安装

yum -y install bind bind-chroot bind-utils

设置

  • 设置/etc/named.conf
listen-on port 53 {127.0.0.1};

改为

listen-on port 53 {any;};

allow-query {localhost;};

改为

allow-query {any;};

添加

forwad only;
    forwarders{
                223.5.5.5;
                223.6.6.6;
                };

logging改为

    //logging {
    //        channel default_debug {
    //                file “data/named.run”;
    //                severity dynamic;
    //        };
    //};

    //Include logging config file
    include /etc/named/logging.conf;
    //

添加/etc/named/logging.conf文件,内容如下:

logging {
        channel update_debug {
                file "/var/log/update_debug.log" versions 3 size 100k;
                severity debug;
                print-severity  yes;
                print-time      yes;
        };
        channel security_info {
                file "/var/log/security_info.log" versions 1 size 100k;
                severity info;
                print-severity  yes;
                print-time      yes;
        };
        channel bind_log {
                file "/var/log/bind.log" versions 3 size 1m;
                severity info;
                print-category  yes;
                print-severity  yes;
                print-time      yes;
        };

        category default { bind_log; };
        category lame-servers { null; };
        category update { update_debug; };
        category update-security { update_debug; };
        category security { security_info; };
};
  • Selinux设置
restorecon -RvF /var/named
mkdir /var/named/chroot/var/log/named
chcon -Rt var_log_t /var/named/chroot/var/log/named
  • 防火墙设置
firewall-cmd --permanent --zone=public --add-service=dns
  • 查看服务
systemctl list-unit-files
  • 启动服务
systemctl enable named-chroot
systemctl restart named-chroot

Related content