中文有余 發表於 2024-2-8 00:00:00

centos5.3 搭建DNS多域名解析服务器的教程

<p>
        <span>一、域名与域名解析 </span><br><span>网络中为了区别各个主机,必须为每台主机分配一个惟一的地址,这个地址即称为“IP 地址”。但这些数字难以记忆,所以就采用“域名”的方式来取代这些数字了。不过最终还是必须将域名转换为对应的IP 地址才能访问主机。 </span><br><span>DNS 服务,又叫域名解析服务,即提供域名与IP 地址的相互转换。域名的正向解析是将主机名转换成IP 地址的过程,域名的反向解析是将IP 地址转换成主机名的过程。通常我们很少需要将IP 地址转换成主机名,即反向解析。反向解析经常被一些后台程序使用,用户看不到。 </span><br><span>二、DNS 架构 </span><br><span>域的层次结构如同一棵倒立的树,层次结构非常清晰,如图所示。根域位于顶部,紧接着在根域的下面是几个顶级域,每个顶级域又可以进一步划分为不同的二级域,二级域再划分出子域,子域下面可以是主机也可以是再划分的子域,直到最后的主机。在Internet 中的域是由InterNIC负责管理的,域名的服务则由DNS 来实现。 </span><br><img style="max-width:100%!important;height:auto!important;"title="centos5.3 搭建DNS多域名解析服务器的教程" alt="centos5.3 搭建DNS多域名解析服务器的教程" border="0" height="218" src="https://zhuji.jb51.net/uploads/img/20230519/c776deb40cd069d88d318ad2fb0b3dfc.jpg" width="444"><br><span>三、DNS 解析流程 </span><br><img style="max-width:100%!important;height:auto!important;"title="centos5.3 搭建DNS多域名解析服务器的教程" alt="centos5.3 搭建DNS多域名解析服务器的教程" border="0" height="512" src="https://zhuji.jb51.net/uploads/img/20230519/cdd8d00c81f92ba8af8ae3abffa8b3d0.jpg" width="402"><br><span>1、客户机请求解析www.exmaple.com.cn的IP 地址,如果本地hosts文件中没有相关解析,则向本地DNS服务器发出解析请求; </span><br><span>2、如果本地DNS服务器有该域名的解析信息,则直接返回给客户机;如果本地DNS 服务器没有该域名的解析信息,则本地DNS 服务器向根DNS服务器询问www.exmaple.com.cn的IP地址; </span><br><span>3、如果根DNS 服务器有该域名的解析信息,则直接返回信息给本地DNS 服务器,本地DNS 服务器再将解析信息返回给客户机;如果根DNS 服务器没有该域名的解析信息,则返回管辖.cn解析业务的DNS 服务器的IP 地址; </span><br><span>4、本地DNS 服务器向管辖.cn的DNS 服务器询问www.exmaple.com.cn的IP 地址; </span><br><span>5、如果.cn 服务器有该域名的解析信息,则直接返回信息给本地DNS 服务器,本地DNS服务器再将解析信息返回给客户机;如果.cn DNS 服务器没有该域名的解析信息,则管辖.cn解析业务的DNS服务器告知.com.cn的DNS 服务器的IP地址; </span><br><span>6、本地DNS 服务器向管辖.com.cn的DNS服务器询问www.exmaple.com.cn的IP 地址; </span><br><span>7、如果.com.cn 服务器有该域名的解析信息,则直接返回信息给本地DNS 服务器,本地 </span><br><span>DNS 服务器再将解析信息返回给客户机;如果.com.cn DNS 服务器没有该域名的解析信息,则管辖.com.cn解析业务的DNS 服务器告知.example.com.cn的DNS服务器的IP地址; </span><br><span>8、本地DNS服务器向管辖.example.com.cn的DNS 服务器询问www. example.com.cn IP 地址; </span><br><span>9、管辖.example.com.cn的DNS服务器告知www.exmaple.com.cn的DNS服务器的IP地址; </span><br><span>10、本地DNS服务器解析出www.exmaple.com.cn的IP 地址,并传回给客户机。 </span><br><span>四、搭建centos5.3下的DNS多域解析服务器 </span><br><span>系统平台:centos5.3 内核版本:2.6.18-128.2.1.el5 </span><br><span>DNS 服务器IP :192.168.2.210 </span><br><span>Web 服务器A:www.chinaunix.net 192.168.2.181 </span><br><span>Mail服务器B:mail.chinaunix.net 192.168.2.182 </span><br><span>Web 服务器C:www.chinaunix.org 192.168.2.183 </span><br><span>Mail服务器D:mail.chinaunix.org 192.168.2.185 </span><br><span>1、安装bind相关软件包# yum -y install bind* caching-nameserver </span><br><span>2、修改主配置文件 </span><br><span># cd /var/named/chroot/etc/ </span><br><span># cp –p named.caching-nameserver.conf named.conf </span><br><span># cp –p named.rfc1912.zones named.rfc1912.zones.bak </span><br><span>备注:cp 参数-p 除复制源文件的内容外,还将把其修改时间和访问权限也复制到新文件中。 </span><br><span>这里大多数配置文件的属主是root,组为named,如果只是cp,启动named 服务时会报 </span><br><span>错。 </span><br><span># vi named.conf </span><br><span>// </span><br><span>// named.caching-nameserver.conf </span><br><span>// </span><br><span>// Provided by Red Hat caching-nameserver package to configure the </span><br><span>// ISC BIND named(8) DNS server as a caching only nameserver </span><br><span>// (as a localhost DNS resolver only). </span><br><span>// </span><br><span>// See /usr/share/doc/bind*/sample/ for example named configuration </span><br><span>files. </span><br><span>// </span><br><span>// DO NOT EDIT THIS FILE - use system-config-bind or an editor </span><br><span>// to create named.conf - edits to this file will be lost on </span><br><span>// caching-nameserver package upgrade. </span><br><span>// </span><br><span>options { </span><br><span>listen-on port 53 { any; }; </span><br><span>listen-on-v6 port 53 { ::1; }; </span><br><span>directory "/var/named"; </span><br><span>dump-file "/var/named/data/cache_dump.db"; </span><br><span>statistics-file "/var/named/data/named_stats.txt"; </span><br><span>memstatistics-file "/var/named/data/named_mem_stats.txt"; </span><br><span>// Those options should be used carefully because they disable port </span><br><span>// randomization </span><br><span>// query-source port 53; </span><br><span>// query-source-v6 port 53; </span><br><span>allow-query { any; }; </span><br><span>}; </span><br><span>logging { </span><br><span>channel default_debug { </span><br><span>file "data/named.run"; </span><br><span>severity dynamic; </span><br><span>}; </span><br><span>}; </span><br><span>view localhost_resolver { </span><br><span>match-clients { any; }; </span><br><span>match-destinations { any; }; </span><br><span>recursion yes; </span><br><span>include "/etc/named.rfc1912.zones"; </span><br><span>}; </span><br><span># vi named.rfc1912.zones </span><br><span>// named.rfc1912.zones: </span><br><span>// </span><br><span>// Provided by Red Hat caching-nameserver package </span><br><span>// </span><br><span>// ISC BIND named zone configuration for zones recommended by </span><br><span>// RFC 1912 section 4.1 : localhost TLDs and address zones </span><br><span>// </span><br><span>// See /usr/share/doc/bind*/sample/ for example named configuration </span><br><span>files. </span><br><span>// </span><br><span>zone "." IN { </span><br><span>type hint; </span><br><span>file "named.ca"; </span><br><span>}; # 根DNS服务器配置文件; </span><br><span>zone " localdomain" IN { </span><br><span>type master; </span><br><span>file " localdomain.zone"; </span><br><span>allow-update { none; }; </span><br><span>}; # 模板1; </span><br><span>zone "0.0.127.in-addr.arpa" IN { </span><br><span>type master; </span><br><span>file " named.local"; </span><br><span>allow-update { none; }; </span><br><span>}; # 模板2; </span><br><span>zone "chinaunix.net" IN { </span><br><span>type master; </span><br><span>file "chinaunix.net.zone"; </span><br><span>allow-update { none; }; </span><br><span>}; # 模板1复制并修改后的; </span><br><span>zone "chinaunix.org" IN { </span><br><span>type master; </span><br><span>file "chinaunix.org.zone"; </span><br><span>allow-update { none; }; </span><br><span>}; # 模板1复制并修改后的; </span><br><span>zone "2.168.192.in-addr.arpa" IN { </span><br><span>type master; </span><br><span>file "2.168.192.in-addr.local"; </span><br><span>allow-update { none; }; </span><br><span>}; # 模板2 复制并修改后的; </span><br><span>备注:蓝色字体是添加、修改过的; </span><br><span>3、Zone配置文件 </span><br><span># cd ../var/named/ </span><br><span># cp –p localdomain.zone chinaunix.net.zone </span><br><span># cp –p localdomain.zone chinaunix.org.zone </span><br><span># cp –p named.local 2.168.192.in-addr.local </span><br><span># vi chinaunix.net.zone </span><br><span>$TTL 86400 </span><br><span>@ IN SOA localhost root ( </span><br><span>42 ; serial (d. adams) </span><br><span>3H ; refresh </span><br><span>15M ; retry </span><br><span>1W ; expiry </span><br><span>1D ) ; minimum </span><br><span>IN NS chinaunix.net. </span><br><span>IN MX 10 mail.chinaunix.net. </span><br><span>www IN A 192.168.2.181 </span><br><span>mail IN A 192.168.2.182 </span><br><span># vi chinaunix.org.zone </span><br><span>$TTL 86400 </span><br><span>@ IN SOA localhost root ( </span><br><span>42 ; serial (d. adams) </span><br><span>3H ; refresh </span><br><span>15M ; retry </span><br><span>1W ; expiry </span><br><span>1D ) ; minimum </span><br><span>IN NS chinaunix.org. </span><br><span>IN MX 10 mail.chinaunix.org. </span><br><span>www IN A 192.168.2.183 </span><br><span>mail IN A 192.168.2.185 </span><br><span># vi 2.168.192.in-addr.local </span><br><span>$TTL 86400 </span><br><span>@ IN SOA localhost. root.localhost. ( </span><br><span>1997022700 ; Serial </span><br><span>28800 ; Refresh </span><br><span>14400 ; Retry </span><br><span>3600000 ; Expire </span><br><span>86400 ) ; Minimum </span><br><span>IN NS chinaunix.net. </span><br><span>IN NS chinaunix.org. </span><br><span>181 IN PTR www.chinaunix.net. </span><br><span>182 IN PTR mail.chinaunix.net. </span><br><span>183 IN PTR www.chinaunix.org. </span><br><span>185 IN PTR mail.chinaunix.org. </span><br><span>4、测试 </span><br><span># nslookup </span><br><span>Ø www.chinaunix.net </span><br><span>Server: 192.168.2.210 </span><br><span>Address: 192.168.2.210#53 </span><br><span>Name: www.chinaunix.net </span><br><span>Address: 192.168.2.181 </span><br><span>Ø www.chinaunix.org </span><br><span>Server: 192.168.2.210 </span><br><span>Address: 192.168.2.210#53 </span><br><span>Name: www.chinaunix.org </span><br><span>Address: 192.168.2.182 </span><br><span>Ø mail.chinaunix.net </span><br><span>Server: 192.168.2.210 </span><br><span>Address: 192.168.2.210#53 </span><br><span>Name: mail.chinaunix.net </span><br><span>Address: 192.168.2.183 </span><br><span>Ø mail.chinaunix.org </span><br><span>Server: 192.168.2.210 </span><br><span>Address: 192.168.2.210#53 </span><br><span>Name: mail.chinaunix.net </span><br><span>Address: 192.168.2.185 </span><br><span>Ø 192.168.2.181 </span><br><span>Server: 192.168.2.210 </span><br><span>Address: 192.168.2.210#53 </span><br><span>181.2.168.192.in-addr.arpa name = www.chinaunix.net. </span><br><span>Ø 192.168.2.182 </span><br><span>Server: 192.168.2.210 </span><br><span>Address: 192.168.2.210#53 </span><br><span>182.2.168.192.in-addr.arpa name = mail.chinaunix.net. </span><br><span>Ø 192.168.2.183 </span><br><span>Server: 192.168.2.210 </span><br><span>Address: 192.168.2.210#53 </span><br><span>183.2.168.192.in-addr.arpa name = www.chinaunix.org. </span><br><span>Ø 192.168.2.185 </span><br><span>Server: 192.168.2.210 </span><br><span>Address: 192.168.2.210#53 </span><br><span>185.2.168.192.in-addr.arpa name = mail.chinaunix.org. </span><br><span>备注:蓝色为键盘输入 </span><br><span>五、结束 </span><br><span>资料转自互联网,仅供学习交流.</span></p>
頁: [1]
查看完整版本: centos5.3 搭建DNS多域名解析服务器的教程