Configuring Domain Name Server On AIX 7.1-candon123
In this article,you will be learn how to configure Domain Name Server on IBM AIX.Before you do,ensure that the bind package was installed.[*]# named -v
[*]named: continuing without SRC support
[*]BIND 9.4.1
[*]# lslpp -w /usr/sbin/named
[*]文件 文件集 类型
[*]----------------------------------------------------------------------------
[*]/usr/sbin/named bos.net.tcp.server Symlink
一.Configuring The Master DNS Server:
1.Make the rndc.conf file:
If you want to manage DNS by rndc command,ensure that the rndc.conf or rndc.key are exist.If them aren't exist,use following command to make it.
[*]# rndc-confgen >/etc/rndc.conf
2.Create /etc/named.conf:
[*]options {
[*] listen-on port 53 { 127.0.0.1;172.16.255.11; };
[*] directory "/etc/named";
[*]};
[*]
[*]zone "." IN {
[*] type hint;
[*] file "named.ca";
[*]};
[*]
[*]zone "xzxj.edu.cn" in {
[*] type master;
[*] file "named.xzxj.data";
[*]};
[*]
[*]zone "255.16.172.in-addr.arpa" in {
[*] type master;
[*] file "named.xzxj.rev";
[*]};
[*]
[*]zone "0.0.127.in-addr.arpa" in {
[*] type master;
[*] file "named.local";
[*]};
[*]
[*]zone "localdomain" IN {
[*] type master;
[*] file "localdomain.zone";
[*]};
[*]
[*]zone "localhost" IN {
[*] type master;
[*] file "localhost.zone";
[*]};
[*]
[*]zone "255.in-addr.arpa" IN {
[*] type master;
[*] file "named.broadcast";
[*]};
[*]
[*]zone "0.in-addr.arpa" IN {
[*] type master;
[*] file "named.zero";
[*]};
[*]logging {
[*]
[*] channel syslog_errors { // this channel will send errors or
[*] syslog user; // or worse to syslog (user facility)
[*] severity error;
[*] };
[*]
[*] channel audit_log {
[*] file "named.log" versions 3 size 20m;
[*] severity info;
[*] print-time yes;
[*] print-categoryyes;
[*] };
[*] category default { audit_log; };
[*] category general { audit_log; };
[*] category security { audit_log; default_syslog; };
[*] category config { default_syslog; };
[*] category resolver { audit_log; };
[*] category xfer-in { audit_log; };
[*] category xfer-out { audit_log; };
[*] category notify { audit_log; };
[*] category client { audit_log; };
[*] category network { audit_log; };
[*] category update { audit_log; };
[*] category queries { audit_log; };
[*] category lame-servers { audit_log; };
[*]};
3.Append following lines to named.conf and uncomment them:
[*]# tail -10 /etc/rndc.conf>>/etc/named.conf
[*]# tail -10 /etc/named.conf
[*]key "rndc-key" {
[*] algorithm hmac-md5;
[*] secret "ExxtiKY7VCbCJQew9fVsMA==";
[*]};
[*]
[*]controls {
[*] inet 127.0.0.1 port 953
[*] allow { 127.0.0.1; } keys { "rndc-key"; };
[*]};
4.Create named home directory:
[*]#mkdir /etc/named
[*]#touch /etc/named/named.log
5.Create zones file:
The named.xzxj.data file:
[*]# cat named.xzxj.data
[*]$TTL 86400
[*]@ IN SOAdbserv1.xzxj.edu.cn. root (
[*] 2012070100 ; serial (d. adams)
[*] 3H ; refresh
[*] 15M ; retry
[*] 1W ; expiry
[*] 1D ) ; minimum
[*]
[*] IN NS dbserv1.xzxj.edu.cn.
[*] IN MX 10 mail.xzxj.edu.cn.
[*]xzxj.edu.cn. IN A 172.16.255.11
[*]mail IN A 172.16.255.11
[*]dbserv1 IN A 172.16.255.11
[*]dbserv2 IN A 172.16.255.13
The named.xzxj.rev file:
[*]# cat named.xzxj.rev
[*]$TTL 86400
[*]@ IN SOA dbserv1.xzxj.edu.cn. root(
[*] 2012070100 ; Serial
[*] 28800 ; Refresh
[*] 14400 ; Retry
[*] 3600000 ; Expire
[*] 86400 ) ; Minimum
[*] IN NS dbserv1.xzxj.edu.cn.
[*] INMX70 mail.xzxj.edu.cn.
[*]11 IN PTR mail.xzxj.edu.cn.
[*] IN PTR dbserv1.xzxj.edu.cn.
[*]13 IN PTR dbserv2.xzxj.edu.cn.
