1.下载BIND http://www.isc.org 也可以去本站下载 bind9 dns软件。
2.编译安装
.代码如下:
# tar zxvf bind-9.4.0.tar.gz
# cd bind-9.4.0
# ./configure sysconfdir=/etc //更多安装选项 ./configure --help
# make
# make install
二,配置BIND
1)./etc/named.conf
# vi /etc/named.conf 推出保存即可 或 touch /etc/named.conf
2)./etc/rndc.conf
# rndc-confgen >/etc/rndc.conf
B.创建目录 /var/named
# mkdir /var/named
B.编辑/etc/named.conf 内容如下
.代码如下:
options {
directory "/var/named"//表示默认的数据库文件在/var/named中 若没有需手动创建
// pid-file "/var/run/named/named.pid"//运行的PID文件路径,用于使用其他用户启动named
}
zone "." { //创建root域
type hint
file "named.ca"
}
zone "localhost" { //创建 localhost域
type master
file "named.local"
}
zone "example.com" { //创建 example.com域
type master
file "example.com.zone"
}
zone "0.0.127.in-addr.arpa"{ //localhost的反解析
type master
file "127.0.0.zone"
}
zone "100.168.192.in-addr.arpa" { //example.com的反向解析
type master
file "192.168.100.zone"
}
//这段文件在/etc/rndc.conf 的尾部需拷贝才能使用 # tail +13 /etc/rndc.conf >>/etc/named.conf
# Use with the following in named.conf, adjusting the allow list as needed:
key "rndc-key" {
algorithm hmac-md5
secret "HWM3L+e7LWDZJJ/dJEzQEw=="
}
controls {
inet 127.0.0.1 port 953
allow { 127.0.0.1} keys { "rndc-key"}
}
# End of named.conf
D.在/var/named 中创建相应的数据文件 文件名由named.conf 中的file 参数制定
由named.conf可知有 named.ca, named.local, example.com.zone, 127.0.0.zone , 192.168.100.zone
1. named.ca
# dig -t NS . >/var/named/named.ca
2. named.local #vi /var/named/named.local 加入以下内容
.代码如下:
$TTL 1D
@ IN SOA localhost. root (
2007042801
1H
15M
1W
1D )
IN NS @
IN A 127.0.0.1
3. example.com.zone
.代码如下:
$TTL 1D
@ IN SOA example.com. root (
2007042801
1H
15M
1W
1D )
IN NS ns.example.com.
IN MX 10 mail.example.com.
IN A 192.168.100.125
www IN A 192.168.100.125
db IN A 192.168.100.124
ns IN A 192.168.100.126
mail IN A 192.168.100.251
shop IN A 192.168.100.125
*.shop IN A 192.168.100.124
news IN CNAME www
3. 127.0.0.zone
$TTl 1D
@ IN SOA @ root.localhost. (
2007042801
1H
15M
1W
1D
)
IN NS localhost.
1 IN PTR localhost.
4. 192.168.100.zone
$TTL 1D
@ IN SOA @ root.example.com. (
2007042801
1H
15M
1W
1D )
IN NS example.com.
125 IN PTR example.com.
125 IN PTR www.example.com.
124 IN PTR db.example.com.
126 IN PTR ns.example.com.
251 IN PTR mail.example.com.
补充说明
a. named服务器的启动问题
1. 启动 #named //以root用户启动
#named -u named //以named用户启动,必须有这个用户而且,named.pid的属主是 named
2. 更改配置后如何重启
# rndc reload
3.测试配置是否成功,可用 host, dig ,nslookup 判断
在linux系统下安装DNS服务器bindBIND是一种开源的DNS(Domain Name System)协议的实现,包含对域名的查询和响应所需的所有软件。它是互联网上最广泛使用的一种DNS服务器,下面讲解在linux系统下如何安装DNS服务器bind。
1.从http://www.isc.org/products/BIND/bind9.html下载bind9的源文件。本次安装使用的源文件为bind-9.2.3.tar.gz。
2.将源文件bind-9.2.3.tar.gz置于/usr/local/src目录下。
3.解压缩源文件bind-9.2.3.tar.gz
# tar -xzvf bind-9.2.3.tar.gz -C /usr/local/src
4.进入安装目录 www.2cto.com
# cd bind-9.2.3
5.配置、编译
# ./configure
# make
6.安装
# make install
7.生成的可执行文件位于/usr/local/sbin目录下。最重要的可执行文件为named和rndc。
8.创建链接
# ln -s /usr/local/sbin/rndc /usr/sbin/rndc
# ln -s /usr/local/sbin/named /usr/sbin/named
9.创建rndc.conf配置文件。
# /usr/local/sbin/rndc-confgen >/etc/rndc.conf
# cat /etc/rndc.conf
输出为:
# Start of rndc.conf
key "rndc-key" {
algorithm hmac-md5
secret "y9xvvfQjdWv9f/Fo7wquBg=="
}
options {
default-key "rndc-key"
default-server 127.0.0.1
default-port 953
}
# End of rndc.conf
# Use with the following in named.conf, adjusting the allow list as needed:
# key "rndc-key" {
# algorithm hmac-md5
# secret "y9xvvfQjdWv9f/Fo7wquBg=="
# } www.2cto.com
#
# controls {
# inet 127.0.0.1 port 953
# allow { 127.0.0.1} keys { "rndc-key"}
# }
# End of named.conf
10.创建rndc.key文件。将rndc.conf文件中注释部分拷贝生成如下文件:
# vi /etc/rndc.key
key "rndc-key" {
algorithm hmac-md5
secret "y9xvvfQjdWv9f/Fo7wquBg=="
}
controls {
inet 127.0.0.1 port 953
allow { 127.0.0.1} keys { "rndc-key"}
}
检查rndc是否正常工作:
#/usr/local/sbin/named -g
Jan 11 11:56:45.075 starting BIND 9.2.3 -g
Jan 11 11:56:45.076 using 1 CPU
Jan 11 11:56:45.079 loading configuration from '/etc/named.conf'
......
