安裝BIND

ALinux 2007-03-24

展開全文

安裝BIND

**********************************

一、下載BIND http://www.

bind-9.2.3.tar

二、卸載默認(rèn)安裝

rpm -e caching-nameserver

rpm -e redhat-config-bind

rpm -e bind

rpm -e bind-utils

三、編譯安裝

#cd /usr/local/src

#tar xzvf bind-9.2.3.tar.gz

#cd bind-9.2.3

#./configure --prefix=/usr/local/bind

(--sysconfdir=/etc )

#make

#make install

四、安裝完后執(zhí)行文件ln -s /usr/local/bind/sbin/rndc /usr/sbin/rndc

ln -s /usr/local/bind/sbin/named /usr/sbin/named

/usr/local/bind/bin目錄下有調(diào)試工具：

dig host nslookup

/usr/local/bind/sbin目錄下有服務(wù)器程式（包括DNS管理工具）：

ssec-keygen dnssec-signkey lwresd named-checkconf rndc

dnssec-makekeyset dnssec-signzone named named-checkzone rndc-confgen

手動(dòng)創(chuàng)建文件/usr/local/bind/etc/rndc.conf

**************************************

mkdir /usr/local/bind/etc

/usr/local/bind/sbin/rndc-confgen >/usr/local/bind/etc/rndc.conf

手動(dòng)創(chuàng)建文件/usr/local/bind/etc/rndc.key

**************************************

tail +13 /usr/local/bind/etc/rndc.conf >/usr/local/bind/etc/rndc.key #去掉相應(yīng)的注示符

:.,$-1s/^#\ //

手動(dòng)生成根服務(wù)器文件named.ca

**********************************************************************

mkdir /var/named

/usr/local/bind/bin/dig @a.root-servers.net . NS > /var/named/named.ca

**************************************

手動(dòng)創(chuàng)建主配置文件/etc/named.conf

手動(dòng)創(chuàng)建主配置文件/etc/named.local

手動(dòng)創(chuàng)建相應(yīng)的zone文件

/var/named/named.mihost.kmip.net

/var/named/named.1.168.192

mkdir -p /usr/local/bind/var/run #一定要?jiǎng)?chuàng)建否則named進(jìn)程是啟動(dòng)不了

named -c /etc/named.conf

ps -aux |grep named

tail /var/log/messages

vi /etc/resolv.conf

nameserver 127.0.0.1

***********************

rndc reload

rndc status

killall -9 named

***********************

用RNDC控制服務(wù)器

************************************************************************************

1、產(chǎn)生rndc控制文件

#/usr/local/bind/sbin/rndc-confgen >/etc/rndc.conf

#tail +13 /etc/rndc.conf >> /etc/named.conf 手動(dòng)生成rndc.key或者追加到named.conf也行。"/usr/local/bind/etc/rndc.key";

2、啟動(dòng)named服務(wù)器，監(jiān)視/var/log/messages

# /usr/local/bind/sbin/named -c /etc/named.conf /修改后要重啟

# tail /var/log/messages

3、測試rndc和解析的效果

#killall -9 named

# /usr/local/bind/sbin/named -c /etc/named.conf /修改后要重啟

# /usr/local/bind/sbin/rndc reload /參數(shù)修改后重新加載

#rndc status

4、用host、nslookup、dig測試一下是否可解析

[root@nameserver named]# cat /etc/resolv.conf

nameserver 127.0.0.1

#nameserver 202.96.134.133

search mihost.kmip.net

#nameserver 61.235.70.98

[root@nameserver named]# host mail.mihost.kmip.net

mail.mihost.kmip.net address 192.168.1.242

[root@nameserver named]# host yahoo.com.cn

yahoo.com.cn has address 202.165.102.205

[root@nameserver named]#

以下是配置文件：

/usr/local/bind/etc/rndc.conf

***********************************

# Start of rndc.conf

key "rndc-key" {

algorithm hmac-md5;

secret "c7eOsUqVxemCTuHXPK5JqQ==";

};

options {

default-key "rndc-key";

default-server 127.0.0.1;

default-port 953;

};

# End of rndc.conf

# Use with the following in named.conf, adjusting the allow list as needed:

# key "rndc-key" {

# algorithm hmac-md5;

# secret "c7eOsUqVxemCTuHXPK5JqQ==";

# };

# controls {

# inet 127.0.0.1 port 953

# allow { 127.0.0.1; } keys { "rndc-key"; };

# };

# End of named.conf

/usr/local/bind/etc/rndc.key

***************************************

# Use with the following in named.conf, adjusting the allow list as needed:

key "rndc-key" {

algorithm hmac-md5;

secret "c7eOsUqVxemCTuHXPK5JqQ==";

};

controls {

inet 127.0.0.1 port 953

allow { 127.0.0.1; } keys { "rndc-key"; };

};

# End of named.conf

/var/named/named.ca 查詢網(wǎng)絡(luò)得到。

*************************

; <<>> DiG 9.2.8 <<>> -t NS .

;; global options: printcmd

;; Got answer:

;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 49871

;; flags: qr rd ra; QUERY: 1, ANSWER: 13, AUTHORITY: 0, ADDITIONAL: 13

;; QUESTION SECTION:

;. IN NS

;; ANSWER SECTION:

. 260188 IN NS G.ROOT-SERVERS.NET.

. 260188 IN NS H.ROOT-SERVERS.NET.

. 260188 IN NS I.ROOT-SERVERS.NET.

