安装bind、caching-nameserver(RHEL6默认未自带caching-nameserver,可忽略依赖关系直接安装RHEL5中的软件包)
|
1
2
3
4
5
6
7
|
[root@rhel6 ~]
# yum -y install bind
[root@rhel6 ~]
# rpm -ivh --nodeps --force caching-nameserver-9.3.6-4.P1.el5_4.2.x86_64.rpm
warning: caching-nameserver-9.3.6-4.P1.el5_4.2.x86_64.rpm: Header V3 DSA
/SHA1
Signature, key ID 37017186: NOKEY
Preparing...
########################################### [100%]
1:caching-nameserver
########################################### [100%]
[root@rhel6 ~]
# mv /etc/named* /var/named/chroot/etc/
[root@rhel6 ~]
# mv /var/named/* /var/named/chroot/var/named/
|
配置master DNS主配置文件
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
|
[root@rhel6 ~]
# vim /var/named/chroot/etc/named.conf
options {
//
定义一些影响整个DNS服务器的环境设置
listen-on port 53{ 192.168.0.90; };
listen-on-v6 port 53 { ::1; };
directory
"/var/named"
;
//
定义服务器的工作目录
dump-
file
"/var/named/data/cache_dump.db"
;
statistics-
file
"
/var/named/data/named_stats
.txt;
memstatistics-
file
"/var/named/data/named_mem_stats.txt"
;
allow-query { 192.168.0.0
/24
; };
allow-transfer { 192.168.0.0
/24
; };
//
定义允许传输的辅助DNS服务器地址
};
logging {
channel default_debug {
file
"data/named.run"
;
severity dynamic;
};
};
#include "/etc/named.rfc1912.zones";
zone
"."
IN {
type
hint;
//
定义互联网中的根域名服务器
file
"named.ca"
;
};
zone
"xfcy.org"
IN {
//
创建正向解析区域
type
master;
//
定义主域名服务器
file
"xfcy.org.zone"
;
};
zone
"0.168.192.in-addr.arpa"
IN {
//
创建反向解析区域
type
master;
file
"192.168.0.zone"
;
};
|
创建正反向解析域:
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
|
[root@rhel6 ~]
# vim /var/named/chroot/var/named/xfcy.org.zone
$TTL 86400
//
设置客户端对DNS缓存1天的时间
@ IN SOA dns.xfcy.org. root.dns.xfcy.org.(
//
@指当前的区域(即xfcy.org.zone),DNS服务器的域名、管理员邮箱
2013051700 ;Serial
//
序列号(主要用于主从DNS的同步)
28800 ;Refresh
14400 ;Retry
3600000 ;Expire
86400 ) ;Minimum
@ IN NS dns.xfcy.org.
//
设置DNS服务器的域名
dns.xfcy.org. IN A 192.168.0.90
//
设置A(Address)记录,用于设置主机名对应的IP地址
@ IN MX 5 mail.xfcy.org.
//
设置邮件交换器资源记录,用于设置当前域中提供的Mail Server
mail IN CNAME dns.xfcy.org.
//
设置CNAME记录,用于在区域文件中主机的别名
www IN A 192.168.0.90
[root@rhel6 ~]
# vim /var/named/chroot/var/named/192.168.0.zone
$TTL 86400
@ IN SOA 0.168.192.
in
-addr.arpa. root.dns.xfcy.org.(
2013051700 ;Serial
28800 ;Refresh
14400 ;Retry
3600000 ;Expire
86400 ) ;Minimum
@ IN NS dns.xfcy.org.
90 IN PTR dns.xfcy.org.
@ IN MX 5 mail.xfcy.org.
90 IN PTR mail.xfcy.org.
90 IN PTR www.xfcy.org.
|
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
|
[root@rhel6 ~]
# ln -s /var/named/chroot/etc/named.conf /etc/
[root@rhel6 ~]
# ln -s /var/named/chroot/var/named/xfcy.org.zone /var/named/
[root@rhel6 ~]
# ln -s /var/named/chroot/etc/192.168.1.org.zone /var/named/
[root@rhel6 ~]
# ln -s /var/named/chroot/var/named/named.ca /var/named/
[root@rhel6 ~]
# chown -R root:named /var/named/chroot/
检查区域文件
[root@rhel6 ~]
# named-checkconf /etc/named.conf
[root@rhel6 ~]
# named-checkzone xfcy.org /var/named/xfcy.org.zone
zone xfcy.org
/IN
: xfcy.org
/MX
'mail.xfcy.org'
is a CNAME (illegal)
zone xfcy.org
/IN
: loaded serial 2013051700
OK
[root@rhel6 ~]
# named-checkzone 192.168.0 /var/named/192.168.0.zone
zone 192.168.0
/IN
: 192.168.0
/MX
'mail.xfcy.org'
(out of zone) has no addresses records (A or AAAA)
zone 192.168.0
/IN
: loaded serial 2013051700
OK
[root@rhel6 ~]
# /etc/init.d/named start
[root@rhel6 ~]
# netstat -lntp | grep named
tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN 10490
/named
tcp 0 0 ::1:53 :::* LISTEN 10490
/named
|
|
1
2
3
4
5
6
7
8
9
10
11
12
13
|
[root@rhel6 ~]
# dig mail.xfcy.org @localhost
; <<>> DiG 9.7.3-P3-RedHat-9.7.3-8.P3.el6 <<>> mail.xfcy.org @localhost
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: REFUSED,
id
: 3225
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; WARNING: recursion requested but not available
;; QUESTION SECTION:
;mail.xfcy.org. IN A
;; Query
time
: 1 msec
;; SERVER: 127.0.0.1
#53(127.0.0.1)
;; WHEN: Fri May 17 23:07:58 2013
;; MSG SIZE rcvd: 31
|
配置辅助域名服务器:
首先同样安装好bind和caching-nameserver
配置Slave DNS主配置文件
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
|
[root@rhel6-2 ~]
# vi /var/named/chroot/etc/named.conf
options {
listen-on port 53 { 192.168.0.91; };
directory
"/var/named"
;
dump-
file
"/var/named/data/cache_dump.db"
;
statistics-
file
"/var/named/data/named_stats.txt"
;
memstatistics-
file
"/var/named/data/named_mem_stats.txt"
;
allow-query { 192.168.0.0
/24
; };
allow-query-cache { 192.168.0.0
/24
; };
};
logging {
channel default_debug {
file
"data/named.run"
;
severity dynamic;
};
};
zone
"."
