DNSサーバ構築手順
前提としてLAN内部向けのDNSサーバ
環境
OS:CentOS6.5
接続:NAT, Brige の二本足(VMWareの設定)
bindのインストール
yum -y install bind
/etc/named.conf の設定
===
//
// named.conf
//
// Provided by Red Hat bind package to configure the ISC BIND named(8) DNS
// server as a caching only nameserver (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
172.16.9.0/24;
192.168.80.0/24;
};
options {
#listen-on port 53 { 127.0.0.1; };
#listen-on-v6 port 53 { ::1; };
version "unknown";
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-transfer { none; };
allow-recursion { internal-acl; };
allow-query { internal-acl; };
/* recursion yes; */
dnssec-enable yes;
dnssec-validation yes;
dnssec-lookaside auto;
/* Path to ISC DLV key */
bindkeys-file "/etc/named.iscdlv.key";
managed-keys-directory "/var/named/dynamic";
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
view "internal" {
match-clients {
internal-acl;
};
zone "." IN {
type hint;
file "named.ca";
};
zone "trial-domain.net" IN {
type master;
file "traial-domain.lan"; →NATの正引のファイル
allow-update { none; };
};
zone "80.168.192.in-addr.arpa" IN {
type master;
file "80.168.192.in-addr.arpa.db"; →NATの逆引のファイル
allow-update { none; };
};
include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";
};
view "external" {
match-clients { any; };
allow-query { any; };
zone "traial-domain.wan" IN {
type master;
file "traial-domain.wan"; →Brigeの正引のファイル
allow-update { none; };
};
zone "9.16.172.in-addr-arpa" IN {
type master;
file "9.16.172.in-addr.arpa.db"; →Brigeの逆引のファイル
allow-update { none; };
};
};
記述の確認
named-checkconf
zoneファイルの記述
/var/named/trial-domain.lan
$TTL 86400
@ IN SOA trial-domain.net. root.trial-domain.net. (
2015060801 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ; Minimum
)
IN NS ns.trial-domain.net.
ns IN A 192.168.80.145
test IN A 192.168.80.1
/var/named/80.168.192.in-addr.arpa.db
$TTL 86400
@ IN SOA trial-domain.net. root.traial-domain.net. (
2015060801 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ; Minimum
)
IN NS ns.traial-domain.net.
145 IN PTR ns.trial-domain.net.
1 IN PTR test.traial-domain.net.
/var/named/trial-domain.wan
$TTL 86400
@ IN SOA trial-domain.net. root.trial-domain.net. (
2015060801 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ; Minimum
)
IN NS ns.trial-domain.net.
ns IN A 172.16.9.153
chat IN A 172.16.9.94
BC000685 IN A 172.16.9.155
/var/named/9.16.172.in-addr.arpa.db
$TTL 86400
@ IN SOA trial-domain.net. root.traial-domain.net. (
2015060801 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ; Minimum
)
IN NS ns.traial-domain.net.
153 IN PTR ns.trial-domain.net.
94 IN PTR chat.traial-domain.net.
155 IN PTR BC000685.traial-domain.net.
記述の確認
named-checkzone
名前解決に当たり、使用するネームサーバが設定されているか確認
/etc/resolv.confの記述
DNSサーバの再起動
service named restart
DNSが正常に作動しているか確認
dig
nslookup
