當前位置：首頁 > 编程资源 > 编程问答 >内容正文

编程问答

Named服务配置

發布時間：2025/3/15 编程问答 16 豆豆

生活随笔收集整理的這篇文章主要介紹了 Named服务配置小編覺得挺不錯的,現在分享給大家,幫大家做個參考.

Named服務配置

搜索Linux DNS，映入眼簾的是鳥哥的文章：http://linux.vbird.org/linux_server/0350dns.php?
這篇長達11節的文章，看到Zone文件時就開始暈菜了。?
繼續尋找下一篇文章，來自于安全中國的：http://www.anqn.com/os/linux/2010-03-30/a09125458.shtml?
在戰勝了瞌睡蟲的同時，DNS服務器終于跑上來了。?

以前教授給我的理念就是將域名作為一棵倒掛的樹，從根節點開始解析，直至葉子節點。通過下圖更明確一下：?
?
從圖的描述可以得知，?根域是以“點(.)”表示。明了這一點非常重要，因為它的意義會在Zone文件中得到體現。?

再加上客戶端的請求解析流程圖，會讓整個流程更加清晰明了：?
?
詳細的請求的順序為：?

客戶端Host文件標識

客戶緩存

服務器區域設定

服務器緩存

其它服務器

理念明白后，就開始服務器的配置歷程了。?
首先，看看已經安裝好的bind程序。?

Sh代碼??

$?rpm?-q?bind??

bind-9.7.1-2.P2.fc13.i686??

$?rpm?-q?bind-chroot??

bind-chroot-9.7.1-2.P2.fc13.i686??

熟悉默認配置/etc/named.conf：?

Conf代碼??

//??

//?named.conf??

//??

//?Provided?by?Red?Hat?bind?package?to?configure?the?ISC?BIND?named(8)?DNS??

//?server?as?a?caching?only?nameserver?(as?a?localhost?DNS?resolver?only).??

//??

//?See?/usr/share/doc/bind*/sample/?for?example?named?configuration?files.??

//??

options?{??//?定義全局變量??

????????listen-on?port?53?{?127.0.0.1;?};?//?ipv4?監聽端口??

????????listen-on-v6?port?53?{?::1;?};????//?ipv6?監聽端口??

????????directory???????"/var/named";?????//?制定裝載zone區域文件的目錄??

????????dump-file???????"/var/named/data/cache_dump.db";????//?cache??

????????statistics-file?"/var/named/data/named_stats.txt";??//?statistics??

????????memstatistics-file?"/var/named/data/named_mem_stats.txt";??

????????allow-query?????{?localhost;?};???//?允許訪問列表??

????????recursion?yes;??

????????dnssec-enable?yes;??

????????dnssec-validation?yes;??

????????dnssec-lookaside?auto;??

????????/*?Path?to?ISC?DLV?key?*/??

????????bindkeys-file?"/etc/named.iscdlv.key";??

};?//?"}"后也得分號結束??

logging?{??

????????channel?default_debug?{??

????????????????file?"data/named.run";??

????????????????severity?dynamic;??

????????};??

};??

zone?"."?IN?{????????????//?"."代表根區域??

????????type?hint;???????//?根區域的類型就為hint??

????????file?"named.ca";?//?指定zone文件，默認已經生成??

};??

include?"/etc/named.rfc1912.zones";??

注意，在最后一行還include一個conf文件，將本地地址都進行了映射。?

我們需要修改option的內容，并且添加新的zone：?

Zone代碼??

option?{??

????????listen-on?port?53?{???

???????????????127.0.0.1;??

???????????????192.168.60.14;?//?為局域網其它機器提供Named服務，必須監聽向本機IP發出的請求??

????????};??

????????...??

????????forwarders?{??????????//?添加forwarders，指向其它DNS服務器??

???????????????202.106.196.115;??

????????};??

????????allow-query{?any;?};??//?開放訪問權限??

????????...??

};??

zone?"groupon.cn"?IN?{???????????????//?解析groupon.cn??

????????type?master;??

????????file?"named.groupon.cn";?????//?自定義的域名到IP的正向解析配置??

};??

zone?"60.168.192.in-addr.arpa"?IN?{??//?本地內網為192.168.60.x??

????????type?master;??

????????file?"named.192.168.60";?????//?自定義的IP到域名的反向解析配置??

};??

至此看來，named.conf的配置并不復雜，不過接下來的zone文件的配置就會改變你的看法。?
熟悉默認配置/var/named/named.localhost?

Zone代碼??

;?注意，zone文件的注釋是以分號";"開始的。??

$TTL?1D?????;?生存期,?默認單位為秒，另可設定為[W|D|H|M]??

;?[zone]?IN?SOA?[主機名]?[管理員email]?([五組更新時間參數])??

;?@=>zone?IN?SOA?@=>主機名?rname.invalid.=>email??

;?@代表根域??

;?rname.invalid.解析為rname@invalid，第一個"."為"@"的替代，尾部的"."為根域，表明其為絕對URL。??

@???????IN?SOA??@?rname.invalid.?(??

????????????????????????????????????????0???????;?serial??

????????????????????????????????????????1D??????;?refresh??

????????????????????????????????????????1H??????;?retry??

