1,下载bind-9.9.2.tar.gz 包 http://download.chinaunix.net/download.php?id=44214&ResourceID=6
2,编译安装
# tar zvxf bind-9.9.2.tar.gz
# cd bind-9.9.2
# ./configure --prefix=/usr/local/bind9 --sysconfdir=/etc/named/ --enable-threads --enable-epoll --disable-chroot
# make && make install
3,添加named组和named用户
# groupadd -g 53 -r named
# useradd -g named -r named
# id named
4,提供/var/named/ 目录和区域数据库文件
# mkdir /var/named/
# cd /var/named/
# dig -t NS . @192.168.1.1 > named.ca
5,提供主配置文件 /etc/named/named.conf
options {
directory "/var/named";
};
zone "." IN {
type hint;
file "named.ca";
};
zone "localhost" IN {
type master;
file "named.localhost";
allow-transfer { none; };
};
zone "0.0.127.in-addr.arpa" IN {
type master;
file "named.loopback";
allow-transfer { none; };
};
6,提供区域数据库文件
# vim named.localhost
$TTL 86400
@ IN SOA localhost. luochen.localhost. (
2016031001
2H
10M
7D
1D )
IN NS localhost.
localhost. IN A 127.0.0.1
# vim named.loopback
$TTL 86400
@ IN SOA localhost. luochen.localhost. (
2016031001
2H
10M
7D
1D )
IN NS localhost.
1 IN PTR localhost.
7,配置rndc,生成named.conf文件
# /usr/local/bind9/sbin/rndc-confgen > /etc/named/rndc.conf
8,修改配置文件权限和属主
# chown root:named /etc/named/named.conf
# chown root:named /etc/named/rndc.conf
# chmod 640 /etc/named/named.conf
# chmod 640 /etc/named/rndc.conf
9,修改区域数据库文件属主和权限
# cd /var/named/
# chown root:named *
# chmod 640 *
10,修改PATH环境变量,让系统可以直接使用named的相关命令
# vim /etc/profile.d/named.sh
export PATH=/usr/local/bind9/bin:/usr/local/bind9/sbin:$PATH
11,重新读取环境变量的值
#source /etc/profile
12,检测区域数据库文件是否有语法错误
# named-checkzone "localhost" /var/named/named.localhost
# named-checkzone "0.0.127.in-addr.arpa" /var/named/named.loopback
13,启动named服务
# named -u named -c /etc/named/named.conf
14,查看服务是否正常启动
# netstat -tnul | grep 53
15,在主配置文件中定义一个区域
# vim /etc/named/named.conf
options {
directory "/var/named";
};
zone "." IN {
type hint;
file "named.ca";
};
zone "localhost" IN {
type master;
file "named.localhost";
allow-transfer { none; };
};
zone "0.0.127.in-addr.arpa" IN {
type master;
file "named.loopback";
allow-transfer { none; };
};
zone "luolinux.com" IN {
type master;
file "luolinux.com.zone";
};
16,提供区域数据库文件
# vim /var/named/luolinux.com.zone
$TTL 86400
@ IN SOA dns.luolinux.com. luochen.luolinux.com. (
2016031001
2H
10M
2D
1D )
IN NS dns
IN MX 10 mail
dns IN A 192.168.1.118
mail IN A 192.168.1.118
www IN A 192.168.1.130
17,检测区域文件是否有语法错误
# named-checkzone "luolinux.com" /var/named/luolinux.com.zone
# killall -1 named
18,测试是否能正常解析
# dig -t A www.luolinux.com @192.168.1.118
19,配置rndc,将rndc.conf 文件的后一半复制到/var/named/named.conf 文件并开启注释
# vim /etc/named/named.conf
options {
directory "/var/named";
pid-file "/usr/local/bind9/var/run/named.pid";
};
zone "." IN {
type hint;
file "named.ca";
};
zone "localhost" IN {
type master;
file "named.localhost";
allow-transfer { none; };
};
zone "0.0.127.in-addr.arpa" IN {
type master;
file "named.loopback";
allow-transfer { none; };
};
zone "luolinux.com" IN {
type master;
file "luolinux.com.zone";
};
# Use with the following in named.conf, adjusting the allow list as needed:
key "rndc-key" {
algorithm hmac-md5;
secret "wkThKNcCFb/fM86evA8kdQ==";
};
controls {
inet 127.0.0.1 port 953
allow { 127.0.0.1; } keys { "rndc-key"; };
};
#End of named.conf
20,提供named服务启动脚本
# vim /etc/rc.d/init.d/named
#!/bin/bash
#
# description: named daemon
# chkconfig: 345 25 85
#
pidFile=/usr/local/bind9/var/run/named.pid
lockFile=/var/lock/subsys/named
confFile=/etc/named/named.conf
[ -r /etc/rc.d/init.d/functions ] && . /etc/rc.d/init.d/functions
start() {
if [ -e $lockFile ]; then
echo "named is already running..."
exit 0
fi
echo -n "Starting named:"
daemon --pidfile "$pidFile" /usr/local/bind9/sbin/named -u named -c "$confFile"
RETVAL=$?
echo
if [ $RETVAL -eq 0 ]; then
touch $lockFile
return $RETVAL
else
rm -f $lockFile $pidFile
return 1
fi
}
stop() {
if [ ! -e $lockFile ]; then
echo "named is stopped."
fi
echo -n "Stopping named"
killproc named
RETVAL=$?
echo
if [ $RETVAL -eq 0 ];then
rm -f $lockFile $pidFile
return 0
else
echo "Cannot stop named."
failure
return 1
fi
}
restart() {
stop
sleep 3
start
}
reload() {
echo -n "Reloading named: "
killproc named -HUP
RETVAL=$?
echo
return $RETVAL
}
status() {
if pidof named &> /dev/null; then
echo -n "named is running..."
success
echo
else
echo -n "named is stopped..."
success
echo
fi
}
usage() {
echo "Usage: named {start|stop|restart|status|reload}"
}
case $1 in
start)
start ;;
stop)
stop ;;
restart)
restart ;;
status)
status ;;
reload)
reload ;;
*)
usage
exit 4
;;
esac
21,修改/usr/local/bind9/var/run/ 目录属主和属组
# chown -R named:named /usr/local/bind9/var/run/
22,赋予启动脚本执行权限
# chmod +x /etc/rc.d/init.d/named
23,让服务开机自动启动
# chkconfig --add named
24,重启服务
# service named restart