Configuration planning: (Vmware9 under RHEL5.8 system implementation)
In the cqy.com domain, the 192.168.0.0/24 network segment
NS server: 192.168.0.150;
www server: 192.168.0.151,192.168.0.152
Mail server: 192.168.0.153
FTP Server is the alias of WWW server
Configure the master-slave server from the server ip:192.168.0.160
The primary server authorizes a child server, ip:192.168.0.170, and implements a child server to resolve the parent domain
Note: You must ensure that the server firewall is not blocking DNS traffic
# service Iptables Stop firewall off
Configuration on the primary server:
First, install the BIND97 package
1. Configure Yum Source
[Email protected] ~]# Cat/etc/yum.repos.d/local.repo [base]name=serverbaseurl=file:///media/cdrom/serverenabled= 1gpgcheck=0
2. Delete Redhat automatically installed bind93 two packages Bind-libs and bind-utils
# rpm-e Bind-libs bind-utils
3. Install the BIND97 Master package and its child packages
# yum Install bind97-libs bind97-utils
# yum Install Bind97-y
Second, the configuration bind97 main configuration file:/etc/named.conf
1. Delete or rename the official Master profile generated during installation
# Mv/etc/named.conf/etc/named.conf.orgi
2. Create a new profile,/etc/named.conf, and add the following:
[[email protected] named]# cat/etc/named.confoptions {directory "/var/named"; allow-recursion {192.168.0.0/24; 127.0.0.0/8; };}; Zone "." {type hint;file "named.ca";}; Zone "localhost" {type master;file "Named.localhost"; allow-transfer {none;};}; Zone "0.0.127.in-addr.arpa" {type master;file "Named.loopback"; allow-transfer {192.168.0.160;};}; Zone "cqy.com" {type master;file "Cqy.com.zone"; allow-transfer {192.168.0.160;};}; Zone "0.168.192.in-addr.arpa" {type master;file "192.168.0.zone"; allow-transfer {192.168.0.160;};};
3, modify the configuration file group and permissions
# chown Root:namde/etc/named.conf
# chmod 640/etc/named.conf
Third, configure the zone data file:/var/namd/
Create and configure two forward zone files cqy.com.zone and 192.168.0.zone
that are resolved in the master configuration file
[[email protected] named]# cat cqy.com.zone $TTL 600cqy.com.insoans1.cqy.com.admin.cqy.com. (20150820011h5m2d6h ) nsns1ns ns2MX 10mailns1INA192.168.0.150ns2 IN A 192.168.0.160mailina192.168.0.152wwwin a192.168.0.150wwwina192.168.0.151ftpin cnamewww[[email protected] named]# cat 192.168.0.zone $TTL 600@ insoans1.cqy.com.admin.cqy.com. (20150819011h5m2d6h ) nsns1.cqy.com.ns ns2.cqy.com.150INPTRns1.cqy.com.150INPTRwww.cqy.com.152INPTRmail.cqy.com.151INPTRwww.cqy.com.160 IN Ptr ns2.cqy.com.
Iv. Edit the/etc/resolv.conf file and modify its nameserver as the native IP
# vim/etc/resolv.conf
NameServer 192.168.0.150
Search Localdomain
Five, close SELinux
# Setenforce 0 off SELinux
# Getenforce View
[[email protected] named]# getenforce enforcing[[email protected] named]# setenforce 0[[email protected] named]# getenfor Ce Permissive
Vi. checking configuration files and positive and negative Zone files for errors
# named-checkconf
# named-checkzone "Cqy.com"/var/named/cqy.com
# named-checkzone "0.168.192.in-addr.arpa"/var/named/192.168.0.zone
Vii. restarting or rereading a DNS server
# Service named Restart|reload
On the configuration from the server:
Steps are the same as the primary server, the difference is/etc/named.conf, and you do not have to manually create zone data files
First, create the main configuration file, edit the following
[[email protected] named]# cat/etc/named.confoptions {directory "/var/named"; allow-recursion {192.168.0.0/24; 127.0.0.0/8; };}; Zone "." {type hint;file "named.ca";}; Zone "localhost" {type master;file "Named.localhost"; allow-transfer {none;};}; Zone "0.0.127.in-addr.arpa" {type master;file "Named.loopback"; allow-transfer {none;};}; Zone "cqy.com" {type slave;file "Slaves/cqy.com.zone"; Masters {192.168.0.150;}; Allow-transfer {none;};}; Zone "0.168.192.in-addr.arpa" {type slave;file "Slaves/192.168.0.zone"; Masters {192.168.0.150;}; Allow-transfer {none;};};
Subdomain authorization
Configuration on the primary server
First, add the following in the zone file/var/named/cqy.com.zone
fininnsns1.finns1.finina192.168.0.170
Second, restart or reread the DNS server
# Service named Restart|reload
Configuration on a child server
First, create the/etc/named.conf, and add the following content
Options {directory "/var/named"; allow-recursion {192.168.0.0/24; 127.0.0.1;};}; Zone "." In {type hint;file "named.ca";}; Zone "localhost" in {type Master;file "Named.localhost"; allow-transfer {none;};}; Zone "0.0.127.in-addr.arpa" in {type Master;file "Named.loopback"; allow-transfer {none;};}; Zone "fin.cqy.com" in {type Master;file "Fin.cqy.com.zone";}; Zone "cqy.com" in {type Forward;forward first;forwarders {192.168.0.150;};};
Second, modify the/etc/named.conf group and permissions
# chown Root:namde/etc/named.conf
# chmod 640/etc/named.conf
Third, create the/var/named/fin.cqy.com.zone and add the following content:
$TTL 600fin.cqy.com.insoans1.fin.cqy.com.admin.fin.cqy.com. (20150819011h5m2d6h) NSNS1MX 10mailns1ina192.168.0.170mailina192.168.0.172wwwin A192.168.0.171
Four, modify the file permissions as follows
[email protected] named]# ll fin.cqy.com.zone-rw-r-----1 root named 211 08:13
V. Restart or reread the DNS server
# Service named Restart|reload
Linux Learning Notes < 27 >--dns Server Configuration instance