本文介绍了在 CentOS 上使用 BIND (Berkeley Internet Name Domain) 搭建 DNS 服务的步骤。首先需要下载 DNS 服务软件,然后配置主配置文件和区域文件,接着配置正向解析数据文件和反向解析数据文件,设置文件权限,检查配置文件是否配置正确,最后启动 DNS 服务并测试解析。
CentOS 搭建 DNS 服务
可以使用 BIND (Berkeley Internet Name Domain) 来搭建 DNS 服务。以下是在 CentOS 上搭建 BIND 的步骤:
[root@localhost named]# ls -alh total 28K drwxrwx--T. 5 root named 178 Mar 22 18:52 . drwxr-xr-x. 22 root root 4.0K Mar 22 17:34 .. drwxrwx---. 2 named named 23 Mar 22 17:45 data drwxrwx---. 2 named named 60 Mar 22 18:52 dynamic -rw-r-----. 1 root named 2.3K Nov 8 19:18 named.ca -rw-r-----. 1 root named 152 Nov 8 19:18 named.empty -rw-r-----. 1 root named 152 Nov 8 19:18 named.localhost -rw-r-----. 1 root named 168 Nov 8 19:18 named.loopback drwxrwx---. 2 named named 6 Nov 8 19:18 slaves -rw-r--r--. 1 root root 429 Mar 22 18:51 wylu.test.localhost -rw-r--r--. 1 root root 397 Mar 22 17:44 wylu.test.loopback
否则启动服务时会产生如下错误提示:
1 2 3 4 5 6
Mar 22 17:44:08 localhost.localdomain named[15726]: zone 170.128.10.in-addr.arpa/IN: loading from master file wylu.test.loopback failed: permission denied Mar 22 17:44:08 localhost.localdomain named[15726]: zone 170.128.10.in-addr.arpa/IN: not loaded due to errors. Mar 22 17:44:08 localhost.localdomain named[15726]: zone wylu.test/IN: loading from master file wylu.test.localhost failed: permission denied Mar 22 17:44:08 localhost.localdomain named[15726]: zone wylu.test/IN: not loaded due to errors. Mar 22 17:44:08 localhost.localdomain named[15726]: all zones loaded Mar 22 17:44:08 localhost.localdomain named[15726]: running
检查配置文件是否配置正确
1 2 3 4 5 6 7 8
[root@localhost named]# named-checkconf -z /etc/named.conf zone localhost.localdomain/IN: loaded serial 0 zone localhost/IN: loaded serial 0 zone 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN: loaded serial 0 zone 1.0.0.127.in-addr.arpa/IN: loaded serial 0 zone 0.in-addr.arpa/IN: loaded serial 0 zone wylu.test/IN: loaded serial 0 zone 170.128.10.in-addr.arpa/IN: loaded serial 0
如上输出表示配置文件没问题。
启动 DNS 服务
1 2 3 4 5 6 7 8 9 10 11 12 13
# 关闭防火墙服务 systemctl stop firewalld systemctl disable firewalld # 临时禁用 SELinux setenforce 0 # 永久禁用 SELinux vim /etc/selinux/config SELINUX=disabled # 启动 DNS 服务 systemctl start named systemctl enable named