Como fazer instalação de servidor DNS usando CentOS

Passo-a-passo da instalação de um servidor DNS através do CentOS 6.5/6.4/6.3

DNS, ou Domain Name System, que em português significa Sistema de Nomes de Domínios, são servidores que armazenam listagens de domínios e seus respectivos endereços IPs. É através dele que um IP pode ser associado a um domínio. E como fazer a instalação de um servidor DNS utilizando o CentOS?

Considere o seguinte cenário:

Servidor de DNS Primário:
Operating System     : CentOS 6.5 server
Hostname             : masterdns.vpscheap.local
IP Address           : 192.168.1.100/24
Servidor de DNS Secundário: 
Operating System     : CentOS 6.5 server
Hostname             : secondarydns.vpscheap.local
IP Address           : 192.168.1.101/24
Cliente:
Operating System     : CentOS 6.5 Desktop  
Hostname             : Client.vpscheap.local
IP Address           : 192.168.1.102/24

E como é feita a instalação? No servidor primário, utilize o comando:

[root@masterdns ~]# yum install bind* -y
Então, é necessário configurar o servidor primário. Adicione as seguintes linhas como apresentado abaixo no exemplo do aquivo named.conf. 
[root@masterdns ~]# vi /etc/named.conf 
//
// named.conf
//
// Provided by Red Hat bind package to configure the ISC BIND named(8) DNS
// server as a caching only nameserver (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
options {
listen-on port 53 { 127.0.0.1; 192.168.1.100; }; ### Master DNS IP ###
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
        memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query     { localhost; 192.168.1.0/24; }; ### IP Range ### 
allow-transfer{ localhost; 192.168.1.101; };   ### Slave DNS IP ###
recursion yes;
dnssec-enable yes;
dnssec-validation yes;
dnssec-lookaside auto;
/* Path to ISC DLV key */
bindkeys-file "/etc/named.iscdlv.key";
managed-keys-directory "/var/named/dynamic";
};
logging {
        channel default_debug {
                file "data/named.run";
                severity dynamic;
        };
};
zone "." IN {
type hint;
file "named.ca";
};
zone"vpscheap.local" IN {
type master;
file "forward.vpscheap";
allow-update { none; };
};
zone"1.168.192.in-addr.arpa" IN {
type master;
file "reverse.vpscheap";
allow-update { none; };
};
include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";
Crie zonas de arquivos diretas e reversas no arquivo "/etc/named.conf" para criar uma zona direta, insira forward.vpscheap no arquivo do diretório "/var/named".
[root@masterdns ~]# vi /var/named/forward.vpscheap
$TTL 86400
@   IN  SOA     masterdns.vpscheap.local. root.vpscheap.local. (
        2011071001  ;Serial
        3600        ;Refresh
        1800        ;Retry
        604800      ;Expire
        86400       ;Minimum TTL
)
@       IN  NS          masterdns.vpscheap.local.
@       IN  NS          secondarydns.vpscheap.local.
@       IN  A           192.168.1.100
@       IN  A           192.168.1.101
@       IN  A           192.168.1.102
masterdns       IN  A   192.168.1.100
secondarydns    IN  A   192.168.1.101
client          IN  A   192.168.1.102
Para criar uma zona direta, insira reverse.vpscheap no arquivo do diretório "/var/named".
[root@masterdns ~]# vi /var/named/reverse.vpscheap 
$TTL 86400
@   IN  SOA     masterdns.vpscheap.local. root.vpscheap.local. (
        2011071001  ;Serial
        3600        ;Refresh
        1800        ;Retry
        604800      ;Expire
        86400       ;Minimum TTL
)
@       IN  NS          masterdns.vpscheap.local.
@       IN  NS          secondarydns.vpscheap.local.
@       IN  PTR         vpscheap.local.
masterdns       IN  A   192.168.1.100
secondarydns    IN  A   192.168.1.101
client          IN  A   192.168.1.102
100     IN  PTR         masterdns.vpscheap.local.
101     IN  PTR         secondarydns.vpscheap.local.
102     IN  PTR         client.vpscheap.local.
Inicie o serviço de DNS 
[root@masterdns ~]# service named start
Starting named:                                            [  OK  ]
[root@masterdns ~]# chkconfig named on
Faça os ajustes de iptables para permitir que o servidor DNS funcione fora da rede. Insira as linhas apresentadas abaixo no arquivo "/etc/sysconfig/iptables".
[root@masterdns ~]# vi /etc/sysconfig/iptables
# Firewall configuration written by system-config-firewall
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -p udp -m state --state NEW --dport 53 -j ACCEPT
-A INPUT -p tcp -m state --state NEW --dport 53 -j ACCEPT
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT
Então, reinicie as iptables
[root@masterdns ~]# service iptables restart
iptables: Flushing firewall rules:                         [  OK  ]
iptables: Setting chains to policy ACCEPT: filter          [  OK  ]
iptables: Unloading modules:                               [  OK  ]
iptables: Applying firewall rules:                         [  OK  ]
Teste as configurações para verificar se não há erros.  
[root@masterdns ~]# named-checkconf /etc/named.conf 
[root@masterdns ~]# named-checkzone vpscheap.local /var/named/forward.vpscheap 
zone vpscheap.local/IN: loaded serial 2011071001
OK
[root@masterdns ~]# named-checkzone vpscheap.local /var/named/reverse.vpscheap 
zone vpscheap.local/IN: loaded serial 2011071001
OK
Agora, teste o servidor DNS.  
[root@masterdns ~]# dig masterdns.vpscheap.local
; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.10.rc1.el6_3.6 <<>> masterdns.vpscheap.local
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 49834
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 1
;; QUESTION SECTION:
;masterdns.vpscheap.local.INA
;; ANSWER SECTION:
masterdns.vpscheap.local. 86400INA192.168.1.100
;; AUTHORITY SECTION:
vpscheap.local.86400INNSsecondarydns.vpscheap.local.
vpscheap.local.86400INNSmasterdns.vpscheap.local.
;; ADDITIONAL SECTION:
secondarydns.vpscheap.local. 86400 INA192.168.1.101
;; Query time: 6 msec
;; SERVER: 192.168.1.100#53(192.168.1.100)
;; WHEN: Thu Mar  7 13:07:56 2013
;; MSG SIZE  rcvd: 114

