在linux系统下安装DNS服务器bind

BIND是一种开源的DNS（DomainNameSystem）协议的实现，包含对域名的查询和响应所需的所有软件。它是互联网上最广泛使用的一种DNS服务器，下面讲解在linux系统下如何安装DNS服务器bind。

1.从http://www.isc.org/products/BIND/bind9.html下载bind9的源文件。目前版本为9.23，源文件为bind-9.2.3.tar.gz。

2.将源文件bind-9.2.3.tar.gz置于/usr/local/src目录下。

3.解压缩源文件bind-9.2.3.tar.gz

#tar-xzvfbind-9.2.3.tar.gz-C/usr/local/src

4.进入安装目录

#cdbind-9.2.3

5.配置、编译

#./configure

#make

6.安装

#makeinstall

7.生成的可执行文件位于/usr/local/sbin目录下。最重要的可执行文件为named和rndc。

8.创建链接

#ln-s/usr/local/sbin/rndc/usr/sbin/rndc

#ln-s/usr/local/sbin/named/usr/sbin/named

9.创建rndc.conf配置文件。

#/usr/local/sbin/rndc-confgen>/etc/rndc.conf

#cat/etc/rndc.conf

输出为：

#Startofrndc.conf

key"rndc-key"{

algorithmhmac-md5;

secret"y9xvvfQjdWv9f/Fo7wquBg==";

};

options{

default-key"rndc-key";

default-server127.0.0.1;

default-port953;

};

#Endofrndc.conf

#Usewiththefollowinginnamed.conf,adjustingtheallowlistasneeded:

#key"rndc-key"{

#algorithmhmac-md5;

#secret"y9xvvfQjdWv9f/Fo7wquBg==";

#};

#

#controls{

#inet127.0.0.1port953

#allow{127.0.0.1;}keys{"rndc-key";};

#};

#Endofnamed.conf

10.创建rndc.key文件。将rndc.conf文件中注释部分拷贝生成如下文件：

#vi/etc/rndc.key

key"rndc-key"{

algorithmhmac-md5;

secret"y9xvvfQjdWv9f/Fo7wquBg==";

};

controls{

inet127.0.0.1port953

allow{127.0.0.1;}keys{"rndc-key";};

};

检查rndc是否正常工作:

#/usr/local/sbin/named-g

Jan1111:56:45.075startingBIND9.2.3-g

Jan1111:56:45.076using1CPU

Jan1111:56:45.079loadingconfigurationfrom'/etc/named.conf'

......

#/usr/local/sbin/rndcstatus

11.创建named.conf配置文件。

#vi/etc/named.conf

//generatedbynamed-bootconf.pl

options{

directory"/var/named";

/*

*Ifthereisafirewallbetweenyouandnameserversyouwant

*totalkto,youmightneedtouncommentthequery-source

*directivebelow.PreviousversionsofBINDalwaysasked

*questionsusingport53,butBIND8.1usesanunprivileged

*portbydefault.

*/

//query-sourceaddress*port53;

};

//

//acachingonlynameserverconfig

//

zone"."IN{

typehint;

file"named.root";

};

zone"localhost"IN{

typemaster;

file"localhost.zone";

allow-update{none;};

};

zone"0.0.127.in-addr.arpa"IN{

typemaster;

file"named.local";

allow-update{none;};

};

zone"domain1.net"IN{//新加domain1.net的域

typemaster;

file"domain1.net.zone";

allow-update{none;};

};

zone"252.177.61.in-addr.arpa"IN{//新加域的反向解析

typemaster;

file"named.61.177.252";

allow-update{none;};

};

include"/etc/rndc.key";

12.创建/var/named目录

#mkdir/var/named

#cd/var/named

13.匿名登录到ftp站点FTP.RS.INTERNIC.NET，获取/domain目录下的named.root文件和named.ca文件，将该文件置于/var/named目录下。

14.创建localhost.zone文件

#vi/var/named/localhost.zone

$TTL86400

$ORIGINlocalhost.

@1DINSOA@root(

42;serial(d.adams)

3H;refresh

15M;retry

1W;expiry

1D);minimum

1DINNS@

1DINA127.0.0.1

15.创建named.local文件

#vinamed.local

$TTL86400

@INSOAlocalhost.root.localhost.(

1997022700;Serial

28800;Refresh

14400;Retry

3600000;Expire

86400);Minimum

INNSlocalhost.

1INPTRlocalhost.

16.创建domain1.net.zone文件

#viycmail.net.zone

$TTL86400

@INSOAlocalhost.root.localhost.(

2003061800;Serial

28800;Refresh

14400;Retry

3600000;Expire

86400);Minimum

INNSlocalhost.

mailINA61.177.252.34

wwwINCNAMEmail

17.创建named.61.177.252文件

#vinamed.61.177.252

$TTL86400

@INSOAlocalhost.root.localhost.(

2003061800;Serial

28800;Refresh

14400;Retry

3600000;Expire

86400);Minimum

INNSlocalhost.

34INPTRmail.domain1.net.

18.创建启动脚本

#vi/etc/rc.d/init.d/named

#!/bin/sh

#

#namedThisshellscripttakescareofstartingandstopping

#named(BINDDNSserver).

#

#chkconfig:3455545

#description:named(BIND)isaDomainNameServer(DNS)

#thatisusedtoresolvehostnamestoIPaddresses.

#probe:true

#Sourcefunctionlibrary.

./etc/rc.d/init.d/functions

#Sourcenetworkingconfiguration.

./etc/sysconfig/network

#Checkthatnetworkingisup.

[$="no"]&&exit0

[-f/usr/sbin/named]||exit0

[-f/etc/named.conf]||exit0

#Seehowwewerecalled.

case""in

start)

#Startdaemons.

echo-n"Startingnamed:"

daemonnamed

echo

touch/var/lock/subsys/named

;;

stop)

#Stopdaemons.

echo-n"Shuttingdownnamed:"

killprocnamed

rm-f/var/lock/subsys/named

echo

;;

status)

/usr/sbin/rndcstatus

exit$?

;;

restart)

stop

start

exit$?

;;

reload)

/usr/sbin/rndcreload

exit$?

;;

probe)

#namedknowshowtoreloadintelligently;wedon'twantlinuxconf

#tooffertorestarteverytime

/usr/sbin/rndcreload>/dev/null2>&1||echostart

exit0

;;

*)

echo"Usage:named"

exit1

esac

exit0

19.将/etc/rc.d/init.d/named变成可执行文件。

#chmod755/etc/rc.d/init.d/named

20.创建启动脚本symbollink

#ln-s/etc/rc.d/init.d/named/etc/rc.d/rc0.d/K45named

#ln-s/etc/rc.d/init.d/named/etc/rc.d/rc1.d/K45named

#ln-s/etc/rc.d/init.d/named/etc/rc.d/rc2.d/K45named

#ln-s/etc/rc.d/init.d/named/etc/rc.d/rc3.d/S55named

#ln-s/etc/rc.d/init.d/named/etc/rc.d/rc4.d/S55named

#ln-s/etc/rc.d/init.d/named/etc/rc.d/rc5.d/S55named

#ln-s/etc/rc.d/init.d/named/etc/rc.d/rc6.d/K45named

21.启动bind9

#/etc/rc.d/init.d/namedstart

停止bind9

#/etc/rc.d/init.d/namedstop

查看状态

#/etc/rc.d/init.d/namedstatus

22.检查配置文件及域文件

#/usr/local/sbin/named-checkconf

#/usr/local/sbin/named-checkzonedomain1.net/var/named/domain1.net.zone

参考资料：http://tech.huweishen.com/gongju/1541.html