当前位置: 首页 > 图文教程 > 服务器 > Linux服务器 > 配置DNS辅助域名和子域名服务器

Linux服务器
Linux上双网卡绑定方法(Suse9SP3)
Linux操作系统调优参数的意义
Linux下使用SSH客户端及其Sftp文件传送
教你恢复被误删除的Linux文件
SQL Server注入大全及防御
Linux无法解析域名的解决办法
Linux系统下安装和配置MyEclipse的方法
Ubuntu下VirtualBox 1.4.0设置文件共享
Windows与Linux系统共享StarDict字典文件
修改Linux下相关的登陆信息
Windows通过SecureCRT远程登录Linux主机
Linux操作系统如何修改SWAP交换区的大小
Linux操作系统下为Apache目录添加密码
Linux时间设置与同步(NTP)
Linux内核补丁AMD旁路转换缓冲(TLB)错误
Linux架设DHCP服务器的方法
Fedora 8下Apache配置与管理
Linux操作系统下用单网卡捆绑双IP的方法
Ubuntu Linux系统环境变量配置文件
SUSE Linux中将Tomcat作为Service运行

Linux服务器 中的 配置DNS辅助域名和子域名服务器


出处:互联网   整理: 软晨网(RuanChen.com)   发布: 2009-10-18   浏览: 156 ::
收藏到网摘: n/a

一、规划说明:

主机A:双网卡

192.168.1.7——>mydomain.org主域名服务器

192.168.10.7——>myzone.org主域名服务器,其有两个子域,为market.myzone.org和develog.myzone.org

主机B:双网卡

192.168.1.6——>mydomain.org辅助域名服务器

192.168.10.6——>market.myzone.org子域名服务器

两台服务器均有DNS独立的日志,用以记录查询(query_logs)记录和错误(err_logs)记录,以便于DNS后期管理;本文不过多涉及安全方面的问题。

安装过程请参照另一篇文章“Bind9.4.0rc2安装笔记(一步步学习配置简易DNS)”。

  二、主机A:

1.主配置文件/etc/named.conf

options{directory"/var/named/";version"0.0.0";};logging{channeldns_errors{file"/var/log/named/err_logs"versions3size10m;severityerror;print-categoryyes;print-severityyes;print-timeyes;};channeldns_queries{file"/var/log/named/query_logs"versions3size10m;severityinfo;print-categoryyes;print-severityyes;print-timeyes;};categorydefault{dns_errors;};categoryqueries{dns_queries;};};zone"."{typehint;file"named.ca";};zone"localhost"{typemaster;file"named.local";};zone"0.0.127.IN-addr.arpa"{typemaster;file"named.rev";};zone"mydomain.org"{typemaster;file"mydomain.org.zone";allow-transfer{192.168.1.6/32;};};zone"myzone.org"{typemaster;file"myzone.org.zone";allow-transfer{192.168.10.0/24;};};zone"10.168.192.in-addr.arpa"{typemaster;file"192.168.10.zone";allow-transfer{192.168.10.0/24;};};zone"1.168.192.in-addr.arpa"{typemaster;file"192.168.1.zone";allow-transfer{192.168.1.6/32;};};key"rndc-key"{algorithmhmac-md5;secret"oKLRLl8BolNj883OX1YcxQ==";};controls{inet127.0.0.1port953allow{127.0.0.1;}keys{"rndc-key";};};#Endofnamed.conf

2.域mydomain.org的正向解析文件/var/named/mydomain.org.zone

$TTL1D$ORIGINmydomain.org.@1DINSOAmydomain.org.root.mail.mydomain.org.(200703011H15M1W1D)INNSns.mydomain.org.INMX10mail.mydomain.org.mydomain.org.INA192.168.1.7#泛域名解析nsINA192.168.1.7mailINA192.168.1.100wwwINCNAMEmailftpINCNAMEmail

3.域mydomain.org的反向解析文件/var/named/192.168.1.zone

[email protected].(200703011H15M1W1D)INNSns.mydomain.org.7INPTRmarion.org.7INPTRns.mydomain.org.100INPTRmail.mydomain.org.

4.域myzone.org的正向解析文件/var/named/myzone.org.zone

#more/var/named/myzone.org.zone$TTL1D$ORIGINmyzone.org.@1DINSOAmyzone.org.root.mail.myzone.org.(200703011H15M1W1D)INNSns.myzone.org.INMX10mail.myzone.org.myzone.org.INA192.168.10.7nsINA192.168.10.7mailINA192.168.10.5wwwINCNAMEmailftpINCNAMEmailmarketINNSns.market#指明授权的子域marketns.marketINA192.168.10.6$ORIGINdevelop.myzone.org.#指明授权的子域develop,和上一种方法稍有不同.INNSns.develop.myzone.org.nsINA192.168.10.2

5.域myzone.org的反向解析文件/var/named/192.168.10.zone

[email protected].(200703011H15M1W1D)INNSns.myzone.org.6INPTRns.market.myzone.org2INPTRns.develop.myzone.org7INPTRns.myzone.org.5INPTRmail.myzone.org.7INPTRmyzone.org.

