如何在 Linux 上创建 DNS 子域名

如何在 Linux 上创建 DNS 子域名

我正在尝试构建一个带有子域的 DNS 服务器,其中我有域名padence.com,并且在其下我需要添加两个子域,如aa.padence.combb.padence.com。根据我的学习,我已经将 DNS 服务器设置为 chrooted 环境,但是我无法清楚地了解如何创建subdomains,我搜索了整个网络和所有我想到的可能位置,但没有得到清晰的理解。

除了 named.conf 中需要的区域之外,我是否需要为两个子域(正向和反向)创建单独的区域。

以下是我的配置,请提供您的专家意见和建议,以帮助我设置带有子域的 DNS。

1)正向查找区域

# cat  /var/named/chroot/var/named/padence.com.forward.zone
$TTL 1D
@       IN SOA  padence.com.            root.padence.com. (
                                        0       ; serial
                                        1D      ; refresh
                                        1H      ; retry
                                        1W      ; expire
                                        3H )    ; minimum
@               NS      sj-karntest1.padence.com.
                A       127.0.0.1
sj-karntest1    A       192.18.12.235
sj-karntest2    A       192.18.18.209

2)反向查找区域

# cat  /var/named/chroot/var/named/padence.com.reverse.zone
    $TTL 1D
    @       IN SOA   padence.com.          root.padence.com. (
                                            0       ; serial
                                            1D      ; refresh
                                            1H      ; retry
                                            1W      ; expire
                                            3H )    ; minimum
    @       NS      sj-karntest1.padence.com.
            A       127.0.0.1
            PTR     localhost.
    235     PTR     sj-karntest1.
    209     PTR     sj-karntest2.

命名配置文件

# cat /var/named/chroot/etc/named.conf
//
// named.conf
//
// Provided by Red Hat bind package to configure the ISC BIND named(8) DNS
// server as a caching only nameserver (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//

options {
        listen-on port 53 { 127.0.0.1;192.18.12.235; };
        #listen-on-v6 port 53 { ::1; };
        directory       "/var/named";
        dump-file       "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
        memstatistics-file "/var/named/data/named_mem_stats.txt";
        allow-query     { any; };
        recursion yes;

        dnssec-enable yes;
        dnssec-validation yes;
        dnssec-lookaside auto;

        /* Path to ISC DLV key */
        bindkeys-file "/etc/named.iscdlv.key";

        managed-keys-directory "/var/named/dynamic";
};


logging {
  channel log_to_file {
    file "/var/log/bind.log" versions 3 size 5m;
    severity info;
    print-time yes;
    print-severity yes;
    print-category yes;
  };

  #Only for trouble-shooting - could be noisy
  category queries {
    log_to_file;
  };
  #Only for trouble-shooting - could be noisy
  category resolver {
    log_to_file;
  };

  category default {
    log_to_file;
  };
  category dnssec {
    log_to_file;
  };
  category security {
    log_to_file;
  };
  category update-security {
    log_to_file;
  };
};

// ZONE SECTION
zone "." IN {
        type hint;
        file "named.ca";
};

zone "padence.com." IN {
        type master;
        file "padence.com.forward.zone";
        allow-update { none; };
};

zone "12.18.192.in-addr.arpa" IN {
        type master;
        file "padence.com.reverse.zone";
        allow-update { none; };
};

include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";

非常感谢您提前提供的帮助。

答案1

要创建子域,请使用 NS RR(资源记录):

# cat  /var/named/chroot/var/named/padence.com.forward.zone
$TTL 1D
@       IN SOA  padence.com.            root.padence.com. (
                                        1       ; serial
                                        1D      ; refresh
                                        1H      ; retry
                                        1W      ; expire
                                        3H )    ; minimum
@               NS      sj-karntest1.padence.com.
                A       127.0.0.1
sj-karntest1    A       192.18.12.235
sj-karntest2    A       192.18.18.209
aa              NS      sj-karntest1.padence.com.
bb              NS      sj-karntest1.padence.com.

然后在named.conf中创建两个区域

zone "aa.padence.com." IN {
        type master;
        file "aa.padence.com.forward.zone";
        allow-update { none; };
};

zone "bb.padence.com." IN {
        type master;
        file "bb.padence.com.forward.zone";
        allow-update { none; };
};

最后为这两个子域名创建区域文件 - 您可以在这里找到 aa.padence.forward.com 的示例

# cat  /var/named/chroot/var/named/aa.padence.com.forward.zone
$TTL 1D
@       IN SOA  aa.padence.com.            root.padence.com. (
                                        1       ; serial
                                        1D      ; refresh
                                        1H      ; retry
                                        1W      ; expire
                                        3H )    ; minimum
@               NS      sj-karntest1.padence.com.
                A       127.0.0.1
; this is entry for www.aa.padence.com
www             A       192.18.12.235

您不需要为这些创建单独的反向区域。

相关内容