分类: LINUX
2010-10-15 17:20:30
一、软件环境
Redhat 4
bind-9.4.2
二、安装
1、卸载
rpm -qa|grep bind
观察到如下3个相关软件,将其卸载
rpm -e bind-utils-9.2.4-30.el4_7.2 --nodeps
rpm -e ypbind-1.17.2-13 --nodeps
rpm -e bind-libs-9.2.4-30.el4_7.2 --nodeps
2、解压安装
tar -zxvf bind-9.4.2.tar.gz
cd bind-9.4.2
./configure --prefix=/usr/local/named --disable-openssl-version-chec
Make
make install
3、建立用户
groupadd bind
useradd -g bind -d /usr/local/named -s /sbin/nologin bind
chown bind:bind /usr/local/named/etc ----这个目录所不存在,则直接创建
chmod 700 /usr/local/named/etc
4、创建配置文件
vi /usr/local/named/etc/named.conf ----创建编辑并修改之
// generated by named-bootconf.pl
options {
directory "/usr/local/named/etc";
pid-file "/var/run/named/named.pid";
version "0.0.0";
/*
* If there is a firewall between you and nameservers you want
* to talk to, you might need to uncomment the query-source
* directive below. Previous versions of BIND always asked
* questions using port 53, but BIND 8.1 uses an unprivileged
* port by default.
*/
// query-source address * port 53;
};
logging {
channel warning
{ file "/var/log/named/dns_warnings" versions 3 size 1240k;
severity warning;
print-category yes;
print-severity yes;
print-time yes;
};
channel general_dns
{ file "/var/log/named/dns_logs" versions 3 size 1240k;
severity info;
print-category yes;
print-severity yes;
print-time yes;
};
category default { warning; };
category queries { general_dns; };
};
zone "." IN {
type hint;
file "named.root";
};
#zone "localhost" IN {
# type master;
# file "localhost.zone";
# allow-update { none; };
#};
zone "jieliit.com" IN {
type master;
file "jieliit.com";
allow-transfer{ 192.168.2.102; };
};
zone "2.168.192.in-addr.arpa" IN {
type master;
file "2.168.192.in-addr";
allow-update { none; };
};
5、编辑文件
vi /usr/local/named/etc/jieliit.com ----创建编辑并修改之
$TTL 86400
@ IN SOA mail.jieliit.com. root.mail.jieliit.com. (
2006030601 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN MX 0 mail.jieliit.com.
IN NS mail.jieliit.com.
mail IN A 192.168.2.102
vi /usr/local/named/etc/2.168.192.in-addr ----创建编辑并修改之
$TTL 86400
@ IN SOA mail.jieliit.com. root.mail.jieliit.com. (
2001111601 ; Serial
28800 ; refresh
14400 ; retry
3600000 ; expire
86400 ) ; minimum
@ IN NS mail.jieliit.com.