#/usr/local/sbin/rndc status
11.创建named.conf配置文件。
# vi /etc/named.conf
// generated by named-bootconf.pl
options { www.2cto.com
directory "/var/named"
/*
* If there is a firewall between you and nameservers you want
* to talk to, you might need to uncomment the query-source
* directive below. Previous versions of BIND always asked
* questions using port 53, but BIND 8.1 uses an unprivileged
* port by default.
*/
// query-source address * port 53
}
//
// a caching only nameserver config
//
zone "." IN {
type hint
file "named.root"
}
zone "localhost" IN {
type master
file "localhost.zone"
allow-update { none}
}
zone "0.0.127.in-addr.arpa" IN {
type master
file "named.local"
allow-update { none}
} www.2cto.com
zone "domain1.net" IN { //新加domain1.net的域
type master
file "domain1.net.zone"
allow-update { none}
}
zone "252.177.61.in-addr.arpa" IN { //新加域的反向解析
type master
file "named.61.177.252"
allow-update { none}
}
include "/etc/rndc.key"
12.创建/var/named目录
# mkdir /var/named
# cd /var/named
13.匿名登录到ftp站点FTP.RS.INTERNIC.NET,获取/domain目录下的named.root文件和named.ca文件,将该文件置于/var/named目录下。
14.创建localhost.zone文件
# vi /var/named/localhost.zone
$TTL 86400
$ORIGIN localhost.
@ 1D IN SOA @ root (
42 serial (d. adams)
3H refresh
15M retry
1W expiry
1D ) minimum
1D IN NS @
1D IN A 127.0.0.1
15.创建named.local文件
# vi named.local
$TTL 86400
@ IN SOA localhost. root.localhost. (
1997022700 Serial www.2cto.com
28800 Refresh
14400 Retry
3600000 Expire
86400 ) Minimum
IN NS localhost.
1 IN PTR localhost.
16.创建domain1.net.zone文件
# vi ycmail.net.zone
$TTL 86400
@ IN SOA localhost. root.localhost. (
2003061800 Serial
28800 Refresh
14400 Retry
3600000 Expire
86400 ) Minimum
IN NS localhost.
mail IN A 61.177.252.34
www IN CNAME mail
17.创建named.61.177.252文件
# vi named.61.177.252
$TTL 86400
@ IN SOA localhost. root.localhost. (
2003061800 Serial
28800 Refresh
14400 Retry
3600000 Expire
86400 ) Minimum
IN NS localhost.
34 IN PTR mail.domain1.net.
18.创建启动脚本
# vi /etc/rc.d/init.d/named
#!/bin/sh www.2cto.com
#
# named This shell script takes care of starting and stopping
# named (BIND DNS server).
#
# chkconfig: 345 55 45
# description: named (BIND) is a Domain Name Server (DNS)
# that is used to resolve host names to IP addresses.
# probe: true
# Source function library.
. /etc/rc.d/init.d/functions
# Source networking configuration.
. /etc/sysconfig/network
# Check that networking is up.
[ $ = "no" ] &&exit 0
[ -f /usr/sbin/named ] || exit 0
[ -f /etc/named.conf ] || exit 0
# See how we were called.
case "" in
start)
# Start daemons.
echo -n "Starting named: "
daemon named
echo
touch /var/lock/subsys/named
stop)
# Stop daemons.
echo -n "Shutting down named: "
killproc named
rm -f /var/lock/subsys/named
echo www.2cto.com
status)
/usr/sbin/rndc status
exit $?
restart)
stop
start
exit $?
reload)
/usr/sbin/rndc reload
exit $?
probe)
# named knows how to reload intelligentlywe don't want linuxconf
# to offer to restart every time
/usr/sbin/rndc reload >/dev/null 2>&1 || echo start
exit 0
*)
echo "Usage: named "
exit 1
esac
exit 0
19.将/etc/rc.d/init.d/named变成可执行文件。
# chmod 755 /etc/rc.d/init.d/named
20.创建启动脚本symbollink
# ln -s /etc/rc.d/init.d/named /etc/rc.d/rc0.d/K45named
# ln -s /etc/rc.d/init.d/named /etc/rc.d/rc1.d/K45named
# ln -s /etc/rc.d/init.d/named /etc/rc.d/rc2.d/K45named
# ln -s /etc/rc.d/init.d/named /etc/rc.d/rc3.d/S55named
# ln -s /etc/rc.d/init.d/named /etc/rc.d/rc4.d/S55named
# ln -s /etc/rc.d/init.d/named /etc/rc.d/rc5.d/S55named
# ln -s /etc/rc.d/init.d/named /etc/rc.d/rc6.d/K45named
21.启动bind9 www.2cto.com
# /etc/rc.d/init.d/named start
停止bind9
# /etc/rc.d/init.d/named stop
查看状态
# /etc/rc.d/init.d/named status
22.检查配置文件及域文件
# /usr/local/sbin/named-checkconf
# /usr/local/sbin/named-checkzone domain1.net /var/named/domain1.net.zone
欢迎分享,转载请注明来源:内存溢出
评论列表(0条)