debian下bind+mysql+DLZ的实现
Debian 5.0.5 AMD64(为避免软件包的依赖问题,系统所有软件包均采用lenny稳定源)
1。安装MySQL、mysql client headers 及编译必要工具
# apt-get install mysql-server
# apt-get install fakeroot bison
# apt-get install build-essential
# apt-get install libmysqlclient15-dev
2。下载bind9.6源码
# apt-get source bind9
# vim debian/rules
Change --with-dlz-mysql=no to --with-dlz-mysql=yes or add a line --with-dlz-mysql=yes (don't forget preceding backslash).
Install more build-time requirements. I didn't find out that I needed these until the dpkg-buildpackage step below complained about them being missing.
# apt-get install /
libkrb5-dev /
libkrb5-dev /
libssl-dev /
libtool /
libdb-dev /
libldap2-dev /
libldap2-dev /
libcap2-dev /
hardening-wrapper /
debhelper /
libxml2-dev
3。编译
# dpkg-buildpackage -rfakeroot -b
4。安装:
# dpkg -i *.deb
5。数据库设计:
CREATE TABLE `jn_records` (
`id` int(10) unsigned NOT NULL auto_increment,
`zone` varchar(255) NOT NULL,
`host` varchar(255) NOT NULL default '@',
`type` enum('MX','CNAME','NS','SOA','A','PTR') NOT NULL,
`data` varchar(255) default NULL,
`ttl` int(11) NOT NULL default '43200',
`mx_priority` int(11) default NULL,
`refresh` int(11) NOT NULL default '28800',
`retry` int(11) NOT NULL default '14400',
`expire` int(11) NOT NULL default '2592000',
`minimum` int(11) NOT NULL default '7200',
`serial` bigint(20) NOT NULL default '2010082300',
`resp_person` varchar(64) NOT NULL default 'laijinglisdwzy.com.',
`primary_ns` varchar(64) NOT NULL default 'ns1.sdwzy.com.',
`data_count` int(11) NOT NULL default '0',
PRIMARY KEY (`id`),
KEY `type` (`type`),
KEY `host` (`host`),
KEY `zone` (`zone`)
) ENGINE=MyISAM AUTO_INCREMENT=1 DEFAULT CHARSET=utf8;
6。DLZ配置:
dlz "Mysql zone" {
database "mysql
{host=localhost dbname=dns user=dns pass=dns}
{select zone from jn_records where zone = '%zone%'}
{select ttl, type, mx_priority, case when lower(type)='txt' then concat('/"', data, '/"') when lower(type) = 'soa' then concat_ws(' ', data, resp_person, serial, refresh, retry, expire, minimum) else data end as mydata from jn_records where zone = '%zone%' and host = '%record%'}
{}
{select ttl, type, host, mx_priority, case when lower(type)='txt' then concat('/"', data, '/"') else data end as mydata, resp_person, serial, refresh, retry, expire, minimum from jn_records where zone = '%zone%'}
{select zone from xfr_table where zone = '%zone%' and client = '%client%'}
{update jn_records set data_count = data_count + 1 where zone ='%zone%'}";
7。插入正向反向解析记录:
INSERT INTO `jn_records` (`zone`, `host`, `type`, `data`, `ttl`, `mx_priority`, `refresh`, `retry`, `expire`, `minimum`, `serial`,
`resp_person`, `primary_ns`, `data_count`) VALUES
('sdwzy.com', '@', 'SOA', 'ns1.sdwzy.com.', 2592000, NULL, 28800, 14400, 2592000, 14400, 2010082300, 'laijingli.sdwzy.com.',
'ns1.sdwzy.com.', 0);
INSERT INTO `jn_records` (`zone`, `host`, `type`, `data`, `ttl`, `mx_priority`, `refresh`, `retry`, `expire`, `minimum`, `serial`,
`resp_person`,
`primary_ns`, `data_count`) VALUES
('sdwzy.com', '@', 'SOA', '60.27.236.25', 2592000, NULL, 28800, 14400, 2592000, 14400, 2010082300, 'laijingli.sdwzy.com.',
'ns1.sdwzy.com.', 0);
INSERT INTO `jn_records` (`zone`, `host`, `type`, `data`, `ttl`, `mx_priority`, `refresh`, `retry`, `expire`, `minimum`, `serial`,
`resp_person`,
`primary_ns`, `data_count`) VALUES
('sdwzy.com', '@', 'NS', 'ns1.sdwzy.com.', 2592000, NULL, 28800, 14400, 2592000, 14400, 2010082300, 'laijingli.sdwzy.com.',
'ns1.sdwzy.com.', 0);
INSERT INTO `jn_records` (`zone`, `host`, `type`, `data`, `ttl`, `mx_priority`, `refresh`, `retry`, `expire`, `minimum`, `serial`,