[root@masterdns ~]# nslookup vpscheap.local
Server:192.168.1.100
Address:192.168.1.100#53
Name:vpscheap.local
Address: 192.168.1.102
Name:vpscheap.local
Address: 192.168.1.100
Name:vpscheap.local
Address: 192.168.1.101

Now the Primary DNS server is ready to use.
Setup Secondary(Slave) DNS Server

[root@secondarydns ~]# yum install bind* -y
Configure o servidor secundário. Abra a configuração principal do arquivo ‘/etc/named.conf’ e insira as linhas baixo.  
[root@secondarydns ~]# vi /etc/named.conf 
//
// named.conf
//
// Provided by Red Hat bind package to configure the ISC BIND named(8) DNS
// server as a caching only nameserver (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
options {
listen-on port 53 { 127.0.0.1; 192.168.1.101; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
        memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query     { localhost; 192.168.1.0/24; };
recursion yes;
dnssec-enable yes;
dnssec-validation yes;
dnssec-lookaside auto;
/* Path to ISC DLV key */
bindkeys-file "/etc/named.iscdlv.key";
managed-keys-directory "/var/named/dynamic";
};
logging {
        channel default_debug {
                file "data/named.run";
                severity dynamic;
        };
};
zone "." IN {
type hint;
file "named.ca";
};
zone"vpscheap.local" IN {
type slave;
file "slaves/vpscheap.fwd";
masters { 192.168.1.100; };
};
zone"1.168.192.in-addr.arpa" IN {
type slave;
file "slaves/vpscheap.rev";
masters { 192.168.1.100; };
};
include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";
Inicie o serviço de DNS.  
[root@secondarydns ~]# service named start
Generating /etc/rndc.key:                                  [  OK  ]
Starting named:                                            [  OK  ]
[root@secondarydns ~]# chkconfig named on
Agora, as zonas diretas e reversas serão automaticamente replicadas do servidor primário para o secundário. Indo para o arquivo ‘/var/named/slaves/’.
[root@secondarydns ~]# ls /var/named/slaves/
vpscheap.fwd  vpscheap.rev

