DNS Server 구축
[root@dbserver ~]# ls
anaconda-ks.cfg Downloads missfont.log Templates
bind-9.9.2-P2.tar.gz install.log Music Videos
Desktop install.log.syslog Pictures vsftpd-3.0.2.tar.gz
Documents iptraf-3.0.0 Public yum.sh
우선은 dns서버구축 후에 바로 vsftpd까지 받았고,
rpm파일은 조금 구하기 힘들어서 컴파일파일을 winscp로 옮겨놨다.
[root@dbserver ~]# ls
anaconda-ks.cfg Documents iptraf-3.0.0 Public yum.sh
bind-9.9.2-P2 Downloads missfont.log Templates
bind-9.9.2-P2.tar install.log Music Videos
Desktop install.log.syslog Pictures vsftpd-3.0.2.tar.gz
[root@dbserver ~]# rm -fr bind-9.9.2-P2.tar /복잡해서 tar는 삭제.
[root@dbserver ~]#
[root@dbserver ~]# ls
anaconda-ks.cfg Downloads missfont.log Templates
bind-9.9.2-P2 install.log Music Videos
Desktop install.log.syslog Pictures vsftpd-3.0.2.tar.gz
Documents iptraf-3.0.0 Public yum.sh
[root@dbserver ~]#
지문이 길어져서 압축해제하는 내용은 넣지 않았다.
[root@dbserver ~]# cd bind-9.9.2-P2/ /바인드 디렉토리 안으로 접속
[root@dbserver bind-9.9.2-P2]# ls /configure 파일이 보인다.
acconfig.h config.threads.in install-sh mkinstalldirs
aclocal.m4 configure isc-config.sh.1 README
Atffile configure.in isc-config.sh.docbook REDIRECT-NOTES
bin contrib isc-config.sh.html srcid
bind.keys COPYRIGHT isc-config.sh.in unit
CHANGES doc lib util
config.guess docutil libtool.m4 version
config.h.in FAQ ltmain.sh win32utils
config.h.win32 FAQ.xml make
config.sub HISTORY Makefile.in
[root@dbserver bind-9.9.2-P2]#
디렉토리 안으로 들어가서 파일을 컴파일러해야한다.
[root@dbserver ~]# cd bind-9.9.2-P2/
[root@dbserver ~]#
[root@dbserver bind-9.9.2-P2]#./configure - -prefix=/usr/local/dns
[root@dbserver bind-9.9.2-P2]#
그냥 실행하면 안되고 다운받을 폴더를 같이 지정해줘야한다.
위와 같이 ./configure - -prefix=/usr/local/dns (dns 디렉토리에 다운)
[root@dbserver bind-9.9.2-P2]# make; make install
다운받을 폴더를 지정했으니 위 명령어를 쳐서 다운받는다. (조금 오래걸린다)
mkdir /usr/local/dns/var
mkdir /usr/local/dns/var/run
mkdir /usr/local/dns/etc
/bin/sh ./mkinstalldirs /usr/local/dns/share/man/man1
/usr/bin/install -c isc-config.sh /usr/local/dns/bin
/usr/bin/install -c -m 644 ./isc-config.sh.1 /usr/local/dns/share/man/man1
/usr/bin/install -c -m 644 ./bind.keys /usr/local/dns/etc
[root@dbserver bind-9.9.2-P2]# pwd
/root/bind-9.9.2-P2
[root@dbserver bind-9.9.2-P2]#
[root@dbserver bind-9.9.2-P2]# cd ~
[root@dbserver ~]#
이제 상위 디렉트리로 빠져나온후에 etc/ 디렉토리로 경로를 옮겨야 한다.
[root@dbserver ~]# cd /usr/local/dns/etc/
[root@dbserver etc]# ls
[root@dbserver etc]# pwd
/usr/local/dns/etc
[root@dbserver etc]#
이제 named.conf(데몬) 파일을 설정해야 한다.
