Linux Learning Notes < 27 >--dns Server Configuration instance

Source: Internet
Author: User
Tags nameserver

Configuration planning: (Vmware9 under RHEL5.8 system implementation)

In the cqy.com domain, the 192.168.0.0/24 network segment

NS server: 192.168.0.150;

www server: 192.168.0.151,192.168.0.152

Mail server: 192.168.0.153

FTP Server is the alias of WWW server

Configure the master-slave server from the server ip:192.168.0.160

The primary server authorizes a child server, ip:192.168.0.170, and implements a child server to resolve the parent domain



Note: You must ensure that the server firewall is not blocking DNS traffic

# service Iptables Stop firewall off


Configuration on the primary server:

First, install the BIND97 package

1. Configure Yum Source

[Email protected] ~]# Cat/etc/yum.repos.d/local.repo [base]name=serverbaseurl=file:///media/cdrom/serverenabled= 1gpgcheck=0

2. Delete Redhat automatically installed bind93 two packages Bind-libs and bind-utils

# rpm-e Bind-libs bind-utils

3. Install the BIND97 Master package and its child packages

# yum Install bind97-libs bind97-utils

# yum Install Bind97-y


Second, the configuration bind97 main configuration file:/etc/named.conf

1. Delete or rename the official Master profile generated during installation

# Mv/etc/named.conf/etc/named.conf.orgi

2. Create a new profile,/etc/named.conf, and add the following:

[[email protected] named]# cat/etc/named.confoptions {directory "/var/named"; allow-recursion {192.168.0.0/24; 127.0.0.0/8; };}; Zone "." {type hint;file "named.ca";}; Zone "localhost" {type master;file "Named.localhost"; allow-transfer {none;};}; Zone "0.0.127.in-addr.arpa" {type master;file "Named.loopback"; allow-transfer {192.168.0.160;};}; Zone "cqy.com" {type master;file "Cqy.com.zone"; allow-transfer {192.168.0.160;};}; Zone "0.168.192.in-addr.arpa" {type master;file "192.168.0.zone"; allow-transfer {192.168.0.160;};};

3, modify the configuration file group and permissions

# chown Root:namde/etc/named.conf

# chmod 640/etc/named.conf


Third, configure the zone data file:/var/namd/

Create and configure two forward zone files cqy.com.zone  and  192.168.0.zone

that are resolved in the master configuration file

[[email protected] named]# cat cqy.com.zone  $TTL   600cqy.com.insoans1.cqy.com.admin.cqy.com.  (20150820011h5m2d6h ) nsns1ns       ns2MX  10mailns1INA192.168.0.150ns2              IN      A        192.168.0.160mailina192.168.0.152wwwin a192.168.0.150wwwina192.168.0.151ftpin cnamewww[[email  protected] named]# cat 192.168.0.zone  $TTL  600@  insoans1.cqy.com.admin.cqy.com.  (20150819011h5m2d6h ) nsns1.cqy.com.ns       ns2.cqy.com.150INPTRns1.cqy.com.150INPTRwww.cqy.com.152INPTRmail.cqy.com.151INPTRwww.cqy.com.160              IN       Ptr     ns2.cqy.com.


Iv. Edit the/etc/resolv.conf file and modify its nameserver as the native IP

# vim/etc/resolv.conf

NameServer 192.168.0.150

Search Localdomain


Five, close SELinux

# Setenforce 0 off SELinux

# Getenforce View

[[email protected] named]# getenforce enforcing[[email protected] named]# setenforce 0[[email protected] named]# getenfor Ce Permissive


Vi. checking configuration files and positive and negative Zone files for errors

# named-checkconf

# named-checkzone "Cqy.com"/var/named/cqy.com

# named-checkzone "0.168.192.in-addr.arpa"/var/named/192.168.0.zone


Vii. restarting or rereading a DNS server

# Service named Restart|reload


On the configuration from the server:

Steps are the same as the primary server, the difference is/etc/named.conf, and you do not have to manually create zone data files

First, create the main configuration file, edit the following

[[email protected] named]# cat/etc/named.confoptions {directory "/var/named"; allow-recursion {192.168.0.0/24; 127.0.0.0/8; };}; Zone "." {type hint;file "named.ca";}; Zone "localhost" {type master;file "Named.localhost"; allow-transfer {none;};}; Zone "0.0.127.in-addr.arpa" {type master;file "Named.loopback"; allow-transfer {none;};}; Zone "cqy.com" {type slave;file "Slaves/cqy.com.zone"; Masters {192.168.0.150;}; Allow-transfer {none;};}; Zone "0.168.192.in-addr.arpa" {type slave;file "Slaves/192.168.0.zone"; Masters {192.168.0.150;}; Allow-transfer {none;};};


Subdomain authorization

Configuration on the primary server

First, add the following in the zone file/var/named/cqy.com.zone

fininnsns1.finns1.finina192.168.0.170


Second, restart or reread the DNS server

# Service named Restart|reload


Configuration on a child server

First, create the/etc/named.conf, and add the following content

Options {directory "/var/named"; allow-recursion {192.168.0.0/24; 127.0.0.1;};}; Zone "." In {type hint;file "named.ca";}; Zone "localhost" in {type Master;file "Named.localhost"; allow-transfer {none;};}; Zone "0.0.127.in-addr.arpa" in {type Master;file "Named.loopback"; allow-transfer {none;};}; Zone "fin.cqy.com" in {type Master;file "Fin.cqy.com.zone";}; Zone "cqy.com" in {type Forward;forward first;forwarders {192.168.0.150;};};


Second, modify the/etc/named.conf group and permissions

# chown Root:namde/etc/named.conf

# chmod 640/etc/named.conf


Third, create the/var/named/fin.cqy.com.zone and add the following content:

$TTL 600fin.cqy.com.insoans1.fin.cqy.com.admin.fin.cqy.com. (20150819011h5m2d6h) NSNS1MX 10mailns1ina192.168.0.170mailina192.168.0.172wwwin A192.168.0.171


Four, modify the file permissions as follows

[email protected] named]# ll fin.cqy.com.zone-rw-r-----1 root named 211 08:13


V. Restart or reread the DNS server

# Service named Restart|reload


Linux Learning Notes < 27 >--dns Server Configuration instance

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.