我正在尝试构建一个带有子域的 DNS 服务器,其中我有域名padence.com,并且在其下我需要添加两个子域,如aa.padence.com和bb.padence.com。根据我的学习,我已经将 DNS 服务器设置为 chrooted 环境,但是我无法清楚地了解如何创建subdomains,我搜索了整个网络和所有我想到的可能位置,但没有得到清晰的理解。
除了 named.conf 中需要的区域之外,我是否需要为两个子域(正向和反向)创建单独的区域。
以下是我的配置,请提供您的专家意见和建议,以帮助我设置带有子域的 DNS。
1)正向查找区域
# cat /var/named/chroot/var/named/padence.com.forward.zone
$TTL 1D
@ IN SOA padence.com. root.padence.com. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
@ NS sj-karntest1.padence.com.
A 127.0.0.1
sj-karntest1 A 192.18.12.235
sj-karntest2 A 192.18.18.209
2)反向查找区域
# cat /var/named/chroot/var/named/padence.com.reverse.zone
$TTL 1D
@ IN SOA padence.com. root.padence.com. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
@ NS sj-karntest1.padence.com.
A 127.0.0.1
PTR localhost.
235 PTR sj-karntest1.
209 PTR sj-karntest2.
命名配置文件
# cat /var/named/chroot/etc/named.conf
//
// named.conf
//
// Provided by Red Hat bind package to configure the ISC BIND named(8) DNS
// server as a caching only nameserver (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
options {
listen-on port 53 { 127.0.0.1;192.18.12.235; };
#listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { any; };
recursion yes;
dnssec-enable yes;
dnssec-validation yes;
dnssec-lookaside auto;
/* Path to ISC DLV key */
bindkeys-file "/etc/named.iscdlv.key";
managed-keys-directory "/var/named/dynamic";
};
logging {
channel log_to_file {
file "/var/log/bind.log" versions 3 size 5m;
severity info;
print-time yes;
print-severity yes;
print-category yes;
};
#Only for trouble-shooting - could be noisy
category queries {
log_to_file;
};
#Only for trouble-shooting - could be noisy
category resolver {
log_to_file;
};
category default {
log_to_file;
};
category dnssec {
log_to_file;
};
category security {
log_to_file;
};
category update-security {
log_to_file;
};
};
// ZONE SECTION
zone "." IN {
type hint;
file "named.ca";
};
zone "padence.com." IN {
type master;
file "padence.com.forward.zone";
allow-update { none; };
};
zone "12.18.192.in-addr.arpa" IN {
type master;
file "padence.com.reverse.zone";
allow-update { none; };
};
include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";
非常感谢您提前提供的帮助。
答案1
要创建子域,请使用 NS RR(资源记录):
# cat /var/named/chroot/var/named/padence.com.forward.zone
$TTL 1D
@ IN SOA padence.com. root.padence.com. (
1 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
@ NS sj-karntest1.padence.com.
A 127.0.0.1
sj-karntest1 A 192.18.12.235
sj-karntest2 A 192.18.18.209
aa NS sj-karntest1.padence.com.
bb NS sj-karntest1.padence.com.
然后在named.conf中创建两个区域
zone "aa.padence.com." IN {
type master;
file "aa.padence.com.forward.zone";
allow-update { none; };
};
zone "bb.padence.com." IN {
type master;
file "bb.padence.com.forward.zone";
allow-update { none; };
};
最后为这两个子域名创建区域文件 - 您可以在这里找到 aa.padence.forward.com 的示例
# cat /var/named/chroot/var/named/aa.padence.com.forward.zone
$TTL 1D
@ IN SOA aa.padence.com. root.padence.com. (
1 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
@ NS sj-karntest1.padence.com.
A 127.0.0.1
; this is entry for www.aa.padence.com
www A 192.18.12.235
您不需要为这些创建单独的反向区域。