[root@dbserver etc]# vi /usr/local/dns/etc/named.conf
1 tabstop=8 background=light
2 directory "/usr/local/dns/etc/namedb";
3 dump-file "/usr/local/dns/etc/named_dump.db";
4 statistics-file "/usr/local/dns/etc/tmp/named.stats";
5 pid-file "/usr/local/dns/etc/run/named.pid";
6 };
7 zone "." IN {
8 type hint;
9 file "named.root";
10 };
11 zone "localhost" IN{
12 type master;
13 file "zone-localhost";
14 };
15 zone "0.0.127.in-addr.arpa " IN{
16 type master;
17 file "zone-0.0.127.in-addr.arpa";
18 };
19 zone "naver.com" IN{
20 type master;
21 file "zone-naver.com";
22 };
23
경로와 zone파일을 named.conf에 위처럼 적어준다
[root@dbserver etc]# ls
bind.keys named.conf
[root@dbserver etc]#
named.conf가 정상적으로 생성된걸 확인했고
앞으로 존파일들은 namedb디렉토리에 만들겠다
[root@dbserver etc]# mkdir namedb
[root@dbserver etc]#
[root@dbserver etc]# cd namedb/
[root@dbserver namedb]#
여기서 이제 vi /named.root 파일을 만들어서 아래내용을 복붙하자.
; This file holds the information on root name servers needed to
; initialize cache of Internet domain name servers
; (e.g. reference this file in the "cache . <file>"
; configuration file of BIND domain name servers).
;
; This file is made available by InterNIC
; under anonymous FTP as
; file /domain/named.cache
; on server FTP.INTERNIC.NET
; -OR- RS.INTERNIC.NET
;
; last update: June 2, 2014
; related version of root zone: 2014060201
;
; formerly NS.INTERNIC.NET
;
. 3600000 IN NS A.ROOT-SERVERS.NET.
A.ROOT-SERVERS.NET. 3600000 A 198.41.0.4
A.ROOT-SERVERS.NET. 3600000 AAAA 2001:503:BA3E::2:30
;
; FORMERLY NS1.ISI.EDU
;
. 3600000 NS B.ROOT-SERVERS.NET.
B.ROOT-SERVERS.NET. 3600000 A 192.228.79.201
B.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:84::B
;
; FORMERLY C.PSI.NET
;
. 3600000 NS C.ROOT-SERVERS.NET.
C.ROOT-SERVERS.NET. 3600000 A 192.33.4.12
C.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:2::C
;
; FORMERLY TERP.UMD.EDU
;
. 3600000 NS D.ROOT-SERVERS.NET.
D.ROOT-SERVERS.NET. 3600000 A 199.7.91.13
D.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:2D::D
;
; FORMERLY NS.NASA.GOV
;
. 3600000 NS E.ROOT-SERVERS.NET.
E.ROOT-SERVERS.NET. 3600000 A 192.203.230.10
;
; FORMERLY NS.ISC.ORG
;
. 3600000 NS F.ROOT-SERVERS.NET.
F.ROOT-SERVERS.NET. 3600000 A 192.5.5.241
F.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:2F::F
;
; FORMERLY NS.NIC.DDN.MIL
;
. 3600000 NS G.ROOT-SERVERS.NET.
G.ROOT-SERVERS.NET. 3600000 A 192.112.36.4
;
; FORMERLY AOS.ARL.ARMY.MIL
;
. 3600000 NS H.ROOT-SERVERS.NET.
H.ROOT-SERVERS.NET. 3600000 A 128.63.2.53
H.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:1::803F:235
;
; FORMERLY NIC.NORDU.NET
;
. 3600000 NS I.ROOT-SERVERS.NET.
I.ROOT-SERVERS.NET. 3600000 A 192.36.148.17
I.ROOT-SERVERS.NET. 3600000 AAAA 2001:7FE::53
;
; OPERATED BY VERISIGN, INC.
;
. 3600000 NS J.ROOT-SERVERS.NET.
J.ROOT-SERVERS.NET. 3600000 A 192.58.128.30
J.ROOT-SERVERS.NET. 3600000 AAAA 2001:503:C27::2:30
;
; OPERATED BY RIPE NCC
;
. 3600000 NS K.ROOT-SERVERS.NET.
K.ROOT-SERVERS.NET. 3600000 A 193.0.14.129
K.ROOT-SERVERS.NET. 3600000 AAAA 2001:7FD::1
;
; OPERATED BY ICANN
;
. 3600000 NS L.ROOT-SERVERS.NET.