三、主机B:

1.named主配置文件/etc/named.conf

options{directory"/var/named/";version"unknown";forwarders{192.168.1.7;};};logging{channeldns_errors{file"/var/log/named/err_logs"versions3size10m;severityerror;print-categoryyes;print-severityyes;print-timeyes;};channeldns_queries{file"/var/log/named/query_logs"versions3size10m;severityinfo;print-categoryyes;print-severityyes;print-timeyes;};categorydefault{dns_errors;};categoryqueries{dns_queries;};};zone"."{typehint;file"named.ca";};zone"localhost"{typemaster;file"named.local";};zone"0.0.127.IN-addr.arpa"{typemaster;file"named.rev";};zone"mydomain.org"{typeslave;file"mydomain.org.zone";masters{192.168.1.7;};};zone"1.168.192.in-addr.arpa"{typeslave;file"192.168.1.zone";masters{192.168.1.7;};};zone"market.myzone.org"{typemaster;file"market.myzone.org.zone";};zone"10.168.192.in-addr.arpa"{typemaster;file"192.168.10.zone";};key"rndc-key"{algorithmhmac-md5;secret"NiBZCqWP0IsvMPuZpUKdog==";};controls{inet127.0.0.1port953allow{127.0.0.1;}keys{"rndc-key";};};#Endofnamed.conf

2.子域market.myzone.org的正向解析文件/var/named/market.myzone.org.zone

$TTL1D$ORIGINmarket.myzone.org.@1DINSOAmarket.myzone.org.root.mail.market.myzone.org.(200703011H15M1W1D)INNSns.market.myzone.org.INMX10mail.market.myzone.org.market.myzone.org.INA192.168.10.6nsINA192.168.10.6mailINA192.168.10.100wwwINCNAMEmail

3.子域market.myzone.org的反向解析文件/var/named/192.168.10.zone

[email protected].(200703011H15M1W1D)INNSns.myzone.org.6INPTRns.myzone.org.100INPTRmail.myzone.org.

注:辅助域的解析文件将会由区域传送获得,不需要手动建立。如果你想要反复尝试区域传送的效果,请将TTL值改小。本机的如下所示:

4.域mydomain.org的正向解析文件/var/named/mydomain.org.zone

$ORIGIN.$TTL86400;1daymydomain.orgINSOAmydomain.org.root.mail.mydomain.org.(20070301;serial3600;refresh(1hour)900;retry(15minutes)604800;expire(1week)86400;minimum(1day))NSns.mydomain.org.A192.168.1.7MX10mail.mydomain.org.$ORIGINmydomain.org.ftpCNAMEmailmailA192.168.1.100nsA192.168.1.7wwwCNAMEmail

5.域mydomain.org的反向解析文件/var/named/192.168.1.zone

$ORIGIN.$TTL86400;1day1.168.192.in-addr.arpaINSOAmydomain.org.root.mail.mydomain.org.(20070301;serial3600;refresh(1hour)900;retry(15minutes)604800;expire(1week)86400;minimum(1day))NSns.mydomain.org.$ORIGIN1.168.192.in-addr.arpa.100PTRmail.mydomain.org.7PTRmarion.org.PTRns.mydomain.org.

四:测试结果

1.主机A:

#nslookup>settype=NS>market.myzone.orgServer:127.0.0.1Address:127.0.0.1#53Non-authoritativeanswer:market.myzone.orgnameserver=ns.market.myzone.org.Authoritativeanswerscanbefoundfrom:ns.market.myzone.orginternetaddress=192.168.10.6>myzone.orgServer:127.0.0.1Address:127.0.0.1#53myzone.orgnameserver=ns.myzone.org.>mydomain.orgServer:127.0.0.1Address:127.0.0.1#53mydomain.orgnameserver=ns.mydomain.org.>
2.主机B:

#nslookup>settype=NS>mydomain.orgServer:127.0.0.1Address:127.0.0.1#53mydomain.orgnameserver=ns.mydomain.org.>myzone.orgServer:127.0.0.1Address:127.0.0.1#53Non-authoritativeanswer:myzone.orgnameserver=ns.myzone.org.Authoritativeanswerscanbefoundfrom:ns.myzone.orginternetaddress=192.168.10.7>market.myzone.orgServer:127.0.0.1Address:127.0.0.1#53market.myzone.orgnameserver=ns.market.myzone.org.

上一页[1][2][3][4][5]