Bind-DLZ with MySQL

系统环境:

系统:centos 6.8
Mysql: 5.1
BIND: bind-9.11.0-P2.tar.gz
IP地址:192.168.153.130
软件下载地址:http://ftp.isc.org/

一、安装并配置MySQL.

1.编译环境相关依赖包安装.

yum install openssl-devel openldap-devel unixODBC-devel gcc

2.安装MySQL数据库

yum -y install mysql mysql-server mysql-devel

3.验证是否安装成功

[root@localhost ~]# rpm -qi mysql-server

4.启动MySql服务

[root@localhost ~]# /etc/init.d/mysqld start

5.登录并设置密码

[root@localhost ~]# mysql -u root
mysql> show databases;
mysql>  use mysql; 
mysql> update user set password=password('123456') where user='root';

6.开放远程登录权限

mysql> GRANT ALL PRIVILEGES ON *.* TO 'root'@'%' IDENTIFIED BY '123456' WITH GRANT OPTION;
Query OK, 0 rows affected (0.00 sec)
mysql> FLUSH PRIVILEGES;
Query OK, 0 rows affected (0.00 sec)

7.设置开机启动(非必须)

[root@localhost ~]#chkconfig mysqld on

二、下载并安装Bind-DLZ

1.下载并解压Bind-DLZ软件包

[root@localhost opt]#wget http://ftp.isc.org/isc/bind9/9.11.0-P2/bind-9.11.0-P2.tar.gz
[root@localhost opt]#tar -zxvf bind-9.11.0-P2.tar.gz

2.在64位系统上编译,您可能需要设置一些变量,以便找到适当的mysql库:

[root@localhost ~]# export CPPFLAGS="-I/usr/lib64/mysql $CPPFLAGS"
[root@localhost ~]# export LDFLAGS="-L/usr/lib64/mysql $LDFLAGS"
[root@localhost ~]# export LD_LIBRARY_PATH="/usr/lib64/mysql"

3.编译安装Bind-DLZ.

[root@localhost opt]# cd bind-9.11.0-P2
[root@localhost bind-9.11.0-P2]#./configure --prefix=/usr/local/bind  --enable-threads \
--enable-largefile --disable-ipv6 \
--disable-openssl-version-check \
--with-dlz-mysql=yes
[root@localhost bind-9.11.0-P2]# make
[root@localhost bind-9.11.0-P2]# make install

4.查看版本并测试软件是否安装成功

[root@localhost bind-9.11.0-P2]# /usr/local/bind/sbin/named -v
BIND 9.11.0-P2 <id:9713922>

5.配置rndc.conf和named.conf文件

生成rndc.conf:

[root@localhost ~]# cd /usr/local/bind/etc/
[root@localhost etc]# rndc-confgen -r /dev/urandom > rndc.conf

提供ca文件

[root@localhost etc]#wget -O named.ca  http://www.internic.net/domain/named.root

创建并生成named.conf

[root@localhost etc]#  tail -10 rndc.conf | head -9 | sed s/#\ //g > named.conf

生成的named.conf文件只key和controls部分,需要自己手动添加logging和options部分,完整文件如下:

[root@localhost etc]# cat named.conf 
key "rndc-key" {
        algorithm hmac-md5;
        secret "X0k0Uz62Actu11IXrnA48A==";
};
controls {
        inet 127.0.0.1 port 953
        allow { 127.0.0.1; } keys { "rndc-key"; };
};

logging {
        channel bind_log {
                file "/tmp/bind.log" versions 3 size 20m;
                severity info;
                print-time yes;
                print-severity yes;
                print-category yes;
        };
        category default {
                bind_log;

        };
 };

options {
        listen-on port 53 { 192.168.153.130; };
        directory "/usr/local/bind";
        Pid-file "named.pid";
        allow-query-cache { any; };
        allow-query     { any; };
};

dlz "Mysql zone" {
    database "mysql
    {host=192.168.153.130 dbname=bind ssl=false port=3306 user=root pass=123456}
    {select zone from dns_records where zone = '$zone$' and  view = 'any' limit 1}
    {select ttl,type,if(mx_priority>0,mx_priority,NULL),case when lower(type)='txt' then concat('\"',data,'\"') when lower(type)    =  'soa'  then   concat_ws(' ',  data,  resp_person,  serial,  refresh,  retry,  expire,  minimum)   else   data   end   as   mydata   from   dns_records where zone = '$zone$'   and host = '$record$' and view = 'any'}";
};
[root@localhost etc]# 

6.创建named用户,使bind服务以named用户运行,

[root@localhost ~]#groupadd -r -g 25 named
[root@localhost ~]#useradd -r -u 25 -s /bin/nologin -d /usr/local/named -g named named
[root@localhost ~]#chown -R named:named /usr/local/bind/

7.前台启动named服务,看看配置是否正常.