IN {
type
hint;
file
"named.ca"
;
};
zone
"xfcy.org"
IN {
type
slave;
file
"slaves/xfcy.org.zone"
;
masters { 192.168.0.90; };
};
zone
"0.168.192.in-addr.arpa"
IN {
type
slave;
file
"slaves/192.168.0.zone"
;
masters { 192.168.0.90; };
};
|
启动Slave DNS,将自动从主DNS服务器中传输区域配置文件,并在每隔Refresh Time之后自动与主DNS进行更新,同时主DNS每修改一次区域配置文件必须增加Series的值:
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
|
[root@rhel6-2 ~]
# ls /var/named/chroot/var/named/slaves
[root@rhel6-2 ~]
# /etc/init.d/named start
[root@rhel6-2 ~]
# tailf /var/log/messages
May 17 23:53:12 rhel6-2 named[2991]: zone 0.168.192.
in
-addr.arpa
/IN
: Transfer started.
May 17 23:53:12 rhel6-2 named[2991]: transfer of
'0.168.192.in-addr.arpa/IN'
from 192.168.0.90
#53: connected using 192.168.0.91#58501
May 17 23:53:12 rhel6-2 named[2991]: zone 0.168.192.
in
-addr.arpa
/IN
: transferred serial 2013051701
May 17 23:53:12 rhel6-2 named[2991]: transfer of
'0.168.192.in-addr.arpa/IN'
from 192.168.0.90
#53: Transfer completed: 1 messages, 7 records, 213 bytes, 0.001 secs (213000 bytes/sec)
May 17 23:53:12 rhel6-2 named[2991]: zone 0.168.192.
in
-addr.arpa
/IN
: sending notifies (serial 2013051701)
May 17 23:53:13 rhel6-2 named[2991]: zone xfcy.org
/IN
: Transfer started.
May 17 23:53:13 rhel6-2 named[2991]: transfer of
'xfcy.org/IN'
from 192.168.0.90
#53: connected using 192.168.0.91#42265
May 17 23:53:13 rhel6-2 named[2991]: zone xfcy.org
/IN
: transferred serial 2013051701
May 17 23:53:13 rhel6-2 named[2991]: transfer of
'xfcy.org/IN'
from 192.168.0.90
#53: Transfer completed: 1 messages, 7 records, 192 bytes, 0.001 secs (192000 bytes/sec)
[root@rhel6-2 ~]
# ls /var/named/chroot/var/named/slaves
xfcy.org.zone 192.168.0.zone
[root@rhel6-2 ~]
# dig mail.xfcy.org @192.168.0.91
; <<>> DiG 9.7.3-P3-RedHat-9.7.3-8.P3.el6 <<>> mail.xfcy.org @192.168.0.91
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR,
id
: 9476
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;mail.xfcy.org. IN A
;; ANSWER SECTION:
mail.xfcy.org. 86400 IN CNAME dns.xfcy.org.
dns.xfcy.org. 86400 IN A 192.168.0.90
;; AUTHORITY SECTION:
xfcy.org. 86400 IN NS dns.xfcy.org.
;; Query
time
: 0 msec
;; SERVER: 192.168.0.91
#53(192.168.0.91)
;; WHEN: Fri May 17 23:51:32 2013
;; MSG SIZE rcvd: 79
|
最后通过对同一个域名添加多条A记录可作负载均衡:
|
1
2
3
4
5
6
7
8
9
10
11
12
13
|
[root@rhel6 ~]
# for i in $( seq 1 50) ; do echo "www 0 IN A 192.168.0.$i" ;done >> /var/named/xfcy.org.zone
[root@rhel6 ~]
# for i in $(seq 1 10) ; do ping -c 1 -i 0.001 www | head -n 1 ;done
PING www.xfcy.org (192.168.0.46) 56(84) bytes of data.
PING www.xfcy.org (192.168.0.42) 56(84) bytes of data.
PING www.xfcy.org (192.168.0.38) 56(84) bytes of data.
PING www.xfcy.org (192.168.0.34) 56(84) bytes of data.
PING www.xfcy.org (192.168.0.30) 56(84) bytes of data.
PING www.xfcy.org (192.168.0.26) 56(84) bytes of data.
PING www.xfcy.org (192.168.0.22) 56(84) bytes of data.
PING www.xfcy.org (192.168.0.18) 56(84) bytes of data.
PING www.xfcy.org (192.168.0.14) 56(84) bytes of data.
PING www.xfcy.org (192.168.0.10) 56(84) bytes of data.
从以上结果可知每次解析www.xfcy.org的结果都是不一样的
|
本文转自Vnimos51CTO博客,原文链接:http://blog.51cto.com/vnimos/1203112
,如需转载请自行联系原作者
