linux DNS

Home > Linux

linux DNS

时间:2007-6-9|作者: sunliguo|评论:No Responses|点击:|

linux 下安装域名服务器
1: 下载bind-version.tar.gz
2: 解压编译：
tar zxvf bind-version.tar.gz
cd bind-version
./configure
make&&make install

3: 创建chroot环境:
The chroot Environment From BIND’s point of view ,/var/named is the root of the filesystem.
/dev/zero /dev/random /dev/log and/or /etc/localtime`

mkdir -p /var/named/chroot
添加用户:
# useradd named -g named -d /var/named/chroot -s /sbin/nologin
mkdir -p /var/named/chroot/var/run
mkdir -p /var/named/chroot/etc
mkdir -p /var/named/chroot/var/named
mkdir -p /var/named/chroot/var/run
chown -R named.named *

安装后的文件：
/usr/local/sbin/ 下有：
dnssec-keygen dnssec-signzone lwresd named named-checkconf named-checkzone rndc rndc-confgen
/usr/local/bin 下有：
host nsloookup nsupdate
/usr/local/man/ 下有manual手册
4: 配置文件：
cd /var/named/chroot/var/named
vi named.conf

options{
directory "/var/named"; //working directory
}
zone "." IN {
type hint;
file "named.ca";
}
zone "localhost" IN{
type master;
file "localhost.zone";
allow-update { none; };
}
zone "0.0.127.in-addr.arpa" IN {
type master;
file "named.local";
}

本地正向解析文件：
vi localhost.zone

$TTL 86400
@ 1D IN SOA @ root(
42
3H
15M
1W
1D)
IN NS @
IN A  127.0.0.1

本地反向解析文件：
vi named.local

$TTL 86400
@ IN　SOA　lcoalhost. root.localhost. (
20061202 ;Serial
2800       ;Refresh
14400      ;Retry
3600000  ;Expire
864000 ) ；Minimum
IN NS  localhost.
1  IN PTR localhost.

创建根服务器的数据文件(最新的根域服务器列) named.ca
dig -t NS . >/var/named/chroot/var/named/named.ca

/usr/local/sbin/named -g 调试
最后的文件目录：
tree /var/named/chroot

/var/named/chroot
|-- dev
|     |-- random
|     `-- zero
|-- etc
|     |-- localtime
|     |-- named.conf
|     `-- rndc.key
`-- var
|-- named
|     |-- 59.81.183.rev
|     |-- localhost.zone
|     |-- named.ca
|     |-- named.local
|     `-- sunliguo.edu1000.net
`-- run
`-- named.pid
 
5 directories, 11 files

rndc
产生rndc控制文件
# rndc-confgen>/etc/rndc.conf
tail +13 /etc/rndc.conf >>/etc/named.conf
调试：
可以用-g参数，将调试信息显示在终端。
2009-05-25补充：
添加日志的分析,在配置文件中添加：

logging {
channel query_log{
        file "/var/log/query.log";
        severity info;
        print-time yes;
        print-category yes;
};
category queries {
        query_log;
};
};

将查询的日志添加到query.log文件中。注意文件的权限，启动named的时候，多看看/var/log/messages 文件中的提示。
2009-06-11：
今天重启named服务的时候，报错。说： /var/run/named.pid 没有权限。因为是用的chroot环境，仔细排除。给 /var/named/chroot/var/run 目录的其他用户加上读写权限可以启动。
2009-07-03:
添加了sunliguo.com 的A 记录。

This entry was posted on Saturday, June 9th, 2007 at 13:27 and is filed under Linux. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

上一篇: linux‘s command notebook

下一篇:iptables

Who am I?

linux DNS

发表评论

Pages

Archives

Categories