توی این بحث میخواهم نصب bind و راه اندازی یک DNS سرور رو در دو حالت Master, Slave برروی سیستم عامل CentOS 7 توضیح بدم. امیدوارم مورد توجه دوستان عزیز قرار بگیره.از اساتید هم درخواست دارم در صورتیکه جایی اشتباهی رخ داد تصحیح بفرمایند. سناریو:
Primary(Master) DNS Server Details:
Secondary(Slave) DNS Server Details:
Client Details:
web Server
[root@itpro.masterdns ~]# yum install bind* -y
1. Configure DNS Server
با استفاده از دستور vim و بصورت زیر تغییرات لازم رو در فایل etcnamed.confانجام بدهید.
مهم مهم مهم:
قبل از اعمال تغییرات با استفاده از دستور زیر یک backup از فایل named.conf بگیرید.
root@itpro.masterdns ~]# cp /etc/named.conf /etc/named.conf.bk
[root@itpro.masterdns ~]# vim /etc/named.conf / / / named.conf / / Provided by Red Hat bind package to configure the ISC BIND named(8) DNS / server as a caching only nameserver (as a localhost DNS resolver only). / / See /usr/share/doc/bind*sample for example named configuration files. / options { listen-on port 53 { 127.0.0.1; 192.168.1.100; }; ### *Master DNS IP* ### listen-on-v6 port 53 { ::1; }; directory "/var/named"; dump-file "/var/named/data/cache_dump.db"; statistics-file "/var/named/data/named_stats.txt"; memstatistics-file "var/named/data/named/memstats.txt"; allow-query { localhost; 192.168.1.0/24; }; ### *IP Range* ### allow-transfer{ localhost; 192.168.1.101; }; ### *Slave DNS IP* ### recursion no; dnssec-enable yes; dnssec-validation yes; dnssec-lookaside auto; Path to ISC DLV key bindkeys-file "/etc/named.iscdlv.key"; managed-keys-directory "/var/named/dynamic"; }; logging { channel default_debug { file "data/named.run"; severity dynamic; }; }; zone "." IN { type hint; file "named.ca"; }; zone"itpro.local" IN { type master; file "forward.itpro"; allow-update { none; }; }; zone"1.168.192.in-addr.arpa" IN { type master; file "reverse.itpro"; allow-update { none; }; }; include "/etc/named.rfc1912.zones"; include "/etc/named.root.key
2. Create Zone files
Create forward and reverse zone files which we mentioned in the
"/etc/named.conf"
file.
2.1 Create Forward Zone
Create forward.itpro file in the
<text>
"varnamed"
<text>
directory.
[root@itpromasterdns ~]# vim /var/named/forward.itpro $TTL 86400 @ IN SOA masterdns.itpro.local. admin.itpro.local. ( 2015011801 ;Serial 3600 ;Refresh 1800 ;Retry 604800 ;Expire 86400 ;Minimum TTL ) @ IN NS masterdns.itpro.local. @ IN NS secondarydns.itpro.local. @ IN A 192.168.1.100 @ IN A 192.168.1.101 @ IN A 192.168.1.102 masterdns IN A 192.168.1.100 secondarydns IN A 192.168.1.101 www IN A 192.168.1.102
2.2 Create Reverse Zone
Create reverse.itpro file in the ‘varnamed’ directory.
[root@itpro.masterdns ~]# vim /var/named/reverse.itpro $TTL 86400 @ IN SOA masterdns.itpro.local. admin.itpro.local. ( 2015011802 ;Serial 3600 ;Refresh 1800 ;Retry 604800 ;Expire 86400 ;Minimum TTL ) @ IN NS masterdns.itpro.local. @ IN NS secondarydns.itpro.local. @ IN PTR itpro.local. masterdns IN A 192.168.1.100 secondarydns IN A 192.168.1.101 www IN A 192.168.1.102 100 IN PTR masterdns.itpro.local. 101 IN PTR secondarydns.itpro.local. 102 IN PTR www.itpro.local.
3. Start the DNS service
[root@itpro.masterdns ~]# systemctl names start.service
[root@itpro.masterdns ~]# systemctl enable named.service
4. Adjust iptables to allow DNS server from outside of the network
[root@itpro.masterdns ~]# iptables -I INPUT -p udp --dport 53 -m state --state NEW -j ACCEPT
[root@itpro.masterdns ~]# service iptables save
[root@itpro.masterdns ~]# service iptables restart
Test DNS configuration and zone files for any syntax errors
[root@itpro.masterdns ~]# named-checkconf /etc/named.conf
[root@itpro.masterdns ~]# named-checkzone itpro.local /var/named/forward.itpro
zone itpro.local/IN: loaded serial 2015011801
OK
[root@itpro.masterdns ~]# named-checkzone itpro.local /var/named/reverse.itpro
zone itpro.local/IN: loaded serial 2015011802
OK
[root@itpro.masterdns ~]# dig masterdns.itpro.local ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.10.rc1.el6_3.6 <<>> masterdns.itpro.local ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 49834 ;; flags: qr aa rd ra; QUERY: 1, *ANSWER: 1*, AUTHORITY: 2, ADDITIONAL: 1 ;; QUESTION SECTION: ;masterdns.itpro.local.INA ;; ANSWER SECTION: masterdns.itpro.local. 86400 IN A 192.168.1.100 ;; AUTHORITY SECTION: itpro.local.86400 IN NS secondarydns.itpro.local. itpro.local.86400 IN NS masterdns.itpro.local. ;; ADDITIONAL SECTION: secondarydns.itpro.local. 86400 IN A 192.168.1.101 ;; Query time: 6 msec ;; SERVER: 192.168.1.100#53(192.168.1.100) ;; WHEN: Thu Mar 7 13:07:56 2013 ;; MSG SIZE rcvd: 114
پایان قسمت اول
زمان پاسخ گویی روز های شنبه الی چهارشنبه ساعت 9 الی 18
فقط به موضوعات مربوط به محصولات آموزشی و فروش پاسخ داده می شود