FreeBSD之配置DNS的rndc
原创
©著作权归作者所有:来自51CTO博客作者cheng_linux的原创作品,请联系作者获取转载授权,否则将追究法律责任
- 在安装完bind-9.6 之后,在安装的目录里有一个rndc.key这个文件
- # cat rndc.key
- key "rndc-key" {
- algorithm hmac-md5;
- secret "sHCUwT1wpdBSiNLqHH9sJObGU/MfNRxBY/aEaY6J9FQ=";
- };
-
- 现在我们配置一下rndc.conf
- # /usr/local/sbin/rndc-confgen > rndc.conf
- # cat rndc.conf
- 使用rndc-confgen生成的密码,跟系统里面的那个不一样,为此修改掉生成的密码。
- # Start of rndc.conf
- key "rndc-key" {
- algorithm hmac-md5;
- # secret "2FdbnGiAdmRwBQ85lH7qDQ==";
- secret "sHCUwT1wpdBSiNLqHH9sJObGU/MfNRxBY/aEaY6J9FQ=";
- };
-
- options {
- default-key "rndc-key";
- default-server 127.0.0.1;
- default-port 953;
- };
- # End of rndc.conf
-
- # Use with the following in named.conf, adjusting the allow list as needed:
- # 将以下行,复制到named.conf里,并取消掉注释行。
- # key "rndc-key" {
- # algorithm hmac-md5;
- # secret "2FdbnGiAdmRwBQ85lH7qDQ=="; <---需要更改如下行:
- # secret "sHCUwT1wpdBSiNLqHH9sJObGU/MfNRxBY/aEaY6J9FQ=";
- # };
- #
- # controls {
- # inet 127.0.0.1 port 953
- # allow { 127.0.0.1; } keys { "rndc-key"; };
- # };
- # End of named.conf
-
- 重启下服务:
- # /etc/rc.d/named restart
- Stopping named.
- Starting named.
-
- 查看一下状态
- # rndc status
- version: 9.6.2-P2
- CPUs found: 1
- worker threads: 1
- number of zones: 95
- debug level: 0
- xfers running: 0
- xfers deferred: 0
- soa queries in progress: 0
- query logging is OFF
- recursive clients: 0/0/1000
- tcp clients: 0/100
- server is up and running