102 IN PTR mail.jieliit.com.
Vi /usr/local/named/etc/named.root
该文件内容整理省略,可以直接从如下地址拷贝过来
6、创建PID和日志文件
# mkdir /var/run/named/
# chmod 777 /var/run/named/
# chown bind:bind /var/run/named/
# mkdir /var/log/named/
# touch /var/log/named/dns_warnings
# touch /var/log/named/dns_logs
# chown bind:bind /var/log/named/*
7、生成rndc-key:
# cd /usr/local/named/etc/
# ../sbin/rndc-confgen >rndc.conf
8、将rndc.conf中:
# Use with the following in named.conf, adjusting the allow list as needed:
后面以的部分加到/usr/local/named/etc/named.conf中并去掉注释
修改后内容如下
key "rndc-key" {
algorithm hmac-md5;
secret "yV2FoCsqcnjEq7E42aiLug==";
};
controls {
inet 127.0.0.1 port 953
allow { 127.0.0.1; } keys { "rndc-key"; };
};
# End of named.conf
9、运行测试:
# /usr/local/named/sbin/named -gc /usr/local/named/etc/named.conf &
[2] 22843
[root@mail sbin]# 26-Aug-2010 13:44:32.479 starting BIND 9.4.2 -gc /usr/local/named/etc/named.conf
26-Aug-2010 13:44:32.482 loading configuration from '/usr/local/named/etc/named.conf'
26-Aug-2010 13:44:32.483 listening on IPv4 interface lo, 127.0.0.1#53
26-Aug-2010 13:44:32.483 binding TCP socket: address in use
26-Aug-2010 13:44:32.484 listening on IPv4 interface eth0, 192.168.2.102#53
26-Aug-2010 13:44:32.484 binding TCP socket: address in use
26-Aug-2010 13:44:32.485 listening on IPv4 interface eth0:1, 192.168.11.101#53
26-Aug-2010 13:44:32.485 binding TCP socket: address in use
26-Aug-2010 13:44:32.488 automatic empty zone: 127.IN-ADDR.ARPA
26-Aug-2010 13:44:32.488 automatic empty zone: 254.169.IN-ADDR.ARPA
26-Aug-2010 13:44:32.488 automatic empty zone: 2.0.192.IN-ADDR.ARPA
26-Aug-2010 13:44:32.489 automatic empty zone: 255.255.255.255.IN-ADDR.ARPA
26-Aug-2010 13:44:32.489 automatic empty zone: 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA
26-Aug-2010 13:44:32.489 automatic empty zone: 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA
26-Aug-2010 13:44:32.489 automatic empty zone: D.F.IP6.ARPA
26-Aug-2010 13:44:32.489 automatic empty zone: 8.E.F.IP6.ARPA
26-Aug-2010 13:44:32.490 automatic empty zone: 9.E.F.IP6.ARPA
26-Aug-2010 13:44:32.490 automatic empty zone: A.E.F.IP6.ARPA
26-Aug-2010 13:44:32.490 automatic empty zone: B.E.F.IP6.ARPA
26-Aug-2010 13:44:32.492 command channel listening on 127.0.0.1#953
26-Aug-2010 13:44:32.493 ignoring config file logging statement due to -g option
26-Aug-2010 13:44:32.494 zone 2.168.192.in-addr.arpa/IN: loaded serial 2001111601
26-Aug-2010 13:44:32.496 zone jieliit.com/IN: loaded serial 2006030601
26-Aug-2010 13:44:32.497 running
状态检查:
# /usr/local/named/sbin/rndc status
number of zones: 13
debug level: 0
xfers running: 0
xfers deferred: 0
soa queries in progress: 0
query logging is ON
recursive clients: 0/0/1000
tcp clients: 0/100
server is up and running
10、自启动脚本
[root@mail init.d]# more named
#!/bin/bash
#
# named a network name service.
#
#
# chkconfig: 545 35 75
# description: a name server
#
if [ `id -u` -ne 0 ]
then
echo "ERROR:For bind to port 53,must run as root."
exit 1
fi
case "$1" in
start)
if [ -x /usr/local/named/sbin/named ]; then
/usr/local/named/sbin/named -u bind -c /usr/local/named/etc/named.conf && echo . && echo 'BIND9 server started.'
fi
;;
stop)
kill `cat /var/run/named/named.pid` && echo . && echo 'BIND9 server stopped.'
;;
restart)
echo .
echo "Restart BIND9 server"
$0 stop
sleep 10
$0 start
;;
*)
echo "$0 start | stop | restart"
;;
esac
权限设置
# chmod 755 /etc/init.d/named
# chown root:root /etc/init.d/named
# chkconfig --add named
# chkconfig named on
11、测试
[root@mail init.d]# ./named stop
.
BIND9 server stopped.
[root@mail init.d]# ./named start
.
BIND9 server started.
chinaunix网友2010-10-16 15:23:28
很好的, 收藏了 推荐一个博客,提供很多免费软件编程电子书下载: http://free-ebooks.appspot.com
