RHEL 7 上安裝DNS伺服器可以實現域名與IP的雙向解析,即通過域名可以找到主機IP,也可以通過IP找到域名。在postfix搭建郵件伺服器中,需要用到DNS正向解析與反向解析,因此DNS伺服器大有可為。
首先需要安裝bind,它是named服務的依賴,我們搭建DNS伺服器就是要使用named服務,無需像有些文章所說的安裝bind-chroot,另外我們需要通過一些命令比如nslookup,dig來檢驗我們的DNS服務是否正常,我們需要安裝bind-utils,整個DNS伺服器的安裝,就只需要安裝bind、bind-utils,剩下的就是配置正向解析與反向解析。
1.安裝bind、bind-utils
[root@OpsNote ~]# yum install -y bind bind-utils
已載入插件:langpacks, product-id, subscription-manager
This system is not registered to Red Hat Subscription Management. You can use subscription-manager to register.
aa | 4.1 kB 00:00:00
軟體包 32:bind-utils-9.9.4-14.el7.x86_64 已安裝並且是最新版本
正在解決依賴關係
--> 正在檢查事務
---> 軟體包 bind.x86_64.32.9.9.4-14.el7 將被 安裝
--> 解決依賴關係完成
依賴關係解決
===============================================================================================================================================================================================
Package 架構 版本 源 大小
===============================================================================================================================================================================================
正在安裝:
bind x86_64 32:9.9.4-14.el7 aa 1.8 M
事務概要
===============================================================================================================================================================================================
安裝 1 軟體包
總下載量:1.8 M
安裝大小:4.3 M
Downloading packages:
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
正在安裝 : 32:bind-9.9.4-14.el7.x86_64 1/1
驗證中 : 32:bind-9.9.4-14.el7.x86_64 1/1
已安裝:
bind.x86_64 32:9.9.4-14.el7
完畢!
[root@OpsNote ~]# systemctl is-active named
inactive
[root@OpsNote ~]# 2.配置/etc/named.conf
vim /etc/named.conf #編輯配置文件
10 options {
11 listen-on port 53 { 127.0.0.1; }; #127.0.0.1更改為any
12 listen-on-v6 port 53 { ::1; };
13 directory "/var/named";
14 dump-file "/var/named/data/cache_dump.db";
15 statistics-file "/var/named/data/named_stats.txt";
16 memstatistics-file "/var/named/data/named_mem_stats.txt";
17 allow-query { localhost; }; #localhost更改為any3.配置/etc/named.rfc1912.zones
增加一個正向解析與一個反向解析的配置,可以拷貝其他的zone 配置,如下所示opsnote.com和68.168.192.in-addr.arpa兩個zone是新增的
4.創建正向和反向文件
拷貝/var/named/目錄下named.localhost和named.loopback分別為我們在named.rfc1912.zones中設置的正向解析文件opsnote和反向解析文件opsnote.zone,注意文件名的對應
[root@OpsNote ~]# cd /var/named/
[root@OpsNote named]# ls
data dynamic named.ca named.empty named.localhost named.loopback slaves
[root@OpsNote named]# cp -p named.localhost opsnote
[root@OpsNote named]# cp -p named.loopback opsnote.zone
[root@OpsNote named]# ls
data dynamic named.ca named.empty named.localhost named.loopback opsnote opsnote.zone slaves
[root@OpsNote named]#5.修改正向和反向文件
修改opsnote文件
[root@OpsNote named]# cat opsnote
$TTL 1D
@ IN SOA opsnote.com. rname.invalid. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS @
A 127.0.0.1
AAAA ::1
NS ns.opsnote.com.
ns IN A 192.168.10.135
www IN A 192.168.10.201
ftp IN A 192.168.10.202
[root@OpsNote named]#修改opsnote.zone文件
[root@OpsNote named]# cat opsnote.zone
$TTL 1D
@ IN SOA opsnote.com. rname.invalid. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS @
A 127.0.0.1
AAAA ::1
PTR localhost.
