[dns-server] Centos7 bind install

DNS Server 

BIND Open Source DNS Server

CentOS7 으로 Test  를 진행 하였습니다.

 

 

bind 설치 

[root@centos74 ~]# yum install bind-*

 

bind 설정

[root@centos74 ~]# vi /etc/named.conf
options {
        listen-on port 53 { any; };
        listen-on-v6 port 53 { ::1; };
        directory       "/var/named";
        dump-file       "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
        memstatistics-file "/var/named/data/named_mem_stats.txt";
        allow-query     { any; };

recursion yes;

 

도메인 추가

[root@centos74 ~]# vi /etc/named.rfc1912.zones

zone "test.com" In {
        type master;
        file "test.com";
        allow-update { none; };
};

zone "192.168.192.in-addr.arpa" IN {
        type master;
        file "test.com.rev";
        allow-update { none; };
};

zone "a.com" In {
        type master;
        file "a.com";
        allow-update { none; };
};

#zone "192.168.191.in-addr.arpa" IN {
#       type master;
#       file "a.com.rev";
#       allow-update { none; };
#};

zone "b.com" In {
        type master;
        file "b.com";
        allow-update { none; };
};

 

zone 파일 생성

[root@centos74 ~]# cd /var/named/
[root@centos74 named]# cp named.empty test.com
[root@centos74 named]# cp named.empty a.com
[root@centos74 named]# cp named.empty b.com
[root@centos74 named]# vi test.com
$TTL 3H
@       IN SOA  @ ns.test.com. (
                                        0       ; serial
                                        1D      ; refresh
                                        1H      ; retry
                                        1W      ; expire
                                        3H )    ; minimum
        IN      NS      ns.test.com.
        IN      A       192.168.192.100
ns      IN      A       192.168.192.100
www     IN      A       192.168.192.100

[root@centos74 named]# vi a.com
$TTL 3H
@       IN SOA  @ ns.a.com. (
                                        0       ; serial
                                        1D      ; refresh
                                        1H      ; retry
                                        1W      ; expire
                                        3H )    ; minimum
        IN      NS      ns.a.com.
        IN      A       192.168.192.100
ns      IN      A       192.168.192.100
www     IN      A       192.168.192.100

[root@centos74 named]# vi b.com
$TTL 3H
@       IN SOA  @ ns.b.com. (
                                        0       ; serial
                                        1D      ; refresh
                                        1H      ; retry
                                        1W      ; expire
                                        3H )    ; minimum
        IN      NS      ns.b.com.
        IN      A       192.168.192.100
ns      IN      A       192.168.192.100
www     IN      A       192.168.192.100

 

역방향 설정

[root@centos74 named]# vi test.com.rev
$TTL 1D
@       IN SOA  @ ns.test.com. (
                                        0       ; serial
                                        1D      ; refresh
                                        1H      ; retry
                                        1W      ; expire
                                        3H )    ; minimum
        IN      NS      ns.test.com.
10      IN      PTR     ns.test.com.

 

권한변경

[root@centos74 named]# chown root:named a.com
[root@centos74 named]# chown root:named b.com
[root@centos74 named]# chown root:named test.com
[root@centos74 named]# chown root:named test.com.rev

 

 

named enable & start

[root@centos74 named]# systemctl enable named
Created symlink from /etc/systemd/system/multi-user.target.wants/named.service to /usr/lib/systemd/system/named.service.
[root@centos74 named]# systemctl start named
[root@centos74 named]# systemctl status named
● named.service - Berkeley Internet Name Domain (DNS)
   Loaded: loaded (/usr/lib/systemd/system/named.service; enabled; vendor preset: disabled)
   Active: active (running) since Wed 2017-12-20 10:18:27 KST; 4s ago
  Process: 10934 ExecStop=/bin/sh -c /usr/sbin/rndc stop > /dev/null 2>&1 || /bin/kill -TERM $MAINPID (code=exited, status=0/SUCCESS)
  Process: 10949 ExecStart=/usr/sbin/named -u named -c ${NAMEDCONF} $OPTIONS (code=exited, status=0/SUCCESS)
  Process: 10946 ExecStartPre=/bin/bash -c if [ ! "$DISABLE_ZONE_CHECKING" == "yes" ]; then /usr/sbin/named-checkconf -z "$NAMEDCONF"; else echo "Checking of zone files is disabled"; fi (code=exited, status=0/SUCCESS)
 Main PID: 10951 (named)
   CGroup: /system.slice/named.service
           └─10951 /usr/sbin/named -u named -c /etc/named.conf

Dec 20 10:18:27 centos74 named[10951]: zone test.com/IN: loaded serial 0
Dec 20 10:18:27 centos74 named[10951]: zone 1.0.0.127.in-addr.arpa/IN: loaded serial 0
Dec 20 10:18:27 centos74 named[10951]: zone 192.168.192.in-addr.arpa/IN: loaded serial 0
Dec 20 10:18:27 centos74 named[10951]: zone b.com/IN: loaded serial 0
Dec 20 10:18:27 centos74 named[10951]: all zones loaded
Dec 20 10:18:27 centos74 named[10951]: running
Dec 20 10:18:27 centos74 named[10951]: zone test.com/IN: sending notifies (serial 0)
Dec 20 10:18:27 centos74 named[10951]: zone b.com/IN: sending notifies (serial 0)
Dec 20 10:18:27 centos74 named[10951]: zone 192.168.192.in-addr.arpa/IN: sending notifies (serial 0)
Dec 20 10:18:27 centos74 named[10951]: zone a.com/IN: sending notifies (serial 0)
[root@centos74 named]#

 

Ping Test

[root@centos74 named]# vi /etc/resolv.conf
; generated by /usr/sbin/dhclient-script
search localdomain
nameserver 192.168.192.100

 

 

bind-chroot — 차후 Test

 

 

 

댓글 남기기