Chinaunix首页 | 论坛 | 博客

燕去燕来燕复还feifan.blog.chinaunix.net

首页 |  博文目录 |  关于我

非凡公子

  • 博客访问: 420994
  • 博文数量: 77
  • 博客积分: 2303
  • 博客等级: 大尉
  • 技术积分: 808
  • 用 户 组: 普通用户
  • 注册时间: 2004-11-30 09:15
文章分类

全部博文(77)

文章存档

2015年(1)

2013年(3)

2012年(2)

2011年(46)

2009年(4)

2008年(2)

2005年(12)

2004年(7)

我的朋友
最近访客
推荐博文
相关博文
solaris10 dns server(bind9.7.2)

分类: 系统运维

2011-02-25 14:58:59

1.下载
https://www.isc.org/download/software/current

2.编译安装(cc)
  1. gzcat bind-9.7.2-p3.tar.gz | tar -xvf -
  2. CC=cc;export CC
  3. ./configure --enable-threads
  4. make
  5. make install
#保留原有版本的文件
  1. cd /usr/sbin
  2. mv named named.orig
  3. mv named-checkconf named-checkconf.orig
  4. mv named-checkzone named-checkzone.orig
  5. mv rndc-confgen rndc-confgen.orig
  6. mv rndc rndc.orig
  7. mv dnssec-dsfromkey dnssec-dsfromkey.orig
  8. mv dnssec-keyfromlabel dnssec-keyfromlabel.orig
  9. mv dnssec-keygen dnssec-keygen.orig
  10. mv dnssec-signzone dnssec-signzone.orig
  11. mv dig dig.orig
#链接为新版本文件
  1. ln -s /usr/local/sbin/named named
  2. ln -s /usr/local/sbin/named-checkconf named-checkconf
  3. ln -s /usr/local/sbin/named-checkzone named-checkzone
  4. ln -s /usr/local/sbin/rndc-confgen rndc-confgen
  5. ln -s /usr/local/sbin/rndc rndc
  6. ln -s /usr/local/sbin/dnssec-dsfromkey dnssec-dsfromkey
  7. ln -s /usr/local/sbin/dnssec-keyfromlabel dnssec-keyfromlabel
  8. ln -s /usr/local/sbin/dnssec-keygen dnssec-keygen
  9. ln -s /usr/local/sbin/dnssec-revoke dnssec-revoke
  10. ln -s /usr/local/sbin/dnssec-settime dnssec-settime
  11. ln -s /usr/local/sbin/dnssec-signzone dnssec-signzone

  13. cd /usr/bin
  14. ln -s /usr/local/bin/dig dig
3.配制
  1. rndc-confgen > /etc/rndc.conf
#更新rndc.key文件 9.7.2新增,当没有rndc.conf时使用的key,详见man rndc
  1. sed -n -e '2,5p' rndc.conf > rndc.key
#从含named.conf的行一直输出到文件尾
  1. sed -n -e '$d' -e '/named.conf/,$p' rndc.conf|sed '2,$s/#\ //' > /etc/named.conf
#检查配制是否正确
  1. named -g
  2. rndc status
#主配置文件/etc/named.conf,屏蔽了360网站
cat /etc/named.conf
  1. # Use with the following in named.conf, adjusting the allow list as needed:
  2. key "rndc-key" {
  3. algorithm hmac-md5;
  4. secret "r8zCDsNz1puXz/aCYhbQwQ==";
  5. };

  7. controls {
  8. inet 127.0.0.1 port 953
  9. allow { 127.0.0.1; } keys { "rndc-key"; };
  10. };

  12. options {
  13. directory "/var/named";
  14. blackhole { 192.168.195.230; };
  15. allow-query { any ;};
  16. };

  18. logging {
  19. channel default_syslog { syslog local2; severity error; };
  20. channel audit_log {
  21. file "/var/log/named.log" versions 3 size 20m;
  22. severity info;
  23. print-time yes;
  24. print-category yes;
  25. };
  26. category default { audit_log; };
  27. category general { audit_log; };
  28. category security { audit_log; default_syslog; };
  29. category config { default_syslog; };
  30. category resolver { audit_log; };
  31. category xfer-in { audit_log; };
  32. category xfer-out { audit_log; };
  33. category notify { audit_log; };
  34. category client { audit_log; };
  35. category network { audit_log; };
  36. category update { audit_log; };
  37. category queries { audit_log; };
  38. category lame-servers { null; };
  39. };