NS ns.opsnote.com.
ns A 192.168.68.135
201 PTR www.opsnote.com.
202 PTR ftp.opsnote.com.
[root@OpsNote named]#注意:named配置文件在/etc目錄下,而正向解析與反向解析文件均在/var/named文件夾下
6.更改正向和反向文件所有者
反向解析文件server.com.local的所屬組不是named,那麼將其修改為named
[root@OpsNote named]# ll
總用量 24
drwxrwx---. 2 named named 6 1月 29 2014 data
drwxrwx---. 2 named named 6 1月 29 2014 dynamic
-rw-r-----. 1 root named 2076 1月 28 2013 named.ca
-rw-r-----. 1 root named 152 12月 15 2009 named.empty
-rw-r-----. 1 root named 152 6月 21 2007 named.localhost
-rw-r-----. 1 root named 168 12月 15 2009 named.loopback
-rw-r-----. 1 root named 285 9月 10 16:03 opsnote
-rw-r-----. 1 root named 307 9月 10 16:05 opsnote.zone
drwxrwx---. 2 named named 6 1月 29 2014 slaves
[root@OpsNote named]# chown named opsnote opsnote.zone
[root@OpsNote named]# ll
總用量 24
drwxrwx---. 2 named named 6 1月 29 2014 data
drwxrwx---. 2 named named 6 1月 29 2014 dynamic
-rw-r-----. 1 root named 2076 1月 28 2013 named.ca
-rw-r-----. 1 root named 152 12月 15 2009 named.empty
-rw-r-----. 1 root named 152 6月 21 2007 named.localhost
-rw-r-----. 1 root named 168 12月 15 2009 named.loopback
-rw-r-----. 1 named named 285 9月 10 16:03 opsnote
-rw-r-----. 1 named named 307 9月 10 16:05 opsnote.zone
drwxrwx---. 2 named named 6 1月 29 2014 slaves
[root@OpsNote named]# 7.啟動服務
[root@OpsNote named]# cat /etc/resolv.conf
# Generated by NetworkManager
domain localdomain
search localdomain
nameserver 192.168.68.135
[root@OpsNote named]# systemctl start named
[root@OpsNote named]# firewall-cmd --add-service=dns
success
[root@OpsNote named]# 8.測試
在另外一台rhel 7(192.168.68.131)上面配置好DNS:192.168.68.135,測試
[root@localhost ~]# ifconfig ens32
ens32: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.68.131 netmask 255.255.255.0 broadcast 192.168.68.255
inet6 fe80::4c67:9a21:2e77:422a prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:56:1a:03 txqueuelen 1000 (Ethernet)
RX packets 1674 bytes 1732919 (1.6 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 607 bytes 70284 (68.6 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
[root@localhost ~]#
[root@localhost ~]# cat /etc/resolv.conf
# Generated by NetworkManager
search localdomain
nameserver 192.168.68.135
[root@localhost ~]# ping 192.168.68.135 -c1
PING 192.168.68.135 (192.168.68.135) 56(84) bytes of data.
64 bytes from 192.168.68.135: icmp_seq=1 ttl=64 time=1.60 ms
--- 192.168.68.135 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 1.609/1.609/1.609/0.000 ms
[root@localhost ~]# nslookup www.opsnote.com
Server: 192.168.68.135
Address: 192.168.68.135#53
Name: www.opsnote.com
Address: 192.168.10.201
[root@localhost ~]# nslookup ftp.opsnote.com
Server: 192.168.68.135
Address: 192.168.68.135#53
Name: ftp.opsnote.com
Address: 192.168.10.202
[root@localhost ~]#
[root@localhost ~]# nslookup ns.opsnote.com
Server: 192.168.68.135
Address: 192.168.68.135#53
Name: ns.opsnote.com
Address: 192.168.10.135
[root@localhost ~]#原創文章,作者:投稿專員,如若轉載,請註明出處:https://www.506064.com/zh-tw/n/232815.html
微信掃一掃 
支付寶掃一掃 