DNS Server
CentOS7 으로 Test 를 진행 하였습니다.
bind 설치
[root@centos74 ~]# yum install bind-*
bind 설정
[root@centos74 ~]# vi /etc/named.conf
options {
listen-on port 53 { any; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { any; };
recursion yes;
도메인 추가
[root@centos74 ~]# vi /etc/named.rfc1912.zones
zone "test.com" In {
type master;
file "test.com";
allow-update { none; };
};
zone "192.168.192.in-addr.arpa" IN {
type master;
file "test.com.rev";
allow-update { none; };
};
zone "a.com" In {
type master;
file "a.com";
allow-update { none; };
};
#zone "192.168.191.in-addr.arpa" IN {
# type master;
# file "a.com.rev";
# allow-update { none; };
#};
zone "b.com" In {
type master;
file "b.com";
allow-update { none; };
};
zone 파일 생성
[root@centos74 ~]# cd /var/named/
[root@centos74 named]# cp named.empty test.com
[root@centos74 named]# cp named.empty a.com
[root@centos74 named]# cp named.empty b.com
[root@centos74 named]# vi test.com
$TTL 3H
@ IN SOA @ ns.test.com. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
IN NS ns.test.com.
IN A 192.168.192.100
ns IN A 192.168.192.100
www IN A 192.168.192.100
[root@centos74 named]# vi a.com
$TTL 3H
@ IN SOA @ ns.a.com. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
IN NS ns.a.com.
IN A 192.168.192.100
ns IN A 192.168.192.100
www IN A 192.168.192.100
[root@centos74 named]# vi b.com
$TTL 3H
@ IN SOA @ ns.b.com. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
IN NS ns.b.com.
IN A 192.168.192.100
ns IN A 192.168.192.100
www IN A 192.168.192.100
역방향 설정
[root@centos74 named]# vi test.com.rev
$TTL 1D
@ IN SOA @ ns.test.com. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
IN NS ns.test.com.
10 IN PTR ns.test.com.
권한변경
[root@centos74 named]# chown root:named a.com [root@centos74 named]# chown root:named b.com [root@centos74 named]# chown root:named test.com [root@centos74 named]# chown root:named test.com.rev
named enable & start
[root@centos74 named]# systemctl enable named
Created symlink from /etc/systemd/system/multi-user.target.wants/named.service to /usr/lib/systemd/system/named.service.
[root@centos74 named]# systemctl start named
[root@centos74 named]# systemctl status named
● named.service - Berkeley Internet Name Domain (DNS)
Loaded: loaded (/usr/lib/systemd/system/named.service; enabled; vendor preset: disabled)
Active: active (running) since Wed 2017-12-20 10:18:27 KST; 4s ago
Process: 10934 ExecStop=/bin/sh -c /usr/sbin/rndc stop > /dev/null 2>&1 || /bin/kill -TERM $MAINPID (code=exited, status=0/SUCCESS)
Process: 10949 ExecStart=/usr/sbin/named -u named -c ${NAMEDCONF} $OPTIONS (code=exited, status=0/SUCCESS)
Process: 10946 ExecStartPre=/bin/bash -c if [ ! "$DISABLE_ZONE_CHECKING" == "yes" ]; then /usr/sbin/named-checkconf -z "$NAMEDCONF"; else echo "Checking of zone files is disabled"; fi (code=exited, status=0/SUCCESS)
Main PID: 10951 (named)
CGroup: /system.slice/named.service
└─10951 /usr/sbin/named -u named -c /etc/named.conf
Dec 20 10:18:27 centos74 named[10951]: zone test.com/IN: loaded serial 0
Dec 20 10:18:27 centos74 named[10951]: zone 1.0.0.127.in-addr.arpa/IN: loaded serial 0
Dec 20 10:18:27 centos74 named[10951]: zone 192.168.192.in-addr.arpa/IN: loaded serial 0
Dec 20 10:18:27 centos74 named[10951]: zone b.com/IN: loaded serial 0
Dec 20 10:18:27 centos74 named[10951]: all zones loaded
Dec 20 10:18:27 centos74 named[10951]: running
Dec 20 10:18:27 centos74 named[10951]: zone test.com/IN: sending notifies (serial 0)
Dec 20 10:18:27 centos74 named[10951]: zone b.com/IN: sending notifies (serial 0)
Dec 20 10:18:27 centos74 named[10951]: zone 192.168.192.in-addr.arpa/IN: sending notifies (serial 0)
Dec 20 10:18:27 centos74 named[10951]: zone a.com/IN: sending notifies (serial 0)
[root@centos74 named]#
Ping Test
[root@centos74 named]# vi /etc/resolv.conf ; generated by /usr/sbin/dhclient-script search localdomain nameserver 192.168.192.100
bind-chroot — 차후 Test