Centos7配置DNS服务器
1. 安装bind服务
网络连接方式桥接或NAT
yum -y install bind
网络连接方式仅主机模式
2. 修改named配置文件
• Vi /etc/named.conf #打开文件
13 listen-on port 53 { any; }; //修改为any;
14 listen-on-v6 port 53 { any; }; //修改为any;
15 directory "/var/named";
16 dump-file "/var/named/data/cache_dump.db";
17 statistics-file "/var/named/data/named_stats.txt";
18 memstatistics-file "/var/named/data/named_mem_stats.txt";
19 recursing-file "/var/named/data/named.recursing";
20 secroots-file "/var/named/data/named.secroots";
21 allow-query { any; }; //修改为any;
• Vi /etc/named.rfc1912.zones #打开文件
在该文件中添加需要解析的域名,这里解析的分别是 www.company.com,ftp.company.com
• 把下面内容添加最后
zone "company.com" IN { //正向解析
type master;
file "company.com.zone"; //文件名后缀可自定义
allow-update { none; };
};
zone "5.168.192.in-addr.arpa" IN { //反向解析
type master;
file "192.168.5.arpa"; //文件名后缀可自定义
allow-update { none; };
};
3. 添加对应的文件
cd /var/named/
cp –a named.localhost company.com.zone
cp –a named.localhost 192.168.5.arpa
4. 修改正向解析文件
Vi company.com.zone #打开文件
$TTL 1D
@ IN SOA company.com. root.company.com. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS @
A 127.0.0.1
AAAA ::1
www IN A 192.168.5.3
ftp IN A 192.168.5.3
5. 修改反向解析文件
Vi 192.168.5.arpa
$TTL 1D
@ IN SOA company.com. root.company.com. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS @
AAAA ::1
3 PTR www.company.com.
3 PTR ftp.company.com.
6、测试文件是否修改正确
测试主配置文件:named-checkconf /etc/named.conf
测试区域数据文件:named-checkzone "company.com" company.com.zone
named-checkzone "5.168.192.arpa" 192.168.5.arpa
结果类似截图:
7. 测试
启动DNS
systemctl restart named.service
将测试机器的IP地址改为IP:192.168.5.3 子网掩码:255.255.255.0 DNS:192.168.5.3 改完之后,将网络服务重启 systemctl restart network,使用nslookup测试是否解析成功
[root@localhost named]# nslookup
www.company.com
Server: 192.168.5.3
Address: 192.168.5.3#53
Name: www.company.com
Address: 192.168.5.3
ftp.company.com
Server: 192.168.5.3
Address: 192.168.5.3#53
Name: ftp.company.com
Address: 192.168.5.3
exit
8、外网测试:
关闭防火墙:systemctl stop firewalld
进入Windows Server2012,修改DNS服务器地址为192.168.5.3
然后进入Windows PowerShell
输入ping 192.168.5.3 测试连通性:
测试DNS的解析情况:ping www.company.com
如果失败了记得看一下两边的防火墙是不是都关上了!!!