DNS主从服务器配置实战解析及案例_佐击

http://blog.sina.com.cn/u/3096547195

首页博文目录关于我

个人资料

微博

加好友发纸条

写留言加关注

博客等级：
博客积分：

博客访问：
关注人气：
获赠金笔：0支
赠出金笔：0支
荣誉徽章：

正文字体大小：大中小

DNS主从服务器配置实战解析及案例

(2017-11-20 12:02:10)

标签：

dns主从配置

dns主从配置案例

DNS主服务器:192.168.88.131

从服务器：192.168.88.130

总结：

主从复制（注意点）：

1、应该为一台独立的名称服务器；

2、主服务器的区域解析库文件中必须有一条NS记录是指向从服务器；

3、从服务器只需定义区域，而无需提供解析库文件；解析库文件应该放置于/var/named/slaves/目录中

4、主服务器得允许从服务器作区域传送

5、主从服务器时间应该同步，可通过ntp进行，

6、bind程序的版本应该保持一致，否则，应该从高，主低

一、从服务器配置（192.168.88.130）

从服务器只需定义区域，而无需提供解析库文件；

主从启动后，解析库文件会自动传送并放置于/var/named/slaves/目录中

定义从区域的方法：

zone "ZONE_NAME" IN {

type slave;

masters { MASTER_IP; }

file "slaves/ZONE_NAME.zone";

}

[root@www ~]# ps aux | grep named

named 9199 0.0 2.6 312424 13104 ? Ssl 01:13 0:00 /usr/sbin/named -u named

root 9232 0.0 0.7 143964 3488 pts/1 S+ 01:14 0:00 vim /etc/named.rfc1912.zones

root 9319 0.0 0.1 103268 864 pts/0 S+ 01:17 0:00 grep named

[root@www ~]# ll -d /var/named/

drwxr-x---. 5 root named 4096 11月 17 22:16 /var/named/

[root@www ~]# ll /var/named/

总用量 28

drwxrwx---. 2 named named 4096 11月 18 01:13 data

drwxrwx---. 2 named named 4096 11月 18 01:13 dynamic

-rw-r-----. 1 root named 3289 4月 11 2017 named.ca

-rw-r-----. 1 root named 152 12月 15 2009 named.empty

-rw-r-----. 1 root named 152 6月 21 2007 named.localhost

-rw-r-----. 1 root named 168 12月 15 2009 named.loopback

drwxrwx---. 2 named named 4096 7月 5 17:55 slaves

[root@www named]# vim /etc/named.conf

options {

listen-on port 53 { 192.168.88.130; 127.0.0.1; };

// listen-on-v6 port 53 { ::1; };

directory "/var/named";

dump-file "/var/named/data/cache_dump.db";

statistics-file "/var/named/data/named_stats.txt";

memstatistics-file "/var/named/data/named_mem_stats.txt";

allow-query { any; };

recursion yes;

// dnssec-enable yes;

// dnssec-validation yes;

bindkeys-file "/etc/named.iscdlv.key";

// managed-keys-directory "/var/named/dynamic";

};

logging {

channel default_debug {

file "data/named.run";

severity dynamic;

};

zone "." IN {

type hint;

file "named.ca";

};

include "/etc/named.rfc1912.zones";

include "/etc/named.root.key";

[root@www slaves]# vim /etc/named.rfc1912.zones

…….

zone "localhost" IN {

type master;

file "named.localhost";

allow-update { none; };

};

zone "1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN {

type master;

file "named.loopback";

allow-update { none; };

};

zone "1.0.0.127.in-addr.arpa" IN {

type master;

file "named.loopback";

allow-update { none; };

};

zone "0.in-addr.arpa" IN {

type master;

file "named.empty";

allow-update { none; };

};

//定义正解从区域

zone "field.com" IN {

type slave;

masters { 192.168.88.131; };

file "slaves/field.com.zone";

};

//定义反解从区域

zone "88.168.192.in-addr.arpa" IN {

type slave;

masters { 192.168.88.131; };

file "slaves/192.168.88.zone";

