RHEL5下bind-9.7.0-P1.tar.gz编译安装及配置
这是我发在blogbus(http://zabc.blogbus.com)上的一篇文章,blogbus不给力,时不时就要维护一下,网络访问速度还奇慢,很是担心发在这个博客的文章哪一天就没了,趁着现在有精力,慢慢给博客搬个家。
原文的路径:http://zabc.blogbus.com/logs/61993048.html
编译亦可指定多个参数:
./configure --prefix=/usr/local/bind-9.7.0-P1 --sysconfdir=/etc --mandir=/usr/share/man --enable-threads
[root@benq bind-9.7.0-P1]# ./configure --prefix=/usr/local/bind-9.7.0-P1
[root@benq bind-9.7.0-P1]# make
[root@benq bind-9.7.0-P1]# make install
[root@benq sbin]# vi /etc/named.conf
options
{
directory "/var/named";
};
zone "."
{
type hint;
file "named.ca";
};
创建named.ca文件
[root@benq bin]# echo "nameserver 192.58.128.30" > /etc/resolv.conf
[root@benq bin]# ./dig -t NS . > /var/named/named.ca
[root@benq bin]# ./dig -t NS .
; <<>> DiG 9.7.0-P1 <<>> -t NS .
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 55858
;; flags: qr aa rd; QUERY: 1, ANSWER: 13, AUTHORITY: 0, ADDITIONAL: 14
;; WARNING: recursion requested but not available
;; QUESTION SECTION:
;. IN NS
;; ANSWER SECTION:
. 518400 IN NS H.ROOT-SERVERS.NET.
. 518400 IN NS G.ROOT-SERVERS.NET.
. 518400 IN NS D.ROOT-SERVERS.NET.
. 518400 IN NS J.ROOT-SERVERS.NET.
. 518400 IN NS F.ROOT-SERVERS.NET.
. 518400 IN NS C.ROOT-SERVERS.NET.
. 518400 IN NS E.ROOT-SERVERS.NET.
. 518400 IN NS I.ROOT-SERVERS.NET.
. 518400 IN NS K.ROOT-SERVERS.NET.
. 518400 IN NS B.ROOT-SERVERS.NET.
. 518400 IN NS A.ROOT-SERVERS.NET.
. 518400 IN NS M.ROOT-SERVERS.NET.
. 518400 IN NS L.ROOT-SERVERS.NET.
;; ADDITIONAL SECTION:
A.ROOT-SERVERS.NET. 3600000 IN A 198.41.0.4
A.ROOT-SERVERS.NET. 3600000 IN AAAA 2001:503:ba3e::2:30
B.ROOT-SERVERS.NET. 3600000 IN A 192.228.79.201
C.ROOT-SERVERS.NET. 3600000 IN A 192.33.4.12
D.ROOT-SERVERS.NET. 3600000 IN A 128.8.10.90
E.ROOT-SERVERS.NET. 3600000 IN A 192.203.230.10
F.ROOT-SERVERS.NET. 3600000 IN A 192.5.5.241
F.ROOT-SERVERS.NET. 3600000 IN AAAA 2001:500:2f::f
G.ROOT-SERVERS.NET. 3600000 IN A 192.112.36.4
H.ROOT-SERVERS.NET. 3600000 IN A 128.63.2.53
H.ROOT-SERVERS.NET. 3600000 IN AAAA 2001:500:1::803f:235
I.ROOT-SERVERS.NET. 3600000 IN A 192.36.148.17
J.ROOT-SERVERS.NET. 3600000 IN A 192.58.128.30
J.ROOT-SERVERS.NET. 3600000 IN AAAA 2001:503:c27::2:30
;; Query time: 45 msec
;; SERVER: 192.58.128.30#53(192.58.128.30)
;; WHEN: Sun Apr 11 22:33:47 2010
;; MSG SIZE rcvd: 500
[root@benq sbin]# echo "nameserver 192.168.1.11" > /etc/resolv.conf
[root@benq sbin]# ./named -c /etc/named.conf
[root@benq sbin]# tail /var/log/messages
Apr 11 22:44:44 benq named[13439]: none:0: open: /usr/local/bind-9.7.0-P1/etc/rndc.key: file not found
Apr 11 22:44:44 benq named[13439]: couldn't add command channel 127.0.0.1#953: file not found
Apr 11 22:44:44 benq named[13439]: none:0: open: /usr/local/bind-9.7.0-P1/etc/rndc.key: file not found
Apr 11 22:44:44 benq named[13439]: couldn't add command channel ::1#953: file not found
Apr 11 22:44:44 benq named[13439]: running
[root@benq sbin]# ps aux |grep named
root 13261 2.2 1.4 9484 5264 ? Ss 22:39 0:00 ./named -c /etc/named.conf
root 13276 0.0 0.1 3924 692 pts/0 R+ 22:39 0:00 grep named
[root@benq ~]# host www.google.com
www.google.com is an alias for www.l.google.com.
