Bind 配置非递归服务器
来源:互联网 发布:山东大学网络教育 编辑:程序博客网 时间:2024/06/11 22:50
作为test.com的权威服务器非递归服务器将bind chroot在/usr/local/bind/chroot下
安装
wget http://www.bind.com/pub/bind9/9.7.2rc1/bind-9.7.2rc1.tar.gztar zxf bind-9.7.2rc1.tar.gzcd bind-9.7.2rc1/./configure --prefix=/usr/local/bind --enable-epoll --enable-threadsmake && make install#建立chroot相关文件mkdir /usr/local/bind/chrootcd /usr/local/bind/chrootmkdir -p dev etc var/{run,log}#建立dev文件mknod dev/null c 1 3mknod dev/random c 1 8chmod 666 dev/{null,random}#将localtime拷贝至etc目录下cp /etc/localtime etc#建立用户useradd -M -s /sbin/nologin named配置文件
#named.confkey "rndc-key" { algorithm hmac-md5; secret "xxxxxxxxxxxxxxxxxxxxxxx";};controls { inet 127.0.0.1 port 953 allow { 127.0.0.1; } keys { "rndc-key"; }; };acl "myserver" { 127.0.0.1; };logging { channel default { file "/var/log/named.log" versions 2 size 10k; severity debug; print-time yes; print-severity yes; print-category yes; };};options { directory "/"; pid-file "/var/run/named.pid"; notify yes; recursion no; zone-statistics yes; statistics-file "/var/log/dns-stats.log"; allow-transfer { "myserver"; }; allow-query { any; }; listen-on-v6 { none; };};zone "." IN { type hint; file "/etc/named.root";};zone "localhost" IN { type master; file "/etc/localhost.zone"; allow-update { none; };};zone "test.com" IN { type master; file "/etc/test.com.zone"; allow-update { none; };};zone "0.0.127.in-addr.arpa" IN { type master; file "/etc/localhost-rev.zone"; allow-update { none; };};zone "220.164.76.in-addr.arpa" IN { type master; file "/etc/test.com-rev.zone"; allow-update { none; };};#named.root; This file holds the information on root name servers needed to; initialize cache of Internet domain name servers; (e.g. reference this file in the "cache . <file>"; configuration file of BIND domain name servers).;; This file is made available by InterNIC; under anonymous FTP as; file /domain/named.cache; on server FTP.INTERNIC.NET; -OR- RS.INTERNIC.NET;; last update: Jun 17, 2010; related version of root zone: 2010061700;; formerly NS.INTERNIC.NET;. 3600000 IN NS A.ROOT-SERVERS.NET.A.ROOT-SERVERS.NET. 3600000 A 198.41.0.4A.ROOT-SERVERS.NET. 3600000 AAAA 2001:503:BA3E::2:30;; FORMERLY NS1.ISI.EDU;. 3600000 NS B.ROOT-SERVERS.NET.B.ROOT-SERVERS.NET. 3600000 A 192.228.79.201;; FORMERLY C.PSI.NET;. 3600000 NS C.ROOT-SERVERS.NET.C.ROOT-SERVERS.NET. 3600000 A 192.33.4.12;; FORMERLY TERP.UMD.EDU;. 3600000 NS D.ROOT-SERVERS.NET.D.ROOT-SERVERS.NET. 3600000 A 128.8.10.90;; FORMERLY NS.NASA.GOV;. 3600000 NS E.ROOT-SERVERS.NET.E.ROOT-SERVERS.NET. 3600000 A 192.203.230.10;; FORMERLY NS.ISC.ORG;. 3600000 NS F.ROOT-SERVERS.NET.F.ROOT-SERVERS.NET. 3600000 A 192.5.5.241F.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:2F::F;; FORMERLY NS.NIC.DDN.MIL;. 3600000 NS G.ROOT-SERVERS.NET.G.ROOT-SERVERS.NET. 3600000 A 192.112.36.4;; FORMERLY AOS.ARL.ARMY.MIL;. 3600000 NS H.ROOT-SERVERS.NET.H.ROOT-SERVERS.NET. 3600000 A 128.63.2.53H.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:1::803F:235;; FORMERLY NIC.NORDU.NET;. 3600000 NS I.ROOT-SERVERS.NET.I.ROOT-SERVERS.NET. 3600000 A 192.36.148.17I.ROOT-SERVERS.NET. 3600000 AAAA 2001:7FE::53;; OPERATED BY VERISIGN, INC.;. 3600000 NS J.ROOT-SERVERS.NET.J.ROOT-SERVERS.NET. 3600000 A 192.58.128.30J.ROOT-SERVERS.NET. 3600000 AAAA 2001:503:C27::2:30;; OPERATED BY RIPE NCC;. 3600000 NS K.ROOT-SERVERS.NET.K.ROOT-SERVERS.NET. 3600000 A 193.0.14.129K.ROOT-SERVERS.NET. 3600000 AAAA 2001:7FD::1;; OPERATED BY ICANN;. 3600000 NS L.ROOT-SERVERS.NET.L.ROOT-SERVERS.NET. 3600000 A 199.7.83.42L.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:3::42;; OPERATED BY WIDE;. 3600000 NS M.ROOT-SERVERS.NET.M.ROOT-SERVERS.NET. 3600000 A 202.12.27.33M.ROOT-SERVERS.NET. 3600000 AAAA 2001:DC3::35; End of File# localhost.zone$TTL 86400@ IN SOA localhost. root.localhost. ( 2010091214 ; Serial 3600 ; Refresh 900 ; Retry 3600000 ; Expire 3600 ) ; Minimum IN NS localhost.localhost. IN A 127.0.0.1# localhost-rev.zone$TTL 86400@ IN SOA localhost. root.localhost. ( 2010091214 ; Serial 3600 ; Refresh 900 ; Retry 3600000 ; Expire 3600 ) ; Minimum IN NS localhost.1 IN PTR localhost.# test.com.zone$TTL 86400@ IN SOA ns1.test.com. root.test.com. ( 2010091220 ; Serial 3600 ; Refresh 900 ; Retry 3600000 ; Expire 3600 ) ; Minimum IN NS ns1.test.com. IN NS ns2.test.com.ns1 IN A 76.164.220.132ns2 IN A 76.164.220.132@ IN A 76.164.220.132www IN A 76.164.220.132cacti IN A 76.164.220.132blog IN A 76.164.220.132nagios IN A 76.164.220.132awstats IN A 76.164.220.132* IN A 76.164.220.132# test.com-rev.zone$TTL 86400@ IN SOA ns1.test.com. root.test.com. ( 2010091221 ; Serial 3600 ; Refresh 900 ; Retry 3600000 ; Expire 3600 ) ; Minimum IN NS ns1.test.com. IN NS ns2.test.com.132 IN PTR test.com.132 IN PTR ns2.test.com.132 IN PTR ns1.test.com.132 IN PTR www.test.com.132 IN PTR blog.test.com.132 IN PTR cacti.test.com.132 IN PTR nagios.test.com.132 IN PTR awstats.test.com.
运行
# 使用调试方式运行namednamed -g -u named -c /etc/named.conf -t /usr/local/bind/chroot# 查看message日志# 注意事项根据directory "/";调整配置文件中指定目录的位置.此处使用chroot方式,/etc/named.conf为实际目录/usr/local/bind/chroot/etc/named.conf