  41. zone "." in {
  42. type hint;
  43. file "named.root";
  44. };

  46. zone "localhost" in {
  47. type master;
  48. file "localhost.zone";
  49. };

  51. zone "0.0.127.in-addr.arpa" in {
  52. type master;
  53. file "named.local";
  54. };

  56. zone "mdcwx.org" in {
  57. type master;
  58. file "mdcwx.zone";
  59. };

  61. zone "195.168.192.in-addr.arpa" in {
  62. type master;
  63. file "named.192.168.195";
  64. };

  66. zone "69.228.132.in-addr.arpa" in {
  67. type master;
  68. file "named.132.228.69";
  69. };

  71. zone "176.228.132.in-addr.arpa" in {
  72. type master;
  73. file "named.132.228.176";
  74. };

  76. zone "3.92.222.in-addr.arpa" in {
  77. type master;
  78. file "named.222.92.3";
  79. };

  81. zone "tongda2000.com" in {
  82. type master;
  83. file "tongda2000com.zone";
  84. };

  86. zone "tongda2000.net" in {
  87. type master;
  88. file "tongda2000net.zone";
  89. };

  91. zone "jsbss.net" in {
  92. type master;
  93. file "jsbss.zone";
  94. };

  96. zone "jskms.net" in {
  97. type master;
  98. file "jskms.zone";
  99. };

  101. zone "360.cn" in {
  102. type master;
  103. file "360cn.zone";
  104. };

  106. zone "360safe.com" in {
  107. type master;
  108. file "360safecom.zone";
  109. };
#数据文件
  1. mkdir /var/named
  2. cd /var/named

#named.root
ftp FTP.RS.INTERNIC.NET 下载
也可用dig直接生成named.root

-------------localhost.zone--------
  1. $TTL 86400
  2. $ORIGIN localhost.
  3. @ IN SOA @ root (
  4. 42 ; serial (d. adams)
  5. 3H ; refresh
  6. 15M ; retry
  7. 1W ; expiry
  8. 1D ) ; minimum

  10. IN NS localhost.
  11. IN A 127.0.0.1
----------------named.local-------
  1. $TTL 86400
  2. @ IN SOA localhost. root.localhost. (
  3. 2009072822 ;Serial
  4. 28800 ;Refresh
  5. 14400 ;Retry
  6. 3600000 ;Expire
  7. 86400 ;Minimum
  8. )
  9. IN NS localhost.
  10. 1 IN PTR localhost.
------------------mdcwx.zone------------
  1. $TTL 86400
  2. $ORIGIN mdcwx.org.
  3. @ IN SOA ns.mdcwx.org. root.mdcwx.org. (
  4. 2009072323 ; Serial
  5. 28800 ; Refresh
  6. 14400 ; Retry
  7. 3600000 ; Expire
  8. 86400 ) ; Minimum
  9. IN NS ns.mdcwx.org.
  10. IN MX 10 ns.mdcwx.org.

  12. ;; -- default address
  13. @ IN A 192.168.195.61
  14. localhost IN A 127.0.0.1


  17. ;; -- unix servers --
  18. mdc-solsvr IN A 192.168.195.61
  19. ns IN A 192.168.195.61
  20. mdc-sz IN A 222.92.3.203
  21. ;; IN MX 0 rh71.siyongc.domain.
  22. ;; IN MX 10 lp64.dmz.domain.
  23. IN HINFO "Petium4 2.4G""solaris10"
  24. IN TXT "The dns server."

  26. ;;mdk IN A 192.168.100.24
  27. ;; IN MX 0 mdk.siyongc.domain.
  28. ;; IN MX 10 rh71.siyongc.domain.
  29. ;; IN HINFO "Petium II 266 dell""Mandrak 8.0"

  31. ;; -- Windows server
  32. mdc-svr51 IN A 192.168.195.51
  33. IN HINFO "Petium4 2.4G""Windows 2k"

  35. ;; -- cnames --
  36. www IN CNAME mdc-solsvr
  37. ftp IN CNAME mdc-solsvr
  38. mail IN CNAME mdc-solsvr
  39. virus IN CNAME mdc-svr51
  40. ws IN CNAME mdc-svr51
  41. oa IN CNAME mdc-svr51
  42. rtx IN CNAME mdc-svr51
  43. erp IN CNAME mdc-sz
-----------------named.192.168.195 ---------------
  1. $TTL 86400
  2. @ IN SOA ns.mdcwx.org. root.mdcwx.org. (
  3. 2009072323 ; Serial
  4. 28800 ; Refresh
  5. 14400 ; Retry
  6. 3600000 ; Expire
  7. 86400 ) ; Minimum
  8. @ IN NS ns.mdcwx.org.
  9. @ IN NS tongda2000.com.
  10. @ IN NS tongda2000.net.

