首先安装完成bind10,之后进行配置使用测试。
配置及使用
启动bind
/opt/bind/sbin/bind10(/opt/bind/sbin/bind10 -v 显示更多详细信息)
[b10-cmdctl] Error creating server, because: [Errno 98] Address already in use
solution:
bind10用到的8080端口被占用。
Test it; for example:
$ dig @127.0.0.1 -c CH -t TXT authors.bind
Load desired zone file(s), for example:
$ b10-loadzone your.zone.example.org
命令行通道:b10-msgq
This Command Channel is not used for DNS message passing. It is used only to control and monitor the BIND 10 system.
命令行通道不是用来通过dns的信息的通过,而是用来控制和监控bind10系统
Administrators do not communicate directly with the b10-msgq daemon. By default, BIND 10 uses port 9912 for the b10-msgq
service. It listens on 127.0.0.1.
管理员并不直接和b10-msgq的守护进程通信。默认情况下bind10的b10-msgq使用9912端口,他监听127.0.0.1。
b10-msgq — Message bus daemon. This process coordinates communication between all of the other BIND 10 processes.
b10-auth— Authoritative DNS server. This process serves DNS requests.
b10-cfgmgr — Configuration manager. This process maintains all of the configuration for BIND 10.
b10-cmdctl — Command and control service. This process allows external control of the BIND 10 system.
b10-resolver— Recursive name server. This process handles incoming queries.
b10-stats— Statistics collection daemon. This process collects and reports statistics data.
b10-xfrin—Incoming zone transfer service. This process is used to transfer a new copy of a zone into BIND 10, when acting
as a secondary server.
b10-xfrout—Outgoing zone transfer service. This process is used to handle transfer requests to send a local zone to a remote
secondary server, when acting as a master server.
b10-zonemgr — Secondary manager. This process keeps track of timers and other necessary information for BIND 10 to act
as a slave server.
These are ran automatically by bind10 and do not need to be run manually.
The following is the layout of the complete BIND 10 installation:
bin/— general tools and diagnostic clients.
etc/bind10-devel/— configuration files.
lib/— libraries and python modules.
libexec/bind10-devel/—executables that a user wouldn’t normally run directly and are not run independently. These
are the BIND 10 modules which are daemons started by the bind10 tool.
sbin/ — commands used by the system administrator.
share/bind10-devel/— configuration specifications.
share/man/ —manual pages (online documentation).
var/bind10-devel/— data source and configuration databases.
添加bind的管理用户
b10-cmdctl-usermgr
~> bindctl
["login success "] login as root (note:初次登陆时显示“login temp” user:root passwd:bind10,直接按显示的用户名和密码输入。)
> config set StatsHttpd/listen_on [{ "address": "192.168.169.3", "port": 8080 }] //设置bind的StatsHttpd监听的ip地址和端口
> config set Resolver/listen_on [{ "address": "127.0.0.1", "port": 53 }]
> config commit
> config set Boss/start_auth false
> config set Boss/start_resolver true
> config commit
> config set Resolver/forward_addresses [{ "address": "202.106.0.20", "port": 53 }] //设置转发查询dns note:所有查询都被转发到了202.106.0.20
> config commit
> config set Resolver/forward_addresses [] 清除转发dns设置
> config commit
> Xfrin retransfer zone_name="grubb.com" master=192.168.169.3 设置可对外输出的域名信息。
> config show Xfrin
transfers_in: 10 integer
> config go Auth
/Auth> config show
database_file: None string
/Auth> config set database_file /tmp/bind10_zones.db
/Auth> config commit
/Auth> config go /
> config show Auth/
database_file: /tmp/bind10_zones.db string
> config diff
{}
> config set Auth/foobar
Error: missing identifier or value
> config set Auth/database_file foobar
> config diff
{'Auth': {'database_file': 'foobar'}}
> config revert
> config diff
{}
> quit
>quit
9. Load desired zone file(s), for example:
$ b10-loadzone your.zone.example.org
eg. cat grubb.com.zone
$TTL 3600
$ORIGIN grubb.com.
@ IN SOA ns1.grubb.com. admin.grubb.com. (
2011072600 ; Serial
3600 ; Refresh
900 ; Retry
3600000 ; Expire
3600 ) ; Minimum
@ IN NS ns1.grubb.com.
IN MX 0 mx1.grubb.com. //如果IN前边没有任何内容的话,需要将这行放在NS类型数据下边,如果写成grubb.com. IN MX mx1.grubb.com.则可以放在下边。
@ IN A 192.168.169.3
NS IN A 192.168.169.3
;$INCLUDE /var/named/includes/hosts-dns
;$INCLUDE /var/named/includes/hosts-mx
IN A 192.168.169.3
ns1 IN A 192.168.169.3
www IN A 192.168.169.3
lly IN AAAA 2001:470:1f04:97::2 //ipv6 A指针
test IN A 192.168.169.3
*.grubb.com. IN A 192.168.169.3
haha IN CNAME .
mx1.grubb.com. IN A 192.168.169.3
localhost IN A 127.0.0.1
test:
nslookup
>
Server: 192.168.169.3
Address: 192.168.169.3#53
Name:
Address: 192.168.169.3
> test1.grubb.com
Server: 192.168.169.3
Address: 192.168.169.3#53
Name: test1.grubb.com
Address: 192.168.169.1
> set type=mx
> grubb.com
Server: 192.168.169.3
Address: 192.168.169.3#53
grubb.com mail exchanger = 0 mx1.grubb.com.
> set type=soa
> grubb.com
Server: 192.168.169.3
Address: 192.168.169.3#53
grubb.com
origin = ns1.grubb.com
mail addr = admin.grubb.com
serial = 2011072600
refresh = 3600
retry = 900
expire = 3600000
minimum = 3600
> set type=ns
> grubb.com
Server: 192.168.169.3
Address: 192.168.169.3#53
grubb.com nameserver = ns1.grubb.com.
> set type=cname
> haha.grubb.com
Server: 192.168.169.3
Address: 192.168.169.3#53
haha.grubb.com canonical name = .
反解析无法实现原因待查,错误如下:
> 192.168.169.3
Server: 192.168.169.3
Address: 192.168.169.3#53
3.169.168.192.in-addr.arpa name = test1.grubb.com.
3.169.168.192.in-addr.arpa name = test2.grubb.com.
3.169.168.192.in-addr.arpa name = test3.grubb.com.
3.169.168.192.in-addr.arpa name = test4.grubb.com.
3.169.168.192.in-addr.arpa name = test5.grubb.com.
3.169.168.192.in-addr.arpa name = test6.grubb.com.
> 192.168.169.1
Server: 192.168.169.3
Address: 192.168.169.3#53
** server can't find 1.169.168.192.in-addr.arpa: REFUSED
反向解析无法测试通过,请高手帮忙,十分感谢。
阅读(2737) | 评论(0) | 转发(0) |