测试环境:centos7,ip地址为,192.168.0.6,先打开dns的防火墙

firewall-cmd --zone=public --add-port=53/udp --permanent
firewall-cmd --zone=public --add-port=953/udp --permanent
firewall-cmd --reload

安装必备组件

yum install -y groupinstall pcre-devel zlib-devel gcc gcc-c++ autoconf automake make pcre-devel zlib-devel openssl-devel openldap-devel unixODBC-devel gcc libtool openssl

安装mysql

yum install mysql-community-devel.x86_64 -y

编辑/etc/my.conf,在[mysqld]下加入

wait_timeout = 864000
interactive_timeout = 864000

可有效的防止mysql无查询重连接问题

创建软连

ln -sv /usr/lib64/mysql/libmysqlclient.so.18 /usr/lib/libmysqlclient.so

下载并编译安装bind9

wget http://ftp.isc.org/isc/bind9/9.12.4/bind-9.12.4.tar.gz
tar zxvf bind-9.12.4.tar.gz
cd bind-9.12.4
./configure --prefix=/usr/local/bind --enable-threads --enable-largefile --disable-ipv6 --with-openssl --with-dlz-mysql=/usr
make&&make install

创建bind运行用户组使其运行在用户模式下,增强安全性

useradd -s /sbin/nologin -M named
mkdir /usr/local/bind/log/
chown -R named:named /usr/local/bind/

加入环境变量

echo "export PATH=${PATH}:/usr/local/bind/sbin/:/usr/local/bind/bin/" >> /etc/profile
source /etc/profile

生成配置文件

cd /usr/local/bind/etc/
rndc-confgen -r /dev/urandom > rndc.conf
head -5 rndc.conf >named.conf

下载ca文件

wget http://www.internic.net/domain/named.root

编辑named.conf文件,增加以下内容

controls {
        inet 127.0.0.1 port 953
        allow { 127.0.0.1; } keys { "rndc-key"; };
};

logging {
        channel bind_log {
                file "/tmp/bind.log" versions 3 size 20m;
                severity info;
                print-time yes;
                print-severity yes;
                print-category yes;
        };
        category default {
                bind_log;

        };
 };

options {
        listen-on port 53 { any; };
        directory "/usr/local/bind";
        Pid-file "named.pid";
        allow-query-cache { any; };
        allow-query     { any; };
};

dlz "mysql-dlz" {
    database "mysql
    {host=127.0.0.1 dbname=bind ssl=false port=3306 user=bind pass=W123456W^&}
    {select zone from dns_records where zone = '$zone$' and  view = 'any' limit 1}
    {select ttl,type,if(mx_priority>0,mx_priority,NULL),case when lower(type)='txt' then concat('\"',data,'\"') when lower(type)    =  'soa'  then   concat_ws(' ',  data,  resp_person,  serial,  refresh,  retry,  expire,  minimum)   else   data   end   as   mydata   from   dns_records where zone = '$zone$'   and host = '$record$' and view = 'any'}";
};
#include  "/usr/local/bind/etc/default.zones";

配置mysql,创建一个bind的用户和数据库密码为W123456W^&

mysql -u root -p

输入mysql的root密码

create database bind;
GRANT ALL PRIVILEGES ON bind.* TO 'bind'@'%' IDENTIFIED BY 'W123456W^&';
进入bind数据库并创建表,注意修改其中的ns.loshub.com和ns1.loshub.com

use bind;
CREATE TABLE IF NOT EXISTS dns_records (
id int(10) unsigned NOT NULL AUTO_INCREMENT,
zone varchar(255) NOT NULL,
host varchar(255) NOT NULL DEFAULT '@',
type enum('A','MX','CNAME','NS','SOA','PTR','TXT','AAAA','SVR','URL') NOT NULL,
data varchar(255) DEFAULT NULL,
ttl int(11) NOT NULL DEFAULT '3600',
mx_priority int(11) DEFAULT NULL,
view enum('any', 'Telecom', 'Unicom', 'CMCC', 'ours') NOT NULL DEFAULT "any" ,
priority tinyint UNSIGNED NOT NULL DEFAULT '255',
refresh int(11) NOT NULL DEFAULT '28800',
retry int(11) NOT NULL DEFAULT '14400',
expire int(11) NOT NULL DEFAULT '86400',
minimum int(11) NOT NULL DEFAULT '86400',
serial bigint(20) NOT NULL DEFAULT '2015050917',
resp_person varchar(64) NOT NULL DEFAULT 'ns.loshub.com',
primary_ns varchar(64) NOT NULL DEFAULT 'ns1.loshub.com.',
PRIMARY KEY (id),
KEY type (type),
KEY host (host),
KEY zone (zone)
) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=1 ;

刷新mysql权限

FLUSH PRIVILEGES;

插入解析数据,插入一个A记录www.adw123.com域及解析

use bind;
insert into bind.dns_records (zone, host, type, data, ttl) VALUES ('adw123.com', 'www', 'A', '1.1.1.1', '600');

插入一个cname记录,如abc.adw123.com域名cname到www.adw123.com

use bind;
insert into bind.dns_records (zone, host, type, data, ttl) VALUES ('adw123.com', 'abc', 'CNAME', 'www', '600');
insert into bind.dns_records (zone, host, type, data, ttl) VALUES ('adw123.com', '@', 'MX', '1.1.1.1.', '600');

刷新权限并退出

FLUSH PRIVILEGES;
quit

测试启动

/usr/local/bind/sbin/named -c /usr/local/bind/etc/named.conf -f -g -u named

看有无报错

后台启动

/usr/local/bind/sbin/named -c /usr/local/bind/etc/named.conf -f -g -u named &

接下来测试bind
更新本机(centos7)的dns(如果是外网这一步不用做),为本机的ip,修改文件为/etc/resolv.conf ,把第一个nameserver,后面的ip改为本机ip。
测试

nslookup

www.adw123.com
Server: 192.168.0.6
Address: 192.168.0.6#53
Name: www.adw123.com
Address: 1.1.1.1
** server can't find www.adw123.com: SERVFAIL
成功.完成。
分类: bind9dns 标签: 暂无标签
版权申明

本文系作者 @天边的云 原创发布在Loshub站点。未经许可,禁止转载。

评论

暂无评论数据

暂无评论数据

相关推荐

暂无相关推荐
获得点赞 0
文章被阅读 122
最后更新 23-11-14 10:08:51

目录

暂无目录

目录