歡迎來到Linux教程網
Linux教程網
Linux教程網
Linux教程網
您现在的位置: Linux教程網 >> UnixLinux >  >> Linux綜合 >> Linux資訊 >> 更多Linux

BIND 9快速安裝實例

  這是一個服務器安裝的一部分; 由於論壇吃空格,准備了txt文件在這裡: http://www.hackerbay.com/doc/bind9.txt [code:1:3f69c81bf9]######################## BIND 9 ############### # 簡單的bind 9 安裝 # 配置為 轉發 + master ### 阿土 Aborigen Yin http://www.hackerbay.com 2003.06.27 ###################### modules bind 9 #############33 7.安裝bind 9.2.2 7.1.獲得源碼並安裝 mkdir -p /usr/local/src/distfiles cd /usr/local/src/distfiles #wget FTP://ftp.isc.org/isc/bind9/9.2.2/bind-9.2.2.tar.gz wget ftp://172.16.100.245/pub/distfiles/bind-9.2.2.tar.gz tar xfz bind-9.2.2.tar.gz -C .. cd ../bind-9.2.2/ ./configure --prefix=/usr/local/modules/named --disable-ipv6 make && make install 7.2.add user and group for named pw groupadd named mkdir -p /usr/local/modules/named/etc mkdir -p /usr/local/modules/named/var/log mkdir -p /usr/local/modules/named/var/run pw useradd named -g named -d /usr/local/modules/named -s /sbin/nologin chown -R named:named /usr/local/modules/named chmod 700 /usr/local/modules/named chmod 777 /usr/local/modules/named/var/run 7.3.配置DNS服務器 cd /usr/local/modules/named/etc #vi named.conf //begin of named.conf acl "trust-lan" { 127.0.0.1/8; 192.168.0.0/16; 172.16.0.0/16; }; options { Directory "/usr/local/modules/named/etc"; datasize 80M; allow-transfer { "trust-lan"; }; forward first; forwarders { 202.96.134.133; 202.96.128.110; }; //recursion no; recursion yes; allow-notify { "trust-lan"; }; allow-recursion { "trust-lan"; }; //auth-nxdomain yes; auth-nxdomain no; #不報告自己的版本號 version "[secured]"; }; // How to log logging { channel warning { file "/usr/local/modules/named/var/log/dns_warnings" versions 3 size 10240k; severity warning; print-category yes; print-severity yes; print-time yes; }; channel general_dns { file "/usr/local/modules/named/var/log/dns_logs" versions 3 size 10240k; severity info; print-category yes; print-severity yes; print-time yes; };


category default { warning; } ; category queries { general_dns; } ; }; zone "." { type hint; file "named.root"; }; zone "0.0.127.IN-ADDR.ARPA" { type master; file "localhost.rev"; }; zone "oss4e.org"{ type master; file "zone.oss4e.org"; notify yes; }; zone "100.16.172.in-addr.arpa" { type master; file "zone.100.16.172.in-addr.arpa"; }; //end of named.conf toUCh /usr/local/modules/named/var/log/dns_warnings touch /usr/local/modules/named/var/log/dns_logs #獲得根提示文件 wget ftp://ftp.internic.org/domain/named.root #vi named.root ; This file holds the information on root name servers needed to ; initialize cache of Internet domain name servers ; (e.g. reference this file in the "cache . <file>" ; configuration file of BIND domain name servers). ; ; This file is made available by InterNIC ; under anonymous FTP as ; file /domain/named.root ; on server FTP.INTERNIC.NET ; ; last update: Nov 5, 2002 ; related version of root zone: 2002110501 ; ; ; formerly NS.INTERNIC.NET ; . 3600000 IN NS A.ROOT-SERVERS.NET. A.ROOT-SERVERS.NET. 3600000 A 198.41.0.4 ; ; formerly NS1.ISI.EDU ; . 3600000 NS B.ROOT-SERVERS.NET. B.ROOT-SERVERS.NET. 3600000 A 128.9.0.107 ; ; formerly C.PSI.NET ; . 3600000 NS C.ROOT-SERVERS.NET. C.ROOT-SERVERS.NET. 3600000 A 192.33.4.12 ; ; formerly TERP.UMD.EDU ; . 3600000 NS D.ROOT-SERVERS.NET. D.ROOT-SERVERS.NET. 3600000 A 128.8.10.90 ; ; formerly NS.NASA.GOV ; . 3600000 NS E.ROOT-SERVERS.NET. E.ROOT-SERVERS.NET. 3600000 A 192.203.230.10 ; ; formerly NS.ISC.ORG ; . 3600000 NS F.ROOT-SERVERS.NET. F.ROOT-SERVERS.NET. 3600000 A 192.5.5.241 ; ; formerly NS.NIC.DDN.MIL ; . 3600000 NS G.ROOT-SERVERS.NET. G.ROOT-SERVERS.NET. 3600000 A 192.112.36.4 ; ; formerly AOS.ARL.ARMY.MIL ; . 3600000 NS H.ROOT-SERVERS.NET. H.ROOT-SERVERS.NET. 3600000 A 128.63.2.53

