Shulou(Shulou.com)06/01 Report--

Editor to share with you how to build master-slave DNS on RHEL5 and Centos5.5, I believe most people do not know much about it, so share this article for your reference, I hope you can learn a lot after reading this article, let's learn about it!

Description of the experimental environment

Operating system hostname, number of network cards, IP usage

-

RHEL5 ns1 1 piece 192.10.10.5 RHEL5 ns1 24 main DNS

-

Centos5.5 ns2 1 192.10.10.55 Universe 24 Auxiliary DNS

-

Xp Xp_client 1 piece 192.10.10.10 Universe 24 private network client

-

Above, first use the ping command to test to ensure network connectivity

1. Check the installation packages needed to build DNS on RHEL5

[root@ns1 ~] # rpm-qa | grep bind*

Bind-utils-9.3.3-7.el5 # provides tools for testing DNS servers, such as nslookup,dig

Bind-chroot-9.3.3-7.el5 # provides a disguised root directory for bind to enhance security

Bind-9.3.3-7.el5 # build the main package of DNS

[root@ns1 ~] # rpm-qa | grep caching-name*

Caching-nameserver-9.3.3-7.el5 # provides the necessary configuration files for implementing a cached DNS server

The main configuration file of BIND is not available by default under / etc and / var/named/chroot/etc of named.conf,RHEL5 and Centos5.5, which needs to be established manually, or you can copy the main configuration sample file of BIND from / usr/share/doc/bind-9.3.3/sample/etc/ to / var/named/chroot/etc.

The named.conf configuration file mainly includes the global configuration and zone configuration section, which is included in the curly braces of "options {};", while the zone configuration parameters are in "zone {};".

Second, in order to improve the efficiency of domain name resolution, you need to write the address of the master-slave DNS to / etc/hosts and specify the master-slave DNS address in the / etc/resolv.conf file.

[root@ns1 named] # cat / etc/hosts # writes the master-slave DNS address to the hosts file

# Do not remove the following line, or various programs

# that require network functionality will fail.

192.10.10.5 ns1.tgh.com ns1

192.10.10.55 ns2.tgh.com ns2

[root@ns1 named] # cat / etc/resolv.conf # writes the master-slave DNS address to the resolv.conf file

Search tgh.com

Nameserver 192.10.10.5

Nameserver 192.10.10.55

[root@ns1 ~] # cat / etc/sysconfig/network

NETWORKING=yes

NETWORKING_IPV6=yes

HOSTNAME=ns1.tgh.com # set hostname

GATEWAY=192.10.10.1

Manually create the BIND master configuration file

[root@ns1 ~] # vi / var/named/chroot/etc/named.conf # create and edit the BIND main configuration file named.conf using vi

# Global configuration parameters

Options {

Listen-on port 53 {any;}; # set the listener port number and IP address; if you comment on this line, listen for the service on all available IP addresses, with any for all listeners

Directory "/ var/named/"; # this line cannot be commented. Specify the location of the regional database file.

Allow-query {any;}; # client addresses that are allowed to be queried by DNS. Any means all can be queried.

Recursion yes; # setting allows recursive queries

}

# Zone configuration parameters

Zone "." IN {# set root zone

Type hint; # zone type, hint for root domain, master for primary domain, and slave for secondary domain

File "named.ca"; # corresponding root domain address database file name

}

Zone "tgh.com" IN {# sets the forward DNS area name

Type master; # Zone type is the primary domain

File "tgh.com.zone"; # address database file name of the forward zone

Allow-transfer {192.10.10.55;}; # sets the slave domain name server address that allows downloading zone database information

Allow-update {none;}; # sets the client address that allows dynamic updates to forbidden

}

Zone "10.10.192.in-addr.arpa" IN {# sets the reverse DNS zone name

Type master; # Zone type is the primary domain

File "192.10.10.arpa"; # address database file name of the reverse area

Allow-transfer {192.10.10.55;}; # sets the slave domain name server address that allows downloading zone database information

Allow-update {none;}

}

: wq! # Save exit!

[root@ns1 etc] # chmod 755 named.conf # gives the relevant permissions, otherwise an error will be reported when starting named

[root@ns1 etc] # ll named.conf # View the properties of the zone profile

-rwxr-xr-x 1 root root 780 Nov 24 07:37 named.conf

[root@ns1 ~] # named-checkconf / var/named/chroot/etc/named.conf # check whether there are syntax errors in the main configuration file, and be careful to specify the path.

