环境OS: Red Hat Enterprise Linux 5 update 4Network: 192.168.122.0/24前言在baidu上搜DDNS,很多地方把DDNS解释为DHCP + DNS,其实这是牵强附会。DDNS是Dynamic Domain Name Server的简称。DHCP分配IP的时候更新DNS服务器域名解析记录,这就是DDNS所做的事情,而是否更新客户端的hostname显示倒是其次。操作这是DNS服务器的环境:[root@server ~]# cat /etc/sysconfig/networkNETWORKING=yesNETWORKING_IPV6=noHOSTNAME=server.afang.org[root@server ~]# cat /etc/sysconfig/network-scripts/ifcfg-eth0# Realtek Semiconductor Co., Ltd. RTL-8139/8139C/8139C+DEVICE=eth0BOOTPROTO=staticIPADDR=192.168.122.254NETMASK=255.255.255.0HWADDR=54:52:00:4F:D5:68ONBOOT=yes[root@server ~]# ifconfigeth0 Link encap:Ethernet HWaddr 54:52:00:4F:D5:68inet addr:192.168.122.254 Bcast:192.168.122.255 Mask:255.255.255.0inet6 addr: fe80::5652:ff:fe4f:d568/64 Scope:LinkUP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1RX packets:280 errors:0 dropped:0 overruns:0 frame:0TX packets:232 errors:0 dropped:0 overruns:0 carrier:0collisions:0 txqueuelen:1000RX bytes:24404 (23.8 KiB) TX bytes:31850 (31.1 KiB)Interrupt:10lo Link encap:Local Loopbackinet addr:127.0.0.1 Mask:255.0.0.0inet6 addr: ::1/128 Scope:HostUP LOOPBACK RUNNING MTU:16436 Metric:1RX packets:180 errors:0 dropped:0 overruns:0 frame:0TX packets:180 errors:0 dropped:0 overruns:0 carrier:0collisions:0 txqueuelen:0RX bytes:14680 (14.3 KiB) TX bytes:14680 (14.3 KiB)[root@server ~]#安装配置DNS服务器[root@server ~]# cd /misc/cd/Server[root@server Server]# rpm -ivh bind-9.3.6-4.P1.el5.i386.rpm bind-chroot-9.3.6-4.P1.el5.i386.rpmcaching-nameserver-9.3.6-4.P1.el5.i386.rpmwarning: bind-9.3.6-4.P1.el5.i386.rpm: Header V3 DSA signature: NOKEY, key ID 37017186Preparing... ########################################### [100%]1:bind ########################################### [ 33%]2:bind-chroot ########################################### [ 67%]3:caching-nameserver ########################################### [100%][root@server Server]# cd /var/named/chroot/etc/[root@server etc]# lslocaltime named.caching-nameserver.conf named.rfc1912.zones rndc.key[root@server etc]# mv named.caching-nameserver.conf named.conf[root@server etc]# mv named.rfc1912.zones named.zones[root@server etc]# ln -s /var/named/chroot/etc/named.conf /etc/named.conf[root@server etc]# ln -s /var/named/chroot/etc/named.zones /etc/named.zones[root@server etc]#这是我的named.conf和named.zones配置named.conf[root@server etc]# cat named.confacl afang.org { 192.168.122.0/24; };options {listen-on port 53 { 127.0.0.1; afang.org; };listen-on-v6 port 53 { ::1; };directory "/var/named";dump-file "/var/named/data/cache_dump.db";statistics-file "/var/named/data/named_stats.txt";memstatistics-file "/var/named/data/named_mem_stats.txt";allow-query { localhost; afang.org; };allow-query-cache { localhost; afang.org; };};logging {channel default_debug {file "data/named.run";severity dynamic;};};view afang.org {match-clients { localhost; afang.org; };match-destinations { localhost; };recursion yes;include "/etc/named.zones";};[root@server etc]#named.zones[root@server etc]# cat named.zoneszone "." IN {type hint;file "named.ca";};zone "localdomain" IN {type master;file "localdomain.zone";allow-update { none; };};zone "localhost" IN {type master;file "localhost.zone";allow-update { none; };};zone "0.0.127.in-addr.arpa" IN {type master;file "named.local";allow-update { none; };};zone "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN {type master;file "named.ip6.local";allow-update { none; };};zone "255.in-addr.arpa" IN {type master;file "named.broadcast";allow-update { none; };};zone "0.in-addr.arpa" IN {type master;file "named.zero";allow-update { none; };};zone "afang.org" IN {type master;file "afang.org.zone";allow-update { localhost; };};zone "122.168.192.in-addr.arpa" IN {type master;file "122.168.192.in-addr.arpa.rzone";allow-update { localhost; };};[root@server etc]#对named.zones的一些解释zone "afang.org" IN {type master;file "afang.org.zone";allow-update { localhost; };};zone "122.168.192.in-addr.arpa" IN {type master;file "122.168.192.in-addr.arpa.rzone";allow-update { localhost; };};这里allow-update允许DHCP服务器从本地IP来更新DNS的解析记录。如果你的DNS和DHCP服务不在同一台机器上,你也可以在allow-update里面指定DHCP服务器的IP。但是这样是不安全的。如果有人恶意把自己的IP设置为该IP,则DNS服务器就很容易给入侵。这是我的域名解析记录[root@server named]# pwd/var/named/chroot/var/named[root@server named]# lsdata localhost.zone named.ca named.local slaveslocaldomain.zone named.broadcast named.ip6.local named.zero[root@server named]# cp localdomain.zone afang.org.zone[root@server named]# cp named.local 122.168.192.in-addr.arpa.rzone这是afang.org.zone和122.168.192.in-addr.arpa.rzone 的内容afang.org.zone[root@server named]# cat afang.org.zone$TTL 86400@ IN SOA localhost root (42 ; serial (d. adams)3H ; refresh15M ; retry1W ; expiry1D ) ; minimumIN NS localhostserver IN A 192.168.122.254[root@server named]#122.168.192.in-addr.arpa.rzone[root@server named]# cat 122.168.192.in-addr.arpa.rzone$TTL 86400@ IN SOA localhost. root.localhost. (1997022700 ; Serial28800 ; Refresh14400 ; Retry3600000 ; Expire86400 ) ; MinimumIN NS localhost.254 IN PTR server.afang.org.[root@server named]#此外对目录和文件设置合适的权限