bind
安装依赖
yum -y install gcc openssl-devel perl-devel
下载源码
https://www.isc.org/downloads/
编译安装
tar -xf bind-9.11.3.tar.gz
cd bind-9.11.3
./configure --prefix=/export/bind-9.11.3
make -j
make install
生成配置
1.rndc.conf
/export/bind-9.11.3/sbin/rndc-confgen > /export/bind-9.11.3/etc/rndc.conf
2.named.conf
tail -n 10 /export/bind-9.11.3/etc/rndc.conf | head -n 9 | sed 's/#\ //g' > /export/bind-9.11.3/etc/named.conf
修改配置
# vim /export/bind-9.11.3/etc/named.conf
......
options {
directory "/export/bind-9.11.3/data";
pid-file "/export/bind-9.11.3/var/run/named.pid";
allow-query { any; };
recursion yes;
notify yes;
forwarders { 8.8.8.8; };
forward first;
};
acl "tom" {
localhost;
192.168.2.9;
};
view netcom {
match-clients { tom; };
zone "." IN {
type hint;
file "db.ca";
};
zone "yourdomain.com" IN {
type master;
file "db.yourdomain.com";
};
zone "10.168.192.in-addr.arpa" IN {
type master;
file "db.192.168.10";
};
};
logging{
channel default_log {file "/export/bind-9.11.3/log/default.log" versions 10 size 100m; severity info; print-time yes; print-severity yes; print-category yes; };
channel general_log {file "/export/bind-9.11.3/log/general.log" versions 10 size 100m; severity info; print-time yes; print-severity yes; print-category yes; };
channel query_log {file "/export/bind-9.11.3/log/query.log" versions 10 size 100m; severity info; print-time yes; print-severity yes; print-category yes; };
category default { default_log; };
category general { general_log; };
category queries { query_log; };
};
创建文件夹
mkdir -p /export/bind-9.11.3/data
mkdir -p /export/bind-9.11.3/log
配置根解析
dig > /export/bind-9.11.3/data/db.ca
配置正向解析
#vim /export/bind-9.11.3/data/db.yourdomain.com
$TTL 86400
@ IN SOA dns1.yourdomain.com. root.localhost. (
2017042011 ;Serial
3H ;Refresh
15M ;Retry
1W ;Expiry
1D ) ;Minimum
@ IN NS dns1.yourdomain.com.
dns1 IN A 192.168.10.10
mail IN A 192.168.10.11
www IN A 192.168.10.12
dell IN CNAME www
配置反向解析
# vim /export/bind-9.11.3/data/db.192.168.10
$TTL 86400
@ IN SOA dns1.yourdomain.com. root.localhost. (
2017042011 ;Serial
3H ;Refresh
15M ;Retry
1W ;Expiry
1D ) ;Minimum
@ IN NS dns1.yourdomain.com.
10 IN PTR dns1.yourdomain.com.
11 IN PTR mail.yourdomain.com.
12 IN PTR www.yourdomain.com.
12 IN PTR dell.yourdomain.com.
zone文件检查
/export/bind-9.11.3/sbin/named-checkzone /export/bind-9.11.3/data/db.yourdomain.com
config文件检查
/export/bind-9.11.3/sbin/named-checkconf /export/bind-9.11.3/etc/named.conf
前台启动
/export/bind-9.11.3/sbin/named -c /export/bind-9.11.3/etc/named.conf -g
服务化
#vi /etc/systemd/system/named.service
[Unit]
Description=Berkeley Internet Name Domain (DNS)
Wants=nss-lookup.target
Before=nss-lookup.target
After=network.target
[Service]
Type=forking
Environment=NAMEDCONF=/export/bind-9.11.3/etc/named.conf
PIDFile=/run/named/named.pid
ExecStartPre=/bin/bash -c 'if [ ! "$DISABLE_ZONE_CHECKING" == "yes" ]; then /export/bind-9.11.3/sbin/named-checkconf -z "$NAMEDCONF"; else echo "Checking of zone files is disabled"; fi'
ExecStart=/export/bind-9.11.3/sbin/named -u named -c ${NAMEDCONF} $OPTIONS
ExecReload=/bin/sh -c '/export/bind-9.11.3/sbin/rndc reload > /dev/null 2>&1 || /bin/kill -HUP $MAINPID'
ExecStop=/bin/sh -c '/export/bind-9.11.3/sbin/rndc stop > /dev/null 2>&1 || /bin/kill -TERM $MAINPID'
PrivateTmp=true
[Install]
WantedBy=multi-user.target
服务启停
systemctl enable named # 建立/etc/systemd/system/软链
systemctl daemon-reload # 配置文件生效
systemctl start named
systemctl reload named
systemctl stop named