DNSサーバ作成(CentOS7)

DNSサーバ作成(CentOS7)

bindのインストール(chroot環境)
対象サーバは192.168.137.71(CentOS7.0)
vmwareで192.168.137.0/24

1.bindインストール
2.named.confとzoneファイルの編集
3.反映

bindインストール
# yum -y install bind bind-utils

bind-chrootインストール
# yum -y install bind-chroot

chrootを有効化
# /usr/libexec/setup-named-chroot.sh /var/named/chroot on

namedの停止とnamed-chroot起動と自動起動
# systemctl stop named
# systemctl disable named
# systemctl start named-chroot
# systemctl enable named-chroot

IPv6無効
# echo OPTIONS=\"-4\" >> /etc/sysconfig/named

named.conf変更
# cp -p /var/named/chroot/etc/named.conf{,.$(date +%Y%m%d_%H%M%S)}
# vi /var/named/chroot/etc/named.conf
# diff /var/named/chroot/etc/named.conf /var/named/chroot/etc/named.conf.XXXXXXXX_XXXXXX

11,13c11,12
< #     listen-on port 53 { 127.0.0.1; };
< #     listen-on-v6 port 53 { ::1; };
<       listen-on-v6 { none; };
---
>       listen-on port 53 { 127.0.0.1; };
>       listen-on-v6 port 53 { ::1; };
18c17
<       allow-query     { localhost; 192.168.137.0/24; };
---
>       allow-query     { localhost; };
59c58
< include "/etc/named.localnetwork.zone";
---
> 

ゾーンファイルの編集(localnetworkの略lnドメインをローカル用に作成)
# vi /var/named/chroot/etc/named.localnetwork.zone

zone "ln" {
	type master;
	file "localnetwork/ln.db";
};
zone "137.168.192.in-addr.arpa" {
	type master;
	file "localnetwork/137.168.192.in-addr.arpa.db";
};

# mkdir /var/named/chroot/var/named/localnetwork
# vi /var/named/chroot/var/named/localnetwork/ln.db

$TTL	86400
@	IN	SOA	ln.	root.ln.(
				2015022001 ; Serial
				28800      ; Refresh
				14400      ; Retry
				3600000    ; Expire
				86400 )    ; Minimum
	IN	NS	dns.ln.
	IN	MX 10	mail.ln.
	IN	A	192.168.137.71
@	IN	A	192.168.137.71
dns	IN	A	192.168.137.71
mail	IN	A	192.168.137.71
mirror	IN	A	192.168.137.71

# vi /var/named/chroot/var/named/localnetwork/137.168.192.in-addr.arpa.db

$TTL	86400
@	IN	SOA	ln. root.ln.(
				2015022001 ; Serial
				28800      ; Refresh
				14400      ; Retry
				3600000    ; Expire
				86400 )    ; Minimum
	IN	NS	dns.ln.
71	IN	PTR	dns.ln.

named.confとゾーンファイルのチェックとリロード
# named-checkconf -t /var/named/chroot -z /etc/named.conf
# rndc reload

DNS1を192.168.137.71に変更する
# vi /etc/sysconfig/network-scripts/ifcfg-eno16777736