如何自己做一台 ddns server
最新回答
一懒众山小
2025-03-29 06:20:19
OS: Red Hat Enterprise Linux 5 update 4
Network: 192.168.122.0/24
前言
在baidu上搜DDNS,很多地方把DDNS解释为DHCP + DNS,其实这是牵强附会。DDNS是
Dynamic Domain Name Server的简称。DHCP分配IP的时候更新DNS服务器域名解析记录,这
就是DDNS所做的事情,而是否更新客户端的hostname显示倒是其次。
操作
这是DNS服务器的环境:
[root@server ~]# cat /etc/sysconfig/network
NETWORKING=yes
NETWORKING_IPV6=no
HOSTNAME=server.afang.org
[root@server ~]# cat /etc/sysconfig/network-scripts/ifcfg-eth0
# Realtek Semiconductor Co., Ltd. RTL-8139/8139C/8139C+
DEVICE=eth0
BOOTPROTO=static
IPADDR=192.168.122.254
NETMASK=255.255.255.0
HWADDR=54:52:00:4F:D5:68
ONBOOT=yes
[root@server ~]# ifconfig
eth0 Link encap:Ethernet HWaddr 54:52:00:4F:D5:68
inet addr:192.168.122.254 Bcast:192.168.122.255 Mask:255.255.255.0
inet6 addr: fe80::5652:ff:fe4f:d568/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:280 errors:0 dropped:0 overruns:0 frame:0
TX packets:232 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:24404 (23.8 KiB) TX bytes:31850 (31.1 KiB)
Interrupt:10
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:180 errors:0 dropped:0 overruns:0 frame:0
TX packets:180 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:14680 (14.3 KiB) TX bytes:14680 (14.3 KiB)
[root@server ~]#
安装配置DNS服务器
[root@server ~]# cd /misc/cd/Server
[root@server Server]# rpm -ivh bind-9.3.6-4.P1.el5.i386.rpm bind-chroot-9.3.6-4.P1.el5.i386.rpm
caching-nameserver-9.3.6-4.P1.el5.i386.rpm
warning: bind-9.3.6-4.P1.el5.i386.rpm: Header V3 DSA signature: NOKEY, key ID 37017186
Preparing... ########################################### [100%]
1:bind ########################################### [ 33%]
2:bind-chroot ########################################### [ 67%]
3:caching-nameserver ########################################### [100%]
[root@server Server]# cd /var/named/chroot/etc/
[root@server etc]# ls
localtime named.caching-nameserver.conf named.rfc1912.zones rndc.key
[root@server etc]# mv named.caching-nameserver.conf named.conf
[root@server etc]# mv named.rfc1912.zones named.zones
[root@server etc]# ln -s /var/named/chroot/etc/named.conf /etc/named.conf
[root@server etc]# ln -s /var/named/chroot/etc/named.zones /etc/named.zones
[root@server etc]#
这是我的named.conf和named.zones配置
named.conf
[root@server etc]# cat named.conf
acl afang.org { 192.168.122.0/24; };
options {
listen-on port 53 { 127.0.0.1; afang.org; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { localhost; afang.org; };
allow-query-cache { localhost; afang.org; };
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
view afang.org {
match-clients { localhost; afang.org; };
match-destinations { localhost; };
recursion yes;
include "/etc/named.zones";
};
[root@server etc]#
named.zones
[root@server etc]# cat named.zones
zone "." IN {
type hint;
file "named.ca";
};
zone "localdomain" IN {
type master;
file "localdomain.zone";
allow-update { none; };
};
zone "localhost" IN {
type master;
file "localhost.zone";
allow-update { none; };
};
zone "0.0.127.in-addr.arpa" IN {
type master;
file "named.local";
allow-update { none; };
};
zone "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN {
type master;
file "named.ip6.local";
allow-update { none; };
};
zone "255.in-addr.arpa" IN {
type master;
file "named.broadcast";
allow-update { none; };
};
zone "0.in-addr.arpa" IN {
type master;
file "named.zero";
allow-update { none; };
};
zone "afang.org" IN {
type master;
file "afang.org.zone";
allow-update { localhost; };
};
zone "122.168.192.in-addr.arpa" IN {
type master;
file "122.168.192.in-addr.arpa.rzone";
allow-update { localhost; };
};
[root@server etc]#
对named.zones的一些解释
zone "afang.org" IN {
type master;
file "afang.org.zone";
allow-update { localhost; };
};
zone "122.168.192.in-addr.arpa" IN {
type master;
file "122.168.192.in-addr.arpa.rzone";
allow-update { localhost; };
};
这里allow-update允许DHCP服务器从本地IP来更新DNS的解析记录。如果你的DNS和
DHCP服务不在同一台机器上,你也可以在allow-update里面指定DHCP服务器的IP。但是这
样是不安全的。如果有人恶意把自己的IP设置为该IP,则DNS服务器就很容易给入侵。
这是我的域名解析记录
[root@server named]# pwd
/var/named/chroot/var/named
[root@server named]# ls
data localhost.zone named.ca named.local slaves
localdomain.zone named.broadcast named.ip6.local named.zero
[root@server named]# cp localdomain.zone afang.org.zone
[root@server named]# cp named.local 122.168.192.in-addr.arpa.rzone
这是afang.org.zone和122.168.192.in-addr.arpa.rzone 的内容
afang.org.zone
[root@server named]# cat afang.org.zone
$TTL 86400
@ IN SOA localhost root (
42 ; serial (d. adams)
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum
IN NS localhost
server IN A 192.168.122.254
[root@server named]#
122.168.192.in-addr.arpa.rzone
[root@server named]# cat 122.168.192.in-addr.arpa.rzone
$TTL 86400
@ IN SOA localhost. root.localhost. (
1997022700 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS localhost.
254 IN PTR server.afang.org.
[root@server named]#
此外对目录和文件设置合适的权限
热门标签