`resp_person`,
`primary_ns`, `data_count`) VALUES
('sdwzy.com', '@', 'NS', 'ns2.sdwzy.com.', 2592000, NULL, 28800, 14400, 2592000, 14400, 2010082300, 'laijingli.sdwzy.com.',
'ns1.sdwzy.com.', 0);
INSERT INTO `jn_records` (`zone`, `host`, `type`, `data`, `ttl`, `mx_priority`, `refresh`, `retry`, `expire`, `minimum`, `serial`,
`resp_person`, `primary_ns`, `data_count`) VALUES
('sdwzy.com', 'ns1', 'A', '60.27.236.25', default, NULL, default, default, default, default, default, default, default, 0);
INSERT INTO `jn_records` (`zone`, `host`, `type`, `data`, `ttl`, `mx_priority`, `refresh`, `retry`, `expire`, `minimum`, `serial`,
`resp_person`, `primary_ns`, `data_count`) VALUES
('sdwzy.com', 'ns2', 'A', '60.27.236.26', default, NULL, default, default, default, default, default, default, default, 0);
INSERT INTO `jn_records` (`zone`, `host`, `type`, `data`, `ttl`, `mx_priority`, `refresh`, `retry`, `expire`, `minimum`, `serial`,
`resp_person`, `primary_ns`, `data_count`) VALUES
('sdwzy.com', 'www', 'A', '60.27.236.22', default, NULL, default, default, default, default, default, default, default, 0);
INSERT INTO `jn_records` (`zone`, `host`, `type`, `data`, `ttl`, `mx_priority`, `refresh`, `retry`, `expire`, `minimum`, `serial`,
`resp_person`, `primary_ns`, `data_count`) VALUES
('sdwzy.com', '@', 'A', '60.27.236.22', default, NULL, default, default, default, default, default, default, default, 0);
INSERT INTO `jn_records` (`zone`, `host`, `type`, `data`, `ttl`, `mx_priority`, `refresh`, `retry`, `expire`, `minimum`, `serial`,
`resp_person`, `primary_ns`, `data_count`) VALUES
('sdwzy.com', 'itu', 'A', '60.27.236.23', default, NULL, default, default, default, default, default, default, default, 0);
INSERT INTO `jn_records` (`zone`, `host`, `type`, `data`, `ttl`, `mx_priority`, `refresh`, `retry`, `expire`, `minimum`, `serial`,
`resp_person`, `primary_ns`, `data_count`) VALUES
('sdwzy.com', 'jn01.cache', 'A', '11.16.192.140', 300, NULL, default, default, default, default, default, default, default, 0);
INSERT INTO jn_records (zone,host,type,data)
VALUES ('sdwzy.com', 'cache', 'CNAME', 'jn01.cache');
8。向jn_records表中插入反向解析资源记录
INSERT INTO `jn_records` (`zone`, `host`, `type`, `data`, `ttl`, `mx_priority`, `refresh`, `retry`, `expire`, `minimum`, `serial`,
`resp_person`, `primary_ns`, `data_count`) VALUES
('236.27.60.in-addr.arpa', '@', 'SOA', 'NULL', default, NULL, default, default, default, default, default, default, default, 0);
INSERT INTO `jn_records` (`zone`, `host`, `type`, `data`, `ttl`, `mx_priority`, `refresh`, `retry`, `expire`, `minimum`, `serial`,
`resp_person`, `primary_ns`, `data_count`) VALUES
('236.27.60.in-addr.arpa', '@', 'NS', 'ns1.sdwzy.com.', default, NULL, default, default, default, default, default, default,
default, 0);
INSERT INTO `jn_records` (`zone`, `host`, `type`, `data`, `ttl`, `mx_priority`, `refresh`, `retry`, `expire`, `minimum`, `serial`,
`resp_person`, `primary_ns`, `data_count`) VALUES
('236.27.60.in-addr.arpa', '25', 'PTR', 'dns-jn.sdwzy.com.', default, NULL, default, default, default, default, default, default,
default, 0);
9。附件:
lai@25:~$ more /etc/default/bind9
# run resolvconf?
RESOLVCONF=yes
# startup options for the server
#OPTIONS="-u bind"
##配置bind9工作在单线程模式
OPTIONS="-u bind -n 1"
lai@25:~$ more /etc/bind/named.conf
// This is the primary configuration file for the BIND DNS server named.
//
// Please read /usr/share/doc/bind9/README.Debian.gz for information on the
// structure of BIND configuration files in Debian, *BEFORE* you customize
// this configuration file.