. 260188 IN NS J.ROOT-SERVERS.NET.

. 260188 IN NS K.ROOT-SERVERS.NET.

. 260188 IN NS L.ROOT-SERVERS.NET.

. 260188 IN NS M.ROOT-SERVERS.NET.

. 260188 IN NS A.ROOT-SERVERS.NET.

. 260188 IN NS B.ROOT-SERVERS.NET.

. 260188 IN NS C.ROOT-SERVERS.NET.

. 260188 IN NS D.ROOT-SERVERS.NET.

. 260188 IN NS E.ROOT-SERVERS.NET.

. 260188 IN NS F.ROOT-SERVERS.NET.

;; ADDITIONAL SECTION:

A.ROOT-SERVERS.NET. 550572 IN A 198.41.0.4

B.ROOT-SERVERS.NET. 550915 IN A 192.228.79.201

C.ROOT-SERVERS.NET. 550916 IN A 192.33.4.12

D.ROOT-SERVERS.NET. 550917 IN A 128.8.10.90

E.ROOT-SERVERS.NET. 550918 IN A 192.203.230.10

F.ROOT-SERVERS.NET. 550919 IN A 192.5.5.241

G.ROOT-SERVERS.NET. 550908 IN A 192.112.36.4

H.ROOT-SERVERS.NET. 550909 IN A 128.63.2.53

I.ROOT-SERVERS.NET. 550910 IN A 192.36.148.17

J.ROOT-SERVERS.NET. 550919 IN A 192.58.128.30

K.ROOT-SERVERS.NET. 550911 IN A 193.0.14.129

L.ROOT-SERVERS.NET. 550912 IN A 198.32.64.12

M.ROOT-SERVERS.NET. 550913 IN A 202.12.27.33

;; Query time: 17 msec

;; SERVER: 202.96.134.133#53(202.96.134.133)

;; WHEN: Sun Mar 11 16:49:42 2007

;; MSG SIZE rcvd: 436

/var/named/named.local

****************************

$TTL 86400

@ IN SOA localhost. root.localhost. (

20070314;

28800;

14400;

3600000;

86400);

IN NS localhost.

1 IN PTR localhost.

/etc/named.conf

*******************************************

options{

directory "/var/named";

};

include "/usr/local/bind/etc/rndc.key";

zone "." IN {

type hint;

file "named.ca";

};

zone "0.0.127.in-addr.arpa" IN {

type master;

file "named.local";

};

zone "mihost.kmip.net" IN {

type master;

file "named.mihost.kmip.net";

allow-update {none; };

};

zone "1.168.192.in-addr.arpa" IN {

type master;

file "named.1.168.192";

allow-update {none; };

};

/var/named/named.mihost.kmip.net

*****************************************************

$TTL 86400

$ORIGIN mihost.kmip.net.

@ IN SOA RHL9.mihost.kmip.net. root.mail.mihost.kmip.net. (

2007031401;

28800;

14400;

3600000;

86400);

IN NS RHL9.mihost.kmip.net.

IN MX 0 mail.mihost.kmip.net.

RHL9 IN A 192.168.1.242

WebServer IN A 192.168.1.242

www IN CNAME WebServer

MailServer IN A 192.168.1.242

mail IN CNAME MailServer

slave IN A 192.168.1.242

/var/named/named.1.168.192

***********************************************

$TTL 86400

@ IN SOA RHL9.mihost.kmip.net. root.mail.test.com. (

2007031401

28800

14400

3600000

86400 )

IN NS RHL9.mihost.kmip.net.

242 IN PTR RHL9.mihost.kmip.net.

242 IN PTR WebServer.mihost.kmip.net.

242 IN PTR MailServer.mihost.kmip.net.

242 IN PTR slave.mihost.kmip.net.

如果發(fā)現(xiàn)錯(cuò)請查看日子信息：vat /var/log/messages

創(chuàng)建緩存域名服務(wù)器

/etc/named.conf

***************************

options{

directory "/var/named";

forwarders { 202.96.134.133; };

};

include "/usr/local/bind/etc/rndc.key";

zone "." IN {

type hint;

file "named.ca";

};

zone "0.0.127.in-addr.arpa" IN {

type master;

file "named.local";

};

創(chuàng)建輔助域名服務(wù)器：

/etc/named.conf

*************************************

options{

directory "/var/named";

};

include "/usr/local/bind/etc/rndc.key";

zone "." IN {

type hint;

file "named.ca";

};

zone "0.0.127.in-addr.arpa" IN {

type master;

file "named.local";

};

zone "mihost.kmip.net" IN {

type slave;#輔助域名。。

file "named.mihost.kmip.net";

masters { 192.168.1.242; };

};

zone "1.168.192.in-addr.arpa" IN {

type slave;

file "named.1.168.192";

masters {192.168.1.242; };

};

本站是提供個(gè)人知識(shí)管理的網(wǎng)絡(luò)存儲(chǔ)空間，所有內(nèi)容均由用戶發(fā)布，不代表本站觀點(diǎn)。請注意甄別內(nèi)容中的聯(lián)系方式、誘導(dǎo)購買等信息，謹(jǐn)防詐騙。如發(fā)現(xiàn)有害或侵權(quán)內(nèi)容，請點(diǎn)擊一鍵舉報(bào)。

轉(zhuǎn)藏 分享

QQ空間 QQ好友新浪微博微信

獻(xiàn)花（0） +1

來自： ALinux > 《系統(tǒng)管理》

舉報(bào)/認(rèn)領(lǐng)