www.l.google.com has address 66.249.89.103
www.l.google.com has address 66.249.89.104
www.l.google.com has address 66.249.89.105
www.l.google.com has address 66.249.89.106
www.l.google.com has address 66.249.89.147
www.l.google.com has address 66.249.89.99
产生rndc控制文件
[root@benq ~]# /usr/local/bind/sbin/rndc-confgen > /etc/rndc.conf
[root@benq ~]# cat -n /etc/rndc.conf ##-n是显示行号
1 # Start of rndc.conf
2 key "rndc-key" {
3 algorithm hmac-md5;
4 secret "RdWShiQhZowoOFwaJB2FCQ==";
5 };
6
7 options {
8 default-key "rndc-key";
9 default-server 127.0.0.1;
10 default-port 953;
11 };
12 # End of rndc.conf
13
14 # Use with the following in named.conf, adjusting the allow list as needed:
15 # key "rndc-key" {
16 # algorithm hmac-md5;
17 # secret "RdWShiQhZowoOFwaJB2FCQ==";
18 # };
19 #
20 # controls {
21 # inet 127.0.0.1 port 953
22 # allow { 127.0.0.1; } keys { "rndc-key"; };
23 # };
24 # End of named.conf
[root@benq ~]# tail -n 13 /etc/rndc.conf
# End of rndc.conf
# Use with the following in named.conf, adjusting the allow list as needed:
# key "rndc-key" {
# algorithm hmac-md5;
# secret "RdWShiQhZowoOFwaJB2FCQ==";
# };
#
# controls {
# inet 127.0.0.1 port 953
# allow { 127.0.0.1; } keys { "rndc-key"; };
# };
# End of named.conf
[root@benq ~]# tail -n 13 /etc/rndc.conf >> /etc/named.conf ##从后数13行追加到named.conf
[root@benq ~]# killall -9 named
[root@benq ~]# ps aux|grep named
root 13913 0.0 0.1 3920 664 pts/0 R+ 22:59 0:00 grep named
[root@benq ~]# /usr/local/bind/sbin/named -c /etc/named.conf
[root@benq ~]# tail /var/log/messages
Apr 11 23:00:23 benq named[13928]: automatic empty zone: D.F.IP6.ARPA
Apr 11 23:00:23 benq named[13928]: automatic empty zone: 8.E.F.IP6.ARPA
Apr 11 23:00:23 benq named[13928]: automatic empty zone: 9.E.F.IP6.ARPA
Apr 11 23:00:23 benq named[13928]: automatic empty zone: A.E.F.IP6.ARPA
Apr 11 23:00:23 benq named[13928]: automatic empty zone: B.E.F.IP6.ARPA
Apr 11 23:00:23 benq named[13928]: none:0: open: /usr/local/bind-9.7.0-P1/etc/rndc.key: file not found
Apr 11 23:00:23 benq named[13928]: couldn't add command channel 127.0.0.1#953: file not found
Apr 11 23:00:23 benq named[13928]: none:0: open: /usr/local/bind-9.7.0-P1/etc/rndc.key: file not found
Apr 11 23:00:23 benq named[13928]: couldn't add command channel ::1#953: file not found
Apr 11 23:00:23 benq named[13928]: running
[root@benq ~]# vi /etc/named.conf
options
{
directory "/var/named";
};
zone "."