[root@www slaves]# named-checkconf

//查看主配置文件是否有语法错误

[root@www named]# cd /var/named/slaves/

[root@www slaves]# service named restart

停止 named：.[确定]

启动 named：[确定]

二、主服务器上配置(192.168.88.131)：

注意：主服务器的区域解析库文件中必须有一条NS记录是指向从服务器；

[root@www named]# ls

192.168.88.zone data field.com.zone named.empty named.loopback

chroot dynamic named.ca named.localhost slaves

[root@www named]# vim /etc/named.rfc1912.zones

file "named.localhost";

allow-update { none; };

};

zone "localhost" IN {

type master;

file "named.localhost";

allow-update { none; };

};

zone "1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN {

type master;

file "named.loopback";

allow-update { none; };

};

zone "1.0.0.127.in-addr.arpa" IN {

type master;

file "named.loopback";

allow-update { none; };

};

zone "0.in-addr.arpa" IN {

type master;

file "named.empty";

allow-update { none; };

};

zone "field.com" IN {

type master;

file "field.com.zone";

};

zone "88.168.192.in-addr.arpa" IN {

type master;

file "192.168.88.zone";

};

(1)、定义正解区域解析库文件：

主服务器的区域解析库文件中必须有一条NS记录是指向从服务器

[root@www named]# vim field.com.zone

$TTL 86400

$ORIGIN field.com.

@ IN SOA ns1.field.com. admin.field.com (

2017111702

//序列号必须手动加1

1D )

IN NS ns1

IN NS ns2

IN MX 10 mx1

IN MX 20 mx2

ns1 IN A 192.168.88.131

ns2 IN A 192.168.88.130

//从服务器正解必须要有一个NS记录

mx1 IN A 192.168.88.131

mx2 IN A 192.168.88.130

www IN A 192.168.88.131

ftp IN CNAME www

field.com. IN A 192.168.88.131

* IN A 192.168.88.131

[root@www named]# named-checkzone "field.com" /var/named/field.com.zone

zone field.com/IN: loaded serial 2017111701

[root@www named]# cat 192.168.88.zone

//反解暂时不变

$TTL 86400

$ORIGIN 88.168.192.in-addr.arpa.

@ IN SOA ns1.field.com. admin.field.com. (

2017111701

1D )

IN NS ns1.field.com.

IN NS ns2.field.com.

131 IN PTR ns1.field.com.

131 IN PTR www.field.com.

131 IN PTR mx1.field.com.

130 IN PTR mx2.field.com.

"192.168.88.zone" 14L, 302C 已写入

[root@www named]# rndc reload

server reload successful

[root@www named]# ls

192.168.88.zone data field.com.zone named.empty named.loopback

chroot dynamic named.ca named.localhost slaves

[root@www named]# tail /var/log/messages

Nov 18 01:47:20 www named[8468]: using default UDP/IPv4 port range: [1024, 65535]

Nov 18 01:47:20 www named[8468]: using default UDP/IPv6 port range: [1024, 65535]

Nov 18 01:47:20 www named[8468]: sizing zone task pool based on 8 zones

Nov 18 01:47:20 www named[8468]: Warning: 'empty-zones-enable/disable-empty-zone' not set: disabling RFC 1918 empty zones

Nov 18 01:47:20 www named[8468]: reloading configuration succeeded

Nov 18 01:47:20 www named[8468]: reloading zones succeeded

Nov 18 01:47:20 www named[8468]: zone field.com/IN: loaded serial 2017111702

Nov 18 01:47:20 www named[8468]: zone field.com/IN: sending notifies (serial 2017111702)

Nov 18 01:47:20 www named[8468]: client 192.168.88.130#51283: transfer of 'field.com/IN': AXFR-style IXFR started

Nov 18 01:47:20 www named[8468]: client 192.168.88.130#51283: transfer of 'field.com/IN': AXFR-style IXFR ended

//查看日志文件是否transfer 完成

[root@www named]# ls

192.168.88.zone data field.com.zone named.empty named.loopback

chroot dynamic named.ca named.localhost slaves

从服务器上查看是否同步完成：（192.168.88.130）

[root@www named]# service named restart

停止 named：.[确定]

启动 named：[确定]