//
// If you are just adding zones, please do that in /etc/bind/named.conf.local
include "/etc/bind/named.conf.options";
// prime the server with knowledge of the root servers
//zone "." {
// type hint;
// file "/etc/bind/db.root";
//};
// be authoritative for the localhost forward and reverse zones, and for
// broadcast zones as per RFC 1912
//zone "localhost" {
// type master;
// file "/etc/bind/db.local";
//};
//zone "127.in-addr.arpa" {
// type master;
// file "/etc/bind/db.127";
//};
//zone "0.in-addr.arpa" {
// type master;
// file "/etc/bind/db.0";
//};
//zone "255.in-addr.arpa" {
// type master;
// file "/etc/bind/db.255";
//};
//include "/etc/bind/named.conf.local";
include "/etc/bind/zones/view.conf";
//ACL
include "/etc/bind/zones/acl_jn.conf";
include "/etc/bind/zones/acl_qd.conf";
include "/etc/bind/zones/acl_other.conf";
logging {
channel warning {
file "/var/log/named/dns_warning" versions 3 size 1240k;
severity warning;
// severity debug;
print-category yes;
print-severity yes;
print-time yes;
};
channel general_dns {
file "/var/log/named/dns_log" versions 3 size 1240k;
severity info;
print-category yes;
print-severity yes;
print-time yes;
};
category default {
warning;
};
category queries {
general_dns;
};
};
lai@25:~$ more /etc/bind/named.conf.options
options {
directory "/var/cache/bind";
// If there is a firewall between you and nameservers you want
// to talk to, you may need to fix the firewall to allow multiple
// ports to talk. See http://www.kb.cert.org/vuls/id/800113
// If your ISP provided one or more IP addresses for stable
// nameservers, you probably want to use them as forwarders.
// Uncomment the following block, and insert the addresses replacing
// the all-0's placeholder.
// forwarders {
// 0.0.0.0;
// };
allow-query-cache { any; };
forwarders {
202.102.152.3;
202.102.128.68;
8.8.8.8;
};
// auth-nxdomain no; # conform to RFC1035
// listen-on-v6 { any; };
};
lai@25:~$ more /etc/bind/zones/acl_jn.conf
acl "jn" {
any;
124.128.18.0/24;
// 192.168.206.0/25;
// 192.168.206.36;
};
lai@25:~$ more /etc/bind/zones/view.conf
view "view_jn"{
match-clients{
jn;
};
zone "." {
type hint;
file "/etc/bind/db.root";
};
zone "localhost" {
type master;
file "/etc/bind/db.local";
};
zone "127.in-addr.arpa" {
type master;
file "/etc/bind/db.127";
};
dlz "Mysql zone" {
database "mysql
{host=localhost dbname=dns user=dns pass=dns}
{select zone from jn_records where zone = '%zone%'}
{select ttl, type, mx_priority, case when lower(type)='txt' then concat('/"', data, '/"') when lower(type) = 'soa' then concat_ws('
', data, resp_person, serial, refresh, retry, expire, minimum) else data end as mydata from jn_records where zone = '%zone%' and hos
t = '%record%'}
{}
{select ttl, type, host, mx_priority, case when lower(type)='txt' then concat('/"', data, '/"') else data end as mydata, resp_person
, serial, refresh, retry, expire, minimum from jn_records where zone = '%zone%'}
{select zone from xfr_table where zone = '%zone%' and client = '%client%'}
{update jn_records set data_count = data_count + 1 where zone ='%zone%'}";
};
};
view "view_qd"{
match-clients{
qd;
};
zone "." {
type hint;
file "/etc/bind/db.root";
};
zone "localhost" {
type master;
file "/etc/bind/db.local";
};
zone "127.in-addr.arpa" {
type master;
file "/etc/bind/db.127";
};
dlz "Mysql zone" {
database "mysql
{host=localhost dbname=dns user=dns pass=dns}
{select zone from jn_records where zone = '%zone%'}
{select ttl, type, mx_priority, case when lower(type)='txt' then concat('/"', data, '/"') when lower(type) = 'soa' then concat_ws('
', data, resp_person, serial, refresh, retry, expire, minimum) else data end as mydata from jn_records where zone = '%zone%' and hos
t = '%record%'}
{}
{select ttl, type, host, mx_priority, case when lower(type)='txt' then concat('/"', data, '/"') else data end as mydata, resp_person
, serial, refresh, retry, expire, minimum from jn_records where zone = '%zone%'}
{select zone from xfr_table where zone = '%zone%' and client = '%client%'}
{update jn_records set data_count = data_count + 1 where zone ='%zone%'}";
};
};
view "view_other" {
match-clients {
other;
};
zone "." {
type hint;
file "/etc/bind/db.root";
};
zone "localhost" {
type master;
file "/etc/bind/db.local";
};
zone "127.in-addr.arpa" {
type master;
file "/etc/bind/db.127";
};
dlz "Mysql zone" {
database "mysql
{host=localhost dbname=dns user=dns pass=dns}
{select zone from jn_records where zone = '%zone%'}
{select ttl, type, mx_priority, case when lower(type)='txt' then concat('/"', data, '/"') when lower(type) = 'soa' then concat_ws('
', data, resp_person, serial, refresh, retry, expire, minimum) else data end as mydata from jn_records where zone = '%zone%' and hos
t = '%record%'}
{}
{select ttl, type, host, mx_priority, case when lower(type)='txt' then concat('/"', data, '/"') else data end as mydata, resp_person
, serial, refresh, retry, expire, minimum from jn_records where zone = '%zone%'}
{select zone from xfr_table where zone = '%zone%' and client = '%client%'}
{update jn_records set data_count = data_count + 1 where zone ='%zone%'}";
};
};