DNS服务(bind9)配置

Bind是一款开放源码的DNS服务器软件,Bind由美国加州大学Berkeley分校开发和维护的,全名为Berkeley Internet Name Domain它是目前世界上使用最为广泛的DNS服务器软件,支持各种unix平台和windows平台。
环境:系统CentOS5
安装比较简单,yum -y install bind 当然也可以采用源码方式安装。
由于配置文件在chroot目录中不太方便,在/etc/named.conf建立一个符号链接指向/var/named/chroot/etc/named.conf

?View Code BASH
ln -s /var/named/chroot/etc/named.conf /etc/named.conf
vi /etc/named.conf
 
options
{
        // Those options should be used carefully because they disable port
        // randomization
        // query-source    port 53;
        // query-source-v6 port 53;
 
        listen-on port 53 {127.0.0.1;};//测试只是监听本地网络,实际应用应该改成相应公网或者私网IP
        // Put files that named is allowed to write in the data/ directory:
        directory "/var/named"; // the default
        dump-file               "data/cache_dump.db";
        statistics-file         "data/named_stats.txt";
        memstatistics-file      "data/named_mem_stats.txt";
        forwarders
        {
 
                208.67.222.222;//将查询转发给opendns服务器
        };
        allow-query    { any; };//允许任何客户端使用
        allow-transfer { none; };//禁止传送,没有slave
};
logging
{
/*      If you want to enable debugging, eg. using the 'rndc trace' command,
 *      named will try to write the 'named.run' file in the $directory (/var/named).
 *      By default, SELinux policy does not allow named to modify the /var/named directory,
 *      so put the default debug log file in data/ :
 */
        channel default_debug {
                file "data/named.run";
                severity dynamic;
        };
};
 
view "localhost_resolver"
{
/* This view sets up named to be a localhost resolver ( caching only nameserver ).
 * If all you want is a caching-only nameserver, then you need only define this view:
 */
        match-clients           { localhost; };
        match-destinations      { localhost; };
        recursion yes;
        # all views must contain the root hints zone:
#       include "/etc/named.root.hints";
 
        /* these are zones that contain definitions for all the localhost
         * names and addresses, as recommended in RFC1912 - these names should
         * ONLY be served to localhost clients:
         */
#       include "/etc/named.rfc1912.zones";
 
//以下是测试的域名piao2010.com
      zone "piao2010.com" {
      type master;
      file "db.piao2010.com";//数据库文件名称
      };
};
 
 
vi /var/named/chroot/var/named/db.piao2010.com
 
$TTL    604800
@       IN      SOA     www.piao2010.com. root.www (
20100308         ; Serial
604800         ; Refresh
86400         ; Retry
2419200         ; Expire
604800 )       ; Negative Cache TTL
;
@       IN      NS      www.piao2010.com.
www     IN      A       115.47.68.159
;还可以增加各种记录
 
 
echo "nameserver 127.0.0.1" >/etc/resolv.conf#将原先的DNS服务器注释掉再添加自己的DNS
 
/etc/init.d/named start#启动服务
 
查看日志
tail -n 30 /var/log/messages | grep named
 
测试
dig www.piao2010.com
可以看见相应信息表示配置成功。

相关日志

Tags: , ,

This entry was posted on 星期一, 3月 8th, 2010 at 14:21 and is filed under Linux. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Leave a Reply