[vmware] centos6.4でDNSサーバ構築

環境

OS:centos6.4
VMWARE PLAYER
leeさんとの勉強会_1_dns構築
上記図のような構成を作ることにあたってDNSサーバを構築してみよう

目次

●masterDNSサーバ構築

基本設定
bind設置
zoneファイル設定(web1.test.com,web2.test.com)
resolveファイル設定(192.168.253.20,192.168.253.21)
slaveにforwarding設定(192.168.253.11=slaveにforwarding)

●slaveDNSサーバ構築

基本設定
bind設置

●動作確認

slaveにご無事にforwardingしているか確認
digコマンドで名前解決動作確認
digコマンドで逆引き動作確認

●masterDNSサーバ構築

bind設置
[code language=”bash”]
yum -y install bind bind-chroot
[/code]

named.conf設定
[code language=”bash”]
vim /var/named/chroot/etc/named.conf
options {

listen-on port 53 { any; };
#listen-on-v6 port 53 { ::1; };

directory "/var/named";
recursion no;
allow-query { any; };

};

zone "." IN {
type hint;
file "named.ca";
};

zone "web1.test.com" IN {
type master;
file "web1.test.com.zone"; //web1 zoneファイル設定
allow-transfer {192.168.253.11;}; //slaveにforwarding設定

};

zone "web2.test.com" IN {
type master;
file "web2.test.com.zone"; //web2 zoneファイル設定
allow-transfer {192.168.253.11;}; //slaveにforwarding設定

};

zone "253.168.192.in-addr.arp"{
type master;
file "web1.test.com.rev";
allow-transfer {192.168.253.11;};
#recursion no;

};

zone "253.168.192.in-addr.arp_web2"{
type master;
file "web2.test.com.rev";
allow-transfer {192.168.253.11;};
#recursion no;

};
[/code]

zone,revファイル設定

[code language=”bash”]
vim /var/named/chroot/var/named/web1.test.com.zone
$TTL 86400
@ IN SOA dns1.test.com. root.web1.test.com. (
2004031901 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS dns1.test.com.
@ IN A 192.168.253.20

vim /var/named/chroot/var/named/web2.test.com.zone

$TTL 86400
@ IN SOA dns1.test.com. root.web2.test.com. (
2004031901 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS dns1.test.com.
@ IN A 192.168.253.21

vim /var/named/chroot/var/named/web1.test.com.rev

$TTL 86400
@ IN SOA dns1.test.com. root.localhost. (
2004031901 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS dns1.test.com.
@ IN PTR web1.test.com.

vim /var/named/chroot/var/named/web2.test.com.rev

$TTL 86400
@ IN SOA dns1.test.com. root.localhost. (
2004031901 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS dns1.test.com.
@ IN PTR web2.test.com.
[/code]

動作確認
[code language=”bash”]
chkconfig named on
service named restart
[/code]

zoneファイル動作チェック
[code language=”bash”]
yum install bind-utils <<digコマンドないと設置
[/code]

[code language=”bash”]
[root@dns1 named]# dig a web1.test.com

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.17.rc1.el6_4.6 <<>> a web1.test.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 22614
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 0
;; WARNING: recursion requested but not available

;; QUESTION SECTION:
;web1.test.com. IN A

;; ANSWER SECTION:
web1.test.com. 86400 IN A 192.168.253.20

;; AUTHORITY SECTION:
web1.test.com. 86400 IN NS dns1.test.com.

;; Query time: 28 msec
;; SERVER: 192.168.253.10#53(192.168.253.10)
;; WHEN: Mon Dec 16 20:41:25 2013
;; MSG SIZE rcvd: 66
[/code]

revファイル動作チェック
[code language=”bash”]
[root@dns1 named]# dig ptr 253.168.192.in-addr.arp

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.17.rc1.el6_4.6 <<>> ptr 253.168.192.in-addr.arp
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 55713
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 0
;; WARNING: recursion requested but not available

;; QUESTION SECTION:
;253.168.192.in-addr.arp. IN PTR

;; ANSWER SECTION:
253.168.192.in-addr.arp. 86400 IN PTR web1.test.com.

;; AUTHORITY SECTION:
253.168.192.in-addr.arp. 86400 IN NS dns1.test.com.

;; Query time: 0 msec
;; SERVER: 192.168.253.10#53(192.168.253.10)
;; WHEN: Mon Dec 16 20:43:18 2013
;; MSG SIZE rcvd: 87
[/code]

●slaveDNSサーバ構築

[code language=”bash”]
yum -y install bind bind-chroot
[/code]

web1だけを対象にしてslaveにforwarding設定しよう

[code language=”bash”]

vim /var/named/chroot/etc/named.conf

options {

version "version1";
directory "/var/named/slaves";
recursion no;
allow-query {any; };

};

zone "web1.test.com" IN { //masterとfile名をそろうべき

type slave;
file "web1_slave.test.com.zone"; //適当に書けばいい
masters { 192.168.253.10; };
};

zone "253.168.192.in-addr.arp" { //masterとfile名をそろうべき

type slave;
file "web1_slave.test.com.rev"; //適当に書けばいい
masters {
192.168.253.10;
};

};

[/code]

masterのzone,revファイルがslaveにご無事でforwardingされたか確認する

[code language=”bash”]
[root@localhost slaves]# ls -la
合計 8
drwxrwx—. 2 named named 4096 12月 18 09:06 2013 .
drwxr-xr-x. 6 root named 4096 11月 18 09:59 2013 ..
[root@localhost slaves]#
[root@localhost slaves]#
[root@localhost slaves]# service named restart //slaveを再起動することでrev,zoneファイルがforwardingされる
named を停止中: . [ OK ]
named を起動中: [ OK ]
[root@localhost slaves]# ls -la
合計 16
drwxrwx—. 2 named named 4096 12月 18 09:06 2013 .
drwxr-xr-x. 6 root named 4096 11月 18 09:59 2013 ..
-rw-r–r– 1 named named 317 12月 18 09:06 2013 web1_slave.test.com.rev
-rw-r–r– 1 named named 310 12月 18 09:06 2013 web1_slave.test.com.zone
[root@localhost slaves]# pwd
/var/named/slaves
[/code]

トラブルシュッティング一覧

tail -f /var/log/messages
service named restart 時に出るエラー
named-checkconf /var/named/chroot/etc/named.conf <<文法チェック

カテゴリー: DNS

コメントを残す

メールアドレスが公開されることはありません。 * が付いている欄は必須項目です