Manually create the regional database configuration file of BIND

[root@ns1 ~] # vi / var/named/chroot/var/named/tgh.com.zone # create a forward zone database file, pay attention to the file name and path

$TTL 86400 # set the default cache time for valid address resolution records

@ IN SOA tgh.com. Admin.tgh.com. (# set SOA tags, domain names, domain management mailboxes

2010112001 # Update the serial number to mark changes in the address database. It can be an integer within 10 digits

4H # refresh time, the interval between updating the address database file from the domain name server

15m # retry time, after failed to update the address database from the domain name server, wait how long (15 Minutes) to try again

1W # expiration time, after which the address database cannot be updated (1 Week), then no more attempts will be made.

1D # sets the default cache time for invalid address resolution records (1 Day)

)

@ IN NS ns1.tgh.com. # NS is the domain name server record, which is used to set the domain name address of the DNS server in the current domain. Note that the name is followed by "."

@ IN NS ns2.tgh.com.

IN MX 5 mail.tgh.com. # MX mail exchange record, which is used to set the domain name address of the mail server in the current domain. The higher the priority of the number table, the lower the priority.

Ns1 IN A 192.10.10.5 # An address record, used to record forward domain name resolution

Ns2 IN A 192.10.10.55

Www IN A 192.10.10.5

Www IN A 192.10.10.4 # it is assumed that a domain name corresponds to multiple IP, and load balancing based on DNS resolution can be realized.

Mail IN A 192.10.10.5

Ftp IN A 192.10.10.5

Sz IN CNAME www # CNAME alias record, which indicates that sz.tgh.com is an alias for www.tgh.com, which can be seen through nslookup sz.tgh.com

* IN A 192.10.10.5 # when an IP corresponds to a large number of different domain names, it is used for pan-domain name resolution.

: wq! # Save exit!

[root@ns1 ~] # vi / var/named/chroot/var/named/192.10.10.arpa # create a reverse zone database file, pay attention to the file name and path

$TTL 86400

@ IN SOA tgh.com. Admin.tgh.com. (

2010112001

4H

15M

1W

1D

)

@ IN NS ns1.tgh.com. # Note that the name is followed by "."

@ IN NS ns2.tgh.com.

5 IN PTR ns1.tgh.com.

55 IN PTR ns2.tgh.com.

5 IN PTR www.tgh.com. # PTR pointer record, the first column is host address

4 IN PTR www.tgh.com. # it is assumed that one domain name corresponds to multiple IP in the forward region database.

5 IN PTR mail.tgh.com.

5 IN PTR ftp.tgh.com.

: wq! # Save exit!

Give the relevant permissions, start the named service, and turn off the firewall

[root@ns1 named] # chmod 755 tgh.com.zone # give relevant permissions

[root@ns1 named] # chmod 755 192.10.10.arpa # give relevant permissions

[root@ns1 ~] # service named restart # restart the named service

Stopping named: [OK]

Starting named: [OK]

[root@ns1 etc] # service iptables stop # disable the firewall, otherwise the client cannot parse properly

Flushing firewall rules: [OK]

Setting chains to policy ACCEPT: filter [OK]

Unloading iptables modules: [OK]

[root@ns1 ~] # chkconfig-- level 35 named on # sets the named service to boot automatically

[root@ns1 ~] # chkconfig-- list named # to see if it is enabled in 3 / 5

Named 0:off 1:off 2:off 3:on 4:off 5:on 6:off

[root@ns1 data] # netstat-anp | grep: 53 # View named port status

Verify the primary domain name server

[root@ns1 ~] # nslookup # enable nslookup query

> www.tgh.com

Server: 192.10.10.5

Address: 192.10.10.5#53

Name: www.tgh.com

Address: 192.10.10.5

> mail.tgh.com

Server: 192.10.10.5

Address: 192.10.10.5#53

Name: mail.tgh.com

Address: 192.10.10.5

> sz.tgh.com

Server: 192.10.10.5

Address: 192.10.10.5#53

Sz.tgh.com canonical name = www.tgh.com.

Name: www.tgh.com

Address: 192.10.10.5

> 192.10.10.5 # reverse resolution

Server: 192.10.10.5

Address: 192.10.10.5#53

5.10.10.192.in-addr.arpa name = ftp.tgh.com.

5.10.10.192.in-addr.arpa name = ns1.tgh.com.

5.10.10.192.in-addr.arpa name = www.tgh.com.

5.10.10.192.in-addr.arpa name = mail.tgh.com.

