BIND 9快速安装实例(转)[@more@]

这是一个服务器安装的一部分；

由于论坛吃空格，准备了txt文件在这里：

http://www.hackerbay.com/doc/bind9.txt

[code:1:3f69c81bf9]######################## BIND 9 ###############

# 简单的bind 9 安装

# 配置为 转发 + master ###

阿土 Aborigen Yin

http://www.hackerbay.com

2003.06.27

###################### modules bind 9 #############33

7.安装bind 9.2.2

7.1.获得源码并安装

mkdir -p /usr/local/src/distfiles

cd /usr/local/src/distfiles

#wget ftp://ftp.isc.org/isc/bind9/9.2.2/bind-9.2.2.tar.gz

wget ftp://172.16.100.245/pub/distfiles/bind-9.2.2.tar.gz

tar xfz bind-9.2.2.tar.gz -C ..

cd ../bind-9.2.2/

./configure --prefix=/usr/local/modules/named --disable-ipv6

make && make install

7.2.add user and group for named

pw groupadd named

mkdir -p /usr/local/modules/named/etc

mkdir -p /usr/local/modules/named/var/log

mkdir -p /usr/local/modules/named/var/run

pw useradd named -g named -d /usr/local/modules/named -s /sbin/nologin

chown -R named:named /usr/local/modules/named

chmod 700 /usr/local/modules/named

chmod 777 /usr/local/modules/named/var/run

7.3.配置DNS服务器

cd /usr/local/modules/named/etc

#vi named.conf

//begin of named.conf

acl "trust-lan" { 127.0.0.1/8; 192.168.0.0/16; 172.16.0.0/16; };

options {

directory "/usr/local/modules/named/etc";

datasize 80M;

allow-transfer {

"trust-lan";

};

forward first;

forwarders {

202.96.134.133;

202.96.128.110;

};

//recursion no;

recursion yes;

allow-notify {

"trust-lan";

};

allow-recursion {

"trust-lan";

};

//auth-nxdomain yes;

auth-nxdomain no;

#不报告自己的版本号

version "[secured]";

};

// How to log

logging {

channel warning

{

file "/usr/local/modules/named/var/log/dns_warnings" versions 3 size 10240k;

severity warning;

print-category yes;

print-severity yes;

print-time yes;

};

channel general_dns

{

file "/usr/local/modules/named/var/log/dns_logs" versions 3 size 10240k;

severity info;

print-category yes;

print-severity yes;

print-time yes;

};

category default { warning; } ;

category queries { general_dns; } ;

};

zone "." {

type hint;

file "named.root";

};

zone "0.0.127.IN-ADDR.ARPA" {

type master;

file "localhost.rev";

};

zone "oss4e.org"{

type master;

file "zone.oss4e.org";

notify yes;

};

zone "100.16.172.in-addr.arpa" {

type master;

file "zone.100.16.172.in-addr.arpa";

};

//end of named.conf

touch /usr/local/modules/named/var/log/dns_warnings

touch /usr/local/modules/named/var/log/dns_logs

#获得根提示文件

wget ftp://ftp.internic.org/domain/named.root

#vi named.root

; This file holds the information on root name servers needed to

; initialize cache of Internet domain name servers

; (e.g. reference this file in the "cache . "

; configuration file of BIND domain name servers).

;

; This file is made available by InterNIC

; under anonymous FTP as

; file /domain/named.root

; on server FTP.INTERNIC.NET

;

; last update: Nov 5, 2002

; related version of root zone: 2002110501

;

;

; formerly NS.INTERNIC.NET

;

. 3600000 IN NS A.ROOT-SERVERS.NET.

A.ROOT-SERVERS.NET. 3600000 A 198.41.0.4

;

; formerly NS1.ISI.EDU

;

. 3600000 NS B.ROOT-SERVERS.NET.

B.ROOT-SERVERS.NET. 3600000 A 128.9.0.107

;

; formerly C.PSI.NET

;

. 3600000 NS C.ROOT-SERVERS.NET.

C.ROOT-SERVERS.NET. 3600000 A 192.33.4.12

;

; formerly TERP.UMD.EDU

;

. 3600000 NS D.ROOT-SERVERS.NET.

D.ROOT-SERVERS.NET. 3600000 A 128.8.10.90

;

; formerly NS.NASA.GOV

;

. 3600000 NS E.ROOT-SERVERS.NET.

E.ROOT-SERVERS.NET. 3600000 A 192.203.230.10

;

; formerly NS.ISC.ORG

;

. 3600000 NS F.ROOT-SERVERS.NET.

F.ROOT-SERVERS.NET. 3600000 A 192.5.5.241

;

; formerly NS.NIC.DDN.MIL

;

. 3600000 NS G.ROOT-SERVERS.NET.

G.ROOT-SERVERS.NET. 3600000 A 192.112.36.4

;

; formerly AOS.ARL.ARMY.MIL

;

. 3600000 NS H.ROOT-SERVERS.NET.

H.ROOT-SERVERS.NET. 3600000 A 128.63.2.53

;

; formerly NIC.NORDU.NET

;

. 3600000 NS I.ROOT-SERVERS.NET.

