close
  1. 查看目前DNS Server服務有沒有啟動指令
    • svcs svc:*/dns*/*
    • dns01.JPG 
    • List目前兩個服務 Client與Server部分,而目前DNS Server是停用狀態,Client是啟動狀態。
  2. 啟用DNS Server指令
    •  svcadm enable svc:/network/dns/server:default
    • 在使用svcs svc:*/dns*/* 查看狀態
    • dns02.JPG 
    • 可以看見目前Server已經是online工作中了......

設定配置 DNS Server
1./etc/reslove.conf

=========/etc/resolv.conf 內容如下=======
  nameserver 192.168.200.10
  nameserver 168.95.1.1
=================================

2./etc/named.conf
  依據named.conf下配置組態檔
  2.1 /var/named/named.root
  2.2 /var/named/named.localhost
  2.3 /var/named/named.127.0.0
  2.4 /var/named/named.adonis.idv.tw(正解)
  2.5 /var/named/named.58.123.212(反解)


=====/etc/named.conf 內容如下:=====
options{
        directory       "/var/named";
        forwarders {
                168.95.1.1;
        };

};

zone "." {
        type hint;
        file "named.ca";
};

 zone "localhost" {
        type master;
        file "named.localhost";
};

zone "0.0.127.in-addr.arpa" {
        type master;
        file "named.127.0.0";
};

zone "adonis.idv.tw" {
        type master;
        file "named.adonis.idv.tw";
};

zone "212.123.58.in-addr.arpa" {
        type master;
        file "named.58.123.212";
};
==========named.conf =========


=====/etc/named.127.0.0 內容如下:=====

$TTL    86400
@       IN      SOA     localhost. root.localhost. (
        2010040901 ;Serial
        28800      ;Refresh
        14400      ;Retry
        3600000    ;Expire
        86400 )    ;Minimum


@       IN      NS      localhost.
1       IN      PTR     localhost.

==========named.127.0.0 =========

=====/etc/named.localhost 內容如下:=====

$TTL    86400
@       IN      SOA     localhost. root.localhost. (
        2010040901 ;Serial
        28800      ;Refresh
        14400      ;Retry
        3600000    ;Expire
        86400 )    ;Minimum

@               IN      NS      localhost.
localhost.      IN      A       127.0.0.1

==========named.localhost =========

=====/etc/named.adonis.idv.tw 內容如下:=====

$TTL    86400
@       IN SOA dns.adonis.idv.tw. root.solaris10 (
        2010040902 ;Serial
        10800      ;Refresh
        3600       ;Retry
        604800     ;Expire
        86400 )    ;Minimum

        IN      NS      dns
        IN      MX 10   mail
        IN      A       58.123.212.145


dns     IN A 58.123.212.145
sun10   IN A 58.123.212.145
mail    IN A 58.123.212.145

==========named.adonis.idv.tw =========

=====/etc/named.212.123.58 內容如下:=====

$TTL    86400
@       IN      SOA     dns.adonis.idv.tw. root.solaris10.adonis.idv.tw. (
        2010040903 ;Serial
        10800      ;Refresh
        3600       ;Retry
        3600000    ;Expire
        86400 )    ;Minimum

@       IN      NS      dns.adonis.idv.tw.
145     IN      PTR     dns.adonis.idv.tw.
145     IN      PTR     mail.adonis.idv.tw.
145     IN      PTR     sun10.adonis.idv.tw.

==========named.212.123.58 =========

=====/etc/named.root 內容如下:=====
直接下載來用就可以囉
ftp://ftp.internic.net/domain/named.root
==========named.root =========

啟用DNS Server[svcadm enable svc:/network/dns/server:default]
查看服務狀態[svcs svc:*/dns*/*]

3.如果DNS Server無法啟動起來,可能需要金鑰啟動
1.建立/etc/rndc.conf
rndc-config > /etc/rndc.conf

2.=========查看vi /etc/rndc.conf=============

key "rndc-key" {
        algorithm hmac-md5;
        secret "m6Lk0N96X4jUrXA6A6WrVA==";
};

options {
        default-key "rndc-key";
        default-server 127.0.0.1;
        default-port 953;
};
# End of rndc.conf

# Use with the following in named.conf, adjusting the allow list as needed:
# key "rndc-key" {
#       algorithm hmac-md5;
#       secret "m6Lk0N96X4jUrXA6A6WrVA==";
# };
#
# controls {
#       inet 127.0.0.1 port 953
#               allow { 127.0.0.1; } keys { "rndc-key"; };
# };
# End of named.conf
================================================

3.將後面有#字號的部分copy下來貼到/etc/named.conf檔案內

key "rndc-key" {
      algorithm hmac-md5;
      secret "m6Lk0N96X4jUrXA6A6WrVA==";
};

controls {
      inet 127.0.0.1 port 953
      allow { 127.0.0.1; } keys { "rndc-key"; };
};

;log檔設定
;自行在touch /var/log/dns_query.log 新增此檔

logging {
channel query_channel {
        file "/var/log/dns_query.log" versions 10 size 10m;
        print-time yes;
        print-category yes;
};
        category queries { query_channel; };
};

options{
        directory       "/var/named";
        forwarders {
                168.95.1.1;
        };

};

zone "." {
        type hint;
        file "named.ca";
};

 zone "localhost" {
        type master;
        file "named.localhost";
};

zone "0.0.127.in-addr.arpa" {
        type master;
        file "named.127.0.0";
};

zone "adonis.idv.tw" {
        type master;
        file "named.adonis.idv.tw";
};

zone "212.123.58.in-addr.arpa" {
        type master;
        file "named.58.123.212";
};

4.重新載入服務
[svcadm restart svc:/network/dns/server:default]
查看狀態指令[svcs svc:*/dns*/*]

5.如果
還是無法啟動,請查看message檔案
cat /var/adm/messages | grep named

版主有出現錯誤訊息
Q.Apr 12 14:30:53 sun10 named[1836]: [ID 873579 daemon.error] /etc/named.conf:17: 'hinet' unexpected
A.在/etc/named.conf 第17行打錯了 應該打成[hint]。

Q.Apr 16 15:09:30 sun10 named[1415]: [ID 873579 daemon.error] could not configure root hints from 'named.catch': file not found
A.沒有named.catch檔案 更改為 named.root 就可以囉。

很多公司有對內對外兩台DNS,一台負責對外的實體IP解析,一台負責虛擬IP解析,那剛好外內網域都有一部mail服務器時,這時請將對外的DNS/etc/resolv.conf 指向內部的DNS IP就可以互相寄信囉。

arrow
arrow
    全站熱搜

    蒼穹 發表在 痞客邦 留言(0) 人氣()

    E-mail轉寄