[root@secondarydns ~]# cat /var/named/slaves/vpscheap.fwd 
$ORIGIN .
$TTL 86400; 1 day
vpscheap.localIN SOAmasterdns.vpscheap.local. root.vpscheap.local. (
2011071001 ; serial
3600       ; refresh (1 hour)
1800       ; retry (30 minutes)
604800     ; expire (1 week)
86400      ; minimum (1 day)
)
NS masterdns.vpscheap.local.
NS secondarydns.vpscheap.local.
A192.168.1.100
A192.168.1.101
A192.168.1.102
$ORIGIN vpscheap.local.
clientA192.168.1.102
masterdnsA192.168.1.100
secondarydnsA192.168.1.101

[root@secondarydns ~]# cat /var/named/slaves/vpscheap.rev 
$ORIGIN .
$TTL 86400; 1 day
1.168.192.in-addr.arpaIN SOAmasterdns.vpscheap.local. root.vpscheap.local. (
2011071001 ; serial
3600       ; refresh (1 hour)
1800       ; retry (30 minutes)
604800     ; expire (1 week)
86400      ; minimum (1 day)
)
NS masterdns.vpscheap.local.
NS secondarydns.vpscheap.local.
PTRvpscheap.local.
$ORIGIN 1.168.192.in-addr.arpa.
100PTRmasterdns.vpscheap.local.
101PTRsecondarydns.vpscheap.local.
102PTRclient.vpscheap.local.
clientA192.168.1.102
masterdnsA192.168.1.100
secondarydnsA192.168.1.101
Adicionar os detalhes do servidor em todos os sistemas 
[root@secondarydns ~]# vi /etc/resolv.conf
# Generated by NetworkManager
search ostechnix.com
nameserver 192.168.1.100
nameserver 192.168.1.101
nameserver 8.8.8.8
Teste o servidor DNS novamente 
[root@secondarydns ~]# dig masterdns.vpscheap.local
; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.10.rc1.el6_3.6 <<>> masterdns.vpscheap.local
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 21487
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 1
;; QUESTION SECTION:
;masterdns.vpscheap.local.INA
;; ANSWER SECTION:
masterdns.vpscheap.local. 86400INA192.168.1.100
;; AUTHORITY SECTION:
vpscheap.local.86400INNSmasterdns.vpscheap.local.
vpscheap.local.86400INNSsecondarydns.vpscheap.local.
;; ADDITIONAL SECTION:
secondarydns.vpscheap.local. 86400 INA192.168.1.101
;; Query time: 15 msec
;; SERVER: 192.168.1.100#53(192.168.1.100)
;; WHEN: Thu Mar  7 13:27:57 2013
;; MSG SIZE  rcvd: 114

[root@secondarydns ~]# dig secondarydns.vpscheap.local
; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.10.rc1.el6_3.6 <<>> secondarydns.vpscheap.local
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 20958
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 1
;; QUESTION SECTION:
;secondarydns.vpscheap.local.INA
;; ANSWER SECTION:
secondarydns.vpscheap.local. 86400 INA192.168.1.101
;; AUTHORITY SECTION:
vpscheap.local.86400INNSmasterdns.vpscheap.local.
vpscheap.local.86400INNSsecondarydns.vpscheap.local.
;; ADDITIONAL SECTION:
masterdns.vpscheap.local. 86400INA192.168.1.100
;; Query time: 4 msec
;; SERVER: 192.168.1.100#53(192.168.1.100)
;; WHEN: Thu Mar  7 13:31:53 2013
;; MSG SIZE  rcvd: 114

[root@secondarydns ~]# nslookup vpscheap.local
Server:192.168.1.100
Address:192.168.1.100#53
Name:vpscheap.local
Address: 192.168.1.101
Name:vpscheap.local
Address: 192.168.1.102
Name:vpscheap.local
Address: 192.168.1.100

