一、安装
yum -y install bind
yum -y install bind-chroot
二、生成key
/usr/sbin/dnssec-keygen -a hmac-md5 -b 128 -n user rndc
cat Krndc.+157+13538.*
将生成串更新/etc/rndc.key中secret的值。
三、配制
#/var/named/chroot/etc/named.conf
// Default named.conf generated by install of bind-9.2.4-28.el4
options {
directory "/var/named";
pid-file "/var/run/named/named.pid";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
Allow-transfer {tran;};
};
acl tran {192.168.0.174;};
zone "localhost" IN {
type master;
file "localhost.zone";
allow-update { none; };
};
zone "0.0.127.in-addr.arpa" IN {
type master;
file "named.local";
allow-update { none; };
};
zone"hk.hn"{
type master;
file "hk.hn";
allow-transfer {192.168.100.174;};
};
include "/etc/rndc.key";
#cd /etc
#ln -s /var/named/chroot/etc/named.conf named.conf
#cd /var/named/chroot/var/named/
[localhost.zone]
#vi localhost.zone
$TTL 86400
$ORIGIN localhost.
@ 1D IN SOA @ root (
42 ; serial (d. adams)
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum
1D IN NS @
1D IN A 127.0.0.1
[named.local]
#vi named.local
$TTL 86400
@ IN SOA localhost. root.localhost. (
2008063017 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS localhost.
1 IN PTR localhost.
[hk.hn]
#vi /var/named/hk.hn
$TTL 1m
@ IN SOA ns1.localhost.cn root.ns1.localhost.cn. (
2008063017 ; Serial
108 ; Refresh
360 ; Retry
3600 ; Expire
360 ) ; Minimum
IN NS localhost.
IN NS ns1
MX 5 mx
test1 IN A 192.168.100.1
test2 IN A 192.168.100.2
四、测试运行
#cd /var/named
#ln -s /var/named/chroot/var/named/localhost.zone localhost.zone
#ln -s /var/named/chroot/var/named/named.local named.local
#/usr/sbin/named -u named -gc /etc/named.conf
#/usr/sbin/named -u named -c /etc/named.conf
或
#service named start
#rndc reload
:)搞定
五、从服务器需做以下修改:
#vi /etc/selinux/config
SELINUX=disabled
#setenforce 0
#vi /etc/sysconfig/named
ENABLE_ZONE_WRITE=yes
参考:http://dns-learning.twnic.net.tw/bind/toc.html
yum -y install bind
yum -y install bind-chroot
二、生成key
/usr/sbin/dnssec-keygen -a hmac-md5 -b 128 -n user rndc
cat Krndc.+157+13538.*
将生成串更新/etc/rndc.key中secret的值。
三、配制
#/var/named/chroot/etc/named.conf
引用
// Default named.conf generated by install of bind-9.2.4-28.el4
options {
directory "/var/named";
pid-file "/var/run/named/named.pid";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
Allow-transfer {tran;};
};
acl tran {192.168.0.174;};
zone "localhost" IN {
type master;
file "localhost.zone";
allow-update { none; };
};
zone "0.0.127.in-addr.arpa" IN {
type master;
file "named.local";
allow-update { none; };
};
zone"hk.hn"{
type master;
file "hk.hn";
allow-transfer {192.168.100.174;};
};
include "/etc/rndc.key";
#cd /etc
#ln -s /var/named/chroot/etc/named.conf named.conf
#cd /var/named/chroot/var/named/
[localhost.zone]
#vi localhost.zone
引用
$TTL 86400
$ORIGIN localhost.
@ 1D IN SOA @ root (
42 ; serial (d. adams)
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum
1D IN NS @
1D IN A 127.0.0.1
[named.local]
#vi named.local
引用
$TTL 86400
@ IN SOA localhost. root.localhost. (
2008063017 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS localhost.
1 IN PTR localhost.
[hk.hn]
#vi /var/named/hk.hn
引用
$TTL 1m
@ IN SOA ns1.localhost.cn root.ns1.localhost.cn. (
2008063017 ; Serial
108 ; Refresh
360 ; Retry
3600 ; Expire
360 ) ; Minimum
IN NS localhost.
IN NS ns1
MX 5 mx
test1 IN A 192.168.100.1
test2 IN A 192.168.100.2
四、测试运行
#cd /var/named
#ln -s /var/named/chroot/var/named/localhost.zone localhost.zone
#ln -s /var/named/chroot/var/named/named.local named.local
#/usr/sbin/named -u named -gc /etc/named.conf
#/usr/sbin/named -u named -c /etc/named.conf
或
#service named start
#rndc reload
:)搞定
五、从服务器需做以下修改:
#vi /etc/selinux/config
SELINUX=disabled
#setenforce 0
#vi /etc/sysconfig/named
ENABLE_ZONE_WRITE=yes
参考:http://dns-learning.twnic.net.tw/bind/toc.html
Online nsloo
mx记录理解
root 
2010/02/23 20:52
服务器已有安装bind软件包并已正常运行。"address in use"
分页: 1/1 
1 
1
