Bind 主从安装配置-hnchenmin-ChinaUnix博客

莫等闲chenm.blog.chinaunix.net

首页　| 　博文目录　| 　关于我

hnchenmin

博客访问： 54978
博文数量： 14
博客积分： 1445
博客等级：上尉
技术积分： 175
用户组：普通用户
注册时间： 2010-09-14 22:30

文章分类

全部博文（14）

Windows（0）
Linux（14）

perl（1）

监控（4）

shell（1）

系统管理（3）

服务（1）
未分配的博文（0）

文章存档

2017年（5）

2011年（1）

2010年（8）

我的朋友

相关博文

Bind 主从安装配置

分类： LINUX

2010-09-26 22:32:46

Bind 主从安装配置

主：172.16.1.1 (CentOS 5.2)

从：172.16.1.2 (CentOS 5.2)

172.16.1.1:

[root@master ~]# tar xvf bind-9.7.1-P2.tar.gz

[root@master ~]# cd bind-9.7.1-P2

[root@master~]#./configure--prefix=/usr/local/bind/--disable-openssl-version-check--enable-threads

[root@master ~]# make

[root@master ~]# make install

[root@master ~]#/usr/local/bind/sbin/rndc-confgen > /usr/local/bind/etc/rndc.conf

[root@master ~]#cd /usr/local/bind/etc

[root@master ~]# cat rndc.conf| tail -10 | head -9 | sed s/#\//g > named.conf

[root@master ~]#vim named.conf

options {

directory "/usr/local/bind/etc";

pid-file "/usr/local/bind/var/named.pid";

listen-on port 53 {any;};

allow-query {any;};

dump-file "/usr/local/bind/var/data/cache_dump.db";

statistics-file "/usr/local/bind/var/data/bind_stats.txt";

};

logging {

channel error_log {

file "/usr/local/bind/var/logs/error.log" versions 10 size 32m;

severity warning;

print-time yes;

print-severity yes;

print-category yes;

};

channel query_log {

file "/usr/local/bind/var/logs/query.log" versions 10 size 32m;

severity debug;

print-time yes;

print-severity yes;

print-category yes;

};

category default { error_log; };

category queries { query_log; };

};

zone "." IN {

type hint;

file "zone/named.root";

};

zone "localhost" IN {

allow-transfer { 172.16.1.2; };

type master;

file "zone/localhost.zone";

allow-update{none;};

};

zone "test.com" IN {

allow-transfer { 172.16.1.2; };

type master;

file "zone/test.com.zone";

allow-update{none;};

};

zone "1.16.172.in-addr.arpa" in {

allow-transfer { 172.16.1.2; };

type master;

file "zone/test.com.rev";

};

key "rndc-key" {

algorithm hmac-md5;

secret "bemLfizJ+kmqoH8mti2ZOw==";

};

controls {

inet 127.0.0.1 port 953

allow { 127.0.0.1; } keys { "rndc-key"; };

};

[root@master ~]#mkdir /usr/local/bind/var/logs

[root@master ~]#mkdir /usr/local/bind/var/data

[root@master ~]#mkdir /usr/local/bind/etc/zone

[root@master ~]#cd /usr/local/bind/etc

[root@master zone]# cat localhost.zone

$TTL 86400

@ IN SOA localhost. root.localhost. (

42 ; Serial (YYMMDDSN)

1800 ; Refresh

300 ; Retry

3600 ; Expiry

300 ) ; Minimum

@ IN NS localhost.

@ IN A 127.0.0.1

[root@master zone]# cat test.com.zone

$TTL 86400 ; 1 day

@ IN SOA test.com. root.test.com. (

44 ; serial

28800 ; refresh (8 hours)

7200 ; retry (2 hours)

604800 ; expire (1 week)

86400 ; minimum (1 day)

)

IN NS ns1.test.com.

IN NS ns2.test.com.

IN MX 3 mail.test.com.

ns1 IN A 172.16.1.1

ns2 IN A 172.16.1.2

mail IN A 172.16.1.3

www IN A 172.16.1.4

other IN CNAME .

[root@master zone]# cat test.com.rev

$TTL 86400 ; 1 day

@ IN SOA test.com. root.test.com. (

42 ; serial

28800 ; refresh (8 hours)

7200 ; retry (2 hours)

604800 ; expire (1 week)

86400 ; minimum (1 day)

)

IN NS ns1.test.com.

IN NS ns2.test.com.

2 IN PTR ns2.test.com.

1 IN PTR ns1.test.com.

3 IN PTR

4 IN PTR ftp.test.com.

172.16.1.2:

[root@master ~]# tar xvf bind-9.7.1-P2.tar.gz

[root@master ~]# cd bind-9.7.1-P2

[root@master~]#./configure--prefix=/usr/local/bind/--disable-openssl-version-check--enable-threads

[root@master ~]# make

[root@master ~]# make install

[root@master ~]#/usr/local/bind/sbin/rndc-confgen > /usr/local/bind/etc/rndc.conf

[root@master ~]#cd /usr/local/bind/etc

[root@master ~]# cat rndc.conf| tail -10 | head -9 | sed s/#\//g > named.conf

[root@master ~]#vim named.conf

options {

directory "/usr/local/bind/etc";

pid-file "/usr/local/bind/var/named.pid";

listen-on port 53 {any;};

allow-query {any;};

dump-file "/usr/local/bind/var/data/cache_dump.db";

statistics-file "/usr/local/bind/var/data/bind_stats.txt";

forwarders { 172.16.1.1;};

};

logging {

channel error_log {

file "/usr/local/bind/var/logs/error.log" versions 10 size 32m;

severity warning;

print-time yes;

print-severity yes;

print-category yes;

};

channel query_log {

file "/usr/local/bind/var/logs/query.log" versions 10 size 32m;

severity debug;

print-time yes;

print-severity yes;

print-category yes;

};

category default { error_log; };

category queries { query_log; };

};

zone "." IN {

type hint ;

file "zone/named.root";

};

zone "localhost" IN {

type slave;

file "zone/localhost.zone";

masters { 172.16.1.1; };

};

zone "test.com" IN {

type slave;

file "zone/test.com.zone";

masters { 172.16.1.1; };

};

zone "1.16.172.in-addr.arpa" in {

type slave;

file "zone/test.com.rev";

masters { 172.16.1.1; };

};

key "rndc-key" {

algorithm hmac-md5;

secret "gVbNhA3bQHZAyE164yNUKA==";

};

controls {

inet 127.0.0.1 port 953

allow { 127.0.0.1; } keys { "rndc-key"; };

};

[root@master ~]#mkdir /usr/local/bind/var/logs

[root@master ~]#mkdir /usr/local/bind/var/data

[root@master ~]#mkdir /usr/local/bind/etc/zone

手动建立named.root其余会的区域文件会从master同步过来。

在master修改了记录时一定要修改serial! 只有master Serial大于slave时 slave才会同步。

Named.root下载链接:

阅读(1672) | 评论(0) | 转发(0) |

上一篇：cacti监控TCP端口连接数

下一篇：perl发邮件脚本（支持中文）

给主人留下些什么吧！~~

感谢所有关心和支持过ChinaUnix的朋友们

16024965号-6