Configuração no servidor do cliente

Adicione os detalhes apresentados no arquivo ‘/etc/resolv.conf’ nos sistemas de todos os clientes.
[root@client vpscheap]# vi /etc/resolv.conf
# Generated by NetworkManager
search vpscheap.local
nameserver 192.168.1.100
nameserver 192.168.1.101
nameserver 8.8.8.8
Teste o servidor DNS.  
[root@client vpscheap]# dig masterdns.vpscheap.local
; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.10.rc1.el6 <<>> masterdns.vpscheap.local
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 19496
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 1
;; QUESTION SECTION:
;masterdns.vpscheap.local.INA
;; ANSWER SECTION:
masterdns.vpscheap.local. 86400INA192.168.1.100
;; AUTHORITY SECTION:
vpscheap.local.86400INNSmasterdns.vpscheap.local.
vpscheap.local.86400INNSsecondarydns.vpscheap.local.
;; ADDITIONAL SECTION:
secondarydns.vpscheap.local. 86400 INA192.168.1.101
;; Query time: 30 msec
;; SERVER: 192.168.1.100#53(192.168.1.100)
;; WHEN: Thu Mar  7 13:47:55 2013
;; MSG SIZE  rcvd: 114

[root@client vpscheap]# dig secondarydns.vpscheap.local
; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.10.rc1.el6 <<>> secondarydns.vpscheap.local
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 14852
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 1
;; QUESTION SECTION:
;secondarydns.vpscheap.local.INA
;; ANSWER SECTION:
secondarydns.vpscheap.local. 86400 INA192.168.1.101
;; AUTHORITY SECTION:
vpscheap.local.86400INNSsecondarydns.vpscheap.local.
vpscheap.local.86400INNSmasterdns.vpscheap.local.
;; ADDITIONAL SECTION:
masterdns.vpscheap.local. 86400INA192.168.1.100
;; Query time: 8 msec
;; SERVER: 192.168.1.100#53(192.168.1.100)
;; WHEN: Thu Mar  7 13:48:38 2013
;; MSG SIZE  rcvd: 114

[root@client vpscheap]# dig client.vpscheap.local
; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.10.rc1.el6 <<>> client.vpscheap.local
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 14604
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2
;; QUESTION SECTION:
;client.vpscheap.local.INA
;; ANSWER SECTION:
client.vpscheap.local.86400INA192.168.1.102
;; AUTHORITY SECTION:
vpscheap.local.86400INNSmasterdns.vpscheap.local.
vpscheap.local.86400INNSsecondarydns.vpscheap.local.
;; ADDITIONAL SECTION:
masterdns.vpscheap.local. 86400INA192.168.1.100
secondarydns.vpscheap.local. 86400 INA192.168.1.101
;; Query time: 5 msec
;; SERVER: 192.168.1.100#53(192.168.1.100)
;; WHEN: Thu Mar  7 13:49:11 2013
;; MSG SIZE  rcvd: 137

[root@client vpscheap]# nslookup vpscheap.local
Server:192.168.1.100
Address:192.168.1.100#53
Name:vpscheap.local
Address: 192.168.1.102
Name:vpscheap.local
Address: 192.168.1.100
Name:vpscheap.local
Address: 192.168.1.101
Agora os servidores estão prontos!
  • DNS, centOS, servidor
  • 2 Usuários acharam útil
Esta resposta lhe foi útil?

Artigos Relacionados

Como reiniciar a rede Ubuntu?

O reiniciamento da interface de rede Ubuntu só pode ser realizado depois que a interface de rede...

Como saber a última vez que um usuário esteve logado no sistema Linux?

  Neste tutorial, você irá conseguir saber como verificar quem usou recentemente o servidor...

Como saber o quanto de RAM ainda há no sistema?

  Alguns usuários pensam que o Linux "rouba" espaço de memória RAM não utilizada para o seu...

Como otimizar seu MySQL

Para realizar otimização do MySQL é recomendado utilizar o mysqlmymonlite.sh...

Como se conectar remotamente com um servidor MySQL

Esse é um tutorial que irá lhe ensinar a como se configurar e se conectar a um servidor MySQL...

SiteLock