2015年6月11日
1、sudo wget ftp://ftp.isc.org/isc/bind9/9.10.1/bind-9.10.1.tar.gz 或者 使用“rz”命令
2、tar -zxvf bind-9.10.1.tar.gz
3、创建目录
在/home/wkubuntu下创建named目录和namedfile目录
4、编译安装
cd bind-9.10.1
./configure --prefix=/home/wkubuntu/named/ --with-dlz-mysql=/usr/local/mysql
make
make install
此时进入/home/wkubuntu/named目录,里面自动生成了bin etc include lib sbin share var这些文件目录
5、配置bind
cd /home/wkubuntu/named/etc
touch named.conf ,或者从电脑上上传
vi named.conf张贴内容1
从电脑上上传5个文件到/home/wkubuntu/named/var 目录下
127.0.0.zone、localhost.reverse 、localhost.zone 、named.root 、root.hint
生成rndc的key
a)cd /home/wkubuntu/named/sbin/
b)vim random 输入很长一段字母。就是服务器上没有random产生器,这种情况下我们就手动伪造一个文件代替/dev/random的功能
c)./rndc-confgen -r random > /etc/rndc.key
d)cat /etc/rndc.key
e)拷贝
secret "pfNOQ0fENSBBGBYn/ndRsw=="; 这一行
覆盖/home/wkubuntu/named/etc 的named.conf对应的那一行
6、启动bind ,打印进程
输入sudo /home/wkubuntu/named/sbin/named -c /home/wkubuntu/named/etc/named.conf -n 1 &
出现done 就代表成功了,“-n 1”代表单线程启动,结合mysql驱动不会报错。
【如果出现了exit,出错了,看打印进程sudo /home/wkubuntu/named/sbin/named -gc /home/wkubuntu/named/etc/named.conf -n 1&
killall named 可以关闭掉所有named,如果用了-gc的话】
要建立一个log目录,如下的配置 mkdir logs
/home/wkubuntu/named/logs
其他:
内容1:
logging{channel error_log { file "/home/wkubuntu/named/logs/normal.log" versions 3 size 2m; severity error; print-time yes; print-severity yes; print-category yes;};category default{ error_log; };channel update_log{ file "/home/wkubuntu/named/logs/update.log" versions 3 size 1m; severity info; print-time yes; print-severity yes; print-category yes;};category update{ update_log;};channel notify_log{ file "/home/wkubuntu/named/logs/notify.log" versions 3 size 1m; severity info; print-time yes; print-severity yes; print-category yes;};category notify{ notify_log;};};options { directory "/home/wkubuntu/named/var/"; pid-file "/home/wkubuntu/named/var/run/named/named.pid"; dump-file "/home/wkubuntu/named/logs/named_dump.db"; statistics-file "/home/wkubuntu/named/logs/named.stats"; version "Welcome to NIOT platform!"; listen-on-v6 { any; }; allow-query { any; }; allow-query-cache { any; }; allow-recursion { localnets; localhost; }; notify no;};key "rndc-key" { algorithm hmac-md5; secret "fLDVvLVXFjMJpdiy+7nESw==";};controls { inet 127.0.0.1 port 953 allow { 127.0.0.1; } keys { "rndc-key"; };};zone "." IN { type hint; file "/home/wkubuntu/named/var/named.root";};zone "localhost" IN { type master; file "/home/wkubuntu/named/var/localhost.zone"; allow-update { none; };};zone "0.0.127.in-addr.arpa" IN { type master; file "/home/wkubuntu/named/var/localhost.reverse"; allow-update { none; };};dlz "Mysql zone" { database "mysql {host=127.0.0.1 dbname=db_dns ssl=false port=3306 user=root pass=root} {select zone from supported_zone where zone = '$zone$' limit 1} {select ttl, type, mx_priority, case when lower(type) = 'txt' then concat('\"', data, '\"') when lower(type) = 'soa' then concat_ws(' ', data, resp_person, serial, refresh, retry, expire, minimum) when lower(type) = 'naptr' then concat(' ', naptr_order, ' ', naptr_preference, ' \"', naptr_flags, '\"', ' \"', naptr_service, '\"', ' \"', naptr_regexp,'\" ', data, '.') else data end from dns_records where zone = '$zone$' and host = '$record$'}";};
2017配置文件变更部分
dlz "Mysql zone" { database "mysql {host=127.0.0.1 dbname=db_dns ssl=false port=3306 user=pro_dns_manager pass=l+bbkqQX} { select zone from dns_records where zone = '$zone$' limit 1} { select ttl, type, mx_priority, case when lower(type) = 'txt' then concat('\"', data, '\"') when lower(type) = 'soa' then concat_ws(' ', data, resp_person, serial, refresh, retry, expire, minimum) when lower(type) = 'naptr' then concat(' ', naptr_order, ' ', naptr_preference, ' \"', naptr_flags, '\"', ' \"', naptr_service, '\"', ' \"', naptr_regexp,'\" ', data, '.') else data end from dns_records where zone = '$zone$' and host = '$record$' and status = 0}";};
7、测试
dig @localhost www.cniotroot.cn ys.cniotroot.cn
数据库里面要有这条记录,如上测试即可
8、北京服务器
sudo /home/niot/named/sbin/named -c /home/niot/named/etc/named.conf -n 1 &
9、rndc status 失败,端口被portreserve 占用
#killall portreserve