L.ROOT-SERVERS.NET. 3600000 A 199.7.83.42
L.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:3::42
;
; OPERATED BY WIDE
;
. 3600000 NS M.ROOT-SERVERS.NET.
M.ROOT-SERVERS.NET. 3600000 A 202.12.27.33
M.ROOT-SERVERS.NET. 3600000 AAAA 2001:DC3::35
; End of File
vi named.root파일
@ORIGIN localhost
@ 1D IN SOA @ root 1999010100 3H 15M 1W 1D
@ 1D IN NS @
@ ID IN A 192.168.24.136
@ 1D IN AAAA ::1
~
vi zone-localhost 파일
$TTL 3W
@ 3W IN SOA localhost. root.localhost 1999010100 3H 15M 1W 1D
@ 3W IN NS localhost.
1 3W IN PTR localhost.
~
vi zone-0.0.127.in.addr.arpa 파일
$TTL 3H
@ SOA @ root. ( 2 1D 1H 1W 1H )
IN NS @ /root는 나 자신을 지칭
IN A 74.125.128.94 /naver.com을 입력할때 들어가는 ip
www IN A 74.125.71.105 /www는 www.naver.com을 입력할때 들어가는 ip
ftp IN A 180.228.181.97 /ftp동일. in의 의미는 인터넷이고 a는 아이피 들어가는 변수
~
vi zone naver.com 파일
[root@dbserver ~]# cd /usr/local/dns/sbin
[root@dbserver sbin]# ls
arpaname dnssec-keygen dnssec-verify named named-journalprint
ddns-confgen dnssec-revoke genrandom named-checkconf nsec3hash
dnssec-dsfromkey dnssec-settime isc-hmac-fixup named-checkzone rndc
dnssec-keyfromlabel dnssec-signzone lwresd named-compilezone rndc-confgen
[root@dbserver sbin]#
존파일을 다 만들었으면 디렉토리를 빠져나와서
/usr/local/dns/sbin 디렉토리로 다시 이동합니다.
[root@dbserver sbin]#
[root@dbserver sbin]# ./named-checkconf /usr/local/dns/etc/named.conf
[root@dbserver sbin]# ./named-checkzone naver.com /usr/local/dns/etc/namedb/zone-naver.com
zone naver.com/IN: loaded serial 2
OK
[root@dbserver sbin]#
위 명령어를 쳐서 두파일 전부 실행시킨다.
그리고 이제 /usr/local/dns/etc/말고 root의 /etc/ 디렉토리로 이동해서
resolv.conf파일에 아이피를 추가 시켜야한다.
[root@dbserver sbin]# cd
[root@dbserver ~]# cd /root/etc/
[root@dbserver etc]#
[root@dbserver etc]# pwd
/etc
[root@dbserver etc]# vi resolv.conf
# Generated by NetworkManager
domain localdomain
search localdomain
#nameserver 192.168.24.2
nameserver 192.168.24.136
기존 아이피 주석처리하고
아래에 자신의 아이피를 적으면 된다.
[root@dbserver etc]# cd /usr/local/dns/sbin/
[root@dbserver sbin]# pwd
/usr/local/dns/sbin
[root@dbserver sbin]# ./named
[root@dbserver sbin]# ps -ef | grep named
root 58364 1 0 01:06 ? 00:00:00 ./named
root 58366 39646 0 01:06 pts/6 00:00:00 grep named
현제 실행되고 있는 데몬을 확인해보니 잘돌아간다.
[root@dbserver ~]# nslookup
> server
Default server: 192.168.24.136
Address: 192.168.24.136#53
> naver.com
Server: 192.168.24.136
Address: 192.168.24.136#53
Name: naver.com
Address: 74.125.128.94
>
nslookup명령어를 치고 server . naver.com을 입력해보니 잘 올라온다.
'Linux' 카테고리의 다른 글
| lunux(리눅스) 압축 파일 관리 (compress.tar, gzip 등) (0) | 2014.10.31 |
|---|---|
| 리눅스에 iptraf3.0 설치 (1) | 2014.10.31 |
| linux,unix에 vi editor 구문강조 (0) | 2014.10.31 |
| make install 안될 때 해결법 (0) | 2014.10.31 |
| FTP Server 구축 (0) | 2014.10.31 |