[root@localhost ~]#/usr/local/bind/sbin/named -c /usr/local/bind/etc/named.conf -f -g -u named

 如果以上的配置启动都没有报错,那么接下来就可以添加MySQL,这样就可以将区域信息写入到数据库中.

三、配置dlz数据库查询

1.登录MySQL,并创建库和表.

mysql> create database bind;
Query OK, 1 row affected (0.00 sec)
> CREATE TABLE IF NOT EXISTS `dns_records` (
  `id` int(10) unsigned NOT NULL AUTO_INCREMENT,
  `zone` varchar(255) NOT NULL,
  `host` varchar(255) NOT NULL DEFAULT '@',
  `type` enum('A','MX','CNAME','NS','SOA','PTR','TXT','AAAA','SVR','URL') NOT NULL,
  `data` varchar(255) DEFAULT NULL,
  `ttl` int(11) NOT NULL DEFAULT '3600',
  `mx_priority` int(11) DEFAULT NULL,
  `view`  enum('any', 'Telecom', 'Unicom', 'CMCC', 'ours') NOT NULL  DEFAULT "any" ,
  `priority` tinyint UNSIGNED NOT NULL DEFAULT '255',
  `refresh` int(11) NOT NULL DEFAULT '28800',
  `retry` int(11) NOT NULL DEFAULT '14400',
  `expire` int(11) NOT NULL DEFAULT '86400',
  `minimum` int(11) NOT NULL DEFAULT '86400',
  `serial` bigint(20) NOT NULL DEFAULT '2015050917',
  `resp_person` varchar(64) NOT NULL DEFAULT 'ddns.net',
  `primary_ns` varchar(64) NOT NULL DEFAULT 'ns.ddns.net.',
  PRIMARY KEY (`id`),
  KEY `type` (`type`),
  KEY `host` (`host`),
  KEY `zone` (`zone`)
) ENGINE=MyISAM  DEFAULT CHARSET=utf8 AUTO_INCREMENT=1 ;

Query OK, 0 rows affected (0.02 sec)

2.数据库中插入数据:

mysql> insert into bind.dns_records (zone, host, type, data, ttl) VALUES ('testinfo.com', 'www', 'A', '1.1.1.1', '600');
Query OK, 1 row affected (0.00 sec)

mysql> insert into bind.dns_records (zone, host, type, data, ttl) VALUES ('testinfo.com', 'bbs', 'A', '2.2.2.2', '600');
Query OK, 1 row affected (0.00 sec)

mysql> insert into bind.dns_records (zone, host, type, data, ttl) VALUES ('testinfo.com', 'm', 'A', '3.3.3.3', '600');
Query OK, 1 row affected (0.00 sec)

mysql> 

3.后台启动named服务:

[root@localhost ~]# /usr/local/bind/sbin/named -c /usr/local/bind/etc/named.conf -f -g -u named &

4.在/etc/resolv.conf 文件中添加本机192.168.153.130为第一dns解析地址:

[root@localhost ~]# vim /etc/resolv.conf 
; generated by /sbin/dhclient-script
#search localdomain
nameserver 192.168.153.130
nameserver 192.168.153.2
nameserver 8.8.8.8

5.解析测试:本地添加的test.info.com域名通过192.168.153.130解析,外网的www.baidu.com使用第二个dns解析.

[root@localhost ~]# nslookup
> www.testinfo.com
Server:         192.168.153.130
Address:        192.168.153.130#53

Name:   www.testinfo.com
Address: 1.1.1.1
> bbs.testinfo.com
Server:         192.168.153.130
Address:        192.168.153.130#53

Name:   bbs.testinfo.com
Address: 2.2.2.2
> m.testinfo.com
Server:         192.168.153.130
Address:        192.168.153.130#53

Name:   m.testinfo.com
Address: 3.3.3.3
> www.baidu.com
Server:         192.168.153.2
Address:        192.168.153.2#53

Non-authoritative answer:
www.baidu.com   canonical name = www.a.shifen.com.
Name:   www.a.shifen.com
Address: 220.181.111.188
Name:   www.a.shifen.com
Address: 220.181.112.244

至此Bind-MySQL部署完成.

参考文档:

    https://itsecureadmin.com/2010/09/bind-dlz-with-mysql/

    https://www.jianshu.com/p/1318ef8865ba

    https://www.cnblogs.com/jiangxu67/p/4801230.html  

posted @ 2018-01-02 17:11  梦徒  阅读(4010)  评论(2编辑  收藏  举报