首先为三台服务器安装DNS。

主： [root@master ~]# mount /dev/cdrom /mnt mount: block device /dev/cdrom is write-protected, mounting read-only [root@master ~]# yum install bind*

[root@master ~]# rpm -qa | grep bind

bind-9.3.6-4.P1.el5_4.2 bind-libs-9.3.6-4.P1.el5_4.2 bind-sdb-9.3.6-4.P1.el5_4.2 bind-utils-9.3.6-4.P1.el5_4.2 bind-devel-9.3.6-4.P1.el5_4.2 bind-libbind-devel-9.3.6-4.P1.el5_4.2 bind-chroot-9.3.6-4.P1.el5_4.2 ypbind-1.19-12.el5 [root@master ~]#

辅：

[root@slave ~]# mount /dev/cdrom /mnt mount: block device /dev/cdrom is write-protected, mounting read-only [root@slave ~]# yum install bind*

[root@slave ~]# rpm -qa | grep bind

bind-chroot-9.3.6-4.P1.el5_4.2 bind-libs-9.3.6-4.P1.el5_4.2 bind-devel-9.3.6-4.P1.el5_4.2 bind-libbind-devel-9.3.6-4.P1.el5_4.2 bind-utils-9.3.6-4.P1.el5_4.2 bind-9.3.6-4.P1.el5_4.2 ypbind-1.19-12.el5 bind-sdb-9.3.6-4.P1.el5_4.2 [root@slave ~]#

缓存：

[root@forward ~]# mount /dev/cdrom /mnt mount: block device /dev/cdrom is write-protected, mounting read-only [root@forward ~]# yum install bind*

[root@forward ~]# rpm -qa | grep bind

bind-libs-9.3.6-4.P1.el5_4.2 bind-libbind-devel-9.3.6-4.P1.el5_4.2 bind-9.3.6-4.P1.el5_4.2 bind-chroot-9.3.6-4.P1.el5_4.2 bind-utils-9.3.6-4.P1.el5_4.2 bind-sdb-9.3.6-4.P1.el5_4.2 ypbind-1.19-12.el5 bind-devel-9.3.6-4.P1.el5_4.2 [root@forward ~]# 一、配置主服务器： 编辑主配置文件： [root@master ~]# vim /var/named/chroot/etc/named.conf

options{

    directory   "/var/named"; }; zone   "wu.com" IN {        type  master;        file  "wu.com.zone";        allow-update {none;};        allow-transfer {172.17.17.2;}; }; include "/etc/rndc.key"; ~                          

拷贝模板文件到wu.com.zone：

[root@master ~]# cp /usr/share/doc/bind- bind-9.3.6/       bind-devel-9.3.6/ bind-sdb-9.3.6/   [root@master ~]# cp /usr/share/doc/bind-9.3.6/sample/var/named/localhost.zone /var/named/chroot/var/named/wu.com.zone [root@master ~]# [root@master ~]# vim /var/named/chroot/var/named/wu.com.zone $TTL    86400 @               IN SOA  @       root (                                         42              ; serial (d. adams)                                         3H              ; refresh                                         15M             ; retry                                         1W              ; expiry                                         1D )            ; minimum

@               IN NS           master.wu.com.

www             IN A            172.17.17.1

[root@master ~]# cd /var/named/chroot/var/named/slaves/

[root@master slaves]# ls [root@master slaves]# chown named.named /var/named/chroot/var/named/wu.com.zone [root@master slaves]# cp /var/named/chroot/var/named/wu.com.zone /var/named/chroot/var/named/slaves/ [root@master slaves]# cd /var/named/chroot/var/named/slaves/ [root@master slaves]# ls wu.com.zone

重启dns服务： [root@master ~]# service named restart 停止 named：                                               [确定] 启动 named：                                               [确定] [root@master ~]# 客户端测试： [root@localhost ~]# vim /etc/resolv.conf nameserver 172.17.17.1 [root@localhost ~]# host has address 172.17.17.1 [root@localhost ~]#

二、辅助服务器：

编辑主配置文件： [root@slave ~]# vim /var/named/chroot/etc/named.conf options{     directory   "/var/named"; }; zone   "wu.com" IN {        type  slave;        file  "slaves/wu.com.zone";        masters {172.17.17.1;};        allow-update {none;}; }; include "/etc/rndc.key";

修改从主DNS复制过来的区域文件存放目录的权限   [root@slave slaves]#cd /var/named/chroot/var/named/slaves   [root@slave slaves]#chmod 775 /var/named/chroot/var/named/slaves   [root@slave slaves]#chown named.named /var/named/chroot/var/named/slaves 重启dns [root@slave ~]# service named restart 停止 named：                                               [确定] 启动 named：                                               [确定] [root@slave ~]#

辅助服务器上测试：

[root@slave slaves]# service named restart 停止 named：                                               [确定] 启动 named：                                               [确定] [root@slave slaves]# tail -f /var/log/messages Jan  8 23:33:52 localhost named[12966]: listening on IPv4 interface eth0, 172.17.17.2#53 Jan  8 23:33:52 localhost named[12966]: command channel listening on 127.0.0.1#953 Jan  8 23:33:52 localhost named[12966]: command channel listening on ::1#953 Jan  8 23:33:52 localhost named[12966]: the working directory is not writable Jan  8 23:33:52 localhost named[12966]: running Jan  8 23:33:52 localhost named[12966]: zone wu.com/IN: Transfer started. Jan  8 23:33:52 localhost named[12966]: transfer of 'wu.com/IN' from 172.17.17.1#53: connected using 172.17.17.2#33530 Jan  8 23:33:52 localhost named[12966]: zone wu.com/IN: transferred serial 42 Jan  8 23:33:52 localhost named[12966]: transfer of 'wu.com/IN' from 172.17.17.1#53: end of transfer Jan  8 23:33:52 localhost named[12966]: zone wu.com/IN: sending notifies (serial 42)

在条件转发服务器上测试：

[root@forward ~]# vim /etc/resolv.conf nameserver 172.17.17.2

[root@forward ~]#

[root@forward ~]# host has address 172.17.17.1 [root@forward ~]# 三、编辑条件转发器： [root@forward ~]# vim /var/named/chroot/etc/named.conf

options {

        directory       "/var/named";         recursion       yes;         forwarders      {172.17.17.2;};         forward only; };

重启dns

[root@forward ~]# service named restart 停止 named：                                               [确定] 启动 named：                                               [确定] [root@forward ~]#

在客户端测试：

[root@localhost ~]# vim /etc/resolv.conf

nameserver 172.17.17.3

[root@localhost ~]# host

has address 172.17.17.1 [root@localhost ~]#