.zone     #编辑主DNS正向区域文件 $TTL     600@       IN       soa     dove.com.       admin.dove.com.  (            2015041802    #由于有从DNS服务器, Therefore, each modification of the serial number must be added one                 2H                 5M                 3D                  1D )          IN      NS        dns    &Nbsp;   in      ns       slave         IN      MX 9       maildns       IN       a       192.168.8.7mail       in       A       192.168.8.8www        IN      A        192.168.8.8web       in      cname        wwwSlave       IN       A       192.168.8.9                     #中间空行表示不继承前面区域名称dep1        in       ns     dns.dep1    # Add subdomain dns ns records in primary DNS dns.dep1    in      a       192.168.8.10   #在主DNS添加子域DNS   corresponding a record

2. Install subdomain DNS BIND related package

[Email protected] ~]# yum-y install bind #安装bind包/etc/logrotate.d/named/etc/named.conf #主配置文件/etc/name D.iscdlv.key #bind密钥文件/etc/named.rfc1912.zones #区域配置文件 (included in the main profile with the include Directive)/etc/named.root.key #根区域key文件以实现事务签名/ etc/rndc.conf #rndc (remote name server Controller) configuration file/etc/rndc.key #rndc加密密钥/etc/sysconfig/named #bind进程选项/var/named/name d.ca #全球13个根服务器存放文件/var/named/named.empty/var/named/named.localhost #本地正向解析区域文件/var/named/named.loopback #本地反向解析区 Domain file

3. Edit the Master profile, commenting the relevant options

[[email protected] named]# vim/etc/named.conf #编辑主配置文件, use double slash note below three items

Options {

// listen-on port 53 {127.0.0.1;}; #注释只本地监听端口

// Listen-on-v6 port 53 {:: 1;}; #注释IPV6监听端口

Directory "/var/named";

Dump-file "/var/named/data/cache_dump.db";

Statistics-file "/var/named/data/named_stats.txt";

Memstatistics-file "/var/named/data/named_mem_stats.txt";

// allow-query {localhost;}; #注释只允许本地请求

4. Edit the subdomain zone configuration file

[[email protected] named]# Vim/etc/named.rfc1912.zoneszone "dep1.dove.com" in {type Master; File "Dep1.dove.com.zone";};

5. Create a Subdomain zone resolution file

[[email protected] named]# vim dep1.dove.com.zone      #编辑子域区域解析文件 $TTL     600@       IN       SOA     dep1.dove.com.  admin.dep1.dove.com.  (                 2015042101                 2H                 5M                 3D                 2H )         IN       NS      dns               #添加子域NS记录dns      IN      A        192.168.8.10     #添加子域对应A记录www       in      a       192.168.8.11[[email  protected] named]# chmod 640 dep1.dove.com.zone         #修改区域文件权限 [[email protected] named]# chown :named  dep1.dove.com.zone     #修改区域文件属组

   

[[email protected] named]# setenforce 0                   #关闭selinux to prevent synchronization failure [[ email protected] named]# service iptables stop          #停止iptables服务 to prevent synchronization failures [[email protected] named]# dig -t a  www.dep1.dove.com     #使用主DNS解析子域上一台主机成功; <<>> dig  9.8.2rc1-redhat-9.8.2-0.30.rc1.el6 <<>> -t a www.dep1.dove.com;;  global options: +cmd;;  Got answer:;;  ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 35911;;  flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1,  additional: 1;;  QUESTION SECTION:;www.dep1.dove.com.INA;;  answer section: 
[[email protected] slaves]# cat dove.com.zone     #查看从DNS服务器, sync successfully from master server origin&nbsp. $TTL  600; 10 minutesdove.comIN SOAdove.com. admin.dove.com.  ( 2015041802 ; serial7200       ; refresh  (2 hours) 300        ; retry  (5 minutes) 259200      ; expire  (3 days) 86400      ; minimum  (1  day)) nsdns.dove.com.nsslave.dove.com.mx9 mail.dove.com. $ORIGIN  dove.com.dep1nsdns.dep1$origin  dep1.dove.com.dnsA192.168.8.10$ORIGIN dove.com.                                  $ Origin definition Area name dnsa192.168.8.7maila192.168.8.8slavea192.168.8.9webcnamewwwwwwa192.168.8.8

The end! this Linux subdomain authorization configuration is complete.

Linux DNS (BIND) Subdomain authorization

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.