本文介绍如何使用BIND安装和配置DNS服务器,包括主从DNS服务器的设置方法。通过具体步骤指导如何进行域名解析配置,并确保主从DNS服务器之间的同步。
安装软件
yum install -y bind bind-utils新增配置
假如配置 www.bidcloud.local 到 12.12.12.12 上
新增配置文件 /var/named/bigcloud.local.zone
$TTL 1D
@ IN SOA ns.bigcloud.local. admin.bigcloud.local. (
2015 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
IN NS ns.bigcloud.local.
ns IN A 127.0.0.1
admin IN A 11.11.11.11
www IN A 12.12.12.12
www IN A 13.13.13.13
gary IN A 121.121.121.121
gary IN A 121.121.121.122
gary IN A 121.121.121.123修改配置文件
## 修改内容
options {
listen-on port 53 { any; };
#listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { any; };
/*
- If you are building an AUTHORITATIVE DNS server, do NOT enable recursion.
- If you are building a RECURSIVE (caching) DNS server, you need to enable
recursion.
- If your recursive DNS server has a public IP address, you MUST enable access
control to limit queries to your legitimate users. Failing to do so will
cause your server to become part of large scale DNS amplification
attacks. Implementing BCP38 within your network would greatly
reduce such attack surface
*/
#recursion yes;
dnssec-enable no;
#dnssec-validation yes;
/* Path to ISC DLV key */
#bindkeys-file "/etc/named.iscdlv.key";
#managed-keys-directory "/var/named/dynamic";
pid-file "/run/named/named.pid";
#session-keyfile "/run/named/session.key";
};
## 新增内容
zone "bigcloud.local" IN {
type master;
file "bigcloud.local.zone";
## 如果有从dnsserver 就需要如下配置
notify yes;
also-notify { 192.168.31.131; };
};从dns配置
修改 /etc/named.conf
#新增内容
zone "bigcloud.local" IN {
type slave;
file "slaves/bigcloud.local.zone";
masters { 192.168.31.132; };
};启动主和从dns,从自动拷贝主dns的配置
systemctl start named如果主dns的配置修改了,需要修改 serial 序列,才会自动同步到从dns上
扫一扫
6万+
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
