RHEL5.4DNS server configuration details 1

This section describes how to build a local server that can be used to resolve public network domain names and basic configurations of the forward and reverse regions, but I always think that many areas are not perfect. After all, this is the most basic network service. I hope I can make some mistakes here... 1. Install the DNS server to implement basic public network resolution [root @ server1 ~] # Yumgrouplist | grep 'dns' // use the package method to install the DNS Software Package Th

This section describes how to build a local server that can be used to resolve public network domain names and basic configurations of the forward and reverse regions, but I always think that many areas are not perfect. After all, this is the most basic network service. I hope I can make some mistakes here...

1. Install the DNS server to implement basic Internet resolution
[Root @ server1 ~] # Yum grouplist | grep 'dns' // use the package method to install the DNS Software Package
This system is not registered with RHN.
RHN support will be disabled.
DNS Name server

[Root @ server1 ~] # Yum-y groupinstall "DNS Name server1"
Running Transaction
Installing: bind // DNS Main Program Package
Installing: bind-chroot // chroot package. After the package is installed, the working directory of the DNS server automatically switches to/var/named/chroot.

[Root @ server1 named] # cat/etc/sysconfig/named | grep chroot | grep-v '^ #'
ROOTDIR =/var/named/chroot
[Root @ server1 ~] # Yum-y install caching-nameserver1 // cache DNS server package, mainly contains some configuration files
[Root @ server1 ~] # Cd/var/named/chroot/etc/
[Root @ server1 etc] # cp named. caching-nameserver1.conf named. conf // copy it as namd. conf, which is the primary configuration file of the DNS server
[Root @ server1 etc] # ln-s/var/named/chroot/etc/named. conf/etc // soft link to the/etc directory
[Root @ server1 etc] # grep-v '^ // 'named. conf | grep-V' //' // modify the configuration file as follows
Options {
Listen-on port 53 {192.168.100.254;}; // indicates that the DNS server only listens to the network interface 192.168.100.254.
Directory "/var/named"; // working directory of the DNS server. Can I write the directory under chroot?
Dump-file "/var/named/data/cache_dump.db"; // The following three rows are not important. They define cache and static file locations and can be deleted.
Statistics-file "/var/named/data/named_stats.txt ";
Memstatistics-file "/var/named/data/named_mem_stats.txt ";

Allow-query {any ;}; // run the IP address of any network segment for query. any is a built-in access object. You can also specify a specific network segment. For more information, see man.
};
Include "/etc/named. rfc1912.zones"; // include the named. rfc1912.zones file.

[Root @ server1 etc] # head-20 named. rfc1912.zones | grep-v '^ //' // This file mainly defines information about the root domain and localhost.
Zone "." IN {
Type hint;
File "named. ca ";
};

Zone "localdomain" IN {
Type master;
File "localdomain. zone ";
Allow-update {none ;};
};

[Root @ server1 etc] # chown named. named. conf // this step is important. By default, the DNS server is started by the named user. If the permission is incorrect, an error will occur when starting the service.
[Root @ server1 etc] # ping-c 2 www.6688.cc // test network connectivity
PING www.6688.cc (203.208.37.104) 56 (84) bytes of data.
64 bytes from bg-in-f104.1e100.net (203.208.37.104): icmp_seq = 1 ttl = 237 time = 99.9 MS
64 bytes from bg-in-f104.1e100.net (203.208.37.104): icmp_seq = 2 ttl = 237 time = 98.6 MS

[Root @ server1 etc] # service named start // try to start the service
Starting named: [OK]

[Root @ server1 ~] # Tail-f/var/log/messages // monitoring log
Mar 14 04:35:11 server1 named [8436]: starting BIND 9.3.6-P1-RedHat-9.3.6-4.P1.el5-u named-t/var/named/chroot
Mar 14 04:35:11 server1 named [8436]: adjusted limit on open files from 1024 to 1048576
Mar 14 04:35:11 server1 named [8436]: found 2 CPUs, using 2 worker threads
Mar 14 04:35:11 server1 named [8436]: using up to 4096 sockets
Mar 14 04:35:11 server1 named [8436]: loading configuration from '/etc/named. conf' // load the configuration file
Mar 14 04:35:12 server1 named [8436]: using default UDP/IPv4 port range: [1024,655 35]
Mar 14 04:35:12 server1 named [8436]: using default UDP/IPv6 port range: [1024,655 35]
Mar 14 04:35:12 server1 named [8436]: listening on IPv4 interface eth1, 192.168.100.254 #53 // listen to port 53 on IPV4 and eth1
Mar 14 04:35:12 server1 named [8436]: command channel listening on 127.0.0.1 #953 // port 953 of the local loopback interface of IPV4, 953 is mainly used for rndc
Mar 14 04:35:12 server1 named [8436]: command channel listening on: 1 #953 // same as above, IPV6
Mar 14 04:35:12 server1 named [8436]: zone 0. in-addr.arpa/IN: loaded serial 42
Mar 14 04:35:12 server1 named [8436]: zone 0.0.127.in-addr. arpa/IN: loaded serial 1997022700
Mar 14 04:35:12 server1 named [8436]: zone 255. in-addr.arpa/IN: loaded serial 42
Mar 14 04:35:12 server1 named [8436]: zone 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN: loaded serial 1997022700
Mar 14 04:35:12 server1 named [8436]: zone localdomain/IN: loaded serial 42
Mar 14 04:35:12 server1 named [8436]: zone localhost/IN: loaded serial 42
Mar 14 04:35:12 server1 named [8436]: running // normal operation