您的位置:360文档中心› DNS server for ubuntu

DNS server for ubuntu

DNS server for ubuntu
DNS server for ubuntu

Ubuntu上架设DNS服务器----bind9

1:DNS介绍及说明

bind介绍:

bind(Berkeley Internet Name Domain)是Domain Name Server(DNS)协议的一

个实现,提供了DNS主要功能开放实现,包括:

域名服务器(named); DNS解析库函数;DNS服务器运行调试所用的工具 bind有三个版本V4,V8,V9

相关资料:

官网:https://www.360docs.net/doc/9c17390176.html,

下载9.7.3 https://www.360docs.net/doc/9c17390176.html,/isc/bind9/9.7.3/bind-9.7.3.tar.gz 最新资源下载: https://www.360docs.net/doc/9c17390176.html,/software/bind

DNS使用端口号:

dns使用的端口号:53

正解与反解说明:

正解:通过domain(DNS下的hostname)应射IP; 通过hostname去找IP

反解:通过IP反查hostname

Zone(区域):一个正解或一个反解的设定就是一个zone

2:安装DNS的套件:bind9

sudo apt-get install bind9

查看安装后的相关目录文件:sudo dpkg –L bind9

查看端口是否已启动:netstat –tunlp | grep 53

3: DNS设定:

3.1 forward dns设定(cache-only)

Cache-only的主机是请一个(Forwarders)DNS主机来帮忙查询的,本身并没有 设定档,所以cache-only只是一个中间传递数据的DNS主机而以。

sudo vi /etc/bind/named.conf.options

配置环境:

master dns:10.1.99.2 cache-only:172.70.14.132表示,有些客户端的 DNS设成:172.70.14.132,然后172.70.14.132再去找到DNS 10.1.992 则在172.70.14.132主机上配置:sudo vi /etc/bind/named.conf.options

/etc/init.d/bind9 restart ///启动bind服务

3.2 master dns 设定

配置环境:

Master dns: 172.70.14.132 hostname:https://www.360docs.net/doc/9c17390176.html, domain:https://www.360docs.net/doc/9c17390176.html,.

Client1: 172.70.14.18/24 dns:172.70.14.132

Client2:172.70.14.117/24 dns:172.70.14.132

在ubuntu的DNS下配置文件有如下:

/etc/bind/named.conf.options //全局设置

/etc/bind/named.conf.default-zone //添加或删除zone的配置

/etc/bind/db.127 //本机反解

/etc/bind/db.local //本机正解

master dns的配置步骤如下:

a>添加zone sudo vi /etc/bind/named.default-zone

b> 设置本机的正解 : 默认情况下是存在这个文件,不用更改:

c>本机的反解: 默认情况下是存在这个文件的/etc/bind/db.127

d>设定domain name的正解: sudo vi /etc/bind/https://www.360docs.net/doc/9c17390176.html,

e>设定domain name反解:

f>启动bind服务: sudo /etc/init.d/bind9 restart

g>查看启动bind服务的日志:tail /var/log/syslog

h>在本机(172.70.14.132)上设置DNS

sudo vi /etc/resolv.conf 添加以下一行:

nameserver 172.70.14.132

4:测试DNS

4.1host 测试法: 在客户端(172.70.14.117 172.70.14.18)设置好DNS后:

4.1.1在DNS 端

命令:host https://www.360docs.net/doc/9c17390176.html, (正解)

命令:host 172.70.14.132 (反解)

4.1.2在客户端

命令:host https://www.360docs.net/doc/9c17390176.html, (正解)

命令:host 172.70.14.132 (反解)

命令:host –l https://www.360docs.net/doc/9c17390176.html, 及 host -a https://www.360docs.net/doc/9c17390176.html,

4.2nslookup测试

命令:nslookup

正解:

反解:

4.3dig测试,功能比较强大

正解:dig -t [any/mx] @DNS hostname

反解:dig –t any @DNS -x IP

5:辅助域名服务器 (slave 172.70.14.132 master 10.1.99.2)

a. 172.70.14.132 为我们的dns 缓存服务器,首先, 在172.70.14.132 机器上安装bind9

b. 在主配置文件/etc/named.conf中加入如下内容:

zone "https://www.360docs.net/doc/9c17390176.html," {

type slave;

file "/etc/bind/slaves/https://www.360docs.net/doc/9c17390176.html,";

masters {10.1.99.2;};

};

zone "172.in-addr.arpa" {

type slave;

file "/etc/bind/slaves/db.172";

masters {10.1.99.2;};

};

type后面的值已经成为slave; 表示定义的是辅助域名服务器

file 后面也可以是别的文件名不必与主域DNS服务器的设置一样

masters 后为主域DNS服务器的IP地址, 可以是多个IP,型如

masters {ip1;ip2;ip3;};

c. 创建/etc/bind/slaves/目录

tonybox2:/etc/bind# mkdir slaves

tonybox2:/etc/bind# chown bind.bind slaves

d. 重启dns服务

tonybox2:/etc/bind/slaves# /etc/init.d/bind9 restart

named进程第一次启动时,辅助域名服务器就下载主域名服务器的信息;辅助域名服务器根据主域名服务器的对应SOA记录规定的刷新时间间隔,去主域名服务器查询相关信息。

tonybox2:/etc/bind/slaves# ls -l

total 8

-rw-r--r-- 1 bind bind 410 2006-08-08 12:23 db.172

-rw-r--r-- 1 bind bind 430 2006-08-08 12:23 https://www.360docs.net/doc/9c17390176.html,

查看 /etc/bind/slaves 目录,我门会发现已经从主域名服务器获取了相应的资源文件

如果用户bind对于/etc/bind/slaves目录没有写权限, 则查看 /var/log/syslog 会出现如下类似错误:

tonybox:~# tail /var/log/syslog

Aug 8 12:30:09 tonybox2 named[3849]: zone https://www.360docs.net/doc/9c17390176.html,/IN: Transfer started. Aug 8 12:30:09 tonybox2 named[3849]: transfer of 'https://www.360docs.net/doc/9c17390176.html,/IN' from 192.168.102.47#53: connected using 192.168.102.15#1075

Aug 8 12:30:09 tonybox2 named[3849]: dumping master file: /etc/bind/tmp-VHTxU6CT5n: open: permission denied

Aug 8 12:30:09 tonybox2 named[3849]: transfer of 'https://www.360docs.net/doc/9c17390176.html,/IN' from 192.168.102.47#53: failed while receiving responses: permission denied

Aug 8 12:30:09 tonybox2 named[3849]: transfer of 'https://www.360docs.net/doc/9c17390176.html,/IN' from 192.168.102.47#53: end of transfer

Aug 8 12:30:10 tonybox2 named[3849]: zone 102.168.192.in-addr.arpa/IN: Transfer started.

Aug 8 12:30:10 tonybox2 named[3849]: transfer of '102.168.192.in-addr.arpa/IN' from 192.168.102.47#53: connected using 192.168.102.15#1076

Aug 8 12:30:10 tonybox2 named[3849]: dumping master file: /etc/bind/tmp-dxbiD1JtTK: open: permission denied

Aug 8 12:30:10 tonybox2 named[3849]: transfer of '102.168.192.in-addr.arpa/IN' from 192.168.102.47#53: failed while receiving responses: permission denied

Aug 8 12:30:10 tonybox2 named[3849]: transfer of '102.168.192.in-addr.arpa/IN' from 192.168.102.47#53: end of transfer

相关主题
相关文档
最新文档