; ; formerly NIC.NORDU.NET ; . 3600000 NS I.ROOT-SERVERS.NET. I.ROOT-SERVERS.NET. 3600000 A 192.36.148.17 ; ; operated by VeriSign, Inc. ; . 3600000 NS J.ROOT-SERVERS.NET. J.ROOT-SERVERS.NET. 3600000 A 192.58.128.30 ; ; housed in LINX, operated by RIPE NCC ; . 3600000 NS K.ROOT-SERVERS.NET. K.ROOT-SERVERS.NET. 3600000 A 193.0.14.129 ; ; operated by IANA ; . 3600000 NS L.ROOT-SERVERS.NET. L.ROOT-SERVERS.NET. 3600000 A 198.32.64.12 ; ; housed in Japan, operated by WIDE ; . 3600000 NS M.ROOT-SERVERS.NET. M.ROOT-SERVERS.NET. 3600000 A 202.12.27.33 ; End of File ;vi zone.oss4e.org ;begin of zone.oss4e.org $TTL 3600 @ IN SOA dns1.oss4e.org. webmaster.oss4e.org. ( 12061702 ; Serial (date, 2 digits version of day) 86400 ; refresh (1 day) 7200 ; retry (2 hours) 864000 ; eXPire (10 days) 86400 ) ; minimum (1 day) IN NS dns1.oss4e.org. IN NS dns2.oss4e.org. IN NS dns.oss4e.org. IN MX 10 mail.oss4e.org. oss4e.org. IN A 172.16.100.243 dns IN A 172.16.100.243 dns1 IN A 172.16.100.243 dns2 IN A 172.16.100.243 mail IN A 172.16.100.243 smtp IN CNAME mail.oss4e.org. ;泛域名解析 * IN A 172.16.100.243 ;end of zone.oss4e.org ;vi localhost.rev ;begin of localhost.rev $TTL 3600 @ IN SOA dns1.oss4e.org. webmaster.oss4e.org. ( 12061702 ; Serial (date, 2 digits version of day) 86400 ; refresh (1 day) 7200 ; retry (2 hours) 864000 ; expire (10 days) 86400 ) ; minimum (1 day) IN NS dns1.oss4e.org. IN NS dns2.oss4e.org. IN NS dns.oss4e.org. IN MX 10 mail.oss4e.org.

1 IN PTR localhost.oss4e.org. ;end of localhost.rev ;vi zone.100.16.172.in-addr.arpa ;zone.100.16.172.in-addr.arpa $TTL 3600 @ IN SOA dns1.oss4e.org. webmaster.oss4e.org. ( 12061702 ; Serial (date, 2 digits version of day) 86400 ; refresh (1 day) 7200 ; retry (2 hours) 864000 ; expire (10 days) 86400 ) ; minimum (1 day) IN NS dns1.oss4e.org. IN NS dns2.oss4e.org. IN NS dns.oss4e.org. IN MX 10 mail.oss4e.org. 243 IN PTR mail.oss4e.org. ;end of zone.100.16.172.in-addr.arpa 7.4.配置環境 #vi /etc/resolv.conf domain oss4e.org nameserver 127.0.0.1 nameserver 202.96.134.133 nameserver 202.96.128.110 7.5.#配置日志: #vi /etc/syslog.conf #添加local.none到messages的末尾,阻止named發送日志到messages; # Don't log private authentication messages! *.info;mail.none;authpriv.none;cron.none;local.none /var/log/messages #添加如下,其中!named表示named這個進程發來的日志; !named *.* /usr/local/modules/named/var/log/named.log #這個是syslog.conf中要求的; touch /usr/local/modules/named/var/log/named.log chown named:named /usr/local/modules/named/var/log/named.log chmod 766 /usr/local/modules/named/var/log/named.log killall -HUP syslogd 7.6.配置啟動文件 #vi /usr/local/modules/named/bin/named-mgr.sh #!/bin/sh if [ `id -u` -ne 0 ] then echo "ERROR:For bind to port 53,must run as root." exit 1 fi case "$1" in start) if [ -x /usr/local/modules/named/sbin/named ]; then /usr/local/modules/named/sbin/named -u named && echo . && echo 'BIND9 server started.' fi ;; stop) kill `cat /usr/local/modules/named/var/run/named.pid` && echo . && echo 'BIND9 server stopped.' ;; restart) echo . echo "Restart BIND9 server ......" $0 stop sleep 10 $0 start ;; *) echo "$0 start stop restart" ;; esac #end of named-mgr.sh chmod 755 /usr/local/modules/named/bin/named-mgr.sh ln -s /usr/local/modules/named/bin/named-mgr.sh /usr/local/sbin ln -s /usr/local/modules/named/bin/named-mgr.sh /usr/local/etc/rc.d 7.7.配置權限 rm -rf /usr/local/modules/named/.* chown -R named:named /usr/local/modules/named/* chmod -R 700 /usr/local/modules/named/* #end of bind9[/code:1:3f69c81bf9] [code:1:3f69c81bf9][/code:1:3f69c81bf9]