  12. 61 IN PTR
  13. 61 IN PTR ftp.mdcwx.org.
  14. 61 IN PTR mail.mdcwx.org.
  15. 51 IN PTR tongda2000.com.
  16. 51 IN PTR virus.mdcwx.org.
  17. 51 IN PTR rtx.mdcwx.org.
  18. 51 IN PTR tongda2000.com.
----------------jsbss.zone--------------------------
  1. $TTL 86400
  2. $ORIGIN jsbss.net.
  3. @ IN SOA ns.mdcwx.org. root.mdcwx.org. (
  4. 2009072323 ; Serial
  5. 28800 ; Refresh
  6. 14400 ; Retry
  7. 3600000 ; Expire
  8. 86400 ) ; Minimum
  9. IN NS ns.mdcwx.org.

  11. ;; -- default address
  12. @ IN A 132.228.176.21
  13. bill IN A 132.228.176.30
  14. localhost IN A 127.0.0.1

  16. ;; -- cnames --
  17. www IN CNAME @
  18. wx.sys IN CNAME @
  19. wx.so IN CNAME @
  20. wx.rsc IN CNAME @
  21. wx.od IN CNAME @
  22. wx.crm IN CNAME @
  23. wx.sawork IN CNAME @
  24. wx.billing IN CNAME bill
-------------named.132.228.176------------------
  1. $TTL 86400
  2. @ IN SOA ns.mdcwx.org. root.mdcwx.org. (
  3. 2009072323 ; Serial
  4. 28800 ; Refresh
  5. 14400 ; Retry
  6. 3600000 ; Expire
  7. 86400 ) ; Minimum
  8. @ IN NS jsbss.net.

  10. 21 IN PTR wx.sys.jsbss.net.
  11. 21 IN PTR wx.so.jsbss.net.
  12. 21 IN PTR wx.rsc.jsbss.net.
  13. 21 IN PTR wx.od.jsbss.net.
  14. 21 IN PTR wx.crm.jsbss.net.
  15. 21 IN PTR wx.sawork.jsbss.net.
  16. 30 IN PTR wx.billing.jsbss.net.
-------------named.222.92.3------------------
  1. $TTL 86400
  2. @ IN SOA ns.mdcwx.org. root.mdcwx.org. (
  3. 2009072323 ; Serial
  4. 28800 ; Refresh
  5. 14400 ; Retry
  6. 3600000 ; Expire
  7. 86400 ) ; Minimum
  8. @ IN NS ns.mdcwx.org.
  9. @ IN NS tongda2000.com.
  10. @ IN NS tongda2000.net.

  12. 203 IN PTR erp.mdcwx.org
-------------named.132.228.69------------------
  1. $TTL 86400
  2. @ IN SOA ns.mdcwx.org. root.mdcwx.org. (
  3. 2009072323 ; Serial
  4. 28800 ; Refresh
  5. 14400 ; Retry
  6. 3600000 ; Expire
  7. 86400 ) ; Minimum
  8. @ IN NS jskms.net.

  10. 192 IN PTR
----------------jskms.zone----------------------
  1. $TTL 86400
  2. $ORIGIN jskms.net.
  3. @ IN SOA ns.mdcwx.org. root.mdcwx.org. (
  4. 2009072323 ; Serial
  5. 28800 ; Refresh
  6. 14400 ; Retry
  7. 3600000 ; Expire
  8. 86400 ) ; Minimum
  9. IN NS ns.mdcwx.org.

  11. ;; -- default address
  12. @ IN A 132.228.69.192
  13. localhost IN A 127.0.0.1

  15. ;; -- cnames --
  16. www IN CNAME @
----------------tongda2000com.zone--------------
  1. $TTL 86400
  2. $ORIGIN tongda2000.com.
  3. @ IN SOA ns.mdcwx.org. root.mdcwx.org. (
  4. 2009072323 ; Serial
  5. 28800 ; Refresh
  6. 14400 ; Retry
  7. 3600000 ; Expire
  8. 86400 ) ; Minimum
  9. IN NS ns.mdcwx.org.