[root@www named]# tail /var/log/messages

Nov 18 01:31:19 www named[9652]: zone 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN: loaded serial 0

Nov 18 01:31:19 www named[9652]: zone field.com/IN: loaded serial 2017111701

Nov 18 01:31:19 www named[9652]: zone localhost.localdomain/IN: loaded serial 0

Nov 18 01:31:19 www named[9652]: zone localhost/IN: loaded serial 0

Nov 18 01:31:19 www named[9652]: managed-keys-zone ./IN: loaded serial 2

Nov 18 01:31:19 www named[9652]: running

Nov 18 01:31:19 www named[9652]: zone field.com/IN: sending notifies (serial 2017111701)

Nov 18 01:35:51 www named[9652]: client 192.168.88.131#42502: received notify for zone '88.168.192.in-addr.arpa': not authoritative

Nov 18 01:35:52 www named[9652]: client 192.168.88.131#13228: received notify for zone 'field.com'

Nov 18 01:35:52 www named[9652]: zone field.com/IN: notify from 192.168.88.131#13228: zone is up to date

[root@www named]# cd /var/named/slaves/

[root@www slaves]# ls

field.com.zone

[root@www slaves]# cat field.com.zone

$ORIGIN .

$TTL 86400 ; 1 day

field.com IN SOA ns1.field.com. admin.field.com.field.com. (

2017111701 ; serial

3600 ; refresh (1 hour)

300 ; retry (5 minutes)

604800 ; expire (1 week)

86400 ; minimum (1 day)

)

NS ns1.field.com.

NS ns2.field.com.

A 192.168.88.131

MX 10 mx1.field.com.

MX 20 mx2.field.com.

$ORIGIN field.com.

* A 192.168.88.131

ftp CNAME www

mx1 A 192.168.88.131

mx2 A 192.168.88.130

ns1 A 192.168.88.131

ns2 A 192.168.88.131

www A 192.168.88.131

(2)、定义反解区域解析库文件：

[root@www named]# vim 192.168.88.zone

$TTL 86400

$ORIGIN 88.168.192.in-addr.arpa.

@ IN SOA ns1.field.com. admin.field.com. (

2017111702

//序列号必须手动加1

1D )

IN NS ns1.field.com.

IN NS ns2.field.com.

131 IN PTR ns1.field.com.

130 IN PTR ns2.field.com.

//从服务器NS记录

131 IN PTR www.field.com.

131 IN PTR mx1.field.com.

130 IN PTR mx2.field.com.

133 IN PTR imap.field.com.

[root@www named]# named-checkzone "88.168.192.in-addr.arpa" 192.168.88.zone

zone 88.168.192.in-addr.arpa/IN: loaded serial 2017111702

//查看定义的区域解析库文件语法是否有错

[root@www named]# rndc reload

server reload successful

[root@www named]# tail /var/log/messages

[root@www named]#

从服务器上查看是否同步完成：（192.168.88.130）

[root@www slaves]# rndc reload

server reload successful

[root@www slaves]# tail /var/log/messages

Nov 18 01:57:45 www named[9932]: using default UDP/IPv6 port range: [1024, 65535]

Nov 18 01:57:45 www named[9932]: sizing zone task pool based on 8 zones

Nov 18 01:57:45 www named[9932]: Warning: 'empty-zones-enable/disable-empty-zone' not set: disabling RFC 1918 empty zones

Nov 18 01:57:45 www named[9932]: reloading configuration succeeded

Nov 18 01:57:45 www named[9932]: reloading zones succeeded

Nov 18 01:57:45 www named[9932]: zone 88.168.192.in-addr.arpa/IN: Transfer started.

Nov 18 01:57:45 www named[9932]: transfer of '88.168.192.in-addr.arpa/IN' from 192.168.88.131#53: connected using 192.168.88.130#54269

Nov 18 01:57:45 www named[9932]: zone 88.168.192.in-addr.arpa/IN: transferred serial 2017111701

Nov 18 01:57:45 www named[9932]: transfer of '88.168.192.in-addr.arpa/IN' from 192.168.88.131#53: Transfer completed: 1 messages, 8 records, 240 bytes, 0.001 secs (240000 bytes/sec)

Nov 18 01:57:45 www named[9932]: zone 88.168.192.in-addr.arpa/IN: sending notifies (serial 2017111701)

[root@www slaves]# ls

192.168.88.zone field.com.zone

[root@www slaves]# cat 192.168.88.zone

$ORIGIN .