The localhost.zone file:
[*]# cat localhost.zone
[*]$TTL 86400
[*]@ IN SOA@ root (
[*] 42 ; serial (d. adams)
[*] 3H ; refresh
[*] 15M ; retry
[*] 1W ; expiry
[*] 1D ) ; minimum
[*]
[*] IN NS @
[*] IN A 127.0.0.1
[*] IN AAAA ::1
The localdomain.zone file:
[*]# cat localdomain.zone
[*]$TTL 86400
[*]@ IN SOAlocalhost root (
[*] 42 ; serial (d. adams)
[*] 3H ; refresh
[*] 15M ; retry
[*] 1W ; expiry
[*] 1D ) ; minimum
[*] IN NS localhost
[*]localhost IN A 127.0.0.1
The named.local file:
[*]# cat named.local
[*]$TTL 86400
[*]@ IN SOA localhost. root.localhost.(
[*] 2012070100 ; Serial
[*] 28800 ; Refresh
[*] 14400 ; Retry
[*] 3600000 ; Expire
[*] 86400 ) ; Minimum
[*] IN NS localhost.
[*]1 IN PTR localhost.
The named.broadcast file:
[*]# cat named.broadcast
[*]$TTL 86400
[*]@ IN SOAlocalhost. root.localhost. (
[*] 42 ; serial (d. adams)
[*] 3H ; refresh
[*] 15M ; retry
[*] 1W ; expiry
[*] 1D ) ; minimum
[*] IN NS localhost.
The named.zero file:
[*]# cat named.zero
[*]$TTL 86400
[*]@ IN SOAlocalhost. root.localhost. (
[*] 42 ; serial (d. adams)
[*] 3H ; refresh
[*] 15M ; retry
[*] 1W ; expiry
[*] 1D ) ; minimum
[*] IN NS localhost.
The named.ca file:
[*]# cat named.ca
[*];DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5_4.2-t NS .
[*];; global options:printcmd
[*];; Got answer:
[*];; ->>HEADERHEADER/etc/named.conf
2.Edit the named.conf file:
[*]# cat /etc/named.conf
[*]options {
[*]
[*] listen-on port 53 { 127.0.0.1;172.16.255.11; };
[*] directory "/etc/named";
[*]};
[*]
[*]zone "." IN {
[*] type hint;
[*] file "named.ca";
[*]};
[*]
[*]zone "xzxj.edu.cn" IN {
[*] type slave;
[*] file "named.xzxj.data.bak";
[*] masters { 172.16.255.11; };
[*]};
[*]
[*]zone "255.16.172.in-addr.arpa" IN {
[*] type slave;
[*] file "named.xzxj.rev.bak";
[*] masters { 172.16.255.11; };
[*]};
[*]
[*]zone "0.0.127.in-addr.arpa" in {
[*] type master;
[*] file "named.local";
[*]};
[*]
[*]logging {
[*]
[*] channel syslog_errors { // this channel will send errors or
[*] syslog user; // or worse to syslog (user facility)
[*] severity error;
[*] };
[*]
[*] channel audit_log {
[*] file "named.log" versions 3 size 20m;
[*] severity info;
[*] print-time yes;
[*] print-categoryyes;
[*] };
[*] category default { audit_log; };
[*] category general { audit_log; };
[*] category security { audit_log; default_syslog; };
[*] category config { default_syslog; };
[*] category resolver { audit_log; };
[*] category xfer-in { audit_log; };
[*] category xfer-out { audit_log; };
[*] category notify { audit_log; };
[*] category client { audit_log; };
[*] category network { audit_log; };
[*] category update { audit_log; };
[*] category queries { audit_log; };
[*] category lame-servers { audit_log; };
[*]};
[*]
[*]key "rndc-key" {
[*] algorithm hmac-md5;
[*] secret "5xl+9GORa0hrur3AmakrXQ==";
[*]};
[*]
[*]controls {
[*] inet 127.0.0.1 port 953
[*] allow { 127.0.0.1; } keys { "rndc-key"; };
[*]};
3.Create zone files:
The named.local file:
[*]# cat named.local
[*]$TTL 86400
[*]@ IN SOA localhost. root.localhost.(
[*] 2012070100 ; Serial
[*] 28800 ; Refresh
[*] 14400 ; Retry
[*] 3600000 ; Expire
[*] 86400 ) ; Minimum
[*] IN NS localhost.
[*]1 IN PTR localhost.
The named.ca file:
[*]# cat named.ca
[*];DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5_4.2-t NS .
[*];; global options:printcmd
[*];; Got answer:
[*];; ->>HEADERHEADER
页:
[1]