系统环境:
Ubuntu 16.04.3 LTS
IP : 192.168.1.110
安装步骤
1. 安装
apt-get update
apt-get install bind92. 配置缓存转发
打开打开/etc/bind/named.conf.options,修改后如下:
acl goodclients {
192.168.1.0/24;
localhost;
localnets;
};
options {
directory "/var/cache/bind";
// If there is a firewall between you and nameservers you want
// to talk to, you may need to fix the firewall to allow multiple
// ports to talk. See http://www.kb.cert.org/vuls/id/800113
// If your ISP provided one or more IP addresses for stable
// nameservers, you probably want to use them as forwarders.
// Uncomment the following block, and insert the addresses replacing
// the all-0's placeholder.
// forwarders {
// 0.0.0.0;
// };
//========================================================================
// If BIND logs error messages about the root key being expired,
// you will need to update your keys. See https://www.isc.org/bind-keys
//========================================================================
dnssec-validation auto;
auth-nxdomain no; # conform to RFC1035
listen-on-v6 { any; };
//added
listen-on { 192.168.1.110;};
recursion yes ;
allow-query { goodclients;};
allow-query-cache { any; }; # 很重要,不然无法解析外网
allow-transfer { none; }; # disable zone transfers by default
forwarders {
223.5.5.5; # alidns
223.6.6.6; # alidns
202.96.199.133; #上海电信DNS
202.96.0.133; #上海电信DNS
114.114.114.114; # 114 现在只配置alidns,不能解析国内域名
114.114.115.115; # 114 现在只配置alidns,不能解析国内域名
8.8.8.8; # Google Google可以解析国内和国外域名
8.8.4.4; # Google Google可以解析国内和国外域名
};
forward only ;
};
3. 配置local文件
named.conf.local 文件默认是空的。本文在配置文件中分别定义一条正向解析和一条反向解析。配置文件修改后类似如下:
//domain->ip
zone "local.com" in {
type master;
file "/var/cache/bind/db.local.com";
};
//domain->ip(for anthor domain)
//zone "local1.com" in {
// type master;
// file "/var/cache/bind/db1.local.com";
//};
//ip->domain
zone "1.168.192.in-addr.arpa" in {
type master;
file "/var/cache/bind/db.1.168.192";
};4. 定义区域配置文件
配置文件定义后类似如下,分别是正向和反向两个解析记录。按照自己需求修改相应的区域和区域解析记录,IP等信息。
正向记录
sudo vim /var/cache/bind/db.local.com
$TTL 604800
@ IN SOA local.com. root.local.com. (
2 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604000) ; Negative Cache TTL
;
; name servers
@ IN NS ns.local.com.
@ IN A 192.168.1.110
;ns records
ns IN A 192.168.1.110
;host records
www IN A 192.168.1.110
api IN A 192.168.1.100反向记录
sudo vim /var/cache/bind/db.1.168.192
$TTL 604800
@ IN SOA local.com. root.local.com. (
2 ; Serial Number
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
86400 ); ; Minimum
@ IN NS local.com.
66 IN PTR www.local.com.
66 IN PTR api.local.com.
5. 检查配置、重启
hejun@ubuntu:/var/cache/bind$named-checkconf
hejun@ubuntu:/var/cache/bind$named-checkzone local.com /var/cache/bind/db.local.com
zone local.com/IN: loaded serial 2
OK
hejun@ubuntu:/var/cache/bind$named-checkzone db.1.168.192 /var/cache/bind/db.1.168.192
zone db.1.168.192/IN: loaded serial 2
OK分别检查了语法和区域配置文件,没有报错。重启bind服务。
sudo service bind9 restart到这里DNS服务器的配置就完成了,可以使用dig命令测试。
配置路由器首要DNS
在路由器里设置首要DNS 为 192.168.1.110 ,这样我们就可以在同一个内网下访问:www.local.com 就会指向到 192.168.1.110,访问:api.local.com 就会指向到 192.168.1.100