bind blz mysql_bind+dlz+mysql实现区域记录动态更新

BIND-DLZ实验:http://bind-dlz.sourceforge.net/

实验环境:RHEL4,BIND-9.5.0-P2.tar.gz(9.4.0以上版本都已含DLZ补丁),Mysql-5.0.56.tar.gz

1、安装mysql(先安装gcc等相关软件包)

#tar zxvf mysql-5.0.56.tar.gz    #cd mysql-5.0.56   #./configure --prefix=/usr/local/mysql --localstatedir=/usr/loal/mysql/data --   libexecdir=/usr/local/mysql/lib --disable-shared   #make   #make install   #cd /usr/local/mysql/   #groupadd -g 1003 mysql   #useradd -g 1003 mysql   #chown -R mysql .   #chgrp -R mysql .   #chown -R mysql lib   #./bin/mysql_install_db --user=mysql //以mysql的用户身份安装   #chown -R root .   #./bin/mysqld_safe --user=mysql & //在后台启动mysql

# cd /root/mysql-5.0.56# cp support-files/my-medium.cnf /etc/my.cnf# cp support-files/mysql.server /etc/rc.d/init.d/mysqld# chmod 700 !$# chkconfig --add mysqld# chkconfig --list mysqld  mysqld 1:off 2:on 3:on 4:on 5:on 6:off# service mysqld start[restart/reload/stop]# vi /etc/my.cnfadd this:(防止mysql服务器无查询后8小时自动重连)wait_timeout = 86400interactive_timeout = 86400   #/usr/local/mysql/bin/mysqladmin -uroot password 'aptech'   #./bin/mysql -uroot -paptech

#echo "PATH=$PATH:/usr/local/mysql/bin" >> /etc/profile

#. !$

2、安装bind

#tar zxvf bind-9.5.0-P2.tar.gz    #cd bind-9.5.0-P2   #./configure --prefix=/usr/local/bind9 --with-dlz-mysql=/usr/local/mysql --enable-threads=no

//--with-dlz-mysql=/usr/local/mysql 要求bind安装中支持DLZ

//--enable-threads=no 关闭多线程

//--disable-openssl-version-check 禁止openssl版本的检查   #make   #make install3、创建database,table

create database mydata;

use mydata;

create table other_dns_records(

zone varchar(255),

host varchar(255),

type varchar(255),

data varchar(255),

ttl int(11),

mx_priority varchar(255),

refresh int(11),

retry int(11),

expire int(11),

minimum int(11),

serial bigint(11),

resp_person varchar(255),

primary_ns varchar(255));

create table cnc_dns_records(

host varchar(255),

type varchar(255),

data varchar(255),

ttl int(11),

mx_priority varchar(255),

refresh int(11),

retry int(11),

expire int(11),

minimum int(11),

serial bigint(11),

resp_person varchar(255),

primary_ns varchar(255));

insert other_dns_records(zone,host,type,data,ttl,retry)

values('aaa.com','www','A','192.168.199.2','86400','13');

insert cnc_dns_records(zone,host,type,data,ttl,retry)

values('bbb.com','www','A','192.55.199.199','86400','13');

4、编辑/usr/local/bind9/etc/named.conf

#cd /usr/local/bind9/etc

#../sbin/rndc-confgen -a

#../sbin/rndc-confgen > named.conf

#vi !$   //vi named.conf

#less named.conf

# Use with the following in named.conf, adjusting the allow list as needed: key "rndc-key" {        algorithm hmac-md5;        secret "c4aUV+N7GbOF773V+/LnAA=="; };  controls {        inet 127.0.0.1 port 953                allow { 127.0.0.1; } keys { "rndc-key"; }; };# End of named.confoptions {directory "/usr/local/bind9/etc/";pid-file "/usr/local/bind9/var/run/named.pid";allow-query { any; };recursion no;version "gaint-d1";};include "/usr/local/bind9/etc/cnc.cl";include "/usr/local/bind9/etc/other.cl";view "cnc-user" {match-clients { cnc; };dlz "Mysql zone" {database "mysql{host=localhost dbname=mydata ssl=false port=3306 user=root pass=aptech}{select zone from cnc_dns_records where zone = '%zone%'}{select ttl, type, mx_priority, case when lower(type)='txt' then concat('\"', data, '\"')when lower(type) = 'soa' then concat_ws('', data, resp_person, serial, refresh, retry, expire, minimum) else data end as mydata fromcnc_dns_records where zone = '%zone%' and host = '%record%'}";};};view "other-user" {match-clients { other; };dlz "Mysql zone" {database "mysql{host=localhost dbname=mydata ssl=false port=3306 user=root pass=aptech}{select zone from other_dns_records where zone='%zone%'}{select ttl, type, mx_priority, case when lower(type) = 'txt' then concat('\"', data, '\"')when lower(type)='soa' then concat_ws('', data, resp_person, serial, refresh, retry, expire, minimum) else data end as mydata fromother_dns_records where zone = '%zone%' and host = '%record%'}";};};[root@dlz etc]# less cnc.cl acl "cnc"{192.168.9.0/24;};

[root@dlz etc]# less other.cl acl "other" {127.0.0.0/18;};

5、启动&测试

[root@dlz ~]# /usr/local/bind9/sbin/named -gc  /usr/local/bind9/etc/named.conf06-Mar-2009 22:23:02.569 starting BIND 9.5.0-P2 -gc /usr/local/bind9/etc/named.conf06-Mar-2009 22:23:02.579 loading configuration from '/usr/local/bind9/etc/named.conf'06-Mar-2009 22:23:02.583 listening on IPv4 interface lo, 127.0.0.1#5306-Mar-2009 22:23:02.586 listening on IPv4 interface eth0, 192.168.1.5#5306-Mar-2009 22:23:02.588 Loading 'Mysql zone' using driver mysql06-Mar-2009 22:23:02.604 default max-cache-size (33554432) applies: view cnc-user06-Mar-2009 22:23:02.609 Loading 'Mysql zone' using driver mysql06-Mar-2009 22:23:02.612 default max-cache-size (33554432) applies: view other-user06-Mar-2009 22:23:02.616 default max-cache-size (33554432) applies: view _bind06-Mar-2009 22:23:02.621 command channel listening on 127.0.0.1#95306-Mar-2009 22:23:02.621 ignoring config file logging statement due to -g option06-Mar-2009 22:23:02.623 running

注:加-gc参数可显示出启动日志,以便出错排查;显示running表示配置正确.