日期:2011-02-23 18:06:00  来源:本站整理

RHEL5+bind9简单快速搭建DNS服务器[服务器安全]

赞助商链接



  本文“RHEL5+bind9简单快速搭建DNS服务器[服务器安全]”是由七道奇为您精心收集,来源于网络转载,文章版权归文章作者所有,本站不对其观点以及内容做任何评价,请读者自行判断,以下是其具体内容:

1,环境:

系统:rhle5.4

服务器IP:192.168.191.3

测试域名:www.百度.org.tw

2,软件包(用的安装盘自带的RPM包安装):

#rpm -ivh bind-libs-9.3.6-4.P1.el5.rpm
#rpm -ivh bind-utils-9.3.6-4.P1.el5.rpm


#rpm -ivh bind-9.3.6-4.P1.el5.rpm


3,成立bind用到的zone file目录

#mkdir /var/bind

4,安装好程序之后,生成rndc.conf和rndc.key文件

#/usr/sbin/rndc-confgen > /etc/rndc.conf

#cat /etc/rndc.conf
# Start of rndc.conf
key "rndckey" {
algorithm hmac-md5;
secret "kViQTHXyvhfaP8nZsb8kcg==";
};

options {
default-key "rndckey";
default-server 127.0.0.1;
default-port 953;
};
# End of rndc.conf


#cat /etc/rndc.conf > /etc/rndc.key

(然后把之前rndc.conf中没有注释的几行删掉,再把下面的有注释的留下,并撤消注释)
#cat /etc/rndc.key

# Start of rndc.conf

# Use with the following in named.conf, adjusting the allow list as needed:
key "rndckey" {
algorithm hmac-md5;
secret "kViQTHXyvhfaP8nZsb8kcg==";
};

controls {
inet 127.0.0.1 port 953
allow { 127.0.0.1; } keys { "rndckey"; };
};
# End of named.conf



5,成立/etc/named.conf文件

#cat /etc/named.conf

options{
directory "/var/bind";
allow-query{any;};
};

zone "."{
type hint;
file "named.ca";
};

zone "百度.org.tw"{
type master;
file "named.百度.org.tw";
allow-update {none;};
};

zone "191.168.192.in-addr.arpa"{
type master;
file "named.192.168.191";
};

include "/etc/rndc.key";


6,成立DNS根查询地址文件

#dig > /var/bind/named.ca

#cat /var/bind/named.ca

; <<>> DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5 <<>> -t NS
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 19763
;; flags: qr rd ra; QUERY: 1, ANSWER: 13, AUTHORITY: 0, ADDITIONAL: 15

;; QUESTION SECTION:
;. IN NS

;; ANSWER SECTION:
. 59186 IN NS c.root-servers.net.
. 59186 IN NS m.root-servers.net.
. 59186 IN NS f.root-servers.net.
. 59186 IN NS d.root-servers.net.
. 59186 IN NS a.root-servers.net.
. 59186 IN NS e.root-servers.net.
. 59186 IN NS g.root-servers.net.
. 59186 IN NS l.root-servers.net.
. 59186 IN NS j.root-servers.net.
. 59186 IN NS b.root-servers.net.
. 59186 IN NS k.root-servers.net.
. 59186 IN NS i.root-servers.net.
. 59186 IN NS h.root-servers.net.

;; ADDITIONAL SECTION:
a.root-servers.net. 145586 IN A 198.41.0.4
b.root-servers.net. 145607 IN A 192.228.79.201
c.root-servers.net. 255305 IN A 192.33.4.12
d.root-servers.net. 299927 IN A 128.8.10.90
e.root-servers.net. 155401 IN A 192.203.230.10
f.root-servers.net. 299837 IN A 192.5.5.241
g.root-servers.net. 247679 IN A 192.112.36.4
h.root-servers.net. 259378 IN A 128.63.2.53
i.root-servers.net. 299747 IN A 192.36.148.17
i.root-servers.net. 479706 IN AAAA 2001:7fe::53
j.root-servers.net. 259611 IN A 192.58.128.30
j.root-servers.net. 145586 IN AAAA 2001:503:c27::2:30
k.root-servers.net. 153654 IN A 193.0.14.129
k.root-servers.net. 153654 IN AAAA 2001:7fd::1
l.root-servers.net. 151716 IN A 199.7.83.42

;; Query time: 5 msec
;; SERVER: 211.162.78.1#53(211.162.78.1)
;; WHEN: Tue Dec 14 12:42:31 2010
;; MSG SIZE rcvd: 504


7,在/var/bind目录下成立以下文件

#vi /var/bind/named.百度.org.tw

$TTL 600
@ IN SOA 百度.org.tw. root.百度.org.tw. (
2003061800;serial
28800 ;refresh
14400 ;retry
3600000 ;expire
86400 ) ;minimum
@ IN NS 百度.org.tw. //(这里要注意,这个最背面有一个点)
www IN A 192.168.191.3
ftp IN A 192.168.191.3
mail IN A 192.168.191.3
百度.org.tw IN A 192.168.191.3
@ IN MX 5 mail


#vi /var/bind/named.192.168.191

$TTL 600
@ IN SOA 百度.org.tw. root.百度.org.tw. (
2003061800;serial
28800 ;refresh
14400 ;retry
3600000 ;expire
86400 ) ;minimum
@ IN NS 百度.org.tw.
3 IN PTRwww.百度.org.tw.
3 IN PTRftp.百度.org.tw.
3 IN PTR mail.百度.org.tw.


8,启动named服务

#service named start   以上是“RHEL5+bind9简单快速搭建DNS服务器[服务器安全]”的内容,如果你对以上该文章内容感兴趣,你可以看看七道奇为您推荐以下文章:

  • <b>yum源安装方法在RHEL5.5上布置LAMP</b>
  • RHEL6系统初体验之系统安装和本地YUN(源)服务器的构建
  • RHEL6/Scientific Linux 6虚拟机克隆招致的网卡问题办理办法
  • RHEL 4下安装VNC的一个小问题
  • <b>Linux(RHEL5)系统安全通例优化</b>
  • RHEL 6系统管理
  • RHEL 6网络配置
  • RHEL5上制作软件RAID 并在软件RAID底子上做LVM
  • <b>RHEL-5配置CentOS-5的yum源</b>
  • RHEL5下的Apache2.0+Tomcat5.5的集群配置
  • <b>Linux ( RHEL 4 )中ftp衔接530错误的办理办法</b>
  • <b>RHEL6安装Tomcat 6和hudson</b>
  • 本文地址: 与您的QQ/BBS好友分享!
    • 好的评价 如果您觉得此文章好,就请您
        0%(0)
    • 差的评价 如果您觉得此文章差,就请您
        0%(0)

    文章评论评论内容只代表网友观点,与本站立场无关!

       评论摘要(共 0 条,得分 0 分,平均 0 分) 查看完整评论
    Copyright © 2020-2022 www.xiamiku.com. All Rights Reserved .