호스트네임 변경
hostnamectl status hostnamectl set-hostname dns hostnamectl status
방화벽 중지 원본 펼치기
systemctl stop firewalld systemctl disable firewalld
[root@dns ~]# systemctl stop firewalld [root@dns ~]# systemctl disable firewalld Removed symlink /etc/systemd/system/multi-user.target.wants/firewalld.service. Removed symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
DNS 서비스 패키지 설치
cd <리눅스 설치 디스크 마운트 경로>/Packages rpm -ivh python-ply-3.4-11.el7.noarch.rpm rpm -ivh bind-license-9.9.4-72.el7.noarch.rpm rpm -Uvh bind-utils-9.9.4-72.el7.x86_64.rpm bind-libs-9.9.4-72.el7.x86_64.rpm rpm -ivh bind-9.9.4-72.el7.x86_64.rpm rpm -ivh bind-chroot-9.9.4-72.el7.x86_64.rpm cd eject
[root@dns ~]# cd /run/media/admin/OL-7.3\ Server.x86_64/Packages [root@dns Packages]# rpm -ivh python-ply-3.4-11.el7.noarch.rpm 경고: python-ply-3.4-11.el7.noarch.rpm: Header V3 RSA/SHA256 Signature, key ID ec551f03: NOKEY 준비 중... ################################# [100%] Updating / installing... 1:python-ply-3.4-11.el7 ################################# [100%] [root@dns Packages]# rpm -ivh bind-license-9.9.4-72.el7.noarch.rpm 경고: bind-license-9.9.4-72.el7.noarch.rpm: Header V3 RSA/SHA256 Signature, key ID ec551f03: NOKEY 준비 중... ################################# [100%] Updating / installing... 1:bind-license-32:9.9.4-72.el7 ################################# [100%] [root@dns Packages]# rpm -Uvh bind-utils-9.9.4-72.el7.x86_64.rpm bind-libs-9.9.4-72.el7.x86_64.rpm 경고: bind-utils-9.9.4-72.el7.x86_64.rpm: Header V3 RSA/SHA256 Signature, key ID ec551f03: NOKEY 준비 중... ################################# [100%] Updating / installing... 1:bind-libs-32:9.9.4-72.el7 ################################# [ 25%] 2:bind-utils-32:9.9.4-72.el7 ################################# [ 50%] Cleaning up / removing... 3:bind-utils-32:9.9.4-61.el7 ################################# [ 75%] 4:bind-libs-32:9.9.4-61.el7 ################################# [100%] [root@dns Packages]# rpm -ivh bind-9.9.4-72.el7.x86_64.rpm 경고: bind-9.9.4-72.el7.x86_64.rpm: Header V3 RSA/SHA256 Signature, key ID ec551f03: NOKEY 준비 중... ################################# [100%] Updating / installing... 1:bind-32:9.9.4-72.el7 ################################# [100%] [root@dns Packages]# rpm -ivh bind-chroot-9.9.4-72.el7.x86_64.rpm 경고: bind-chroot-9.9.4-72.el7.x86_64.rpm: Header V3 RSA/SHA256 Signature, key ID ec551f03: NOKEY 준비 중... ################################# [100%] Updating / installing... 1:bind-chroot-32:9.9.4-72.el7 ################################# [100%] [root@dns Packages]# cd [root@dns ~]# eject
DNS 서비스 재설정 (named-chroot로 기동)
/usr/libexec/setup-named-chroot.sh /var/named/chroot on systemctl stop named systemctl disable named systemctl start named-chroot systemctl enable named-chroot
[root@dns ~]# /usr/libexec/setup-named-chroot.sh /var/named/chroot on [root@dns ~]# systemctl stop named [root@dns ~]# systemctl disable named Removed symlink /etc/systemd/system/multi-user.target.wants/named.service. [root@dns ~]# systemctl start named-chroot [root@dns ~]# systemctl enable named-chroot Created symlink from /etc/systemd/system/multi-user.target.wants/named-chroot.service to /usr/lib/systemd/system/named-chroot.service.
vi /var/named/chroot/etc/named.conf
// listen-on port 53 { 127.0.0.1; };
listen-on port 53 { 127.0.0.1; 10.0.1.150; };
// allow-query { localhost; };
allow-query { 10.0.1.0/24; };
vi /var/named/chroot/etc/named.rfc1912.zones
zone "localdomain." IN {
type master;
file "localdomain.zone";
allow-update { none; };
};
zone "1.0.10.in-addr.arpa." IN {
type master;
file "1.0.10.in-addr.arpa";
allow-update { none; };
};
vi /var/named/chroot/var/named/localdomain.zone
$TTL 86400
@ IN SOA localhost root.localhost (
42 ; serial (d. adams)
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum
IN NS localhost
localhost IN A 127.0.0.1
rac-scan IN A 10.0.1.191
rac-scan IN A 10.0.1.192
rac-scan IN A 10.0.1.193
vi /var/named/chroot/var/named/1.0.10.in-addr.arpa
$ORIGIN 1.0.10.in-addr.arpa.
$TTL 1H
@ IN SOA dns.localdomain. root.dns.localdomain. ( 2
3H
1H
1W
1H )
1.0.10.in-addr.arpa. IN NS dns.localdomain.
191 IN PTR rac-scan.localdomain.
192 IN PTR rac-scan.localdomain.
193 IN PTR rac-scan.localdomain.
zone 파일 권한 설정 및 서비스 재기동
chown root:named /var/named/chroot/var/named/localdomain.zone chown root:named /var/named/chroot/var/named/1.0.10.in-addr.arpa systemctl restart named-chroot
[root@dns ~]# chown root:named /var/named/chroot/var/named/localdomain.zone [root@dns ~]# chown root:named /var/named/chroot/var/named/1.0.10.in-addr.arpa [root@dns ~]# systemctl restart named-chroot
정상 작동 여부 확인
nslookup rac-scan.localdomain nslookup 10.0.1.191 nslookup 10.0.1.192 nslookup 10.0.1.193
[root@rac1 ~]# nslookup rac-scan.localdomain Server: 10.0.1.150 Address: 10.0.1.150#53 Name: rac-scan.localdomain Address: 10.0.1.191 Name: rac-scan.localdomain Address: 10.0.1.193 Name: rac-scan.localdomain Address: 10.0.1.192 [root@rac1 ~]# nslookup rac-scan.localdomain Server: 10.0.1.150 Address: 10.0.1.150#53 Name: rac-scan.localdomain Address: 10.0.1.193 Name: rac-scan.localdomain Address: 10.0.1.191 Name: rac-scan.localdomain Address: 10.0.1.192 [root@rac1 ~]# nslookup rac-scan.localdomain Server: 10.0.1.150 Address: 10.0.1.150#53 Name: rac-scan.localdomain Address: 10.0.1.192 Name: rac-scan.localdomain Address: 10.0.1.193 Name: rac-scan.localdomain Address: 10.0.1.191 [root@rac1 ~]# nslookup 10.0.1.191 Server: 10.0.1.150 Address: 10.0.1.150#53 191.1.0.10.in-addr.arpa name = rac-scan.localdomain. [root@rac1 ~]# nslookup 10.0.1.192 Server: 10.0.1.150 Address: 10.0.1.150#53 192.1.0.10.in-addr.arpa name = rac-scan.localdomain. [root@rac1 ~]# nslookup 10.0.1.193 Server: 10.0.1.150 Address: 10.0.1.150#53 193.1.0.10.in-addr.arpa name = rac-scan.localdomain.
