bind9 编译安装

1，下载bind-9.9.2.tar.gz 包 http://download.chinaunix.net/download.php?id=44214&ResourceID=6

2，编译安装

# tar zvxf bind-9.9.2.tar.gz

# cd bind-9.9.2

# ./configure --prefix=/usr/local/bind9 --sysconfdir=/etc/named/ --enable-threads --enable-epoll --disable-chroot

# make && make install

3，添加named组和named用户

# groupadd -g 53 -r named

# useradd -g named -r named

# id named

4，提供/var/named/ 目录和区域数据库文件

# mkdir /var/named/

# cd /var/named/

# dig -t NS . @192.168.1.1 > named.ca

5，提供主配置文件 /etc/named/named.conf

options {         directory       "/var/named";};

zone "." IN {        type hint;        file "named.ca";};

zone "localhost" IN {      type master;      file "named.localhost";      allow-transfer { none; }; };

zone "0.0.127.in-addr.arpa" IN {      type master;      file "named.loopback";      allow-transfer { none; }; };

6，提供区域数据库文件

# vim named.localhost

$TTL 86400@        IN        SOA        localhost.        luochen.localhost.    (                                       2016031001                                       2H                                       10M                                       7D                                       1D )            IN        NS           localhost. localhost.        IN            A        127.0.0.1

# vim named.loopback

$TTL 86400@        IN        SOA        localhost.        luochen.localhost.    (                                       2016031001                                       2H                                       10M                                       7D                                       1D )            IN        NS           localhost.1          IN        PTR          localhost.

7，配置rndc,生成named.conf文件

# /usr/local/bind9/sbin/rndc-confgen > /etc/named/rndc.conf

8，修改配置文件权限和属主

# chown root:named /etc/named/named.conf

# chown root:named /etc/named/rndc.conf

# chmod 640 /etc/named/named.conf

# chmod 640 /etc/named/rndc.conf

9，修改区域数据库文件属主和权限

# cd /var/named/

# chown root:named *

# chmod 640 *

10，修改PATH环境变量，让系统可以直接使用named的相关命令

# vim /etc/profile.d/named.sh

export PATH=/usr/local/bind9/bin:/usr/local/bind9/sbin:$PATH

11，重新读取环境变量的值

#source /etc/profile

12，检测区域数据库文件是否有语法错误

# named-checkzone "localhost" /var/named/named.localhost

# named-checkzone "0.0.127.in-addr.arpa" /var/named/named.loopback

13，启动named服务

# named -u named -c /etc/named/named.conf

14，查看服务是否正常启动

# netstat -tnul | grep 53

15，在主配置文件中定义一个区域

# vim /etc/named/named.conf

options {         directory       "/var/named";};

zone "." IN {        type hint;        file "named.ca";};

zone "localhost" IN {      type master;      file "named.localhost";      allow-transfer { none; }; };

zone "0.0.127.in-addr.arpa" IN {      type master;      file "named.loopback";      allow-transfer { none; }; };

zone "luolinux.com" IN {       type master;       file "luolinux.com.zone";};

16，提供区域数据库文件

# vim /var/named/luolinux.com.zone

$TTL 86400@        IN        SOA        dns.luolinux.com.        luochen.luolinux.com.    (                                       2016031001                                       2H                                       10M                                       2D                                       1D )            IN        NS           dns            IN        MX   10   mail dns     IN        A             192.168.1.118 mail    IN        A             192.168.1.118 www   IN        A             192.168.1.130

17，检测区域文件是否有语法错误

# named-checkzone "luolinux.com" /var/named/luolinux.com.zone

# killall -1 named

18，测试是否能正常解析

# dig -t A www.luolinux.com  @192.168.1.118

19，配置rndc，将rndc.conf 文件的后一半复制到/var/named/named.conf 文件并开启注释

# vim /etc/named/named.conf

options {         directory       "/var/named";         pid-file          "/usr/local/bind9/var/run/named.pid";};

zone "." IN {        type hint;        file "named.ca";};

zone "localhost" IN {      type master;      file "named.localhost";      allow-transfer { none; }; };

zone "0.0.127.in-addr.arpa" IN {      type master;      file "named.loopback";      allow-transfer { none; }; };

zone "luolinux.com" IN {       type master;       file "luolinux.com.zone";};

# Use with the following in named.conf, adjusting the allow list as needed:key "rndc-key" { 	algorithm hmac-md5; 	secret "wkThKNcCFb/fM86evA8kdQ=="; };

controls { 	inet 127.0.0.1 port 953        allow { 127.0.0.1; } keys { "rndc-key"; }; };#End of named.conf

20，提供named服务启动脚本

# vim /etc/rc.d/init.d/named

#!/bin/bash## description: named daemon# chkconfig: 345 25 85#pidFile=/usr/local/bind9/var/run/named.pidlockFile=/var/lock/subsys/namedconfFile=/etc/named/named.conf

[ -r /etc/rc.d/init.d/functions ] && . /etc/rc.d/init.d/functions

start() {           if [ -e $lockFile ]; then		echo "named is already running..."		exit 0	   fi

	   echo -n "Starting named:"           daemon --pidfile "$pidFile" /usr/local/bind9/sbin/named -u named -c "$confFile"	   RETVAL=$?	   echo

	   if [ $RETVAL -eq 0 ]; then		touch $lockFile		return $RETVAL	   else		rm -f $lockFile $pidFile		return 1	   fi}

stop() {	   if [ ! -e $lockFile ]; then		echo "named is stopped."	   fi

	   echo -n "Stopping named"	   killproc named	   RETVAL=$?	   echo

	   if [ $RETVAL -eq 0 ];then		rm -f $lockFile $pidFile		return 0	   else		echo "Cannot stop named."		failure		return 1	   fi}

restart() {	   stop	   sleep 3	   start}

reload() {	   echo -n "Reloading named: "	   killproc named -HUP	   RETVAL=$?	   echo 	   return $RETVAL}

status() {	   if pidof named &> /dev/null; then		echo -n "named is running..."		success		echo	   else		echo -n "named is stopped..."		success		echo           fi}

usage() {	   echo "Usage: named {start|stop|restart|status|reload}"}

case $1 in	   start)		start ;;	   stop)		stop ;;	   restart) 		restart ;;	   status)		status ;;	   reload)		reload ;;	    *)		usage 		exit 4 		;;	esac			

21，修改/usr/local/bind9/var/run/ 目录属主和属组

# chown -R named:named /usr/local/bind9/var/run/

22，赋予启动脚本执行权限

# chmod +x /etc/rc.d/init.d/named

23，让服务开机自动启动

# chkconfig --add named

24，重启服务

# service named restart