BIND-DLZ实验环境:RHEL4
所用到的软件包:BIND-9.5.0-P2.tar.gz(9.4.0以上版本都已经包含了DLZ补丁)、Mysql-5.0.56.tar.gz
写在前面:DLZ(Dynamically Loadable Zones),它允许你的区域记录放置到数据库中,并且支持多种数据库。你可以在上找到相应的资料。
1、先安装mysql
shell>tar zxvf mysql-version.tar.gz
shell>cd mysql-*
shell>./configure --prefix=/usr/local/mysql \
>--localstatedir=/usr/local/mysql/data \
>--libexecdir=/usr/local/mysql/lib \
>--disable-shared
shell>make && make install
安装完成后。
进入安装mysql的目录
>cd /usr/local/mysql
>chown -R mysql .
>chgrp -R mysql .
>chown -R mysql data
>chown -R mysql lib
>groupadd -g 1003 mysql
>adduser -g 1003 mysql
>./bin/mysql_install_db --user=mysql //以mysql用户的身份安装
>chown -R root .
>./bin/mysqld_safe --user=mysql & //启动mysql并转入后台自行处理
>/usr/local/mysql/bin/mysqladmin -u root -p password '*******'
password:(由于初始密码为空,此处直接敲回车)
>/usr/local/mysql/bin/mysql -u root -p
password:(输入你的密码)
mysql>
2、安装bind
shell>tar zxvf bind-9.5.0-p2.tar.gz
shell>cd bind-9.5.0-p2
shell>./configure --prefix=/usr/local/bind9 --with-dlz-mysql --enabl-threads=no --disable-openssl-version-check
--with-dlz-mysql=/usr/local/mysql/include/mysql 要求bind安装中支持DLZ
--enabl-threads=no 关闭多线程
--disable-openssl-version-check 这项是禁止openssl版本的检查
shell>make
shell>make install
3、创建数据库、表
mysql>create database mydata;
mysql>use mydata;
mysql>create table other_dns_records (
>zone varchar (255),
>host varchar (255),
>type varchar (255),
>data varchar (255),
>ttl int(11),
>mx_priority varchar (255),
>refresh int(11),
>retry int(11),
>expire int(11),
>minimum int(11),
>serial bigint(20),
>resp_person varchar (255),
>primary_ns varchar (255)
>);
mysql>create table cnc_dns_records (
>zone varchar (255),
>host varchar (255),
>type varchar (255),
>data varchar (255),
>ttl int(11),
>mx_priority varchar (255),
>refresh int(11),
>retry int(11),
>expire int(11),
>minimum int(11),
>serial bigint(20),
>resp_person varchar (255),
>primary_ns varchar (255)
>);
>//向表中添加一条记录
>insert into other_dns_records (zone,host,type,data,ttl,retry) values ('aaa.com','www','A','192.168.199.2','86400','15');
>insert into cnc_dns_records (zone,host,type,data,ttl,retry) values ('bbb.com','www','A','192.199.22.22','86400','13');
4、编辑/usr/local/bind9/etc/named.conf
>cd /usr/local/bind9/etc
>../sbin/rndc-config -a
>../sbin/rndc-config > named.conf
>vi !$
//删除# Use with the following in named.conf, adjusting the allow list as needed: 以前的行
将# Use with the following in named.conf, adjusting the allow list as needed: 和 # End of named.conf 之间的行前#号
最终的etc/named.conf文件如下:
dlz "Mysql zone" {
database "mysql
| # Use with the following in named.conf, adjusting the allow list as needed: key "rndc-key" { algorithm hmac-md5; secret "2rkqGUle0VlsawCL2+IKsA=="; }; controls { inet 127.0.0.1 port 953 allow { 127.0.0.1; } keys { "rndc-key"; }; }; # End of named.conf options { directory "/usr/local/binid/etc/"; pid-file "/usr/local/binid/var/run/named.pid"; allow-query { any; }; recursion no; version "gaint-d1"; }; include "/usr/local/binid/etc/cnc.cl"; include "/usr/local/binid/etc/other.cl"; view "cnc-user" { match-clients { cnc; }; dlz "Mysql zone" { database "mysql {host=localhost dbname=mydb ssl=false port=3306 user=root pass=abc123!} {select zone from cnc_dns_records where zone = '%zone%'} {select ttl, type, mx_priority, case when lower(type)='txt' then concat('\"', data, '\"') when lower(type)='soa' then concat_ws(' ', data, resp_person, serial, refresh, retry, expire, minimum) else data end as mydata from cnc_dns_records where zone = '%zone%' and host = '%record%'}"; }; }; view "other-user" { match-clients { other; }; dlz "Mysql zone" { database "mysql {host=localhost dbname=mydb ssl=false port=3306 user=root pass=abc123!} {select zone from other_dns_records where zone = '%zone%'} {select ttl, type, mx_priority, case when lower(type)='txt' then concat('\"', data, '\"') when lower(type)='soa' then concat_ws(' ', data, resp_person, serial, refresh, retry, expire, minimum) else data end as mydata from other_dns_records where zone = '%zone%' and host = '%record%'}"; }; }; |
{host=localhost dbname=dns_data ssl=tRue}
{select zone from dns_records where zone = '%zone%'}
{select ttl, type, mx_priority, case when lower(type)='txt' then concat('\"', data, '\"')
when lower(type) = 'soa' then concat_ws(' ', data, resp_person, serial, refresh, retry, expire, minimum)
else data end from dns_records where zone = '%zone%' and host = '%record%'}";
}; |
|
|
|
|
etc/cnc.cl如下:
acl "cnc" {
192.168.9.0/24;
}; |
|
etc/other.cl如下:
acl "other" {
127.0.0.0/18;
}; | |
5、测试
打开named测试/usr/local/bind9/sbin/named -g -d 1 -c /usr/local/bind9/etc/named.conf
注:如果不想写全路径来启动bind和mysql的话,可以编辑:
>vi /root/.bash_profile
加入如下两行:
PATH=$PATH:/usr/local/bind9/sbin
PATH=$PATH:/usr/local/mysql/bin/
保存退出
> . /root/.bash_profile (或者:. !$)
配置文件中的sql查询可以参照
【zonshy】
在写配置文件的过程中,请注意空格
BIND DLZ MYSQL mysql解决方法
DLZ Dynamically Loadable Zones,如果对数据库的查询闲置超过八小时,mysql服务器就会自动重新连接。DLZ 不会主动的和MYSQL重新连接的,所以可能造成域名解析失败,但是可以修改mysql中wait_timeout interactive_timeout专两个变量将重连时间调大点,就可以尽量避免这种事情的发生!
一、修改 MySQL 的配置参数。
/etc/my.cnf
添加:
[mysqld]
port = 3306
socket = /tmp/mysql.sock
skip-locking
key_buffer = 16M
max_allowed_packet = 1M
table_cache = 64
sort_buffer_size = 512K
net_buffer_length = 8K
read_buffer_size = 256K
read_rnd_buffer_size = 512K
myisam_sort_buffer_size = 8M
wait_timeout = 86400
interactive_timeout = 86400
wait_timeout interactive_timeout必须同时修改才能立即生效,最后需要重新启动服务。
关闭一个连接之前在这个连接上等待行动的时间;如果一个连接闲置超过这个选项所设置的,MySQL 会主动断开这个连接。
二、如过你对php或者是asp语言很熟悉的话,也可以这样做:
