1. 程式人生 > 實用技巧 >從零開始部署bind9伺服器之四: 配置192.168.1.102

從零開始部署bind9伺服器之四: 配置192.168.1.102

192.168.1.101上同步test.com.和1.168.192資源記錄

一、安裝bind9:

yum install -y bind

二、修改配置檔案:

cp /etc/named.conf{,.back} //先做備份

vim /etc/named.conf

wKioL1hqPdOiDAe1AAJKhxN5_Rg280.png

chkconfig --level 35 named on

service named start

三、複製兩個域:

1.測試

dig -t axfr test.com @192.168.1.101 //測試正向域複製

wKioL1hqPfeANpy2AAE3AnD_sqI729.png

dig -t axfr 1.168.192.in-addr.arpa @192.168.1.101 //測試反向域複製

wKiom1hqPh3zQZaKAAF9A3nMUG4482.png

2.配置兩個域

cp /etc/named.rfc1912.zones{,.back}

//先做備份

vim /etc/named.rfc1912.zones

wKioL1hqPjPAG-XCAAFLZFFZesk821.png

rndc reload //過載配置後,會自動生成資源庫檔案

wKiom1hqPkrwwKe3AACQ3ML27uo553.png

wKioL1hqPmHicu_nAAG4T-PrO_g289.png

wKiom1hqPnvD6JzAAAH_lPYbnAk093.png

驗證:

在192.168.1.101上給每個區域各增加一條記錄

wKioL1hqPpKSkqReAAHM56a5E1Q480.png

wKiom1hqPtKwOdCxAAHRy8rrXYQ709.png

101伺服器增加記錄後,過載一下配置,102伺服器就會自動複製新的資源庫了

wKiom1hqPumzsSnYAAIW2Y9zBDM303.png

wKioL1hqPwCzt-NVAAHAervZtxA674.png

附:

/etc/named.conf

//
//named.conf
//
//ProvidedbyRedHatbindpackagetoconfiguretheISCBINDnamed(8)DNS
//serverasacachingonlynameserver(asalocalhostDNSresolveronly).
//
//See/usr/share/doc/bind*/sample/forexamplenamedconfigurationfiles.
//

aclmyNet{
192.168.1.0/24;
};

options{
listen-onport53{192.168.1.102;127.0.0.1;};
//listen-on-v6port53{::1;};
directory"/var/named";
dump-file"/var/named/data/cache_dump.db";
statistics-file"/var/named/data/named_stats.txt";
memstatistics-file"/var/named/data/named_mem_stats.txt";
allow-query{any;};
recursionyes;
allow-recursion{myNet;};
dnssec-enableno;
dnssec-validationno;
forwardfirst;
forwarders{192.168.1.104;};

/*PathtoISCDLVkey*/
//bindkeys-file"/etc/named.iscdlv.key";

//managed-keys-directory"/var/named/dynamic";
};

logging{
channeldefault_debug{
file"data/named.run";
severitydynamic;
};
};

zone"."IN{
typehint;
file"named.ca";
};

include"/etc/named.rfc1912.zones";
include"/etc/named.root.key";


/etc/named.rfc1912.zones

//named.rfc1912.zones:
//
//ProvidedbyRedHatcaching-nameserverpackage
//
//ISCBINDnamedzoneconfigurationforzonesrecommendedby
//RFC1912section4.1:localhostTLDsandaddresszones
//andhttp://www.ietf.org/internet-drafts/draft-ietf-dnsop-default-local-zones-02.txt
//(c)2007RWFranks
//
//See/usr/share/doc/bind*/sample/forexamplenamedconfigurationfiles.
//

zone"localhost.localdomain"IN{
typemaster;
file"named.localhost";
allow-update{none;};
};

zone"localhost"IN{
typemaster;
file"named.localhost";
allow-update{none;};
};

zone"1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa"IN{
typemaster;
file"named.loopback";
allow-update{none;};
};

zone"1.0.0.127.in-addr.arpa"IN{
typemaster;
file"named.loopback";
allow-update{none;};
};

zone"0.in-addr.arpa"IN{
typemaster;
file"named.empty";
allow-update{none;};
};

zone"test.com"IN{
typeslave;
masters{192.168.1.101;};
file"slaves/test.com.zone";
allow-update{none;};
};

zone"1.168.192.in-addr.arpa"IN{
typeslave;
masters{192.168.1.101;};
file"slaves/192.168.1.zone";
allow-update{none;};
};



轉載於:https://blog.51cto.com/362475097/1888384