  11. ;; -- default address
  12. @ IN A 192.168.195.51
  13. localhost IN A 127.0.0.1

  15. ;; -- cnames --
  16. www IN CNAME @
---------------tongda2000net.zone--------------
  1. $TTL 86400
  2. $ORIGIN tongda2000.net.
  3. @ IN SOA ns.mdcwx.org. root.mdcwx.org. (
  4. 2009072323 ; Serial
  5. 28800 ; Refresh
  6. 14400 ; Retry
  7. 3600000 ; Expire
  8. 86400 ) ; Minimum
  9. IN NS ns.mdcwx.org.

  11. ;; -- default address
  12. @ IN A 192.168.195.51
  13. localhost IN A 127.0.0.1

  15. ;; -- cnames --
  16. www IN CNAME @
#封360
---------------360cn.zone--------------
  1. $TTL 86400
  2. $ORIGIN 360.cn.
  3. @ IN SOA ns.mdcwx.org. root.mdcwx.org. (
  4. 2009072323 ; Serial
  5. 28800 ; Refresh
  6. 14400 ; Retry
  7. 3600000 ; Expire
  8. 86400 ) ; Minimum
  9. IN NS ns.mdcwx.org.

  11. ;; -- default address
  12. @ IN A 192.168.195.51
  13. localhost IN A 127.0.0.1

  15. ;; -- cnames --
  16. agt.p IN CNAME @
  17. conf.f IN CNAME @
  18. conf2.f IN CNAME @
  19. d.conf.f IN CNAME @
  20. h.conf.f IN CNAME @
  21. h.conf2.f IN CNAME @
  22. h.qup.f IN CNAME @
  23. hao IN CNAME @
  24. pstat.p IN CNAME @
  25. q.leak IN CNAME @
  26. q.soft IN CNAME @
  27. qd.code IN CNAME @
  28. qsys.f IN CNAME @
  29. qup.f IN CNAME @
  30. qurl.f IN CNAME @
  31. s.qup.f IN CNAME @
  32. sd.p IN CNAME @
  33. sdup IN CNAME @
  34. se IN CNAME @
  35. st.p IN CNAME @
  36. stat.sd IN CNAME @
  37. tr.p IN CNAME @
  38. u.qurl.f IN CNAME @
  39. up.f IN CNAME @
  40. update.leak IN CNAME @
  41. update2.leak IN CNAME @
  42. warn.se IN CNAME @
  43. www IN CNAME @
---------------360safecom.zone--------------
  1. $TTL 86400
  2. $ORIGIN 360safe.com.
  3. @ IN SOA ns.mdcwx.org. root.mdcwx.org. (
  4. 2009072323 ; Serial
  5. 28800 ; Refresh
  6. 14400 ; Retry
  7. 3600000 ; Expire
  8. 86400 ) ; Minimum
  9. IN NS ns.mdcwx.org.

  11. ;; -- default address
  12. @ IN A 192.168.195.51
  13. localhost IN A 127.0.0.1

  15. ;; -- cnames --
  16. www IN CNAME @
  17. dl IN CNAME @
  18. boxinst IN CNAME @
  19. boxupdate IN CNAME @
  20. inst IN CNAME @
  21. seupdate IN CNAME @
  22. softm IN CNAME @
  23. softm.update IN CNAME @
  24. update IN CNAME @
  25. updatem IN CNAME @
  26. stat IN CNAME @
  27. netmon.stat IN CNAME @
  28. seapp.stat IN CNAME @

4.启动
  1. svcs -a|grep dns
  2. svcadm enable dns/server
日志/var/log/named.log

当修改named.conf和zone文件后可使用如下命令让bind重读所有配制
  1. rndc reload
如果是9.4或者9.5以后版本的bind可使用如下命令重读新zone(Reload configuration file and new zones only)
  1. rndc reconfig


阅读(2608) | 评论(0) | 转发(0) |
0

上一篇:solaris10下安装mysql5.5(SMF)

下一篇:time命令中的real,user以及sys时间

给主人留下些什么吧!~~
关于我们 | 关于IT168 | 联系方式 | 广告合作 | 法律声明 | 免费注册

Copyright 2001-2010 ChinaUnix.net All Rights Reserved 北京皓辰网域网络信息技术有限公司. 版权所有

感谢所有关心和支持过ChinaUnix的朋友们

16024965号-6