linux安装bind with DLZ <NIOT>

2015年6月11日

1、sudo wget ftp://ftp.isc.org/isc/bind9/9.10.1/bind-9.10.1.tar.gz  或者 使用“rz”命令

2、tar -zxvf bind-9.10.1.tar.gz 

3、创建目录

在/home/wkubuntu下创建named目录和namedfile目录

4、编译安装

cd bind-9.10.1

 ./configure --prefix=/home/wkubuntu/named/ --with-dlz-mysql=/usr/local/mysql

make

make install

此时进入/home/wkubuntu/named目录，里面自动生成了bin  etc  include  lib  sbin  share  var这些文件目录

5、配置bind

cd /home/wkubuntu/named/etc

touch named.conf ，或者从电脑上上传

vi named.conf张贴内容1

从电脑上上传5个文件到/home/wkubuntu/named/var 目录下

127.0.0.zone、localhost.reverse 、localhost.zone 、named.root 、root.hint 

生成rndc的key

a）cd /home/wkubuntu/named/sbin/

b)vim random 输入很长一段字母。就是服务器上没有random产生器，这种情况下我们就手动伪造一个文件代替/dev/random的功能

c)./rndc-confgen -r random > /etc/rndc.key

d)cat /etc/rndc.key 

e)拷贝

 secret "pfNOQ0fENSBBGBYn/ndRsw=="; 这一行

覆盖/home/wkubuntu/named/etc 的named.conf对应的那一行

 

 

6、启动bind ，打印进程

输入sudo /home/wkubuntu/named/sbin/named  -c /home/wkubuntu/named/etc/named.conf -n 1 & 

出现done 就代表成功了，“-n 1”代表单线程启动，结合mysql驱动不会报错。

【如果出现了exit，出错了，看打印进程sudo /home/wkubuntu/named/sbin/named  -gc /home/wkubuntu/named/etc/named.conf  -n 1& 

killall named 可以关闭掉所有named，如果用了-gc的话】

 要建立一个log目录，如下的配置 mkdir logs

/home/wkubuntu/named/logs

其他：

内容1：

logging{
channel error_log {
    file "/home/wkubuntu/named/logs/normal.log" versions 3 size 2m;
    severity error;
    print-time yes;
    print-severity yes;
    print-category yes;
};
category default{
    error_log; 
};

channel update_log{
    file "/home/wkubuntu/named/logs/update.log" versions 3 size 1m;
    severity info;
    print-time yes;
    print-severity yes;
    print-category yes;
};
category update{
    update_log;
};


channel notify_log{
    file "/home/wkubuntu/named/logs/notify.log" versions 3 size 1m;
    severity info;
    print-time yes;
    print-severity yes;
    print-category yes;
};
category notify{
    notify_log;
};
};

options {

        directory "/home/wkubuntu/named/var/";   
        pid-file "/home/wkubuntu/named/var/run/named/named.pid";
        dump-file "/home/wkubuntu/named/logs/named_dump.db";
        statistics-file "/home/wkubuntu/named/logs/named.stats";
        version "Welcome to NIOT platform!";
        listen-on-v6 { any; };
        allow-query { any; };
        allow-query-cache { any; };
        allow-recursion { localnets; localhost; };
        notify no;

};

key "rndc-key" {
     algorithm hmac-md5;
     secret "fLDVvLVXFjMJpdiy+7nESw==";
};

controls {
     inet 127.0.0.1 port 953
    allow { 127.0.0.1; } keys { "rndc-key"; };
};




zone "." IN {
    type hint;
    file "/home/wkubuntu/named/var/named.root";
};


zone "localhost" IN {
    type master;
    file "/home/wkubuntu/named/var/localhost.zone";
    allow-update { none; };
};


zone "0.0.127.in-addr.arpa" IN {
    type master;
    file "/home/wkubuntu/named/var/localhost.reverse";
    allow-update { none; };
};


dlz "Mysql zone" {
     database "mysql
     {host=127.0.0.1 dbname=db_dns  ssl=false port=3306 user=root pass=root}
     {select zone from supported_zone where zone = '$zone$' limit 1}
     {select ttl, type, mx_priority,
     case
         when lower(type) = 'txt' then concat('\"', data, '\"')
         when lower(type) = 'soa' then concat_ws(' ', data, resp_person, serial, refresh, retry, expire, minimum)
         when lower(type) = 'naptr' then concat(' ', naptr_order, ' ', naptr_preference, ' \"', naptr_flags, '\"', ' \"', naptr_service, '\"', ' \"', naptr_regexp,'\" ', data, '.')
         else data
     end
     from dns_records where zone = '$zone$' and host = '$record$'}";
};

 

2017配置文件变更部分

dlz "Mysql zone" {
     database "mysql
     {host=127.0.0.1 dbname=db_dns ssl=false port=3306 user=pro_dns_manager pass=l+bbkqQX}
     {select zone from dns_records where zone = '$zone$' limit 1}
     {select ttl, type, mx_priority,
     case
         when lower(type) = 'txt' then concat('\"', data, '\"')
         when lower(type) = 'soa' then concat_ws(' ', data, resp_person, serial, refresh, retry, expire, minimum)
         when lower(type) = 'naptr' then concat(' ', naptr_order, ' ', naptr_preference, ' \"', naptr_flags, '\"', ' \"', naptr_service, '\"', ' \"', naptr_regexp,'\" ', data, '.')
         else data
     end
     from dns_records where zone = '$zone$' and host = '$record$' and status = 0}";
};

 

 

7、测试

dig @localhost www.cniotroot.cn ys.cniotroot.cn

数据库里面要有这条记录，如上测试即可

 

8、北京服务器

sudo /home/niot/named/sbin/named -c /home/niot/named/etc/named.conf -n 1 &

 

9、rndc status 失败，端口被portreserve 占用

 /home/wkubuntu/named/sbin/rndc stats
rndc: connect failed: 127.0.0.1#953: connection refused 

看打印进程sudo /home/wkubuntu/named/sbin/named  -gc /home/wkubuntu/named/etc/named.conf  -n 1& 

couldn't add command channel 127.0.0.1#953: address in use 

 

#killall portreserve