bind9+mysql搭建高可用DNS解析服务

bind9+mysql搭建DNS解析服务
基本的架构图如下：

安装步骤：

安装依赖服务：
yum install wget cmake ncurses boost zlib gcc libuv libuv-devel libnghttp2 libnghttp2-devel openssl-devel libcap-devel mysql mysql-devel -y
1
安装mysql
此处省略安装配置mysql主从~~
mysql安装完成后需要添加环境变量，编译bind时会用到
export CPPFLAGS="-I/usr/lib64/mysql $CPPFLAGS"
export LDFLAGS="-L/usr/lib64/mysql $LDFLAGS"
export LD_LIBRARY_PATH="/usr/lib64/mysql"
1
2
3
mysql建表命令

CREATE TABLE IF NOT EXISTS `dns_records` (
`id` int(10) unsigned NOT NULL AUTO_INCREMENT,
`zone` varchar(255) NOT NULL,
`host` varchar(255) NOT NULL DEFAULT '@',
`type` enum('A','MX','CNAME','NS','SOA','PTR','TXT','AAAA','SVR','URL') NOT NULL,
`data` varchar(255) DEFAULT NULL,
`ttl` int(11) NOT NULL DEFAULT '3600',
`mx_priority` int(11) DEFAULT NULL,
`view` enum('any', 'Telecom', 'Unicom', 'CMCC', 'ours') NOT NULL DEFAULT "any" ,
`priority` tinyint UNSIGNED NOT NULL DEFAULT '255',
`refresh` int(11) NOT NULL DEFAULT '28800',
`retry` int(11) NOT NULL DEFAULT '14400',
`expire` int(11) NOT NULL DEFAULT '86400',
`minimum` int(11) NOT NULL DEFAULT '86400',
`serial` bigint(20) NOT NULL DEFAULT '2022022317',
`resp_person` varchar(64) NOT NULL DEFAULT 'localhost',
`primary_ns` varchar(64) NOT NULL DEFAULT 'localhost.',
PRIMARY KEY (`id`),
KEY `type` (`type`),
KEY `host` (`host`),
KEY `zone` (`zone`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=1 ;

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
后续添加DNS解析的命令

insert into dns_bind.dns_records (zone, host, type, data, ttl) VALUES ('testinfo.local', 'aaa', 'A', 'xxx.xxx.xxx.xxx', '600');

1
2
编译安装bind服务
下载安装包
cd /usr/local/src/
wget https://www.cpan.org/src/5.0/perl-5.34.0.tar.gz
wget wget https://ftp.isc.org/isc/bind9/9.16.26/bind-9.16.26.tar.xz
1
2
3
编译安装perl ， 这里make test的时候会报一个错误，无视他，继续make install就行

tar -zxvf perl-5.34.0.tar.gz
cd perl-5.34.0
cp configure.gnu configure
./configure -des -Dprefix=/usr/local/perl
make
make test
make install
1
2
3
4
5
6
7
编译安装bind服务

tar -xvf bind-9.16.26.tar.xz
cd bind-9.16.26
./configure --prefix=/data/bind/ --with-dlz-mysql=yes --enable-largefile --with-openssl=no --without-python --disable-ipv6
make
make install
1
2
3
4
5
注意：bind9.16是最后支持mysql的版本，9.17开始就移除了mysql模块

生成rndc.conf和named.conf
cd /data/bind/etc/
/data/bind/sbin/rndc-confgen > rndc.conf
tail -10 rndc.conf | head -9 | sed s/#\ //g > named.conf
../bin/dig > named.root
1
2
3
4
配置named.conf
配置options
options {
listen-on port 53 { any; };
directory "/data/bind";
dump-file "/data/bind/data/cache_dump.db";
statistics-file "/data/bind/data/named_stats.txt";
memstatistics-file "/data/bind/data/named_mem_stats.txt";
Pid-file "/data/bind/var/run/named/named.pid";
allow-query { any; };
recursion yes;
version "0";
serial-query-rate 1;
dnssec-enable no;
dnssec-validation no;
dnssec-lookaside auto;
managed-keys-directory "/data/bind/dynamic";
forwarders { 223.5.5.5;223.6.6.6; };
};

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
配置zone

dlz "mysql zone" {
database "mysql
{host=XXX.XXX.XXX.XXX dbname=dns_bind ssl=false port=3306 user=root pass=XXXXXXXX}
{select zone from dns_records where zone = '$zone$' and view = 'any' limit 1}
{select ttl,type,if(mx_priority>0,mx_priority,NULL),case when lower(type)='txt' then concat('\"',data,'\"') when lower(type) = 'soa' then concat_ws(' ', data, resp_person, serial, refresh, retry, expire, minimum) else data end as mydata from dns_records where zone = '$zone$' and host = '$record$' and view = 'any'}";
};

1
2
3
4
5
6
7
到这里就安装完成了。

附1：bind检测配置文件命令

/usr/local/bind/sbin/named -c /usr/local/bind/etc/named.conf -g
1
附2：bind启动脚本

#!/bin/bash
##########################################################################################
# Info:
# start dns server
##########################################################################################
# Auther: Yin Jiang
# Changelog:
# 20220223 jiangyin initial create
##########################################################################################

##########################################################################################

if [ `id -u` -ne 0 ]
then
echo "ERROR:Must run as root."
exit 1
fi

function start() {
/data/bind/sbin/named -c /data/bind/etc/named.conf -4
echo . && echo 'DNS server started.'
}

function stop() {
kill `cat /data/bind/var/run/named/named.pid`
echo . && echo 'DNS server stopped.'
}

function reload() {
/data/bind/sbin/rndc reload
}

function status() {
/data/bind/sbin/rndc status
}

case "$1" in
start)
start
;;
stop)
stop
;;
restart)
stop
sleep 2
start
;;
reload)
reload
;;
status)
status
;;
*)
echo "Please use these command (start | stop | restart | status | reload)"
;;
esac
————————————————
版权声明：本文为CSDN博主「诸葛冰玄」的原创文章，遵循CC 4.0 BY-SA版权协议，转载请附上原文出处链接及本声明。
原文链接：https://blog.csdn.net/embrace99999/article/details/123134894