Learning together

Learning together with open source fans. QQ群:8021887


  • 网站首页

  • 站内留言

  • 关于本站

  • 我的相册

  • 联系羽飞

  • 内容订阅

    • 第四章:DNS服务全攻略(二案例)

    作者: 羽飞 | 发布时间: 星期三, 02/03/2010 - 23:09 |

    关于DNS的一些基础的知识,大家可以看上一篇文章

    http://www.freeopens.com/2010_02_587.html

    【实例1】技术部所在域为“tech.org”,部门内有三台主机,主机名分别是client1.tech.org,client2.tech.org,client3.tech.org。现要求DNS服务器dns.tech.org可以解析3台主机名和IP地址的对应关系。
    当前的目录为/var/named/chroot/etc

    vim named.conf

    options {
    directory “/var/named” ;
    };
    zone “.” {
    type hint ;
    file “named.ca” ;
    };
    zone “tech.org” {
    type master ;
    file “tech.org.zone” ;
    };
    zone “31.168.192.in-addr.arpa” {
    type master ;
    file “192.168.31.zone” ;
    };

    当前的目录为/var/named/chroot/var/named

    vim tech.org.zone

    $TTL 86400
    @ IN SOA dns.tech.org. root (
    2009070900
    1H
    15M
    1W
    1D
    )
    @ IN NS dns.tech.org.
    dns IN A 192.168.31.134
    client1 IN A 192.168.31.135
    client2 IN A 192.168.31.136
    client3 IN A 192.168.31.137

    当前的目录为/var/named/chroot/var/named

    vim 192.168.31.zone

    @ IN SOA dns.tech.org. root.tech.org. (
    2009070900
    1H
    15M
    1W
    1D
    )
    @ IN NS dns.tech.org.
    134 IN PTR dns.tech.org.
    135 IN PTR cilent1.tech.org.
    136 IN PTR client2.tech.org.
    137 IN PTR client3.tech.org.

    【实例2】企业采用多个区域管理各部门网络,技术部属于“tech.boobooke”域,市场部属于“mart.boobooke”域,其他人员属于“freedom.boobooke”域。
    技术部门共有100人,采用的IP地址为192.168.31.1-192.168.31.100。
    市场部门共有100人,采用IP地址为192.168.32.1-192.168.32.100。
    其他人员只有50人,采用IP地址为192.168.33.1-192.168.33.50。
    现采用一台主机搭建DNS服务器,其IP地址为192.168.31.134,要求这台DNS服务器可以完成内网所有区域的正/反向解析,
    并且所有员工均可以访问外网地址。

    vim etc/named.conf

    options {
    directory “/var/named” ;
    };
    zone “.” {
    type hint ;
    file “named.ca” ;
    };
    zone “tech.boobooke” {
    type master ;
    file “tech.boobooke.zone” ;
    };
    zone “31.168.192.in-addr.arpa” {
    type master;
    file “192.168.31.zone”;
    };
    zone “mart.boobooke” {
    type master;
    file “mart.boobooke.zone”;
    };
    zone “32.168.192.in-addr.arpa” {
    type master;
    file “192.168.32.zone”;
    };
    zone “freedom.boobooke” {
    type master;
    file “freedom.boobooke.zone”;
    };
    zone “33.168.192.in-addr.arpa” {
    type master;
    file “192.168.33.zone”;
    };

    vim var/named/tech.boobooke.zone

    $TTL 86400
    @ IN SOA dns.tech.boobooke. root (
    2009070900
    1H
    15M
    1W
    1D
    )
    @ IN NS dns.tech.boobooke.
    dns IN A 192.168.31.134
    client1 IN A 192.168.31.1
    client2 IN A 192.168.31.2
    client3 IN A 192.168.31.3
    client4 IN A 192.168.31.4
    client5 IN A 192.168.31.5
    client6 IN A 192.168.31.6
    client7 IN A 192.168.31.7
    client100 IN A 192.168.31.100

    vim mart.boobooke.zone

    $TTL 86400
    @ IN SOA dns.mart.boobooke. root (
    2009070900
    1H
    15M
    1W
    1D
    )
    @ IN NS dns.mart.boobooke.
    dns IN A 192.168.31.134
    client1 IN A 192.168.32.1
    client2 IN A 192.168.32.2
    client3 IN A 192.168.32.3
    client4 IN A 192.168.32.4
    client5 IN A 192.168.32.5
    client6 IN A 192.168.32.6
    client7 IN A 192.168.32.7
    client100 IN A 192.168.32.100

    vim freedom.boobooke.zone

    $TTL 86400
    @ IN SOA dns.freedom.boobooke. root (
    2009070900
    1H
    15M
    1W
    1D
    )
    @ IN NS dns.freedom.boobooke.
    dns IN A 192.168.31.134
    client1 IN A 192.168.33.1
    client2 IN A 192.168.33.2
    client3 IN A 192.168.33.3
    client4 IN A 192.168.33.4
    client5 IN A 192.168.33.5
    client6 IN A 192.168.33.6
    client7 IN A 192.168.33.7
    client50 IN A 192.168.33.50

    vim 192.168.31.zone

    @ IN SOA 31.168.192.in-addr.arpa. root.tech.boobooke. (
    2009070900
    1H
    15M
    1W
    1D
    )
    @ IN NS dns.tech.boobooke.
    134 IN PTR dns.tech.boobooke.
    1 IN PTR cilent1.tech.boobooke.
    2 IN PTR client2.tech.boobooke.
    3 IN PTR client3.tech.boobooke.
    4 IN PTR client4.tech.boobooke.
    5 IN PTR client5.tech.boobooke.
    6 IN PTR client6.tech.boobooke.
    7 IN PTR client7.tech.boobooke.
    100 IN PTR client100.tech.boobooke.