$TTL 86400 ; 1 day

88.168.192.in-addr.arpa IN SOA ns1.field.com. admin.field.com. (

2017111701 ; serial

3600 ; refresh (1 hour)

300 ; retry (5 minutes)

604800 ; expire (1 week)

86400 ; minimum (1 day)

)

NS ns1.field.com.

NS ns2.field.com.

$ORIGIN 88.168.192.in-addr.arpa.

130 PTR mx2.field.com.

131 PTR ns1.field.com.

PTR www.field.com.

PTR mx1.field.com.

[root@www slaves]# cat field.com.zone

$ORIGIN .

$TTL 86400 ; 1 day

field.com IN SOA ns1.field.com. admin.field.com.field.com. (

2017111701 ; serial

3600 ; refresh (1 hour)

300 ; retry (5 minutes)

604800 ; expire (1 week)

86400 ; minimum (1 day)

)

NS ns1.field.com.

NS ns2.field.com.

A 192.168.88.131

MX 10 mx1.field.com.

MX 20 mx2.field.com.

$ORIGIN field.com.

* A 192.168.88.131

ftp CNAME www

mx1 A 192.168.88.131

mx2 A 192.168.88.130

ns1 A 192.168.88.131

ns2 A 192.168.88.131

www A 192.168.88.131

附录：完整案例：

从服务器配置(192.168.88.130)：

[root@www named]# vim /etc/named.conf

options {

listen-on port 53 { 192.168.88.130; 127.0.0.1; };

// listen-on-v6 port 53 { ::1; };

directory "/var/named";

dump-file "/var/named/data/cache_dump.db";

statistics-file "/var/named/data/named_stats.txt";

memstatistics-file "/var/named/data/named_mem_stats.txt";

allow-query { any; };

recursion yes;

// dnssec-enable yes;

// dnssec-validation yes;

bindkeys-file "/etc/named.iscdlv.key";

// managed-keys-directory "/var/named/dynamic";

};

logging {

channel default_debug {

file "data/named.run";

severity dynamic;

};

zone "." IN {

type hint;

file "named.ca";

};

include "/etc/named.rfc1912.zones";

include "/etc/named.root.key";

[root@www slaves]# vim /etc/named.rfc1912.zones

};

zone "localhost" IN {

type master;

file "named.localhost";

allow-update { none; };

};

zone "1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN {

type master;

file "named.loopback";

allow-update { none; };

};

zone "1.0.0.127.in-addr.arpa" IN {

type master;

file "named.loopback";

allow-update { none; };

};

zone "0.in-addr.arpa" IN {

type master;

file "named.empty";

allow-update { none; };

};

zone "field.com" IN {

type slave;

masters { 192.168.88.131; };

file "slaves/field.com.zone";

};

zone "88.168.192.in-addr.arpa" IN {

type slave;

masters { 192.168.88.131; };

file "slaves/192.168.88.zone";

[root@www slaves]# named-checkconf

[root@www slaves]# rndc reload

server reload successful

[root@test ~]# service iptables stop

主服务器配置（192.168.88.131）：

[root@www ~]# cd /var/named

[root@www named]# vim 192.168.88.zone

$TTL 86400

$ORIGIN 88.168.192.in-addr.arpa.

@ IN SOA ns1.field.com. admin.field.com. (

2017111705

1D )

IN NS ns1.field.com.

IN NS ns2.field.com.

131 IN PTR ns1.field.com.

130 IN PTR ns2.field.com.

129 IN PTR web2.field.com.

131 IN PTR web1.field.com.

131 IN PTR www.field.com.

130 IN PTR test.field.com.

131 IN PTR mx1.field.com.

130 IN PTR mx2.field.com.

133 IN PTR imap.field.com.

[root@www named]# vim field.com.zone

$TTL 86400

$ORIGIN field.com.

