centos7安装bind9.12_程序开发

centos7安装bind9.12

admin

2023-03-12 22:01:20

0次

参考文献1:https://blog.51cto.com/sw5720/1611777
参考文献2:https://blog.csdn.net/orapeasant/article/details/1801395
参考文献3：http://www.linuxfromscratch.org/blfs/view/stable/server/bind.html
1、下载最新bind软件，此次使用bind-9.12.1.tar.gz
官方网站https://www.isc.org/downloads/
2、解压至/root下
tar -zxvf bind-9.10.1-P1.tar.gz
3、进入解压后的文件夹
cd bind-9.10.1-P1
4、安装必备的openssl等插件
yum install gcc gcc-c++ openssl openssl-dev*
5、设置安装路径等参数、编译、安装

下面命令参数为：指定路径多线程功能大文件支持 DNSSEC支持
设置安装路径为/usr/local/named，多线程，大文件支持，DNSSEC支持
#./configure --prefix=/usr/local/named --enable-threads --enable-largefile --with-tuning=large --with-openssl
创建服务专用账户named，禁止本地登陆
#useradd -d /usr/local/named -s /sbin/nologin named
编译
#make
安装
#make install
进入安装后的配置文件夹
#cd /usr/local/named/etc
生成rndc.conf文件
#/usr/local/named/sbin/rndc-confgen > rndc.conf
将rndc.conf内容导入named.conf
#tail -10 rndc.conf | head -9 | sed s/#\ //g > named.conf
编辑主配置文件
#vim named.conf
options {
listen-on port 53 { 127.0.0.1; };
directory "/usr/local/named/var"; //域名文件存放的绝对路径
pid-file "named.pid";
recursion yes;
allow-query { any; };
recursive-clients 30000;
query-source ...; //如果查不到要解析地址，将会查询其它域名服务器
notify-source ...; //使用本地的源地址和可选的UDP端口，用于发送NOTIFY消息
};
logging {
channel query_log { //查询日志
file "/var/log/named/query.log" versions 20 size 300m;
severity info;
print-time yes;
print-category yes;
};
channel error_log { //报错日志
file "/var/log/named/error.log" versions 3 size 10m;
severity info;
print-time yes;
print-severity yes;
print-category yes;
};
category queries { query_log; };
category default { error_log; };
};
zone "." IN {
type hint;
file "named.root"; //存放在//usr/local/named/var目录
};
zone "localhost" IN {
type master;
file "localhost.zone";
allow-update { none; };
};
zone "0.0.127.in-addr.arpa" IN {
type master;
file "named.local";
allow-update { none; };
};
生成根服务器文件
#cd /usr/local/named/var
#dig @a.root-servers.net . ns > named.root
创建本地域文件
#vim localhost.zone
$TTL 86400
$ORIGIN localhost.
@ 1D IN SOA @ root (
42 ; serial (d. adams)
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum
1D IN NS @
1D IN A 127.0.0.1
#vim named.local
$TTL 86400
@ IN SOA localhost. root.localhost. (
1997022700 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS localhost.
1 IN PTR localhost.

创建服务起停脚本
#vi /etc/rc.d/init.d/named //服务启停脚本
#!/bin/bash

named a network name service.

            # chkconfig: 345 35 75
            # description: a name server
            if [ `id -u` -ne 0 ]
            then
            echo -e "\e[31mERROR:For bind to port 53,must run as root.\e[0m"
            exit 1
            fi
            case "$1" in
            start)
            if [ -x /usr/local/named/sbin/named ]; then
            /usr/local/named/sbin/named -c /usr/local/named/etc/named.conf -u named && echo . && echo -e 'BIND9 server \e[32mstarted\e[0m'
            fi
            ;;
            stop)
            kill `cat /usr/local/named/var/named.pid` && echo . && echo -e 'BIND9 server \e[33mstopped\e[0m'
            ;;
            restart)
            echo .
            echo "Restart BIND9 server"
            $0 stop
            sleep 1
            echo -n "." && sleep 2 && echo -n "." && sleep 2 && echo -n "." && sleep 2
            $0 start
            ;;
            reload)
            /usr/local/named/sbin/rndc reload
            ;;
            status)
            /usr/local/named/sbin/rndc status
            ;;
            *)
            echo "$0 start | stop | restart |reload |status"
            ;;
            esac

更改脚本文件权限
#chmod 755 /etc/rc.d/init.d/named
添加至服务控制
#chkconfig --add named
为named赋权限
#chown -R named.named /usr/local/named/
创建软连接
#ln -s /usr/local/named/sbin/named /sbin
创建日志文件夹
#mkdir /var/log/named/
日志文件夹权限修改
#chown -R named.named /var/log/named/
调试模式测试是否正常启动
#named -g //调试模式启动
设置开机服务自启动
#chkconfig named on && service named start
排错，参考http://bbs.chinaunix.net/thread-4187966-1-1.html
启动异常时查看日志
named -g
tail -n 30 /var/log/messages

上一篇：运维入门基础硬件知识

下一篇：微软双机双柜方案讨论

centos7安装bind9.12

named a network name service.

相关内容

热门资讯