1. 程式人生 > >centos7安裝bind9.12

centos7安裝bind9.12

centos7+bind9.12 linux dns linux bind bind9.12 centos7 bind9

參考文獻1:http://blog.51cto.com/sw5720/1611777
參考文獻2:https://blog.csdn.net/orapeasant/article/details/1801395
1、下載最新bind軟件,此次使用bind-9.12.1.tar.gz
官方網站https://www.isc.org/downloads/
2、解壓至/root下
tar -zxvf bind-9.10.1-P1.tar.gz
3、進入解壓後的文件夾
cd bind-9.10.1-P1
4、安裝必備的openssl等插件
yum install gcc gcc-c++ openssl openssl-dev*
5、設置安裝路徑等參數、編譯、安裝

  • 下面命令參數為:指定路徑 多線程功能 大文件支持 DNSSEC支持
    設置安裝路徑為/usr/local/named,多線程,大文件支持,DNSSEC支持
    #./configure --prefix=/usr/local/named --enable-threads --enable-largefile --with-tuning=large --with-openssl
  • 創建服務專用賬戶named,禁止本地登陸
    #useradd -d /usr/local/named -s /sbin/nologin named
  • 編譯
    #make
  • 安裝
    #make install
  • 進入安裝後的配置文件夾
    #cd /usr/local/named/etc
  • 生成rndc.conf文件
    #/usr/local/named/sbin/rndc-confgen > rndc.conf
  • 將rndc.conf內容導入named.conf
    #tail -10 rndc.conf | head -9 | sed s/#\ //g > named.conf
  • 編輯主配置文件
    #vim named.conf
    options {
    listen-on port 53 { 127.0.0.1; };
    directory "/usr/local/named/var"; //域名文件存放的絕對路徑
    pid-file "named.pid";
    recursion yes;
    allow-query { any; };
    recursive-clients 30000;
    query-source ...; //如果查不到要解析地址,將會查詢其它域名服務器
    notify-source ...; //使用本地的源地址和可選的UDP端口,用於發送NOTIFY消息
    };
    logging {
    channel query_log { //查詢日誌
    file "/var/log/named/query.log" versions 20 size 300m;
    severity info;
    print-time yes;
    print-category yes;
    };
    channel error_log { //報錯日誌
    file "/var/log/named/error.log" versions 3 size 10m;
    severity info;
    print-time yes;
    print-severity yes;
    print-category yes;
    };
    category queries { query_log; };
    category default { error_log; };
    };
    zone "." IN {
    type hint;
    file "named.root"; //存放在//usr/local/named/var目錄
    };
    zone "localhost" IN {
    type master;
    file "localhost.zone";
    allow-update { none; };
    };
    zone "0.0.127.in-addr.arpa" IN {
    type master;
    file "named.local";
    allow-update { none; };
    };
  • 生成根服務器文件
    #cd /usr/local/named/var
    #dig @a.root-servers.net . ns > named.root
  • 創建本地域文件
    #vim localhost.zone
    $TTL 86400
    $ORIGIN localhost.
    @ 1D IN SOA @ root (
    42 ; serial (d. adams)
    3H ; refresh
    15M ; retry
    1W ; expiry
    1D ) ; minimum
    1D IN NS @
    1D IN A 127.0.0.1
    #vim named.local
    $TTL 86400
    @ IN SOA localhost. root.localhost. (
    1997022700 ; Serial
    28800 ; Refresh
    14400 ; Retry
    3600000 ; Expire
    86400 ) ; Minimum
    IN NS localhost.
    1 IN PTR localhost.
  • 創建服務起停腳本
    #vi /etc/rc.d/init.d/named //服務啟停腳本
    #!/bin/bash

    named a network name service.

                # chkconfig: 345 35 75
                # description: a name server
                if [ `id -u` -ne 0 ]
                then
                echo -e "\e[31mERROR:For bind to port 53,must run as root.\e[0m"
                exit 1
                fi
                case "$1" in
                start)
                if [ -x /usr/local/named/sbin/named ]; then
                /usr/local/named/sbin/named -c /usr/local/named/etc/named.conf -u named && echo . && echo -e ‘BIND9 server \e[32mstarted\e[0m‘
                fi
                ;;
                stop)
                kill `cat /usr/local/named/var/named.pid` && echo . && echo -e ‘BIND9 server \e[33mstopped\e[0m‘
                ;;
                restart)
                echo .
                echo "Restart BIND9 server"
                $0 stop
                sleep 1
                echo -n "." && sleep 2 && echo -n "." && sleep 2 && echo -n "." && sleep 2
                $0 start
                ;;
                reload)
                /usr/local/named/sbin/rndc reload
                ;;
                status)
                /usr/local/named/sbin/rndc status
                ;;
                *)
                echo "$0 start | stop | restart |reload |status"
                ;;
                esac
  • 更改腳本文件權限
    #chmod 755 /etc/rc.d/init.d/named
  • 添加至服務控制
    #chkconfig --add named
  • 為named賦權限
    #chown -R named.named /usr/local/named/
  • 創建軟連接
    #ln -s /usr/local/named/sbin/named /sbin
  • 創建日誌文件夾
    #mkdir /var/log/named/
  • 日誌文件夾權限修改
    #chown -R named.named /var/log/named/
  • 調試模式測試是否正常啟動
    #named -g //調試模式啟動
  • 設置開機服務自啟動
    #chkconfig named on && service named start

centos7安裝bind9.12