-
版权声明:转载时请以超链接形式标明文章原始出处和作者信息及本声明
http://iyubo.blogbus.com/logs/38917603.html
前段时间世纪互联的DNS服务出现了严重的问题,导致网站受影响了整整一天。为了避免以后再次出现类似的情况,还是自己搭两台DNS服务器吧。至少出问题的时候解决的快一些。
安装环境
操作系统: CentOS release 5.2 (Final)
Kernel: 2.6.18-92.el5
软件列表
bind-9.6.0-P1.tar.gz
openssl-0.9.8k.tar.gz
软件存放位置
/data/software
安装过程
# groupadd -g 710 named
# useradd named -u 710 -g named
# mkdir /var/named
# mkdir /var/log/named
# chown -R named.named /var/named
# chown -R named.named /var/log/named
# cd /data/software/pkg
# tar zxvf ../openssl-0.9.8k.tar.gz
# cd openssl-0.9.8k
# ./config
# make && make install
# cd ..
# tar zxvf ../bind-9.6.0-P1.tar.gz
# cd bind-9.6.0-P1
# ./configure --prefix=/usr/local/named --with-openssl=/usr/local/ssl
# make && make install
配置过程
编辑全局控制配置文件
# vi /var/named/named.conf.options;
options {
//监听端口及IP
listen-on port 53 { 192.168.1.11; };
//bind根文件目录
directory "/var/named";
//控制允许请求
allow-query { any; };
//允许转发,填slave服务器IP
allow-transfer { 192.168.1.12; };
// 如果想做DNS Cache服务器可以打开forwarders,并设置为ISP提供的DNS服务器地址
// forwarders {
// 0.0.0.0;
// };
};
编辑bind配置文件
# vi /var/named/named.conf
include "/var/named/named.conf.options";
zone "." {
type hint;
file "db.root";
};
zone "test.com" {
type master;
file "test.com.zone";
};
//反解,如果需要的话
zone "1.168.192.in-addr.arpa" {
type master;
file "test.com.rr.zone";
};
//记录日志方便排查问题
logging {
channel debug_log {
file "/var/log/named/named.log" versions 3 size 20m;
severity info;
print-time yes;
print-severity yes;
print-category yes;
};
category queries{
debug_log;
};
category default{
debug_log;
};
category update{
debug_log;
};
};
编辑域名解析zone文件
# vi /var/named/test.com.zone
$TTL 86400
@ IN SOA ns.test.com. kevin.yu.test.com. (
2009050402 ; serial
3600 ; refresh
600 ; retry
604800 ; expire
86400 ; ttl
)
IN NS ns.test.com.
IN NS ns1.test.com.
IN MX 10 mail.test.com.
IN A 192.168.1.10
www IN A 192.168.1.10
mail IN A 192.168.1.8
ns IN A 192.168.1.11
ns1 IN A 192.168.1.12
编辑反向解析文件
# vi /var/named/test.com.rr.zone
$TTL 86400
@ IN SOA ns.test.com. kevin.yu.test.com. (
2009042400 ; serial
10800 ; refresh after 3 hours
3600 ; retry after 1 hour
604800 ; expire after 1 week
86400 ) ; minimum TTL of 1 day
IN NS ns.test.com.
IN MX 10 mail.test.com.
10 IN PTR www.test.com.
8 IN PTR mail.test.com.
11 IN PTR ns.test.com.
12 IN PTR ns1.test.com.
全部编辑完成以后启动bind
# /usr/local/named/sbin/named -c /var/named/named.conf
配置Slave服务器
编辑全局控制配置文件
# vi /var/named/named.conf.options";
options {
listen-on port 53 { 192.168.1.12; };
directory "/var/named";
allow-query { any; };
};
编辑bind配置文件
# vi /var/named/named.conf
include "/var/named/named.conf.options";
zone "." {
type hint;
file "db.root";
};
zone "test.com" {
type slave;
masters {
192.168.1.11;
};
file "test.com.zone";
};
//反解,如果需要的话
zone "1.168.192.in-addr.arpa" {
type slave;
masters {
192.168.1.11;
};
file "test.com.rr.zone";
};
//记录日志方便排查问题
logging {
channel debug_log {
file "/var/log/named/named.log" versions 3 size 20m;
severity info;
print-time yes;
print-severity yes;
print-category yes;
};
category queries{
debug_log;
};
category default{
debug_log;
};
category update{
debug_log;
};
};
配置完成后启动bind
# /usr/local/named/sbin/named -c /var/named/named.conf
如果配置成功,slave服务器上就会自动同步生成对应的zone文件
相关文档
SOA相关
http://www.zytrax.com/books/dns/ch8/soa.html
http://download1.swsoft.com/Plesk/Expand/2.0.1-Release1/doc/user-guide/12-00-11.htm
日志记录相关
http://www.zytrax.com/books/dns/ch7/logging.html
http://www.netadmintools.com/art233.html随机文章:
利用DNSCache实现简易的DNS服务器 2008-05-27在Linux下给网卡做bond 2009-10-21Ubuntu下使用摄像头 2008-05-27Linux下安装SVN服务器 2008-05-27Linux的时间设置与同步 (NTP) 2008-05-27
收藏到:Del.icio.us
What Kevin is Thinking
System Administration, System Optimizing and a little Programming :)
搜索
评论