编译安装BIND (Berkeley Internet Name Domain)

The Berkeley Internet Name Domain (BIND) DNS (Domain Name System)

一.编译安装

1.获取源码
  http://www.isc.org/

2.编译并安装
  ~]# tar -zxvf bind-X.X.X.tar.gz
  ~]# cd bind-X.X.X
  ~]# groupadd -r -g 53 named
  ~]# useradd -r -u 53 -g 53 -s /sbin/nologin named
  ~]# ./configure --prefix=/usr/local/bindXXX --sysconfigdir=/etc/named/ --disable-ipv6 --disable-chroot --enable-threads
  ~]# make && make install

3.导出二进制文件
  ~]# vim /etc/profile.d/named.sh
    export PATH=$PATH:/usr/local/bindXXX/bin:/usr/local/bindXXX/sbin

  ~]# . /etc/profile.d/named.sh    #source /etc/profile.d/named.sh
  ~]# echo $PATH

4.导出库文件
  ~]# vim /etc/ld.so.conf/named.conf
    /usr/local/bindXXX/lib

  ~]# ldconfig -v #重读此库文件,生成库文件搜索路径

5.导出头文件
  ~]# ln -sv /usr/local/bindXXX/include /usr/inlcude/named
  ~]# ls /usr/include/namde

6.导出man文件
  ~]# vim /etc/man.config
    找到MANDATORY_MANPATH /usr/local/share/man,在其下一行加入
    MANDATORY_MANPATH /usr/local/bindXXX/share/man

二.准备配置文件及配置

  ~]# mkdir -p /var/named
  ~]# cd /etc/named/
  ~]# vim named.conf
    options {
      directory "/var/named";
    };

    zone "." IN {
      type hint;
      file "named.ca";
    };

    zone "localhost" IN {
      type master;
      file "localhost.zone";
      allow-update { none; };
    };

    zone "0.0.127.in-addr.arpa" IN {
      type master;
      file "named.local";
      allow-update { none; };
    };

  ~]# cd /var/named
  ~]# dig -t NS . @8.8.8.8 > /var/named/named.ca    #根区域解析库文件这么得来即可

  ~]# vim localhost.zone

1 $TTL     1D
2  @        IN         SOA      localhost         admin.localhost (
3                       2017111401
4                       1H
5                       5M
6                       7D
7                       1D )
8                  IN         NS          localhost.
9  localhost.         IN       A         127.0.0.1

  ~]# vim named.local

1 $TTL     1D
2  @        IN     SOA      localhost         admin.localhost (
3                      2017111401
4                  1H
5                  5M
6                  7D
7                  1D )
8          IN         NS          localhost.
9  1         IN         PTR      localhost.

  需更改权限与属组(当前目录为/var/named):
    ~]# chmod 640 ./*
    ~]# chown :named *
    ~]# ls -l    #验证一下
    ~]# chmod /etc/named/named.conf
    ~]# chown :named /etc/named/named.conf
    ~]# ls -l /etc/namde/    #还是验证一下

  运行服务,并打开调试功能
    ~]# named -u named -f -g -d 3
    ctrl+c   即可停止服务

    或者后台运行
      ~]# named -u named
      ~]# tail /var/log/messages    #running即为服务正在运行
    停止服务
      ~]# killall named

    ~]# ss -tunl   #查看是否有监听于53端口,若有,即为服务正常运行之

  此时,rndc还用不了,rndc使用rndc-confgen生成
    ~]# rndc-confgen -r /dev/urandom > /etc/named/rndc.conf
      #如果直接执行rndc-confgen,可能会发生阻塞,原因是熵池中的随机数不够用
    ~]# tail -n 10 /etc/named/rndc.conf >> /etc/named/named.conf
    ~]# vim /etc/named/named.conf
      GG
      :.,$-1s@^# @@g

    重读一下配置文件:
      ~]# killall -SIGHUP named
      ~]# rndc status    #验证一下rndc是否可用了,并查看了bind服务的状态

由于是编译安装还没有定义unit,不方便管理服务,可定义unit

 

posted on 2017-11-14 14:07  卢伸乐  阅读(772)  评论(0编辑  收藏  举报
Copyright © 2024 卢伸乐
Powered by .NET 8.0 on Kubernetes Powered By: 博客园