I.ROOT-SERVERS.NET. 3600000 A 192.36.148.17

;

; operated by VeriSign, Inc.

;

. 3600000 NS J.ROOT-SERVERS.NET.

J.ROOT-SERVERS.NET. 3600000 A 192.58.128.30

;

; housed in LINX, operated by RIPE NCC

;

. 3600000 NS K.ROOT-SERVERS.NET.

K.ROOT-SERVERS.NET. 3600000 A 193.0.14.129

;

; operated by IANA

;

. 3600000 NS L.ROOT-SERVERS.NET.

L.ROOT-SERVERS.NET. 3600000 A 198.32.64.12

;

; housed in Japan, operated by WIDE

;

. 3600000 NS M.ROOT-SERVERS.NET.

M.ROOT-SERVERS.NET. 3600000 A 202.12.27.33

; End of File

;vi zone.oss4e.org

;begin of zone.oss4e.org

$TTL 3600

@ IN SOA dns1.oss4e.org. webmaster.oss4e.org. (

12061702 ; Serial (date, 2 digits version of day)

86400 ; refresh (1 day)

7200 ; retry (2 hours)

864000 ; expire (10 days)

86400 ) ; minimum (1 day)

IN NS dns1.oss4e.org.

IN NS dns2.oss4e.org.

IN NS dns.oss4e.org.

IN MX 10 mail.oss4e.org.

oss4e.org. IN A 172.16.100.243

dns IN A 172.16.100.243

dns1 IN A 172.16.100.243

dns2 IN A 172.16.100.243

mail IN A 172.16.100.243

smtp IN CNAME mail.oss4e.org.

;泛域名解析

* IN A 172.16.100.243

;end of zone.oss4e.org

;vi localhost.rev

;begin of localhost.rev

$TTL 3600

@ IN SOA dns1.oss4e.org. webmaster.oss4e.org. (

12061702 ; Serial (date, 2 digits version of day)

86400 ; refresh (1 day)

7200 ; retry (2 hours)

864000 ; expire (10 days)

86400 ) ; minimum (1 day)

IN NS dns1.oss4e.org.

IN NS dns2.oss4e.org.

IN NS dns.oss4e.org.

IN MX 10 mail.oss4e.org.

1 IN PTR localhost.oss4e.org.

;end of localhost.rev

;vi zone.100.16.172.in-addr.arpa

;zone.100.16.172.in-addr.arpa

$TTL 3600

@ IN SOA dns1.oss4e.org. webmaster.oss4e.org. (

12061702 ; Serial (date, 2 digits version of day)

86400 ; refresh (1 day)

7200 ; retry (2 hours)

864000 ; expire (10 days)

86400 ) ; minimum (1 day)

IN NS dns1.oss4e.org.

IN NS dns2.oss4e.org.

IN NS dns.oss4e.org.

IN MX 10 mail.oss4e.org.

243 IN PTR mail.oss4e.org.

;end of zone.100.16.172.in-addr.arpa

7.4.配置环境

#vi /etc/resolv.conf

domain oss4e.org

nameserver 127.0.0.1

nameserver 202.96.134.133

nameserver 202.96.128.110

7.5.#配置日志：

#vi /etc/syslog.conf

#添加local.none到messages的末尾，阻止named发送日志到messages；

# Don't log private authentication messages!

*.info;mail.none;authpriv.none;cron.none;local.none /var/log/messages

#添加如下，其中!named表示named这个进程发来的日志；

!named

*.* /usr/local/modules/named/var/log/named.log

#这个是syslog.conf中要求的；

touch /usr/local/modules/named/var/log/named.log

chown named:named /usr/local/modules/named/var/log/named.log

chmod 766 /usr/local/modules/named/var/log/named.log

killall -HUP syslogd

7.6.配置启动文件

#vi /usr/local/modules/named/bin/named-mgr.sh

#!/bin/sh

if [ `id -u` -ne 0 ]

then

echo "ERROR:For bind to port 53,must run as root."

exit 1

fi

case "$1" in

start)

if [ -x /usr/local/modules/named/sbin/named ]; then

/usr/local/modules/named/sbin/named -u named && echo . && echo 'BIND9 server started.'

fi

;;

stop)

kill `cat /usr/local/modules/named/var/run/named.pid` && echo . && echo 'BIND9 server stopped.'

;;

restart)

echo .

echo "Restart BIND9 server ......"

$0 stop

sleep 10

$0 start

;;

*)

echo "$0 start | stop | restart"

;;

esac

#end of named-mgr.sh

chmod 755 /usr/local/modules/named/bin/named-mgr.sh

ln -s /usr/local/modules/named/bin/named-mgr.sh /usr/local/sbin

ln -s /usr/local/modules/named/bin/named-mgr.sh /usr/local/etc/rc.d

7.7.配置权限

rm -rf /usr/local/modules/named/.*

chown -R named:named /usr/local/modules/named/*

chmod -R 700 /usr/local/modules/named/*

#end of bind9[/code:1:3f69c81bf9]

[code:1:3f69c81bf9][/code:1:3f69c81bf9

来自 “ ITPUB博客 ” ，链接：http://blog.itpub.net/8225414/viewspace-945022/，如需转载，请注明出处，否则将追究法律责任。