创建用户
[root@bogon ~]# groupadd -g 53 -r named
[root@bogon ~]# useradd -g named -r named
编译安装
[root@bogon ~]# tar xf bind-9.9.5.tar.gz
[root@bogon ~]# cd bind-9.9.5
[root@bogon ~]#./configure --prefix=/usr/local/bind9 --sysconfdir=/etc/named/ --enable-threads --enable-epoll --disable-chroot
[root@bogon ~]# make && make install
创建主配置文件
[root@bogon ~]# vim /etc/named/named.conf
options {
  directory "/var/named";
  recursion yes;
  pid-file "/usr/local/bind9/var/run/named.pid";
};
 
zone "." IN {
  type hint;
  file "named.ca";
};
 
zone "localhost" IN {
  type master;
  file "named.localhost";
  allow-transfer { none; };
};
 
zone "0.0.127.in-addr.arpa" IN {
  type master;
  file "named.loopback";
  allow-transfer { none; };
};
创建区域数据文件
[root@bogon ~]# mkdir /var/named
named.ca

[root@bogon ~]# vim /var/named/named.ca
; < <>> DiG 9.5.0b2 < <>> +bufsize=1200 +norec NS . @a.root-servers.net
;; global options:  printcmd
;; Got answer:
;; ->>HEADER< <- opcode: QUERY, status: NOERROR, id: 34420
;; flags: qr aa; QUERY: 1, ANSWER: 13, AUTHORITY: 0, ADDITIONAL: 20
 
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;.                              IN      NS
 
;; ANSWER SECTION:
.                       518400  IN      NS      M.ROOT-SERVERS.NET.
.                       518400  IN      NS      A.ROOT-SERVERS.NET.
.                       518400  IN      NS      B.ROOT-SERVERS.NET.
.                       518400  IN      NS      C.ROOT-SERVERS.NET.
.                       518400  IN      NS      D.ROOT-SERVERS.NET.
.                       518400  IN      NS      E.ROOT-SERVERS.NET.
.                       518400  IN      NS      F.ROOT-SERVERS.NET.
.                       518400  IN      NS      G.ROOT-SERVERS.NET.
.                       518400  IN      NS      H.ROOT-SERVERS.NET.
.                       518400  IN      NS      I.ROOT-SERVERS.NET.
.                       518400  IN      NS      J.ROOT-SERVERS.NET.
.                       518400  IN      NS      K.ROOT-SERVERS.NET.
.                       518400  IN      NS      L.ROOT-SERVERS.NET.
 
;; ADDITIONAL SECTION:
A.ROOT-SERVERS.NET.     3600000 IN      A       198.41.0.4
A.ROOT-SERVERS.NET.     3600000 IN      AAAA    2001:503:ba3e::2:30
B.ROOT-SERVERS.NET.     3600000 IN      A       192.228.79.201
C.ROOT-SERVERS.NET.     3600000 IN      A       192.33.4.12
D.ROOT-SERVERS.NET.     3600000 IN      A       128.8.10.90
E.ROOT-SERVERS.NET.     3600000 IN      A       192.203.230.10
F.ROOT-SERVERS.NET.     3600000 IN      A       192.5.5.241
F.ROOT-SERVERS.NET.     3600000 IN      AAAA    2001:500:2f::f
G.ROOT-SERVERS.NET.     3600000 IN      A       192.112.36.4
H.ROOT-SERVERS.NET.     3600000 IN      A       128.63.2.53
H.ROOT-SERVERS.NET.     3600000 IN      AAAA    2001:500:1::803f:235
I.ROOT-SERVERS.NET.     3600000 IN      A       192.36.148.17
J.ROOT-SERVERS.NET.     3600000 IN      A       192.58.128.30
J.ROOT-SERVERS.NET.     3600000 IN      AAAA    2001:503:c27::2:30
K.ROOT-SERVERS.NET.     3600000 IN      A       193.0.14.129
K.ROOT-SERVERS.NET.     3600000 IN      AAAA    2001:7fd::1
L.ROOT-SERVERS.NET.     3600000 IN      A       199.7.83.42
M.ROOT-SERVERS.NET.     3600000 IN      A       202.12.27.33
M.ROOT-SERVERS.NET.     3600000 IN      AAAA    2001:dc3::35
 
