首页 > 编程源码 > 搭建DNS服务器

搭建DNS服务器

楼主:Fcch [3级] · 2019-11-22 ·  浏览1432 · 编程源码 · ID:
一、准备主机
1、centos 7.6最小化安装
2、将centos base源改变为国内源,选择USTC源
替换/etc/yum.repos.d/CentOS-Base.repo
# CentOS-Base.repo
#
# The mirror system uses the connecting IP address of the client and the
# update status of each mirror to pick mirrors that are updated to and
# geographically close to the client. You should use this for CentOS updates
# unless you are manually picking other mirrors.
#
# If the mirrorlist= does not work for you, as a fall back you can try the
# remarked out baseurl= line instead.
#
#
[base]
name=CentOS-$releasever - Base
#mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=os
baseurl=https://mirrors.ustc.edu.cn/centos/$releasever/os/$basearch/
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
#released updates
[updates]
name=CentOS-$releasever - Updates
# mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=updates
baseurl=https://mirrors.ustc.edu.cn/centos/$releasever/updates/$basearch/
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
#additional packages that may be useful
[extras]
name=CentOS-$releasever - Extras
# mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=extras
baseurl=https://mirrors.ustc.edu.cn/centos/$releasever/extras/$basearch/
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
#additional packages that extend functionality of existing packages
[centosplus]
name=CentOS-$releasever - Plus
# mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=centosplus
baseurl=https://mirrors.ustc.edu.cn/centos/$releasever/centosplus/$basearch/
gpgcheck=1
enabled=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
楼下直播

- 版权声明 - 1、本帖所有言论和图片等纯属网友个人意见,与流星社区立场无关;
2、其他单位或个人使用、转载或引用本帖时必须同时征得该帖子作者Fcch流星社区的同意;
3、备注原文地址:https://bbs.liuxingw.com/t/18093.html,可忽略第2条;
4、帖子作者需承担一切因本文发表而直接或间接导致的相关责任;
5、如本帖内容或部分内容转载自其它媒体,这并不代表本站赞同其观点和对其真实性负责;
6、如本帖若为资源类,将仅限用于学习和研究目的,您必须在下载后的24个小时之内,从您安装或使用的设备中彻底删除上述内容;
7、如果您喜欢该程序,请支持正版软件,购买注册,可以得到更好的正版服务;
8、如本帖侵犯到任何版权或违法问题,请立即邮件告知我们,我们将及时予以处理。
13条回复 |  最后回复于2019-11-23

Fcch [3级]

3、添加epel源,依然选择ustc

    [root@Centos7u6 ~]#yum install http://mirrors.ustc.edu.cn/epel/epel-release-latest-7.noarch.rpm

    [root@Centos7u6 ~]#yum install -y epel-release

    [root@Centos7u6 ~]#sed -e 's!^mirrorlist=!#mirrorlist=!g'

             -e 's!^#baseurl=!baseurl=!g'

             -e 's!//download.fedoraproject.org/pub!//mirrors.ustc.edu.cn!g'

             -e 's!http://mirrors.ustc!!g'

             -i /etc/yum.repos.d/epel.repo /etc/yum.repos.d/epel-testing.repo

4、[root@Centos7u6 ~]#yum makecache

5、安全设置

5.1 SELINUX设置

[root@dns2 etc]# setenforce 0

[root@dns2 etc]# sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config

5.2设置防火墙

[root@dns2 etc]# firewall-cmd --add-service=http --permanent

[root@dns2 etc]# firewall-cmd --add-service=https --permanent

[root@dns2 etc]# firewall-cmd --add-service=dns --permanent

[root@dns2 etc]# firewall-cmd --reload


发布于2019-11-22

回复列表

  • 内容加载中...

说点什么...

Fcch [3级]

看图

image.pngimage.pngimage.png

发布于2019-11-22

回复列表

  • 内容加载中...

说点什么...

Fcch [3级]

2、配置namedmanager

[root@dns2 etc]# vi /etc/namedmanager/config-bind.php

......
$config["api_url"] = "[hide]http://10.20.100.4/namedmanager[/hide]"; // Modify here Application Install Location
$config["api_host"] = "10.20.100.4"; //ADD this line for namedmanager_logpush
$config["api_server_name"] = "dns2.xxxx.edu.cn"; // Modify here Name of the DNS server (important: part of the authentication process)
$config["api_auth_key"] = "dns2key"; // Modify here API authentication key, this key will be used in the manager portal.
......
$config["bind"]["version"] = "9"; // version of bind (currently only 9 is supported, although others may work)
$config["bind"]["reload"] = "/usr/sbin/rndc reload"; // command to reload bind config & zonefiles
$config["bind"]["config"] = "/etc/named.namedmanager.conf"; // configuration file to write bind config too
$config["bind"]["zonefiledir"] = "/var/named/"; // directory to write zonefiles too
// note: if using chroot bind, will often be /var/named/chroot/var/named/
$config["bind"]["verify_zone"] = "/usr/sbin/named-checkzone"; // Used to verify each generated zonefile as OK
$config["bind"]["verify_config"] = "/usr/sbin/named-checkconf"; // Used to verify generated NamedManager configuration
......
 3、配置httpd

[root@dns2 etc]# vi /etc/httpd/conf/httpd.conf

......

AllowOverride none
# Require all denied

......
发布于2019-11-22

回复列表

  • 内容加载中...

说点什么...

Fcch [3级]

七、导入数据库模板

[root@dns2 etc]# cd /usr/share/namedmanager/resources/

[root@dns2 etc]# vi autoinstall.pl

.......
# default settings
# (only need to change these if you are doing development work)
my $db_user = "root"; # name of user to be used to create data
my $db_name = "namedmanager"; # name of the DB to create
my $db_host = "localhost"; # MySQL server

my $db_bs_user = "namedmanager"; # name of the aoconf user to create
my $db_bs_password = "123456";# Modify here random_password(10); # random password to generate
 [root@dns2 etc]# ./autoinstall.pl

八、重新启动服务

[root@dns2 etc]# systemctl restart httpd

[root@dns2 etc]# systemctl restart mariadb

[root@dns2 etc]# systemctl restart named-chroot

九、通过web配置DNS

1、登录管理界面

https://你的IP/namedmanager,使用 setup/setup123为username/password
发布于2019-11-22

回复列表

  • 内容加载中...

说点什么...

Fcch [3级]

2、配置(configuration)
发布于2019-11-22

回复列表

  • 内容加载中...

说点什么...

Fcch [3级]

3、添加domain

"Domains/zones -> View Domains, -> Add New Domain".

a、正向解析domain
发布于2019-11-22

回复列表

  • 内容加载中...

说点什么...

Fcch [3级]

b、反向解析domain
发布于2019-11-22

回复列表

  • 内容加载中...

说点什么...

初音未来 [2级]

赶上直播啊
发布于2019-11-22

回复列表

  • 内容加载中...

说点什么...

Fcch [3级]

4、add a nameserver
发布于2019-11-22

回复列表

  • 内容加载中...

说点什么...

Fcch [3级]

5、添加DNS记录

Domains/zones -> View Domains, 选择 "xxxx.edu.cn", 然后选择 "domain records"
发布于2019-11-22

回复列表

  • 内容加载中...

说点什么...
1 2 下一页
登录注册 后才可进行评论
签到
38人签到
已签0天
  • 46637帖子
  • 1936934热点量
  • 185040火热值