바로가기 메뉴
본문내용 바로가기
메인메뉴 바로가기



Customer Center

Notice · Security Issue · Account Guide · Global Traffic Test

HOME > Customer Center > Security Issue

보안이슈

master 네임서버 slave 네임서버 구성하기
2016.02.18

1. Master 서버 설정


1.1 named.conf 설정



[dns81(root):/etc]#more named.conf
//
// named.conf for Red Hat caching-nameserver
//



options {



directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
recursion no;
statistics-file "/var/named/data/named_stats.txt";
};



//
// a caching only nameserver config
//



zone "." IN {
type hint;
file "named.ca";
};



zone "localdomain" IN {
type master;
file "localdomain.zone";
allow-update { none; };
};



zone "localhost" IN {
type master;
file "localhost.zone";
allow-update { none; };
};



zone "0.0.127.in-addr.arpa" IN {
type master;
file "named.local";
allow-update { none; };
};



zone "255.in-addr.arpa" IN {
type master;
file "named.broadcast";
allow-update { none; };
};



zone "0.in-addr.arpa" IN {
type master;
file "named.zero";
allow-update { none; };
};



zone "foxylady.co.kr" IN {
type master;
file "foxylady.co.kr.zone";
//allow-query { any; };
};



zone "yejin.pe.kr" IN {
type master;
file "버yejin.pe.kr.zone";
};




logging {
channel ch_queries_log {
file "/var/named/log/ch_queries.log" versions 5 size 30m;
severity debug;
print-category yes;
print-severity yes;
print-time yes;
};
category queries { ch_queries_log; };
};



// include "/etc/rndc.key";




1.2 /var/named/ 에 zone File설정 내용보기



[dns81(root):/var/named]#more lcm.pe.kr.zone
$TTL 10
@ IN SOA ns.lcm.pe.kr. admin.lcm.pe.kr. (
2006091503 ; serial (d. adams)
3h ; refresh
1h ; retry
4w ; expiry
24h ;minimim
)
IN NS ns
IN NS ns2



IN MX 0 mail.lcm.pe.kr.



IN A 222.110.130.81
ns IN A 222.110.130.81
ns2 IN A 211.35.72.181



www IN A 222.110.130.81
ftp IN A 222.110.130.82
mail IN A 222.110.130.82
ko IN A 222.110.130.82
en IN A 222.110.130.82
game IN NS ns.game
IN NS ns2.game
ns.game IN A 222.110.130.136
ns2.game IN A 222.110.130.136



mail IN HINFO mail1 mail-server



lcm.pe.kr. IN TXT "v=spf1 ip4:222.110.130.82 ~all"








2. Slave설정
1.1 named.conf 설정 - 222.110.130.81은 master서버 IP입니다.



zone "lcm.pe.kr" IN {
type slave;
file "lcm.pe.kr.zone";
masters { 222.110.130.81; };
};




1.2 데몬재시작
1.3 Zone File을 Master서버에서 가져와있는지 확인
[root@mail named]# ls -al lcm.pe.kr.zone
-rw------- 1 named named 721 9월 24 05:33 lcm.pe.kr.zone



성공이면 설정완료



이호스트데이터센터(http://www.ehostidc.co.kr)
첨부파일