#這個是syslog.conf中要求的; touch /usr/local/modules/named/var/log/named.log chown named:named /usr/local/modules/named/var/log/named.log chmod 766 /usr/local/modules/named/var/log/named.log killall -HUP syslogd 7.6.配置啟動文件 #vi /usr/local/modules/named/bin/named-mgr.sh #!/bin/sh if [ `id -u` -ne 0 ] then echo "ERROR:For bind to port 53,must run as root." exit 1 fi case "$1" in start) if [ -x /usr/local/modules/named/sbin/named ]; then /usr/local/modules/named/sbin/named -u named && echo . && echo 'BIND9 server started.' fi ;; stop) kill `cat /usr/local/modules/named/var/run/named.pid` && echo . && echo 'BIND9 server stopped.' ;; restart) echo . echo "Restart BIND9 server ......" $0 stop sleep 10 $0 start ;; *) echo "$0 start stop restart" ;; esac #end of named-mgr.sh chmod 755 /usr/local/modules/named/bin/named-mgr.sh ln -s /usr/local/modules/named/bin/named-mgr.sh /usr/local/sbin ln -s /usr/local/modules/named/bin/named-mgr.sh /usr/local/etc/rc.d 7.7.配置權限 rm -rf /usr/local/modules/named/.* chown -R named:named /usr/local/modules/named/* chmod -R 700 /usr/local/modules/named/* #end of bind9[/code:1:3f69c81bf9] [code:1:3f69c81bf9][/code:1:3f69c81bf9]



!named *.* /usr/local/modules/named/var/log/named.log #這個是syslog.conf中要求的; touch /usr/local/modules/named/var/log/named.log chown named:named /usr/local/modules/named/var/log/named.log chmod 766 /usr/local/modules/named/var/log/named.log killall -HUP syslogd 7.6.配置啟動文件 #vi /usr/local/modules/named/bin/named-mgr.sh #!/bin/sh if [ `id -u` -ne 0 ] then echo "ERROR:For bind to port 53,must run as root." exit 1 fi case "$1" in start) if [ -x /usr/local/modules/named/sbin/named ]; then /usr/local/modules/named/sbin/named -u named && echo . && echo 'BIND9 server started.' fi ;; stop) kill `cat /usr/local/modules/named/var/run/named.pid` && echo . && echo 'BIND9 server stopped.' ;; restart) echo . echo "Restart BIND9 server ......" $0 stop sleep 10 $0 start ;; *) echo "$0 start stop restart" ;; esac #end of named-mgr.sh chmod 755 /usr/local/modules/named/bin/named-mgr.sh ln -s /usr/local/modules/named/bin/named-mgr.sh /usr/local/sbin ln -s /usr/local/modules/named/bin/named-mgr.sh /usr/local/etc/rc.d 7.7.配置權限 rm -rf /usr/local/modules/named/.* chown -R named:named /usr/local/modules/named/* chmod -R 700 /usr/local/modules/named/* #end of bind9[/code:1:3f69c81bf9] [code:1:3f69c81bf9][/code:1:3f69c81bf9]



Copyright © Linux教程網 All Rights Reserved