centos搭建dns服务器
安装bind
yum install bind
编辑/etc/named.conf,添加域配置:
zone "xxx.com" IN {
type master;
file "xxx.com.zone";
};
zone "2.168.192.in-addr.arpa" IN {
type master;
file "2.168.192.zone";
};
这里注意修改options中的listen-on port 以及allow-query,默认是localhost,测试的话可以修改成any。
在相应目录下建立 xxx.com.zone和2.168.192.zone文件:
xxx.com.zone
$TTL 1D
@ IN SOA xxx.com. root (
20140929 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
@ IN NS ns1.xxx.com.
ns1 IN A 192.168.2.26
www IN A 192.168.2.26
2.168.192.zone
TTL 1D
@ IN SOA xxx.com. root (
20140929 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
@ IN NS ns1.xxx.com.
26 IN PTR ns1.xxx.com.
26 IN PTR www.xxx.com.
保存后记得修改权限!否则/var/log/message中会出现权限被拒绝错误。
然后修改防火墙配置以及selinux。
启动服务service named start
验证正向解析:
root@xsy:~# host www.xxx.com
www.xxx.com has address 192.168.2.26
root@xsy:~# nslookup www.xxx.com
Server: 192.168.2.222
Address: 192.168.2.222#53
Name: www.xxx.com
Address: 192.168.2.26
反向解析:
root@xsy:~# nslookup 192.168.2.26
Server: 192.168.2.222
Address: 192.168.2.222#53
26.2.168.192.in-addr.arpa name = ns1.xxx.com.
26.2.168.192.in-addr.arpa name = www.xxx.com.
如果检查文件、启动服务都没错误,但客户端就是显示“connect time out”,原因可能有下面几点:
- zone文件路径不对。
- zone文件权限不对。
- 防火墙和selinux设置。
- options中listen-on port 以及allow-query设置。 其中1、2看日志有明显输出,比如:
[root@localhost named]# tail -f /var/log/messages
Sep 28 17:15:04 localhost named[13020]: command channel listening on ::1#953
Sep 28 17:15:04 localhost named[13020]: zone 0.in-addr.arpa/IN: loaded serial 0
Sep 28 17:15:04 localhost named[13020]: zone 1.0.0.127.in-addr.arpa/IN: loaded serial 0
Sep 28 17:15:04 localhost named[13020]: zone 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN: loaded serial 0
Sep 28 17:15:04 localhost named[13020]: zone xxx.com/IN: loading from master file xxx.com.zone failed: permission denied
