从源文件构件bind9域名服务器
nalan$2003-06-18
1.从http://www.isc.org/products/BIND/bind9.html下载bind9的源文件。目前版本为9 .22,源文件为bind-9.2.2.tar.gz。
2.将源文件bind-9.2.2.tar.gz置于/usr/local/src目录下。
3.解压缩源文件bind-9.2.2.tar.gz
# tar -xzvf bind-9.2.2.tar.gz
4.进入安装目录
# cd bind-9.2.2
5.配置、编译
# ./configure
# make
6.安装
# make install
7.生成的可执行文件位于/usr/local/sbin目录下。最重要的可执行文件为named和rndc。
8.创建链接
# ln -s /usr/local/sbin/rndc /usr/sbin/rndc
# ln -s /usr/local/sbin/named /usr/sbin/named
9.创建rndc.conf配置文件。
# /usr/local/sbin/rndc-confgen >; /etc/rndc.conf
# cat /etc/rndc.conf
输出为:
# Start of rndc.conf
key "rndc-key" {
algorithm hmac-md5;
secret "y9xvvfQjdWv9f/Fo7wquBg==";
};
options {
default-key "rndc-key";
default-server 127.0.0.1;
default-port 953;
};
# End of rndc.conf
# Use with the following in named.conf, adjusting the allow list as needed:
# key "rndc-key" {
# algorithm hmac-md5;
# secret "y9xvvfQjdWv9f/Fo7wquBg==";
# };
#
# controls {
# inet 127.0.0.1 port 953
# allow { 127.0.0.1; } keys { "rndc-key"; };
# };
# End of named.conf
10.创建rndc.key文件。将rndc.conf文件中注释部分拷贝生成如下文件:
# vi /etc/rndc.key
key "rndc-key" {
algorithm hmac-md5;
secret "y9xvvfQjdWv9f/Fo7wquBg==";
};
controls {
inet 127.0.0.1 port 953
allow { 127.0.0.1; } keys { "rndc-key"; };
};
11.创建named.conf配置文件。
# vi /etc/named.conf
// generated by named-bootconf.pl
options {
directory "/var/named";
/*
* If there is a firewall between you and nameservers you want
* to talk to, you might need to uncomment the query-source
* directive below. Previous versions of BIND always asked
* questions using port 53, but BIND 8.1 uses an unprivileged
* port by default.
*/
// query-source address * port 53;
};
//
// a caching only nameserver config
//
zone "." IN {
type hint;
file "named.root";
};
zone "localhost" IN {
type master;
file "localhost.zone";
allow-update { none; };
};
zone "0.0.127.in-addr.arpa" IN {
type master;
file "named.local";
allow-update { none; };
};
zone "ycmail.net" IN {
type master;
file "ycmail.net.zone";
allow-update { none; };
};
zone "252.177.61.in-addr.arpa" IN {
type master;
file "named.61.177.252";
allow-update { none; };
};
include "/etc/rndc.key";
12.创建/var/named目录
# mkdir /var/named
# cd /var/named
13.匿名登录到ftp站点FTP.RS.INTERNIC.NET,获取/domain目录下的named.root文件,将该文件置于/var/named目录下。
14.创建localhost文件
# vi localhost
$TTL 86400
$ORIGIN localhost.
@ 1D IN SOA @ root (
42 ; serial (d. adams)
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum
1D IN NS @
1D IN A 127.0.0.1
15.创建named.local文件
# vi named.local
$TTL 86400
@ IN SOA localhost. root.localhost. (
1997022700 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS localhost.
1 IN PTR localhost.
16.创建ycmail.net.zone文件
# vi ycmail.net.zone
$TTL 86400
@ IN SOA mail.ycmail.net. postmaster.ycmail.net. (
2003061800 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS mail.ycmail.net.
mail IN A 61.177.252.34
www IN CNAME mail
17.创建named.61.177.252文件
# vi named.61.177.252
$TTL 86400
@ IN SOA mail.ycmail.net. postmaster.ycmail.net. (
2003061800 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS mail.ycmail.net.
