Steps for building a DNS server in RHE5 Server Management [Image]

1. Main DNS configuration files

/Etc/hosts-a list file of the Host-contains a list of known hosts (in the local network). If the system IP address is not dynamically generated, you can use it, for simple host name resolution (dot notation
/Etc/host. conf-Conversion Program Control File-tells the network Domain Name Server how to find the host (usually/etc/hosts, and then the Domain Name Server, which can be changed through netconf)
/Etc/resolv. conf-Conversion Program configuration file-when the configuration program requests the BIND domain name query service to query the host name, it must tell the program which Domain Name Server and IP address to use to complete this task

Ii. named configuration file family

/Etc/named. conf-main file-set the general name parameter to point to the information source of the domain database used by the server
/Var/named. ca-the root domain configuration server points to the file-points to the root domain configuration server, which is used to tell the cache server to initialize
/Var/named/localhost. zone-forward domain name resolution file in the localhost area-used to convert localhost to a local return address (127.0.0.1)
/Var/named/name. local-localhost Reverse Domain name resolution file-used to convert 127.0.01 to localhost
/Var/named/name2ip. conf-forward parsing file in the user configuration area-zone file for ing host names to IP addresses
/Var/named/2ipname. conf-direction resolution file of the user configuration area-zone file used to map IP addresses to host names

3. Install BIND Domain Name Server Software

# Yum install bind-9.3.3-7.e15.i386.rpm
# Yum install caching-nameserver-9.3.3-7.e15.i386.rpm
# Yum install bind-chroot-9.3.3-7.e15.i386.rpm

Iv. DNS Classification

1. High-speed domain name Storage Server
The high-speed storage Domain Name Server does not contain the domain name database. It obtains the information queried by the Domain Name Server from a remote server each time. Once a response is obtained, it is placed in the high-speed cache, use the answer to query the same information next time.
2. Primary Domain Name Server
The Primary Domain Name Server is the authoritative source of all information in a specific domain. It loads domain information from a local file constructed by the domain administrator. The Primary Domain Name Server must be configured with a complete set of files, that is, the primary configuration file (/etc/named. caching-nameserver.conf), forward domain partition file (/var/named. zero), the direction of the region file (/var/named. hosts), cache initialization file (named. ca) and the return file (named. local ).
3. Auxiliary Domain Server
The secondary Domain Name Server is used to transfer a complete set of domain information from the Primary Domain Name Server. It is an optional configuration option. Zone files are transferred from the Primary Domain Name Server and saved as disk files on the secondary Domain Name Server. The secondary Domain Name Server does not need to configure local files. You only need to configure the master configuration file, cache initialization file, and delivery file.

5. Configure the DNS server for the sina.com domain name. The local IP address must be configured first.

Note: This bind9 allows all configurations in the/var/named/chroot/var/named directory in the chroot (Prison) mode. If bind9 runs in a non-chroot (normal) directory) in the/var/named directory.
A. Forward to the main region (resolve the domain name IP address ):
1. Modify the primary configuration file of the DNS server
# Vi/etc/named. caching-nameserver.conf modify the following lines:
Listen-on port 53 {192.168.20.1;}; listens to port 53 (IPV4) of the Local Machine)
# Listen-on-v6 port 53 {: 1 ;}; disable local port 53 (IPV6)
# Allow-query {localhost;}; Disable allow local queries only
# Match-clients {localhost;}; disable the matching client as the local machine.

2. Modify the DNS region declaration storage file

# Vi/etc/named. rfc1912.zones
Declare domain name region information:

Zone: indicates the region
IN: start to define
Type master // defined as the primary DNS
File "sina. zone"; // defines the data file of the sina Domain Name
Allow-update {none;} // defines the host that can be updated
Each line must end with a semicolon {none;}: both sides of the braces must have spaces

3. Define data files:
# Cd/var/named/chroot/var/named
# Cp-p named. local sina. zone
# Vi sina. zone

4. Check the syntax error of the region file:

5. Change all groups of the region file:

6. Start the DNS server:
# Service named restart // restart the DNS service
# Rndc reload // reload the key

7. Test DNS:

<B> reverse primary region (resolve IP addresses to domain names)
The structure and format of the reverse resolution region file are similar to those of the region file, except that the main content of this file is to create a pointer PTR resource record mapped to the DNS domain name.

1. Modify the DNS region declaration storage file
# Vi/etc/named. rfc1912.zones
Declare domain name region information and add the following five lines:

2. Define the reverse region data file:

# Vi sina. local // modify the sina. local file as follows:

3. Change all groups of the region file:

4. Start the DNS server:

# Service named restart // restart the DNS service
# Rndc reload // reload the key

5. Reverse DNS resolution Verification:

<C> positive auxiliary Area
Configure DNS for one Windows2003 server in the following regions:
The IP address of win2003 is 192.168.20.2.
DNS domain name: huayu.com

Configure the secondary region of the huayu.com domain name on the Linux Server:

1. Modify the DNS region declaration storage file
# Vi/etc/named. rfc1912.zones
Declare domain name region information and add the following five lines:

2. Allow write permission to the database directory of the primary DNS:

3. Start the DNS server:
# Service named restart // restart the DNS service
# Rndc reload // reload the key

4. Reverse DNS resolution Verification:
The system generates the region data file huayu. zone.

Test DNS resolution:

Automatically learn the forward data file www.huayu.com in win2003 to the/var/named/chroot/var/named directory and name it huayu. zone. This region file is automatically generated.

<D> reverse auxiliary Area
1. the same way as in the secondary area.
2. You must delete the original reverse definition in the/etc/named. rfc1912.zones file, because the network segment of a DNS server can only have one reverse resolution region.

<E> forwarding DNS Server
Add a line in the DNS master profile/etc named. caching-nameserver.conf: forwarders {192.168.20.2 ;};
# Vi/etc/named. caching-nameserver.conf

Note: When the DNS server queries and resolves all regions outside the server, it forwards all the domain names to the 192.168.20.2 server for resolution.

<F> Configure the DNS server subdomain
1. Authorize a subdomain in the parent domain DNS Server

# Vi/var/named/chroot/var/named/sina. zone Add the following two lines to specify the IP addresses of the bj subdomain and the bj subdomain DNS server.

2. Set the bj.sina.com domain DNS server on another DNS Server
The configuration method is the same as that of the parent DNS server, but the domain name is bj.sina.com.

# Vi/etc/named. rfc1912.zones

# Vi/var/named/chroot/var/named/bj. sina. zone

This article from: http://lonay.blog.51cto.com/872125/192869