以前在BSD和Linux下面一直用djbdns做dns本地缓存,用Mac之后用过一段时间的dnsmasq,djbdns比dnsmasq设置简单一些,dnsmasq配置了几次才成功。
最近重装系统后打算重新弄一个,不过这次是打算用系统自带的bind服务,不用安装编译,直接就是现成的。
bind我其实不熟悉,好在可以google到不少配置文件进行参考,只有一点经验可以说一下
[code]named-checkconf /etc/named.conf[/code]
东抄西抄的配置文件难免会有问题,用这个命令检查一下配置文件是否正确,省得启动服务失败了再看日志调试
如果是通过已有的/etc/named.conf直接修改,会报一个rndc.key不存在的错误,用这个命令创建一下就好
[code]rndc-confgen -a[/code]
最后把服务启动用
[code]sudo launchctl load -w /System/Library/LaunchDaemons/org.isc.named.plist[/code]
再把dns指向127.0.0.1就搞定了
附上我的named.conf参考
[code]
//
// Include keys file
//
include "/etc/rndc.key";
// Declares control channels to be used by the rndc utility.
//
// It is recommended that 127.0.0.1 be the only address used.
// This also allows non-privileged users on the local host to manage
// your name server.
//
// Default controls
//
controls {
inet 127.0.0.1 port 54 allow {any;}
keys { "rndc-key"; };
};
options {
directory "/var/named";
/*
* If there is a firewall between you and nameservers you want
* to talk to, you might need to uncomment the query-source
* directive below. Previous versions of BIND always asked
* questions using port 53, but BIND 8.1 uses an unprivileged
* port by default.
*/
// query-source address * port 53;
listen-on { 127.0.0.1; };
forwarders {
8.8.8.8;
208.67.222.222;
208.67.220.220;
};
forward only;
max-cache-size 2097152;
};
//
// a caching only nameserver config
//
zone "." IN {
type hint;
file "named.ca";
};
zone "localhost" IN {
type master;
file "localhost.zone";
allow-update { none; };
};
zone "0.0.127.in-addr.arpa" IN {
type master;
file "named.local";
allow-update { none; };
};
logging {
category default {
_default_log;
};
channel _default_log {
file "/Library/Logs/named.log";
severity info;
print-time yes;
};
};
[/code]
最近重装系统后打算重新弄一个,不过这次是打算用系统自带的bind服务,不用安装编译,直接就是现成的。
bind我其实不熟悉,好在可以google到不少配置文件进行参考,只有一点经验可以说一下
[code]named-checkconf /etc/named.conf[/code]
东抄西抄的配置文件难免会有问题,用这个命令检查一下配置文件是否正确,省得启动服务失败了再看日志调试
如果是通过已有的/etc/named.conf直接修改,会报一个rndc.key不存在的错误,用这个命令创建一下就好
[code]rndc-confgen -a[/code]
最后把服务启动用
[code]sudo launchctl load -w /System/Library/LaunchDaemons/org.isc.named.plist[/code]
再把dns指向127.0.0.1就搞定了
附上我的named.conf参考
[code]
//
// Include keys file
//
include "/etc/rndc.key";
// Declares control channels to be used by the rndc utility.
//
// It is recommended that 127.0.0.1 be the only address used.
// This also allows non-privileged users on the local host to manage
// your name server.
//
// Default controls
//
controls {
inet 127.0.0.1 port 54 allow {any;}
keys { "rndc-key"; };
};
options {
directory "/var/named";
/*
* If there is a firewall between you and nameservers you want
* to talk to, you might need to uncomment the query-source
* directive below. Previous versions of BIND always asked
* questions using port 53, but BIND 8.1 uses an unprivileged
* port by default.
*/
// query-source address * port 53;
listen-on { 127.0.0.1; };
forwarders {
8.8.8.8;
208.67.222.222;
208.67.220.220;
};
forward only;
max-cache-size 2097152;
};
//
// a caching only nameserver config
//
zone "." IN {
type hint;
file "named.ca";
};
zone "localhost" IN {
type master;
file "localhost.zone";
allow-update { none; };
};
zone "0.0.127.in-addr.arpa" IN {
type master;
file "named.local";
allow-update { none; };
};
logging {
category default {
_default_log;
};
channel _default_log {
file "/Library/Logs/named.log";
severity info;
print-time yes;
};
};
[/code]