Linux DNS Server -bind 9.5.0 安装配置与高级应用
bind 9.5.0下载地址:
1.下载bind软件,安装bind:
[root@...]#tar zxvf bind-9.5.0.tar.gz
[root@...]#cd bind-9.5.0
[root@...]#mkdir -p /home/server/dns/bind9.5
[root@...]#./configure --prefix=/home/server/dns/bind9.5 --enable-threads --sysconfdir=/etc --sysconfdir=/var --with-libxml2=/usr/local/lamp/libxml2
############################################################################################## 这里 个参数说明下:
--sysconfdir=DIR read-only single-machine data [PREFIX/etc]
--localstatedir=DIR modifiable single-machine data [PREFIX/var]
这里我设置了 prefix路径,所以指明了他的配置文件named.conf统一放到 /etc中.
--with-libxml2=PATH Build with libxml2 library yes|no|path
这个 主要是考虑 bind的web监控,
##############################################################################################
[root@...]#make && make install
这样 bind就简单的装好了, 安装bind后, 还有个小插曲,因为之前我没有看参数说明,没有设置 sysconfdir和 localstatedir, 结果这2个配置文件就跑到PREFIX/etc,和PREFIX/var 中 ,感觉不舒服,
我就直接删除/home/server/dns/bind9.5,想重新安装
[root@...]#make clean
[root@...]#make distclean
重新configure ,当make 的时候就会提示
config.status: WARNING: make/rules.in seems to ignore the --datarootdir setting
make install 后 没有错误提示 ,但是你到安装目录下看, 一个文件也没有
后来我是这样解决的
在configure后,
[root@...]#nano ./make/Makefile
在mandir后 加入以下内容
prefix = /home/server/dns/bind9.5
exec_prefix = ${prefix}
bindir = ${exec_prefix}/bin
sbindir = ${exec_prefix}/sbin
includedir = ${prefix}/include
libdir = ${exec_prefix}/lib
sysconfdir = ${prefix}/etc
localstatedir = ${prefix}/var
mandir = ${prefix}/share/man
datarootdir = ${prefix}/share
libexecdir = ${prefix}/libexec
datadir = ${datarootdir}
infodir = ${datarootdir}/info
docdir = ${datarootdir}/doc/PACKAGE
htmldir = ${docdir}
dvdir = ${docdir}
pddir = ${docdir}
psdir = ${docdir}
DESTDIR =
同时也修改 ./make/rules 文件,和上面一样.
还有修改./make/rules.in文件
在 mandir后添加下面内容 :
sbindir = @sbindir@
includedir = @includedir@
libdir = @libdir@
sysconfdir = @sysconfdir@
localstatedir = @localstatedir@
mandir = @mandir@
datarootdir = @datarootdir@
datadir = @datadir@
libexecdir = @libexecdir@
infodir = @infodir@
docdir = @docdir@
htmldir = @htmldir@
dvdir = @dvdir@
pddir = @pddir@
psdir = @psdir@
DESTDIR =
之后 :
[root@...]#make && make install 就可以重装bind成功.
配置key :
[root@quan bind-9.5.0]# sbin/rndc-confgen > /etc/rndc.conf # 生成rndc控制文件--DNS服务器key文件
[root@quan bind-9.5.0]# cd /etc/
[root@quan bind-9.5.0]# tail -10 rndc.conf | head -9 |sed s/#\ //g > named.conf
#将key文件导入named.conf文件,意思是把/etc/rndc.conf从第10行开始到未尾的内容追加到/named.conf里,再删除所有#注释号.。
配置named.conf,建立自己的正反域名解析文件:
我的named.conf文件内容,以及做了Linux-study.com域名解析的测试文件,各文件内容如下
named.conf:
key "rndc-key" {
algorithm hmac-md5;
secret "yDN4hKdtGBJ7MLoPCYgwrg==";
};
logging {
channel default_syslog { syslog local2; severity error; };
channel audit_log { file "/var/log/named.log"; severity error; print-time yes; };
category default { default_syslog; };
category general { default_syslog; };
category security { audit_log; default_syslog; };
category config { default_syslog; };
category resolver { audit_log; };
category xfer-in { audit_log; };
category xfer-out { audit_log; };
category notify { audit_log; };
category client { audit_log; };
category network { audit_log; };
category update { audit_log; };
category queries { audit_log; };
category lame-servers { audit_log; };
};
options {
directory "/var/named";
};
controls {
inet 127.0.0.1 port 953
allow { 127.0.0.1; } keys { "rndc-key"; };
};
zone "." in {
type hint;
file "ns.cache";
};
zone "0.0.127.in-addr.arpa" in {
type master;
file "named.127.0.0";
allow-update { none; };
};
zone "linux-study.com" in {
type master;
file "linux-study.ns";
allow-update { none; };
};
zone "25.168.192.in-addr.arpa" in {
type master;
file "linux-study.192.168.25";
allow-update { none; };
};