????????????????????????????????????????1W??????;?expire??

????????????????????????????????????????3H?)????;?minimum??

????????NS??????@??????????;?直接輸入域名，訪問@??

????????A???????127.0.0.1??;?直接輸入域名，解析到的IPV4的IP??

????????AAAA????::1????????;?直接輸入域名，解析到的IPV6的IP??

現在開始建立正向解析文件:?/var/named/named.groupon.cn?

Zone代碼??

$TTL?1D??

@?IN?SOA?@?root.groupon.cn.?(??

????????2010110901??

????????28800??

????????14400??

????????3600000??

????????86400??

)??

????????IN?NS?@???????????????;?直接輸入域名，訪問@??

????????IN?A?221.123.177.226??;?直接輸入域名(www)，解析到的外網IP??

store???IN?A?192.168.60.42????;?輸入子域名，解析到的內網IP??

img?????IN?A?192.168.60.43??

建立反向解析文件:/var/named/named.192.168.60?

Zone代碼??

$TTL?1D??

@?IN?SOA?60.168.192.in-addr.arpa.?root.groupon.cn.?(??

????????2010110901??

????????28800??

????????14400??

????????3600000??

????????86400??

)??

@?IN?NS?www.groupon.cn.??

42?IN?PTR?store.groupon.cn.??;?192.168.60.42?->?store??

43?IN?PTR?img.groupon.cn.????;?192.168.60.43?->?img??

配置完畢，檢查配置文件的正確性：?

Sh代碼??

#?/usr/sbin/named-checkconf?-z??

zone?localhost/IN:?loaded?serial?0??

zone?60.168.192.in-addr.arpa/IN:?loaded?serial?2010110901??

zone?groupon.cn/IN:?loaded?serial?2010110901??

看來一切正常，這時就可以啟動named服務器了。?

Sh代碼??

#?/sbin/service?named?start??

Starting?named:????????????????????????????????????????????[??OK??]??

還要做的就是開通端口，并在客戶端設定DNS地址為該服務器地址，強制刷新dns和測試：?

Cmd代碼??

>?ipconfig?/flushdns??

Windows?IP?Configuration??

Successfully?flushed?the?DNS?Resolver?Cache.??

>?nslookup??

***?Can't?find?server?name?for?address?192.168.60.36:?Non-existent?domain??

***?Default?servers?are?not?available??

Default?Server:??UnKnown??

Address:??192.168.60.36??

>?groupon.cn??

Server:??UnKnown??

Address:??192.168.60.36??

Name:????groupon.cn??

Address:??221.123.177.226??

>?store.groupon.cn??

Server:??UnKnown??

Address:??192.168.60.36??

Name:????store.groupon.cn??

Address:??192.168.60.42??

>?192.168.60.42??

Server:??UnKnown??

Address:??192.168.60.36??

Name:????store.groupon.cn??

Address:??192.168.60.42??

大功告成！?

參考：?
文件:/etc/named.rfc1912.zones?

Conf代碼??

//?named.rfc1912.zones:??

//??

//?Provided?by?Red?Hat?caching-nameserver?package???

//??

//?ISC?BIND?named?zone?configuration?for?zones?recommended?by??

//?RFC?1912?section?4.1?:?localhost?TLDs?and?address?zones??

//?and?http://www.ietf.org/internet-drafts/draft-ietf-dnsop-default-local-zones-02.txt??

//???

//?See?/usr/share/doc/bind*/sample/?for?example?named?configuration?files.??

//??

zone?"localhost.localdomain"?IN?{??

????type?master;??

????file?"named.localhost";??

????allow-update?{?none;?};??

};??

zone?"localhost"?IN?{??

????type?master;??

????file?"named.localhost";??

????allow-update?{?none;?};??

};??

zone?"1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa"?IN?{??

????type?master;??

????file?"named.loopback";??

????allow-update?{?none;?};??

};??

zone?"1.0.0.127.in-addr.arpa"?IN?{??

????type?master;??

????file?"named.loopback";??

????allow-update?{?none;?};??

};??

zone?"0.in-addr.arpa"?IN?{??

????type?master;??

????file?"named.empty";??

????allow-update?{?none;?};??

};??

文件:/var/named/named.loopback?

Zone代碼??

$TTL?1D??

@???IN?SOA??@?rname.invalid.?(??

????????????????????0???;?serial??

????????????????????1D??;?refresh??

????????????????????1H??;?retry??

????????????????????1W??;?expire??

????????????????????3H?)????;?minimum??

????NS??@??

????A???127.0.0.1??

????AAAA????::1??

????PTR?localhost.??

文件:/var/named/named.empty?

Zone代碼??

$TTL?3H??

@???IN?SOA??@?rname.invalid.?(??

????????????????????0???;?serial??

????????????????????1D??;?refresh??

????????????????????1H??;?retry??

????????????????????1W??;?expire??

????????????????????3H?)????;?minimum??

????NS??@??

????A???127.0.0.1??

????AAAA????::1??

總結

以上是生活随笔為你收集整理的Named服务配置的全部內容，希望文章能夠幫你解決所遇到的問題。

如果覺得生活随笔網站內容還不錯，歡迎將生活随笔推薦給好友。

named