Linux DNS Server -bind 9.5.0 安装配置与高级应用
adeni 2008-11-01
Linux DNS Server -bind 9.5.0 安装配置与高级应用
bind 9.5.0下载地址: http://isc.mirrors.pair.com/bind.467/9.5.0/bind-9.5.0.tar.gz
1.下载bind软件,安装bind:
这样 bind就简单的装好了, 安装bind后, 还有个小插曲,因为之前我没有看参数说明,没有设置 sysconfdir和 localstatedir, 结果这2个配置文件就跑到PREFIX/etc,和PREFIX/var 中 ,感觉不舒服,
我就直接删除/home/server/dns/bind9.5,想重新安装
[root@...]#make clean [root@...]#make distclean |
重新configure ,当make 的时候就会提示
config.status: WARNING: make/rules.in seems to ignore the --datarootdir setting
make install 后 没有错误提示 ,但是你到安装目录下看, 一个文件也没有
后来我是这样解决的
在configure后,
[root@...]#nano ./make/Makefile
在mandir后 加入以下内容
prefix = /home/server/dns/bind9.5
exec_prefix = ${prefix}
bindir = ${exec_prefix}/bin
sbindir = ${exec_prefix}/sbin
includedir = ${prefix}/include
libdir = ${exec_prefix}/lib
sysconfdir = ${prefix}/etc
localstatedir = ${prefix}/var
mandir = ${prefix}/share/man
datarootdir = ${prefix}/share
libexecdir = ${prefix}/libexec
datadir = ${datarootdir}
infodir = ${datarootdir}/info
docdir = ${datarootdir}/doc/PACKAGE
htmldir = ${docdir}
dvdir = ${docdir}
pddir = ${docdir}
psdir = ${docdir}
|
DESTDIR =
同时也修改 ./make/rules 文件,和上面一样.
还有修改./make/rules.in文件
在 mandir后添加下面内容 :
配置key :
#将key文件导入named.conf文件,意思是把/etc/rndc.conf从第10行开始到未尾的内容追加到/named.conf里,再删除所有#注释号.。
配置named.conf,建立自己的正反域名解析文件:
我的named.conf文件内容,以及做了Linux-study.com域名解析的测试文件,各文件内容如下
named.conf:
key "rndc-key" {
algorithm hmac-md5;
secret "yDN4hKdtGBJ7MLoPCYgwrg==";
};
logging {
channel default_syslog { syslog local2; severity error; };
channel audit_log { file "/var/log/named.log"; severity error; print-time yes; };
category default { default_syslog; };
category general { default_syslog; };
category security { audit_log; default_syslog; };
category config { default_syslog; };
category resolver { audit_log; };
category xfer-in { audit_log; };
category xfer-out { audit_log; };
category notify { audit_log; };
category client { audit_log; };
category network { audit_log; };
category update { audit_log; };
category queries { audit_log; };
category lame-servers { audit_log; };
};
options {
directory "/var/named";
};
controls {
inet 127.0.0.1 port 953
allow { 127.0.0.1; } keys { "rndc-key"; };
};
zone "." in {
type hint;
file "ns.cache";
};
zone "0.0.127.in-addr.arpa" in {
type master;
file "named.127.0.0";
allow-update { none; };
};
zone "linux-study.com" in {
type master;
file "linux-study.ns";
allow-update { none; };
};
zone "25.168.192.in-addr.arpa" in {
type master;
file "linux-study.192.168.25";
allow-update { none; };
}; |
linux-study.ns :
$TTL 3h @ IN SOA quan.linux-study.com. root.linux-study.com. ( 2008060927 ; serial 3h ; Refresh after 3hours 1h ; Retry after 1 hour 1w ; Expire fter 1 week 1h ) ; Negative caching TTL of 1 hour ; ;name server IN NS quan.linux-study.com. ; ;address quan IN A 192.168.25.66 www IN A 192.168.25.66 |
linux-study.192.168.25:
$TTL 3h @ IN SOA quan.linux-study.com. root.linux-study.com. ( 2008060931 3h 1h 1w 1h ) ; IN NS quan.linux-study.com. ; ;address 66 IN PTR quan.linux-study.com. 66 IN PTR . |
其中SOA 段中 quan.linux-study.com 是我的主机名字,这个可以自己改, 你也可以写成别的.这里我用主机名来命名 .
还可以加入mail 的A 记录,以及MX 记录.
之后你可以在 /etc/rc.local最后 加入
/home/server/dns/bind9.5/sbin/named
让他随系统启动,也可以自己写一个启动脚本,通过服务的形式随系统启动.