    vim 192.168.32.zone

    @ IN SOA 31.168.192.in-addr.arpa. root.mart.boobooke. (
    2009070900
    1H
    15M
    1W
    1D
    )
    @ IN NS dns.mart.boobooke.
    134 IN PTR dns.mart.boobooke.
    1 IN PTR cilent1.mart.boobooke.
    2 IN PTR client2.mart.boobooke.
    3 IN PTR client3.mart.boobooke.
    4 IN PTR client4.mart.boobooke.
    5 IN PTR client5.mart.boobooke.
    6 IN PTR client6.mart.boobooke.
    7 IN PTR client7.mart.boobooke.
    100 IN PTR client100.mart.boobooke.

    vim 192.168.33.zone

    @ IN SOA 31.168.192.in-addr.arpa. root.freedom.boobooke. (
    2009070900
    1H
    15M
    1W
    1D
    )
    @ IN NS dns.freedom.boobooke.
    134 IN PTR dns.freedom.boobooke.
    1 IN PTR cilent1.freedom.boobooke.
    2 IN PTR client2.freedom.boobooke.
    3 IN PTR client3.freedom.boobooke.
    4 IN PTR client4.freedom.boobooke.
    5 IN PTR client5.freedom.boobooke.
    6 IN PTR client6.freedom.boobooke.
    7 IN PTR client7.freedom.boobooke.
    50 IN PTR client50.freedom.boobooke.

    chown root:named 192.168.31.zone
    chown root:named 192.168.32.zone
    chown root:named 192.168.33.zone
    chown root:named tech.boobooke.zone
    chown root:named mart.boobooke.zone
    chown root:named freedom.boobooke.zone

    【实例3】安装基于chroot的DNS服务器,并将其配置成缓存Cache-only服务器,然后将客户机的查询转发到202.100.138.68和202.100.128.68的DNS服务器上。

    202.100.138.68和202.100.128.68的DNS服务器上。

    options {
    directory “/var/named” ;
    forwarders {202.100.138.68;
    202.100.128.68;
    };
    forward only;
    };

    【实例4】安装基于chroot的DNS服务器,并根据以下要求配置主要名称服务器。
    (1)定义服务器的版本信息为“9.3.4”。
    (2)设置根区域,以便DNS服务器在本地区域文件不能进行查询的解析时,能转到根DNS服务器查询。
    (3)建立xyz.org主区域,设置允许区域复制的辅域名服务器的地址为192.168.31.134。
    (4)建立以下A资源记录。
    dns.xyz.org. IN A 192.168.31.1
    www.xyz.org. IN A 192.168.31.2
    mail.xyz.org. IN A 192.168.31.3
    (5)建立以下别名CNAME资源记录。
    bbs IN CNAME www
    (6)建立以下邮件交换器MX资源记录
    Xyz.org. IN MX 10 mail.xyz.org.
    (7)建立反向解析区域31.168.192.in-addr.arpa,并为以上A资源记录建立对应的指针PTR资源记录。

    vim etc/named.conf

    options {
    directory “/var/named” ;
    version “9.3.4″;
    allow-transfer {192.168.31.132;};
    };
    zone “.” {
    type hint;
    file “named.ca”;
    };
    zone “xyz.org” {
    type master;
    file “xyz.org.zone”;
    };
    zone “31.168.192.in-addr.arpa” {
    type master;
    file “192.168.31.zone”;
    };

    vim var/named/xyz.org.zone

    $TTL 86400
    @ IN SOA dns.xyz.org. root (
    2009071000
    3H
    1H
    1W
    0
    )
    @ IN NS dns
    dns IN A 192.168.31.1
    www IN A 192.168.31.2
    mail IN A 192.168.31.3
    bbs IN CNAME www
    xyz.org. IN MX 10 mail.xyz.org.

    vim var/named/192.168.31.zone

    @ IN SOA 31.168.192.in-addr.arpa. root.xyz.org. (
    2009071000
    1H
    15M
    1W
    0
    )
    @ IN NS dns.xyz.org.
    1 IN PTR dns.xyz.org.
    2 IN PTR www.xyz.org.
    3 IN PTR mail.xyz.org.

    【实例5】安装基于chroot的DNS服务器,并根据以下要求配置辅助名称服务器。
    (1)建立xyz.org从区域,设置主要名称服务器的地址为192.168.31.132。
    (2)建立反向解析从区域31.168.192.in-addr.arpa,设置主要名称服务器的地址为192.168.31.132。

    options {
    directory “/var/named”;
    };
    zone “xyz.org” {
    type slave;
    masters { 192.168.31.134; };
    file “slaves/xyz.org.zone”;
    };
    zone “31.168.192.in-addr.arpa” {
    type slave;
    masters { 192.168.31.134; };
    file “slaves/192.168.31.zone”;
    };

    ★★★★★★★★★★★★★★★★★视频观看地址★★★★★★★★★★★★★★★★★★
    http://www.boobooke.com/v/bbk3235
    http://www.boobooke.com/v/bbk3236
    http://www.boobooke.com/v/bbk3237

    相关文章

    分类: Linux Server, My Videos
    浏览: 270 views | 标签:, , , ,
    添加评论

    发表评论