-
安裝 BIND 套件:
#yum -y install bind bind-libs bind-chroot bind-utils
-
編修設定檔 /etc/named.conf:
#vim /etc/named.conf
options {
listen-on port 53 { any; };
//listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { localhost; 192.168.100.0/24; };
recursion yes;
dnssec-enable yes;
dnssec-validation yes;
dnssec-lookaside auto;
bindkeys-file "/etc/named.iscdlv.key";
managed-keys-directory "/var/named/dynamic";
pid-file "/run/named/named.pid";
session-keyfile "/run/named/session.key";
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";
zone "." IN {
type hint;
file "named.ca";
};
//設定所管轄的網域名稱對IP正解析
zone "example.com" IN {
type master;
file "example.zone";
};
//設定所管轄的網域名稱對IPv4反解析
zone "100.168.192.in-addr.arpa" IN {
type master;
file "example.reverse";
};
-
編修example.com網域正解析記錄檔 /var/named/example.zone:
#vim /var/named/example.zone
$TTL 10
@ IN SOA dns1.example.com. root (
2016032901;
1H;
2D;
3W;
10 )
@ IN NS dns1.example.com.
@ IN A 192.168.100.183
@ IN MX 10 mail
dns1.example.com. IN A 192.168.100.183
mail IN A 192.168.100.183
ftp IN A 192.168.100.183
www IN A 192.168.100.183
-
編修example.com網域正解析記錄檔 /var/named/example.reverse:
#vim /var/named/example.reverse
$TTL 10
@ IN SOA dns1.example.com. root (
2016032901;
1H;
2D;
3W;
10 )
@ IN NS dns1.example.com.
183 IN PTR dns1.example.com.
183 IN PTR mail.example.com.
183 IN PTR www.example.com.
183 IN PTR ftp.example.com.
-
設定防火牆,放行 DNS 服務:
#firewall-cmd --permanent --add-service=dns
#firewall-cmd --reload
-
啟動 DNS Server 服務:
#systemctl stop named
#systemctl disable named
#systemctl enable named-chroot
#systemctl start named-chroot
-
設定本機查詢的 DNS Server:
#vim /etc/resolv.conf
search example.com
nameserver 192.168.100.183
