BIND DNS服務(wù)器安裝試用

喜歡雨路的火焰狼 2006-11-05

展開全文

玩玩BIND，DNS服務(wù)對于一個網(wǎng)絡(luò)來說是不可少的
先按照BLFS BOOK安裝BIND-9.3.1,是可以讓服務(wù)chroot狀態(tài)下運行的
參考文章：1）：http://www./bbs/showthread.php?t=269426
         2）：http://zz./news/38/20051218197290538.htm
完全按照BLFS上的來，可以啟動服務(wù)，dig -x 127.0.0.1可以，但不能用，參考上面文章
文章1理解概念，但里面的某些有誤，關(guān)鍵是設(shè)置named.conf中的關(guān)于zone的設(shè)置問題，
初始設(shè)置（BLFS中）只有l(wèi)ocalhost的設(shè)置，對照著文二設(shè)置好localhost zone，設(shè)置mylinux.com時出現(xiàn)錯誤：
named -t /home/named -g
31-Oct-2006 02:48:17.121 zone 0.254.38.202.in-addr.arpa/IN: loaded serial 1
31-Oct-2006 02:48:17.124 mylinux.com.zone:2: SOA record not at top of zone (mylinux.com.mylinux.com)
應(yīng)該是關(guān)于mylinux.conf.zone的設(shè)置有錯誤了，幾經(jīng)周折，終于可以了，我的設(shè)置是：
vi named.conf
options {
directory "/etc/namedb";
pid-file "/var/run/named.pid";
statistics-file "/var/run/named.stats";
};
controls {
inet 127.0.0.1 allow { localhost; } keys { rndc_key; };
};
key "rndc_key" {
algorithm hmac-md5;
secret " 5FJys15CptnfObI8lrxvwQ10ZulWoZNPLioIHwfvgFGum7BBwJke+aIvZjeqgpurhdAzJT2UW9LrEhdhOZ6PXg==";
};
zone "." {
type hint;
file "root.hints";
};
zone "localhost" IN {
    type master;
    file "localhost.zone";
};
zone "0.0.127.in-addr.arpa" {
type master;
file "pz/127.0.0";
};
zone "mylinux.com" IN {
    type master;
    file "mylinux.com.zone";
};
zone "0.254.38.202.in-addr.arpa" {
    type master;
    file "pz/mylinux.com.arpa";
};
logging {
category default { default_syslog; default_debug; };
category unmatched { null; };
channel default_syslog {
syslog daemon; // send to syslog‘s daemon
// facility
severity info; // only send priority info
// and higher
};
channel default_debug {
file "named.run";
severity dynamic;
};
channel default_stderr {
stderr;
severity info;
};
channel null {
null;
};
};
另外建立的相應(yīng)的區(qū)域文件和反向解析文件分別是：
vi localhost.zone
$TTL 86400
@ IN SOA @ root (
1 ; Serial
8H ; Refresh
2H ; Retry
4W ; Expire
1D) ; Minimum TTL
IN NS @
IN A 127.0.0.1
vi mylinux.com.zone
$TTL 86400
@ IN SOA www.mylinux.com master.mylinux.com (
1 ; Serial
8H ; Refresh
2H ; Retry
4W ; Expire
1D) ; Minimum TTL
IN NS 202.38.254.253
www IN A 202.38.254.253
ftp IN A 202.38.254.253

vi pz/127.0.0
$TTL 3D
@ IN SOA localhost. root.localhost. (
1 ; Serial
8H ; Refresh
2H ; Retry
4W ; Expire
1D) ; Minimum TTL
IN NS localhost.
1 PTR localhost.

vi pz/mylinux.com.arpa
$TTL 86400
@ IN SOA www.mylinux.com. master.mylinux.com. (
1 ; Serial
8H ; Refresh
2H ; Retry
4W ; Expire
1D) ; Minimum TTL
IN NS www.mylinux.com
253 IN PTR www.mylinux.com
253 IN PTR ftp
注意這些里面空格的地方，當(dāng)然關(guān)鍵是理解含義，關(guān)于rndc的設(shè)置比較好理解