{
type hint;
file "named.ca";
};
//zone "localhost"
//{
// type master;
// file "named.local";
//};
# End of rndc.conf
# Use with the following in named.conf, adjusting the allow list as needed:
# key "rndc-key" {
# algorithm hmac-md5;
# secret "RdWShiQhZowoOFwaJB2FCQ==";
# };
#
# controls {
# inet 127.0.0.1 port 953
# allow { 127.0.0.1; } keys { "rndc-key"; };
# };
# End of named.conf
~
~
~
:.,$-1s/^#\ //
此处正则表达式方法进行替换。删除"#"及其后的空格(范围从# key "rndc-key"至倒数第二行)
先把光标定位于"# key "rndc-key" {"这一行,在冒号处输入命令:.(当前行),(分隔符)$(最后一行)-1(倒数第二行)s(替换)/^#(行首的#号)\ (空格前用"\"转义,注意:斜线\后有个空格)//(两个//表示删除)
.+5意思是说当前行开始再加5行$-1是说倒数第二行。
如果替换注释"//"的话,使用\进行转义,形式如同"\/\/"
key "rndc-key" {
algorithm hmac-md5;
secret "RdWShiQhZowoOFwaJB2FCQ==";
};
controls {
inet 127.0.0.1 port 953
allow { 127.0.0.1; } keys { "rndc-key"; };
};
[root@benq ~]# killall -9 named
[root@benq ~]# /usr/local/bind/sbin/named -c /etc/named.conf
[root@benq ~]# tail /var/log/messages
Apr 11 23:18:38 benq named[14442]: automatic empty zone: 255.255.255.255.IN-ADDR.ARPA
Apr 11 23:18:38 benq named[14442]: automatic empty zone: 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA
Apr 11 23:18:38 benq named[14442]: automatic empty zone: 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA
Apr 11 23:18:38 benq named[14442]: automatic empty zone: D.F.IP6.ARPA
Apr 11 23:18:38 benq named[14442]: automatic empty zone: 8.E.F.IP6.ARPA
Apr 11 23:18:38 benq named[14442]: automatic empty zone: 9.E.F.IP6.ARPA
Apr 11 23:18:38 benq named[14442]: automatic empty zone: A.E.F.IP6.ARPA
Apr 11 23:18:38 benq named[14442]: automatic empty zone: B.E.F.IP6.ARPA
Apr 11 23:18:38 benq named[14442]: command channel listening on 127.0.0.1#953
Apr 11 23:18:38 benq named[14442]: running
[root@benq ~]# /usr/local/bind/sbin/rndc -c /etc/rndc.conf status
version: 9.7.0-P1
number of zones: 12
debug level: 0
xfers running: 0
xfers deferred: 0
soa queries in progress: 0
query logging is OFF
recursive clients: 0/0/1000
tcp clients: 0/100
server is up and running
设置路径及软链接,减少输入,编译时指定--sysconfdir=/etc,也能达到同样的目的。
[root@benq ~]# man named.conf
No manual entry for named.conf
编辑/etc/man.config,添加MANPATH /usr/local/bind/share/man
再次运行man named.conf,成功。
[root@benq sbin]# cd ~
[root@benq ~]# vi .bash_profile
PATH=$PATH:$HOME/bin:/usr/local/bind/sbin
[root@benq ~]# ln -s /usr/local/bind/sbin/rndc /usr/local/sbin/rndc
[root@benq ~]# ln -s /usr/local/bind/sbin/named /usr/local/sbin/named
[root@benq ~]# which named rndc
/usr/local/sbin/named
/usr/local/sbin/rndc
[root@benq ~]# cd /usr/local/bind/etc
[root@benq etc]# echo $PWD
/usr/local/bind/etc
[root@benq etc]# ln -s /etc/named.conf $PWD/named.conf
[root@benq etc]# ln -s /etc/rndc.conf $PWD/rndc.conf
[root@benq etc]# ll
total 16
-rw-r--r-- 1 root root 601 Apr 11 15:04 bind.keys
lrwxrwxrwx 1 root root 15 Apr 11 23:39 named.conf -> /etc/named.conf
lrwxrwxrwx 1 root root 14 Apr 11 23:39 rndc.conf -> /etc/rndc.conf
[root@benq ~]# named
[root@benq ~]# tail /var/log/messages
Apr 11 23:40:28 benq named[15074]: running
[root@benq ~]# rndc status
version: 9.7.0-P1
number of zones: 12
debug level: 0
xfers running: 0
xfers deferred: 0
soa queries in progress: 0
query logging is OFF
recursive clients: 0/0/1000
tcp clients: 0/100
server is up and running
创建正向解析区域
[root@benq bind-9.7.0-P1]# host localhost ##host及dig命令只能使用dns进行查询,不使用/etc/hosts文件
Host localhost not found: 3(NXDOMAIN)
[root@benq ~]# vi /etc/named.conf
zone "localhost"
{
type master;
file "named.local";
};
[root@benq named]# vi named.local
$TTL 86400
@ IN SOA localhost. root.localhost. (
2010041200 ; Serial
1H ; Refresh
15M ; Retry
1W ; Expire
1D ) ; Minimum
IN NS localhost.