34 IN PTR mail.ycmail.net.
18.创建启动脚本
# vi /etc/rc.d/init.d/named
#!/bin/sh
#
# named This shell script takes care of starting and stopping
# named (BIND DNS server).
#
# chkconfig: 345 55 45
# description: named (BIND) is a Domain Name Server (DNS) \
# that is used to resolve host names to IP addresses.
# probe: true
# Source function library.
. /etc/rc.d/init.d/functions
# Source networking configuration.
. /etc/sysconfig/network
# Check that networking is up.
[ ${NETWORKING} = "no" ] && exit 0
[ -f /usr/sbin/named ] || exit 0
[ -f /etc/named.conf ] || exit 0
# See how we were called.
case "$1" in
start)
# Start daemons.
echo -n "Starting named: "
daemon named
echo
touch /var/lock/subsys/named
;;
stop)
# Stop daemons.
echo -n "Shutting down named: "
killproc named
rm -f /var/lock/subsys/named
echo
;;
status)
/usr/sbin/rndc status
exit $?
;;
restart)
$0 stop
$0 start
exit $?
;;
reload)
/usr/sbin/rndc reload
exit $?
;;
probe)
# named knows how to reload intelligently; we don't want linuxconf
# to offer to restart every time
/usr/sbin/rndc reload >;/dev/null 2>;&1 || echo start
exit 0
;;
*)
echo "Usage: named {start|stop|status|restart}"
exit 1
esac
exit 0
19.将/etc/rc.d/init.d/named变成可执行文件。
# chmod 755 /etc/rc.d/init.d/named
20.创建启动脚本symbollink
# ln -s /etc/rc.d/init.d/named /etc/rc.d/rc0.d/K45named
# ln -s /etc/rc.d/init.d/named /etc/rc.d/rc1.d/K45named
# ln -s /etc/rc.d/init.d/named /etc/rc.d/rc2.d/K45named
# ln -s /etc/rc.d/init.d/named /etc/rc.d/rc3.d/S55named
# ln -s /etc/rc.d/init.d/named /etc/rc.d/rc4.d/S55named
# ln -s /etc/rc.d/init.d/named /etc/rc.d/rc5.d/S55named
# ln -s /etc/rc.d/init.d/named /etc/rc.d/rc6.d/K45named
21.启动bind9
# /etc/rc.d/init.d/named start
停止bind9
# /etc/rc.d/init.d/named stop
查看状态
# /etc/rc.d/init.d/named status
22.检查配置文件及域文件
# /usr/local/sbin/named-checkconf
# /usr/local/sbin/named-checkzone ycmail.net /var/named/ycmail.net.zone
23.本文档仅仅实现了安装bind9服务器,关于配置文件的高级内容请参阅其他相关文档。
mountain2008 回复于:2003-06-20 00:38:49
# ./configure
checking build system type... sparc-sun-solaris2.9
checking host system type... sparc-sun-solaris2.9
checking whether make sets ${MAKE}... no
checking for ranlib... :
checking for a BSD-compatible install... ./install-sh -c
checking for ar... no
configure: error:
ar program not found. Please fix your PATH to include the directory in
which ar resides, or set AR in the environment with the full path to ar.
yeah-haha 回复于:2003-06-20 11:36:08
Please fix your PATH to include the directory in
which ar resides, or set AR in the environment with the full path to ar.
检查一下你的环境变量,看看PATH中包含了ar的路径没有。ar的路径可以通过man ar看到。
aclacl 回复于:2003-06-20 15:37:23
Before you configure, you should set your environment
setenv PATH $PATH:/usr/ccs/bin
Because the ar is in /usr/ccs/bin
imagecoco 回复于:2004-01-01 14:03:00
FreeBSD 4.9
没有找到/usr/ccs目录!
jackieyuan 回复于:2004-06-05 19:09:06
请问您的参考文档是什么? 谢谢!
李暮楚 回复于:2004-09-12 15:03:39
没有做启动脚本,其他类似
21.启动bind9
# /etc/rc.d/init.d/named start 没有显示,用ps aux|grep named无结果
停止bind9
# /etc/rc.d/init.d/named stop 没有显示
查看状态
# /etc/rc.d/init.d/named status 没显示
22.检查配置文件及域文件
# /usr/local/sbin/named-checkconf
# /usr/local/sbin/named-checkzone dream.com /var/named/dream.com 显示zone dream.com/IN:has no NS records
(我的正向解析文件为dream.com ,域名是dream.com)
be00 回复于:2004-09-26 21:35:53
[root@localhost named]# /etc/rc.d/init.d/named status
rndc: connection to remote host closed
This may indicate that the remote server is using an older version of
the command protocol, this host is not authorized to connect,
or the key is invalid.
安装一切顺利,请问这个是错在哪里了?
阿骁 回复于:2004-09-27 12:10:17
提示说得很清楚啊,检查一下你的 rndc 的配置先。
|
