红帽linux 6.5安装bind,redhat+bind9安装教程

本人声明：

如需转载请保留下面的信息：

author：aidns.cn

mail:

from:

安装BIND9：

# tar zxvf bind-9.3.5.tar.gz

# cd bind-9.3.5

# ./configure \

--prefix=/usr/local/named \

--disable-openssl-version-check \

--disable-ipv6

# make

# make install

建立启动用户：

# groupadd named

# useradd named -g named -d /dev/null -s /sbin/nologin

创建配置文件目录：

# mkdir –p /usr/local/named/etc

# chown bind:bind /usr/local/named/etc

# chmod 700 /usr/local/named/etc

创建主要的配置文件：

# vi /usr/local/named/etc/named.conf

=======================named.conf=======================

acl "trust-lan" { 127.0.0.1/8; 192.168.0.0/16;};

options {

directory "/usr/local/named/etc/";

pid-file "/var/run/named/named.pid";

version "0.0.0";

datasize 40M;

allow-transfer {

"trust-lan";};

recursion yes;

allow-notify {

"trust-lan";

};

allow-recursion {

"trust-lan";

};

auth-nxdomain no;

forwarders {

202.99.160.68;

202.99.168.8;};

};

logging {

channel warning

{ file "/var/log/named/dns_warnings" versions 3 size 1240k;

severity warning;

print-category yes;

print-severity yes;

print-time yes;

};

channel general_dns

{ file "/var/log/named/dns_logs" versions 3 size 1240k;

severity info;

print-category yes;

print-severity yes;

print-time yes;

};

category default { warning; };

category queries { general_dns; };

};

zone "." {

type hint;

file "named.root";

};

zone "0.0.127.IN-ADDR.ARPA" {

type master;

file "localhost";

};

zone "home.com" {

type slave;

file "home.com";

masters {

192.168.0.1;

};

};

zone "0.168.192.in-addr.arpa" {

type slave;

file "0.168.192.in-addr";

masters {

192.168.0.1;

};

};

======================named.conf==========================

创建zone区文件：

# vi /usr/local/named/etc/home.com

======================== home.com ==========================

$TTL 86400

$ORIGIN home.com.

@       IN      SOA     redhat.home.com. root.home.com (

2001111601 ; serial

28800 ; refresh

14400 ; retry

3600000 ; expire

86400 ; default_ttl

)

IN      NS      redhat.home.com.

;; -- linux server --

@  IN  A   192.168.0.1

redhat IN  A   192.168.0.1

IN  MX  0 redhat.home.com.

IN  HINFO  "redhat as 3.0".

IN  TXT   "The internet gateway".

;; --- win2k server ---

@  IN  A   192.168.0.10

win2k IN  A   192.168.0.10

IN  MX  0 win2k.home.com.

IN  HINFO  "windows 2000 server".

;; ------ cnames ------

dns  IN  CNAME  redhat

www  IN  CNAME  redhat

mail IN  CNAME  win2k

ftp  IN  CNAME  win2k

======================= home.com ==========================

创建反向解析文件：

# vi /usr/local/named/etc/0.168.192.in-addr

==================== 0.168.192.in-addr ==================

$TTL 86400

@       IN      SOA     redhat.home.com. root.home.home.com. (

2001111601 ; Serial

28800   ; refresh

14400   ; retry

3600000  ; expire

86400 )  ; minimum

@  IN  NS  redhat.home.com.

1  IN  PTR  dns.home.com.

1  IN  PTR  .

10  IN  PTR  mail.home.com.

10  IN  PTR  .

=================== 0.168.192.in-addr ==================

创建localhost文件：

# vi /usr/local/named/etc/localhost

======================= localhost =======================

$TTL    3600

@       IN      SOA     redhat.home.com. root.home.com.  (

20040526  ; Serial

3600       ; Refresh

900        ; Retry

3600000   ; Expire

3600 )    ; Minimum

IN      NS      redhat.home.com.

1       IN      PTR     localhost.home.com.

======================= localhost =======================

更新根区文件：

# cd /usr/local/named/etc/

# wget

创建PID和日志目录：

# mkdir /var/run/named/

# chown named:root /var/run/named/

# mkdir /var/log/named/

# touch /var/log/named/dns_warnings

# touch /var/log/named/dns_logs

# chown named:root /var/log/named/*

生成rndc-key：

# cd /usr/local/named/etc/

# ../sbin/rndc-confgen > rndc.conf

把rndc.conf中：

# Use with the following in named.conf, adjusting the allow list as needed:

后面的部分加到/usr/local/named/etc/named.conf中并去掉注释

运行测试：

# /usr/local/named/sbin/named -gc /usr/local/named/etc/named.conf

状态检查：

# /usr/local/named/sbin/rndc status

数据更新：

# /usr/local/named/sbin/rndc reload

建立启动脚本：

# vi /etc/init.d/named

======================= named.sh =======================

#!/bin/bash

# named        a network name service.

# chkconfig: 545 35 75

# description: a name server

#

if [ `id -u` -ne 0 ]

then

echo "ERROR:For bind to port 53,must run as root."

exit 1

fi

case "$1" in

start)

if [ -x /usr/local/named/sbin/named ]; then

/usr/local/named/sbin/named -u named -c /usr/local/named/etc/named.conf && echo . && echo 'BIND9 server started.'

fi

;;

stop)

kill `cat /var/run/named/named.pid` && echo . && echo 'BIND9 server stopped.'

;;

restart)

echo .

echo "Restart BIND9 server"

$0 stop

sleep 10

$0 start

;;

*)

echo "$0 start | stop | restart"

;;

esac

======================= named.sh =======================

# chmod 755 /etc/init.d/named

# chkconfig –add named

# chkconfig named on