On the client XP_client (Note: the client DNS should be 192.10.10.5)

C:\ Documents and Settings\ tghfly > nslookup www.tgh.com # forward parsing

Server: ftp.tgh.com

Address: 192.10.10.5

Name: www.tgh.com

Address: 192.10.10.5

C:\ Documents and Settings\ tghfly > nslookup sz.tgh.com # performs forward resolution of aliases set up

Server: ftp.tgh.com

Address: 192.10.10.5

Name: www.tgh.com

Address: 192.10.10.5

Aliases: sz.tgh.com

C:\ Documents and Settings\ tghfly > nslookup 192.10.10.5 # reverse resolution

Server: mail.tgh.com

Address: 192.10.10.5

Name: www.tgh.com

Address: 192.10.10.5

-

Use bind to build a secondary domain name server on Centos5.5

1. Also set the hostname, / etc/hosts, / etc/resolv.conf file

[root@ns2 network-scripts] # cat / etc/resolv.conf

Nameserver 192.10.10.5

Nameserver 192.10.10.55

[root@ns2 network-scripts] # cat / etc/hosts

# Do not remove the following line, or various programs

# that require network functionality will fail.

192.10.10.5 ns1.tgh.com

192.10.10.55 ns2.tgh.com

[root@ns2 network-scripts] # cat / etc/sysconfig/network

NETWORKING=yes

NETWORKING_IPV6=no

HOSTNAME=ns2.tgh.com

GATEWAY=192.10.10.1

2. Set up the BIND main configuration file named.conf on the secondary domain name server

[root@ns2 ~] # vi / var/named/chroot/etc/named.conf

Options {

Allow-query {any;}

Directory "/ var/named"

Recursion yes

}

Zone "tgh.com" IN {

Type slave; # uses secondary zone types

Masters {192.10.10.5;}; # specify the IP address of the primary domain name server

File "slaves/tgh.com.zone"; # Save the address database file downloaded from the primary domain name server to the slaves directory of the secondary domain name server

}

Zone "10.10.192.in-addr.arpa" IN {

Type slave

Masters {192.10.10.5;}

File "slaves/192.10.10.arpa"

}

: wq! # Save exit

3. Give the relevant permissions, start the named service, and turn off the firewall

[root@ns2 ~] # chmod 755 / var/named/chroot/etc/named.conf

[root@ns2 ~] # service named restart

Stopping named: [OK]

Starting named: [OK]

[root@ns2 ~] # service iptables stop

Flushing firewall rules: [OK]

Setting chains to policy ACCEPT: nat filter [OK]

Unloading iptables modules: [OK]

[root@ns2] # chkconfig-- level 35 named on

[root@ns2 ~] # tail-f / var/log/messages # View download records of regional database files

Nov 27 14:37:18 ns2 named [5463]: zone tgh.com/IN: Transfer started.

Nov 27 14:37:18 ns2 named [5463]: transfer of 'tgh.com/IN' from 192.10.10.534 53: connected using 192.10.10.55 53041

Nov 27 14:37:18 ns2 named [5463]: zone tgh.com/IN: transferred serial 2010112001

Nov 27 14:37:18 ns2 named [5463]: transfer of 'tgh.com/IN' from 192.10.10.5 ns2 named 53: end of transfer

Nov 27 14:37:18 ns2 named [5463]: zone tgh.com/IN: sending notifies (serial 2010112001)

Nov 27 14:37:19 ns2 named [5463]: zone 10.10.192.in-addr.arpa/IN: Transfer started.

Nov 27 14:37:19 ns2 named [5463]: transfer of '10.10.192.in house addr.arpabind in' from 192.10.10.515'53: connected using 192.10.10.55 '49613

Nov 27 14:37:19 ns2 named [5463]: zone 10.10.192.in-addr.arpa/IN: transferred serial 2010112001

Nov 27 14:37:19 ns2 named [5463]: transfer of '10.10.192.in house addr.arpaash IN'from 192.10.10.54th 53: end of transfer

Nov 27 14:37:19 ns2 named [5463]: zone 10.10.192.in-addr.arpa/IN: sending notifies (serial 2010112001)

4. Test on the client XP_client (Note: the client DNS should be changed to 192.10.10.55)

C:\ Documents and Settings\ Administrator > nslookup

Default Server: ns2.tgh.com

Address: 192.10.10.55

> www.tgh.com

Server: ns2.tgh.com

Address: 192.10.10.55

Name: www.tgh.com

Address: 192.10.10.5

> mail.tgh.com

Server: ns2.tgh.com

Address: 192.10.10.55

Name: mail.tgh.com

Address: 192.10.10.5

> sz.tgh.com

Server: ns2.tgh.com

Address: 192.10.10.55

Name: www.tgh.com

Address: 192.10.10.5

Aliases: sz.tgh.com

Note: when the client cannot resolve through the secondary domain name server, you can try to delete the address database file in the slaves directory and restart named acquisition.

The above is all the content of the article "how to build Master-Slave DNS on RHEL5 and Centos5.5". Thank you for reading! I believe we all have a certain understanding, hope to share the content to help you, if you want to learn more knowledge, welcome to follow the industry information channel!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.