@ IN SOA ns1.field.com. admin.field.com (

2017111706

1D )

IN NS ns1

IN NS ns2

IN MX 10 mx1

IN MX 20 mx2

ns1 IN A 192.168.88.131

ns2 IN A 192.168.88.130

mx1 IN A 192.168.88.131

mx2 IN A 192.168.88.130

web2 IN A 192.168.88.129

test IN A 192.168.88.130

web1 IN A 192.168.88.131

imap IN A 192.168.88.133

www IN A 192.168.88.131

pop3 IN CNAME mx1

ftp IN CNAME www

field.com. IN A 192.168.88.131

"field.com.zone" 24L, 525C 已写入

[root@www named]# named-checkzone "field.com" /var/named/field.com.zone

zone field.com/IN: loaded serial 2017111706

[root@www named]# named-checkzone "88.168.192.in-addr.arpa" 192.168.88.zone

zone 88.168.192.in-addr.arpa/IN: loaded serial 2017111705

[root@www named]# service named reload

重新载入named: [确定]

[root@www named]# tail /var/log/messages

Nov 20 11:17:03 www named[3242]: reloading configuration succeeded

Nov 20 11:17:03 www named[3242]: reloading zones succeeded

Nov 20 11:17:03 www named[3242]: zone 88.168.192.in-addr.arpa/IN: loaded serial 2017111705

Nov 20 11:17:03 www named[3242]: zone 88.168.192.in-addr.arpa/IN: sending notifies (serial 2017111705)

Nov 20 11:17:03 www named[3242]: zone field.com/IN: loaded serial 2017111706

Nov 20 11:17:03 www named[3242]: zone field.com/IN: sending notifies (serial 2017111706)

Nov 20 11:17:03 www named[3242]: client 192.168.88.130#53331: transfer of '88.168.192.in-addr.arpa/IN': AXFR-style IXFR started

Nov 20 11:17:03 www named[3242]: client 192.168.88.130#53331: transfer of '88.168.192.in-addr.arpa/IN': AXFR-style IXFR ended

Nov 20 11:17:03 www named[3242]: client 192.168.88.130#33030: transfer of 'field.com/IN': AXFR-style IXFR started

Nov 20 11:17:03 www named[3242]: client 192.168.88.130#33030: transfer of 'field.com/IN': AXFR-style IXFR ended

[root@www named]#

[root@www named]# clear

从服务查看是否同步完成（可能会有所延迟，必要时可结合ntp）：

[root@test ~]# cd /var/named/slaves/

[root@test slaves]# ls

192.168.88.zone field.com.zone

[root@test slaves]# tail /var/log/messages

Nov 18 12:11:20 test named[3732]: zone field.com/IN: transferred serial 2017111703

Nov 18 12:11:20 test named[3732]: transfer of 'field.com/IN' from 192.168.88.131#53: Transfer completed: 1 messages, 16 records, 367 bytes, 0.043 secs (8534 bytes/sec)

Nov 18 12:11:20 test named[3732]: zone field.com/IN: sending notifies (serial 2017111703)

Nov 18 12:26:00 test named[3732]: client 192.168.88.131#13038: received notify for zone '88.168.192.in-addr.arpa'

Nov 18 12:26:00 test named[3732]: master 192.168.88.131#53 (source 0.0.0.0#0) deleted from unreachable cache

Nov 18 12:26:00 test named[3732]: zone 88.168.192.in-addr.arpa/IN: Transfer started.

Nov 18 12:26:00 test named[3732]: transfer of '88.168.192.in-addr.arpa/IN' from 192.168.88.131#53: connected using 192.168.88.130#41751

Nov 18 12:26:00 test named[3732]: zone 88.168.192.in-addr.arpa/IN: transferred serial 2017111703

Nov 18 12:26:00 test named[3732]: transfer of '88.168.192.in-addr.arpa/IN' from 192.168.88.131#53: Transfer completed: 1 messages, 11 records, 296 bytes, 0.160 secs (1850 bytes/sec)

Nov 18 12:26:00 test named[3732]: zone 88.168.192.in-addr.arpa/IN: sending notifies (serial 2017111703)

[root@test slaves]# cat 192.168.88.zone

$ORIGIN .