IN A 127.0.0.1
[root@benq named]# rndc reload
server reload successful
[root@benq named]# host localhost
localhost has address 127.0.0.1
[root@benq named]# host -t A localhost
localhost has address 127.0.0.1
[root@benq named]# host -t NS localhost
localhost name server localhost.
添加正向解析域
[root@benq named]# vi /etc/named.conf
zone "abc.com"
{
type master;
file "abc.com.zone";
};
[root@benq named]# cp named.local abc.com.zone
[root@benq named]# vi abc.com.zone
$TTL 86400
@ IN SOA abc.com. root (
2010041200 ; Serial
1H ; Refresh
15M ; Retry
1W ; Expire
1D ) ; Minimum
IN NS ns
IN MX 10 mail
ns IN A 192.168.1.11
www IN A 192.168.1.11
mail IN A 192.168.1.11
news IN CNAME www
[root@benq named]# rndc reload
server reload successful
[root@benq named]# host www.abc.com
www.abc.com has address 192.168.1.11
[root@benq named]# vi abc.com.zone
$TTL 86400
@ IN SOA abc.com. root (
2010041200 ; Serial
1H ; Refresh
15M ; Retry
1W ; Expire
1D ) ; Minimum
IN NS @
IN A 192.168.1.11
IN MX 10 mail
www IN A 192.168.1.11
mail IN A 192.168.1.11
news IN CNAME www
[root@benq named]# rndc reload
server reload successful
[root@benq named]# host -t NS abc.com
abc.com name server abc.com.
[root@benq named]# host -t A abc.com
abc.com has address 192.168.1.11
反向区域文件的配置
[root@benq ~]# vi /etc/named.conf
zone "0.0.127.in-addr.arpa"
{
type master;
file "127.0.0.zone";
};
[root@benq ~]# cp /var/named/named.local /var/named/127.0.0.zone
[root@benq ~]# vi /var/named/127.0.0.zone
$TTL 86400
@ IN SOA @ root.localhost. (
2010041200 ; Serial
1H ; Refresh
15M ; Retry
1W ; Expire
1D ) ; Minimum
IN NS localhost.
1 IN PTR localhost.
其中要注意:
@=0.0.127.in-addr.arpa.
root.localhost.要写完整,如果末尾不加点只是简写root的话,会被自动加后缀最终翻译成
root=root.0.0.127.in-addr.arpa.(并不存在该邮件地址)
[root@benq ~]# rndc reload
[root@benq named]# host 127.0.0.1
1.0.0.127.in-addr.arpa domain name pointer localhost.
使用dig进行反向查询
[root@benq named]# dig -x 127.0.0.1
创建192.168.1.反向区
vi /etc/named.conf
zone "1.168.192.in-addr.arpa"
{
type master;
file "192.168.1.zone";
};
[root@benq named]# mv 127.0.0.zone 192.168.1.zone
[root@benq named]# more 192.168.1.zone
$TTL 86400
@ IN SOA abc.com. root.abc.com. (
2010041200 ; Serial
1H ; Refresh
15M ; Retry
1W ; Expire
1D ) ; Minimum
IN NS abc.com.
11 IN PTR www.abc.com.