标签:named bind9 bind dns 源码安装 编译安装
系统平台:CentOS 6.6 x86_64
Bind版本:bind-9.10.2
准备工作
下载bind 源码包, 省略......
安装开发工具包, 省略......
安装:
解压bind-9.10.2.tar.gz
#tar xvf bind-9.10.2.tar.gz #cd bind-9.10.2/ #./configure -h
#./configure --prefix=/usr/local/bind --mandir=/usr/share/ --sysconfdir=/etc/named/ --disable-ipv6 --disable-chroot --enable-threads #make -j 2 && make install
#ln -s /usr/local/bind/bin/* /usr/bin/ #ln -s /usr/local/bind/sbin/* /usr/sbin/
#groupadd -r named #useradd -r -g named -M -s /sbin/nologin named #mkdir /usr/local/bind/var/run/named #chown named:named /usr/local/bind/var/run/named #ll -d /usr/local/bind/var/run/named/
#[ -d /etc/named/ ] || mkdir /etc/named #chown named:named /etc/named #[ -d /var/named ] || mkdir /var/named #chown named:named /var/named
开始配置基础zone文件
#dig -t NS . @61.139.2.69 > /var/named/named.ca #cd /var/named/ # vim named.localhost $TTL 1D @ IN SOA @ rname.invalid. ( 0 ; serial 1D ; refresh 1H ; retry 1W ; expire 3H) ; minimum NS @ A 127.0.0.1 #vim named.loopback $TTL 1D @ IN SOA @ rname.invalid. ( 0 ; serial 1D ; refresh 1H ; retry 1W ; expire 3H) ; minimum NS @ A 127.0.0.1 PTR localhost. #chown -R named.named /var/named/*
named.conf主配置文件
#rndc-confgen -r /dev/uramdom > /etc/named/rndc.conf
#cd /etc/named/
#touch named.conf
#vim rndc.conf
命令模式下 :2,11w >> named.conf
#cat named.conf
#vim named.conf
options {
directory "/var/named";
listen-on port 53 {any; };
allow-query {any; };
recursion yes;
};
zone "." IN {
type hint;
file "named.ca";
};
zone "localhost" IN {
type master;
file "named.localhost";
allow-update { none; };
};
zone "0.0.127.in-addr.arpa" IN {
type master;
file "named.loopback";
allow-update { none; };
};
# Use with the following in named.conf,adjusting the allow list as needed:
key"rndc-key" {
algorithm hmac-md5;
secret "8VWpbjeJ8mochoPghAN5SQ==";
};
#
controls{
inet 127.0.0.1 port 953
allow { 127.0.0.1; } keys { "rndc-key"; };
};
#chown -R named.named /etc/named/*运行named
# named -u named -g # named -u named # netstat -tunpl # tail /var/log/messages 查看日志情况,是否有报错 # iptables -t filter -I INPUT -p udp --dport 53 -j ACCEPT 远程电脑查询下域名,看是否能够正常查询
named 的系统服务脚本
#!/bin/bash
# named a network name service.
# chkconfig: 345 35 75
# description: a name server
[ -r /etc/rc.d/init.d/functions ] && . /etc/rc.d/init.d/functions
PidFile=/usr/local/bind/var/run/named/named.pid
LockFile=/var/lock/subsys/named
named=named
start() {
[ -x /usr/local/bind/sbin/$named ] || echo "named: command not found " && exit 4
if [ -f $LockFile ]; then
echo -n "$named is already running..."
failure
echo
exit 5
fi
echo -n "Starting $named: "
daemon --pidfile "$PidFile" /usr/local/bind/sbin/$named -u named -4
RETVAL=$?
echo
if [ $RETVAL -eq 0 ]; then
touch $LockFile
return 0
else
rm -f $LockFile $PidFile
return 1
fi
}
stop() {
if [ ! -f $LockFile ];then
echo "$named is not started."
failure
fi
echo -n "Stopping $named: "
killproc $named
RETVAL=$?
echo
[ $RETVAL -eq 0 ] && rm -f $LockFile
return 0
}
restart() {
stop
sleep 1
start
}
reload() {
echo -n "Reloading $named: "
killproc $named -HUP
RETVAL=$?
echo
return $RETVAL
}
status() {
if pidof $named > /dev/null && [ -f $PidFile ]; then
echo "$named is running..."
else
echo "$named is stopped..."
fi
}
case $1 in
start)
start ;;
stop)
stop ;;
restart)
restart ;;
reload)
reload ;;
status)
status ;;
*)
echo "Usage:named {start|stop|status|reload|restart}"
exit 2;;
esacredirect 区域类型
该类型功能是如果在查询不到域名的情况下,重定向返回一个设定IP ,而不是返回空结果。
所以 可以利用该功能做一些额外的服务。
zone "." IN {
type redirect;
file "redirect.file";
};
$TTL 3600
@ IN SOA ns.EXAMPLE.net. mail.EXAMPLE.net. (
0
0
0
0
0
)
@ IN NS ns.EXAMPLE.net
*. IN A 8.8.8.8测试
本文出自 “Professor哥” 博客,请务必保留此出处http://professor.blog.51cto.com/996189/1641331
Bind 9.10 源码安装 以及 新增redirect 类型
标签:named bind9 bind dns 源码安装 编译安装
原文地址:http://professor.blog.51cto.com/996189/1641331