$TTL 86400 ; 1 day

88.168.192.in-addr.arpa IN SOA ns1.field.com. admin.field.com. (

2017111703 ; serial

3600 ; refresh (1 hour)

300 ; retry (5 minutes)

604800 ; expire (1 week)

86400 ; minimum (1 day)

)

NS ns1.field.com.

NS ns2.field.com.

$ORIGIN 88.168.192.in-addr.arpa.

130 PTR ns2.field.com.

PTR test.field.com.

PTR mx2.field.com.

131 PTR ns1.field.com.

PTR www.field.com.

PTR mx1.field.com.

133 PTR imap.field.com.

[root@test slaves]# cat field.com.zone

$ORIGIN .

$TTL 86400 ; 1 day

field.com IN SOA ns1.field.com. admin.field.com.field.com. (

2017111703 ; serial

3600 ; refresh (1 hour)

300 ; retry (5 minutes)

604800 ; expire (1 week)

86400 ; minimum (1 day)

)

NS ns1.field.com.

NS ns2.field.com.

A 192.168.88.131

MX 10 mx1.field.com.

MX 20 mx2.field.com.

$ORIGIN field.com.

* A 192.168.88.131

ftp CNAME www

mx1 A 192.168.88.131

mx2 A 192.168.88.130

ns1 A 192.168.88.131

ns2 A 192.168.88.130

pop3 CNAME mx1

test A 192.168.88.130

www A 192.168.88.131

[root@test slaves]#

测试dns服务器可行性：

（1）、Linux上解析百度谷歌

[root@www named]# dig -t www.baidu.com

;; Warning, ignoring invalid type www.baidu.com

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.62.rc1.el6_9.4 <<>> -t www.baidu.com

;; global options: +cmd

;; Got answer:

;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 20255

;; flags: qr rd ra; QUERY: 1, ANSWER: 13, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:

;. IN NS

;; ANSWER SECTION:

. 5 IN NS b.root-servers.net.

. 5 IN NS f.root-servers.net.

. 5 IN NS d.root-servers.net.

. 5 IN NS a.root-servers.net.

. 5 IN NS m.root-servers.net.

. 5 IN NS k.root-servers.net.

. 5 IN NS c.root-servers.net.

. 5 IN NS g.root-servers.net.

. 5 IN NS e.root-servers.net.

. 5 IN NS i.root-servers.net.

. 5 IN NS l.root-servers.net.

. 5 IN NS j.root-servers.net.

. 5 IN NS h.root-servers.net.

;; Query time: 14 msec

;; SERVER: 192.168.88.2#53(192.168.88.2)

;; WHEN: Sat Nov 18 14:05:57 2017

;; MSG SIZE rcvd: 228

[root@www named]# dig -x 8.8.8.8

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.62.rc1.el6_9.4 <<>> -x 8.8.8.8

;; global options: +cmd

;; Got answer:

;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 46771

;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:

;8.8.8.8.in-addr.arpa. IN PTR

;; ANSWER SECTION:

8.8.8.8.in-addr.arpa. 5 IN PTR google-public-dns-a.google.com.

;; Query time: 10 msec

;; SERVER: 192.168.88.2#53(192.168.88.2)

;; WHEN: Sat Nov 18 17:21:57 2017

;; MSG SIZE rcvd: 82

（2）、从服务器作为客户机DNS服务器提供DNS解析功能：

http://s7/mw690/003nyNnBzy7fX0eiuvYc6&690

访问新浪主页，测试是否可以解析：http://s4/mw690/003nyNnBzy7fX0eEUfx83&690

注：本次所有测试均在虚拟机上执行且验证确实可行，如有纰漏，欢迎指正。

--------------FieldYang/佐击20171120-----------------

阅读┊ 收藏 ┊ 喜欢 ▼ ┊打印┊举报/Report

前一篇：DNS服务器配置案例精讲--正解区域配置及测试

后一篇：DNS内置命令rndc用法

新浪BLOG意见反馈留言板　欢迎批评指正