1.配置Centos系统静态IP
vi/etc/sysconfig/network-scripts/ifcfg-ens33
BOOTPROTO=static
IPADDR=192.168.1.100
NETMASK=255.255.255.0
GATEWAY=192.168.1.1
DNS1=8.8.8.8
:wq
sudo systemctl restart network.service
2.安装BIND(需要服务器连接互联网,如果服务器离线,可以配置本地源安装):
yum install bindbind-utils -y
3.启动Bind服务并设置开机自启动,检查服务是否启动成功:
systemctl start named.service
systemctl enable named.service
systemctl status named.service
4.关防火墙
systemctl stop firewalld.service
systemctl disable firewalld.service
5.编辑主配置文件:
vi /etc/named.conf
listen- on port 53 { any; };
allow- query { any; };
6.配置区域文件
vim /etc/named.rfc1912.zones
zone "sdwan.com" IN {
type master;
file "sdwan.com.zone";
};
zone "56.168.192.in-addr.arpa" IN {
type master;
file "56.168.192.zone";
};
7.创建解析文件:配置正向解析文件
vim /var/named/sdwan.com.zone
$TTL 1D
@ IN SOA sdwan.com. root.sdwan.com. (
1 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS dns.sdwan.com.
dns A 192.168.56.XXX /X需要替换成时间dns服务器地址
test1 A 192.168.56.201
8.创建解析文件:配置反向解析文件
vim /var/named/56.168.192.zone
$TTL 3H
@ IN SOA sdwan.com. root.sdwan.com. (
1 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS dns.sdwan.com.
201 PTR test1.sdwan.com.
9.检查配置文件是否正确并重启服务:
named-checkconf /etc/named.conf
named-checkzone sdwan.com /var/named/sdwan.com.zone
systemctl restart named.service
10.本机测试DNS服务器
nslookup
>test1.sdwan.com
发现解析不成功,什么原因呢?
11.经过排查发现如下情况:
解析文件权限问题!
12.更改解析文件权限如下:
13.重启Bind服务,重新检查服务,问题排除!
