Shulou(Shulou.com)06/03 Report--

DNS Server Installation Step by Step Using CentOS 6.5DNS, Domain Name System, translates hostnames or URLs into IP addresses. For example if we type www.unixmen.com in browser, the DNS server translates the domain name into its associated ip address. Since the IP addresses are hard to remember, DNS servers are used to translate the hostnames likewww.unixmen.com to 173.xxx.xx.xxx. So it makes easy to remember the domain names instead of its IP address.ScenarioPrimary (Master) DNS Server Details:Operating System: CentOS 6.5serverHostname: masterdns.unixmen.localIP Address: 192.168.1.100/24Secondary (Slave) DNS Server Details:Operating System: CentOS 6.5serverHostname: secondarydns.unixmen.localIP Address: 192.168.1.101/24Client Details:Operating System: CentOS 6.5Desktop Hostname Client.unixmen.localIP Address: 192.168.1.102/24Setup Primary (Master) DNS Server [root@masterdns ~] # yum install bind*-y1. Configure DNS Server

Add the lines as shown below in'/ etc/named.conf' file

[root@masterdns ~] # vi / etc/named.conf / named.conf//// Provided by Red Hat bind package to configure the ISC BIND named (8) DNS// server as a caching only nameserver (as a localhost DNS resolver only). / See / usr/share/doc/bind*/sample/ for example named configuration files.//options {listen-on port 53 {127.0.0.1; 192.168.1.100;} # Master DNS IP # listen-on-v6 port 53 {:: 1;}; directory "/ var/named"; dump-file "/ var/named/data/cache_dump.db"; statistics-file "/ var/named/data/named_stats.txt"; memstatistics-file "/ var/named/data/named_mem_stats.txt"; allow-query {localhost; 192.168.1.0 var/named/data/named_mem_stats.txt 24;} # IP Range # # allow-transfer {localhost; 192.168.1.101;}; # # Slave DNS IP # recursion yes;dnssec-enable yes;dnssec-validation yes;dnssec-lookaside auto;/* Path to ISC DLV key * / bindkeys-file "/ etc/named.iscdlv.key"; managed-keys-directory "/ var/named/dynamic";}; logging {channel default_debug {file "data/named.run" Severity dynamic;};}; zone ". IN {type hint;file "named.ca";}; zone "unixmen.local" IN {type master;file "forward.unixmen"; allow-update {none;};}; zone "1.168.192.in-addr.arpa" IN {type master;file "reverse.unixmen"; allow-update {none;}; include "/ etc/named.rfc1912.zones"; include "/ etc/named.root.key"; 2. Create Zone files

Create forward and reverse zone files which we mentioned in the'/ etc/named.conf' file.

2.1 Create Forward Zone

Create forward.unixmen file in the'/ var/named' directory.

[root@masterdns] # vi / var/named/forward.unixmen$TTL 86400 @ IN SOA masterdns.unixmen.local. Root.unixmen.local. (2011071001; Serial 3600; Refresh 1800; Retry 604800; Expire 86400 Minimum TTL) @ IN NS masterdns.unixmen.local.@ IN NS secondarydns.unixmen.local.@ IN MX 10 mail.unixmen.local.@ IN A 192.168.1.100 @ IN A 192.168.1.101 @ IN A 192.168.1.102masterdns IN A 192.168.1.100secondarydns IN A 192.168.1.101client IN A 192.168.1.102mail IN A 192.168.1.502.2 Create Reverse Zone

Create reverse.unixmen file in the'/ var/named' directory.

[root@masterdns] # vi / var/named/reverse.unixmen $TTL 86400 @ IN SOA masterdns.unixmen.local. Root.unixmen.local. (2011071001; Serial 3600; Refresh 1800; Retry 604800; Expire 86400 Minimum TTL) @ IN NS masterdns.unixmen.local.@ IN NS secondarydns.unixmen.local.@ IN PTR unixmen.local.masterdns IN A 192.168.1.100secondarydns IN A 192.168.1.101client IN A 192.168.1.102mail IN A 192.168.1.50100 IN PTR masterdns.unixmen.local.101 IN PTR secondarydns.unixmen.local.102 IN PTR client.unixmen.local.50 IN PTR mail.unixmen.local.3. Start the DNS service [root@masterdns] # service named startStarting named: [OK] [root@masterdns] # chkconfig named on4. Adjust iptables to allow DNS server from outside of the network

Add the lines as shown below in'/ etc/sysconfig/iptables' file.

[root@masterdns] # vi / etc/sysconfig/iptables# Firewall configuration written by system-config-firewall# Manual customization of this file is not recommended.*filter:INPUT ACCEPT [0:0]: FORWARD ACCEPT [0:0]: OUTPUT ACCEPT [0:0]-An INPUT-p udp-m state-- state NEW-- dport 53-j ACCEPT-An INPUT-p tcp-m state-- state NEW-- dport 53-j ACCEPT-An INPUT-m state-- state ESTABLISHED RELATED-j ACCEPT-An INPUT-p icmp- j ACCEPT-An INPUT-I lo-j ACCEPT-An INPUT-m state-- state NEW-m tcp-p tcp-- dport 22-j ACCEPT-An INPUT-j REJECT-- reject-with icmp-host-prohibited-A FORWARD-j REJECT-- reject-with icmp-host-prohibitedCOMMIT5. Restart iptables [root@masterdns ~] # service iptables restartiptables: Flushing firewall rules: [OK] iptables: Setting chains to policy ACCEPT: filter [OK] iptables: Unloading modules: [OK] iptables: Applying firewall rules: [OK] 6. Test DNS configuration and zone files for any syntax errors [root@masterdns ~] # named-checkconf / etc/named.conf [root@masterdns ~] # named-checkzone unixmen.local/ var/named/forward.unixmen zone unixmen.local/IN: loaded serial 2011071001OK [root@masterdns ~] # named-checkzone unixmen.local/ var/named/reverse.unixmen zone unixmen.local/IN: loaded serial 2011071001OK7. Test DNS Server [root@masterdns ~] # dig masterdns.unixmen.local; DiG 9.8.2rc1-RedHat-9.8.2-0.10.rc1.el6_3.6 masterdns.unixmen.local;; global options: + cmd;; Got answer:;;-> > HEADERHEADERHEADERHEADERHEADERHEADER

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.