ບົດທີ5
ວິທີການຕິດຕັ້ງ NS ໃນLinux CentOS ດ້ວຍ BIND
#yum install bind bind –chroot
2. ແກ້ໄຂຄ່າໂປຣແກຣ BIND (ປັບແກ້ໄຂສະເພາະສວ່ນທີ່ເປັນສີແດງ)
Vi /etc/named.confd
ແກ້ໄຂຂໍ້ມູນດັ່ງລຸ່ມນີ້ແລ້ວບັນທືກຂໍ້ມູນ
// named.conf
//
// Provided by Red Hat bind package to configure
The ISC BIND named(8) DNS
// server as a caching only nameserver
(as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example
Named configuration files.
//
options {
isten-on port 53 { 127.0.0.1; any; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { localhost; any; };
recursion yes;
dnssec-enable yes;
dnssec-validation yes;
dnssec-lookaside auto;
/* Path to ISC DLV key */
bindkeys-file "/etc/named.iscdlv.key";
managed-keys-directory "/var/named/dynamic";
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
zone "." IN {
type hint;
file "named.ca";
};
zone "demo.site" IN {
type master;
file "f.demo.site";
};
zone "253.168.192.in-addr.arpa" IN {
type master;
file "r.demo.site";
};
include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";
3. ກວດສອບກາານສ້າງໄຟຣ named.conf ດ້ວຍຄຳສັ່ງ
Named-checkconf /etc/named.conf
4. ສ້າງໄຟຣ forward lookup zone(ແປງ Domain ເປັນ IP Address )
Vi /var/named/f.demo.site
ເພື່ມຂໍ້ມູນເຂົ້າໄປດັ່ງນີ້ແລ້ວບັນທຶກຂໍ້ມູນ
$TTL 86400
@ IN SOA ns1.demo.site. root.demo.site. (
2013121801 ; Serial
3600 ; Refresh
1800 ; Retry
604800 ; Expire
86400 ) ; Minimum
@ IN NS ns1.demo.site.
ns1 IN A 192.168.253.11
5. ກວດສອບການສ້າງໄຟຣ forward lookup zone ດ້ວຍຄໍາສັ່ງ
Named-check Zone demo.com /var/named/f.demo.site
ຜົນລັບຕ້ອງໄດ້ OK ຖ້າຫາກມີຂໍ້ຜິດພາດ ໃຫ້ກັບໄປແກ້ໄຂໄຟຣ Forward Zone ຄືນໃໝ່
6. ສ້າງໄຟຣ Reverse lookup Zone (ແປງ IP Address ເປັນ Domain)
Vi /var/named/r.demo.site
ເພື່ມຂໍ້ມູນເຂົ້າໄປດັ່ງນີ້ແລ້ວບັນທຶກຂໍ້ມູນ
$TTL 86400
@ IN SOA ns1.demo.site. root.demo.site. (
2013121801 ; Serial
3600 ; Refresh
1800 ; Retry
604800 ; Expire
86400 ) ; Minimum
@ IN NS ns1.demo.site.
11 IN PTR ns1.demo.site.
ns1 IN A 192.168.253.11
7. ກວດສອບການສ້າງໄຟຣ Reverse Lookup Zone ດ້ວຍຄຳສັ່ງ
named-checkzone demo.com /var/named/r.demo.site
ຜົນລັບຕ້ອງໄດ້ OK ຫາກມີຂໍ້ຜິດພາດຕ້ອງກັບໄປແກ້ໄຂໄຟຣReverse Zone ຄືນໃໝ່
8. Start Service bind (ສໍາລັບຄັ້ງທໍາອິດຕ້ອງລໍຖ້າເພາະລະບົບຈະທໍາການສ້າງ rndc.key ອາດຈະໄຊ້ເວລາເປັນນາທີ)
/etc/init.d/named start ຫຼື service named start
9. ປິດ Filewall
/etc/init.d/iptables stop ຫຼື service iptables stop
10. ທົດສອບເຊື່ມຕໍ່ເຄື່ອງພາຍໃນເຄືອຂ່າຍ (ໄຊ້ Windows ເຊື່ອມຕໍ່ກັບ Linux Server ຜ່ານໂປຣແກຣມ VMware) ດັ່ງນັ້ນໃຫ້ທຳການແກ້ໄຂ DNS ທີ່ເຄື່ອງ Client ທີ່ຢູ່ VMware Network Adapter VMnet8 Status ແລ້ວເພື່ມໄອພີຂອງເຄື່ອງ DNS Server ເຮົາໃສ່ທີ Preferred DNS Server.
11. ຈາກນັ້ນທໍາການທົດສອບການເຊື່ອມຕໍ່ຈາກເຄື່ອງ client ຫາເຄື່ອງ DNS Server ດວ້ຍຄໍາສັ່ງ ping