;; Query time: 147 msec
;; SERVER: 198.41.0.4#53(198.41.0.4)
;; WHEN: Mon Feb 18 13:29:18 2008
;; MSG SIZE  rcvd: 615
named.localhost
[root@bogon ~]# vim /var/named/named.localhost
$TTL 86400
@     IN     SOA  localhost.     admin.localhost. (
                                    2015101101
                                    2H            
                                    10M
                                    7D
                                    1D )
                   IN     NS      localhost.
localhost.         IN     A       127.0.0.1
named.loopback
[root@bogon ~]# vim /var/named/named.loopback
$TTL 86400
@     IN     SOA  localhost.     admin.localhost. (
                             2014031101
                             2H            
                             10M
                             7D
                             1D )
 
               IN     NS    localhost.
1              IN     PTR   localhost.
调整权限
[root@bogon ~]# chown root:named /etc/named/* /var/named/*
[root@bogon ~]# chmod 640 /etc/named/named.conf /var/named/*
添加PATH
[root@bogon ~]# echo 'export PATH=/usr/local/bind9/bin:/usr/local/bind9/sbin:$PATH' > /etc/profile.d/named.sh
[root@bogon ~]# source /etc/profile.d/named.sh
安装rndc
[root@bogon ~]# rndc-confgen -r /dev/urandom > /etc/named/rndc.conf
[root@bogon ~]# chown root:named /etc/named/rndc.conf
[root@bogon ~]# chmod 640 /etc/named/rndc.conf

把rndc.conf文件的以下部分复制到named.conf中并按指示启用

key "rndc-key" {
      algorithm hmac-md5;
      secret "UQUMw3h55u0BHKP+PgiiSA==";
};
controls {
       inet 127.0.0.1 port 953
       allow { 127.0.0.1; } keys { "rndc-key"; };
};
named用户测试启动
[root@bogon ~]# named -u named
[root@bogon ~]# ps aux | grep ^named
named     27413  0.1  1.1 143108 11256 ?        Ssl  18:16   0:00 named -u named
测试rndc
[root@bogon ~]# rndc status
version: 9.9.5
CPUs found: 1
worker threads: 1
UDP listeners per interface: 1
number of zones: 36
debug level: 0
xfers running: 0
xfers deferred: 0
soa queries in progress: 0
query logging is OFF
recursive clients: 0/0/1000
tcp clients: 0/100
server is up and running
提供服务
#!/bin/bash
#
# description: named daemon
# chkconfig: - 25 80
#
 
pidFile=/usr/local/bind9/var/run/named.pid
lockFile=/var/lock/subsys/named
confFile=/etc/named/named.conf
 
[ -r /etc/rc.d/init.d/functions ] && . /etc/rc.d/init.d/functions
 
start() {
if [ -e $lockFile ]; then
  echo "named is already running..."
exit 0
fi
 
echo -n "Starting named:"
daemon --pidfile "$pidFile" /usr/local/bind9/sbin/named -u named -c "$confFile"
RETVAL=$?
echo
 
if [ $RETVAL -eq 0 ]; then
  touch $lockFile
  return $RETVAL
else
  rm -f $lockFile $pidFile
  return 1
fi
}
 
stop() {
if [ ! -e $lockFile ]; then
  echo "named is stopped."
  #       exit 0
fi
echo -n "Stopping named:"
killproc named
RETVAL=$?
echo
 
if [ $RETVAL -eq 0 ];then
  rm -f $lockFile $pidFile
  return 0
else
  echo "Cannot stop named."
  failure
  return 1
fi
}
 
restart() {
  stop
  sleep 2
  start
}
reload() {
  echo -n "Reloading named: "
  killproc named -HUP
  RETVAL=$?
  echo
  return $RETVAL
}
status() {
  if pidof named &> /dev/null; then
    echo -n "named is running..."
    success
    echo
  else
    echo -n "named is stopped..."
    success
    echo
  fi
}
usage() {
  echo "Usage: named {start|stop|restart|status|reload}"
}
 
case $1 in
start)
  start ;;
stop)
  stop ;;
restart)
  restart ;;
status)
  status ;;
reload)
  reload ;;
*)
  usage
  exit 4
  ;;      
esac
[root@bogon ~]# chmod a+x /etc/rc.d/init.d/namd
[root@bogon ~]# chkconfig --add named
[root@bogon ~]# service named start
Starting named:                       [确定]

原文来自:

本文地址://q13zd.cn/dns-server-5.html编辑:向云艳,审核员:逄增宝

Linux大全:

Linux系统大全:

红帽认证RHCE考试心得: