centos 5.1 bind-9.5.0.tar编译安装配置指南

centos 5.1 bind-9.5.0.tar编译安装配置指南

bind是Linux下的DNS解析软件，下面先介绍一下安装的基本步骤，然后说一下配置文件。
          
[root@localhost ~]# tar -zxvf bind-9.5.0.tar.gz
解压包

[root@localhost bind-9.5.0]# ls
acconfig.h    config.h.win32     contrib     isc-config.sh     Makefile
aclocal.m4    config.log         COPYRIGHT   isc-config.sh.in  Makefile.in
bin           config.status      doc         KNOWN-DEFECTS     mkinstalldirs
CHANGES       config.sub         docutil     lib               README
config.guess  config.threads.in  FAQ         libtool.m4        README.idnkit
config.h      configure          FAQ.xml     ltmain.sh         version
config.h.in   configure.in       install-sh  make              win32utils
[root@localhost bind-9.5.0]# ./configure --prefix=/usr/local/named --enable-threads
 //先配置如果要看详细参数./configure --help即可

 

 

[root@localhost bind-9.5.0]#make && make install //安装需漫长的等待即可。

 

 

装完之后可以到cd /usr/local/named目录下看看bin etc include lib man sbin var等目录

[root@localhost named]#sbin/rndc-confgen >./etc/rndc.conf   （使用rndc-confgen命令生成rndc.conf文件，rndc主要用来通过网络控制）

[root@localhost named]#cat etc/rndc.conf
# Start of rndc.conf
key "rndc-key" {
        algorithm hmac-md5;
        secret "RmH7Gw7hfPhk8bJUiIAuVQ==";
};

options {
        default-key "rndc-key";
        default-server 127.0.0.1;
        default-port 953;
};
# End of rndc.conf

# Use with the following in named.conf, adjusting the allow list as needed:
# key "rndc-key" {
#       algorithm hmac-md5;
#       secret "RmH7Gw7hfPhk8bJUiIAuVQ==";
# };
#
# controls {
#       inet 127.0.0.1 port 953
#               allow { 127.0.0.1; } keys { "rndc-key"; };
# };
"rndc.conf" 24L, 479C

[root@localhost etc]#tail -10 rndc.conf|head -9 
# key "rndc-key" {
#       algorithm hmac-md5;
#       secret "RmH7Gw7hfPhk8bJUiIAuVQ==";
# };
#
# controls {
#       inet 127.0.0.1 port 953
#               allow { 127.0.0.1; } keys { "rndc-key"; };
# };

[root@localhost etc]#tail -10 rndc.conf |head -9> named.conf或者# tail –n10 rndc.conf | head -n9 | sed -e s/#\ //g > named.conf
将rndc.conf的倒数第10行到倒数2行的文件重定向到name.conf ）去除这9行前面的#号

[root@localhost etc]# cat named.conf

 key "rndc-key" {
        algorithm hmac-md5;
        secret "RmH7Gw7hfPhk8bJUiIAuVQ==";
 };
 
 controls {
        inet 127.0.0.1 port 953
                allow { 127.0.0.1; } keys { "rndc-key"; };
 };

options {
         directory "/usr/local/named";
         allow-query{ any;};
};
zone "." IN {
         type hint;
         file "named.root";
};
zone "0.0.127.in-addr.arpa" IN {
         type master;
         file "localhost.rev";
         allow-update { none;};
};

zone "localhost" IN {
         type master;
         file "localhost.zone";
         allow-update { none;};
};
zone "zh888.com" IN {
         type master;
         file "zh888.com.zone";
};

创建并编辑 localhost.zone 文件
# vi localhost.zone
写入以下内容：
$TTL 3600
$ORIGIN 127.0.0.1.
@  1D IN SOA localhost. root.localhost. (
42 ;
3H ;
15M;
1W ;
3600);
1D IN NS  127.0.0.1
1D IN A   127.0.0.1
创建并编辑 localhost.rev 文件
# vi localhost.rev
写入以下内容：
$TTL 3600
@  IN SOA  localhost.  root.localhost. (
1; serial
3600; refresh every hour
900;  retry every 15 minutes
3600000; expire 1000 hours
3600); minimun 1 hour
IN NS localhost.
1IN PTR localhost.
下载一个named.root
ftp://ftp.rs.internic.net/domain/named.root
到/usr/local/named/下

特别注意：centos5 bind安装的配置文档是区分大小写的。
下面就可以启动centos5 bind安装来测试安装是否成功了
# /usr/local/named/sbin/named –gc /usr/local/named/etc/named.conf
加 –gc 参数，可以显示出启动日志，以便出错排查。
[root@localhost sbin]# ./named -gc /usr/local/named/etc/named.conf 
27-Jul-2010 15:35:02.798 starting BIND 9.5.0 -gc /usr/local/named/etc/named.conf
27-Jul-2010 15:35:02.799 found 1 CPU, using 1 worker thread
27-Jul-2010 15:35:02.803 loading configuration from '/usr/local/named/etc/named.conf'
27-Jul-2010 15:35:02.804 listening on IPv4 interface lo, 127.0.0.1#53
27-Jul-2010 15:35:02.807 binding TCP socket: address in use
27-Jul-2010 15:35:02.807 listening on IPv4 interface eth0, 192.168.10.107#53
27-Jul-2010 15:35:02.808 binding TCP socket: address in use
27-Jul-2010 15:35:02.812 default max-cache-size (33554432) applies
27-Jul-2010 15:35:02.817 automatic empty zone: 0.IN-ADDR.ARPA
27-Jul-2010 15:35:02.818 automatic empty zone: 127.IN-ADDR.ARPA
27-Jul-2010 15:35:02.818 automatic empty zone: 254.169.IN-ADDR.ARPA
27-Jul-2010 15:35:02.819 automatic empty zone: 2.0.192.IN-ADDR.ARPA
27-Jul-2010 15:35:02.819 automatic empty zone: 255.255.255.255.IN-ADDR.ARPA
27-Jul-2010 15:35:02.819 automatic empty zone: 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA
27-Jul-2010 15:35:02.819 automatic empty zone: 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA
27-Jul-2010 15:35:02.820 automatic empty zone: D.F.IP6.ARPA
27-Jul-2010 15:35:02.820 automatic empty zone: 8.E.F.IP6.ARPA
27-Jul-2010 15:35:02.820 automatic empty zone: 9.E.F.IP6.ARPA
27-Jul-2010 15:35:02.821 automatic empty zone: A.E.F.IP6.ARPA
27-Jul-2010 15:35:02.821 automatic empty zone: B.E.F.IP6.ARPA
27-Jul-2010 15:35:02.831 default max-cache-size (33554432) applies: view _bind
27-Jul-2010 15:35:02.837 /usr/local/named/etc/named.conf:7: couldn't add command channel 127.0.0.1#953: address in use
27-Jul-2010 15:35:02.837 ignoring config file logging statement due to -g option
27-Jul-2010 15:35:02.841 zone 0.0.127.in-addr.arpa/IN: loaded serial 1997022700
27-Jul-2010 15:35:02.843 zh888.com.zone:9: unknown RR type 'www'
27-Jul-2010 15:35:02.844 zone zh888.com/IN: loading from master file zh888.com.zone failed: unknown class/type
27-Jul-2010 15:35:02.845 zone localhost/IN: loaded serial 42
27-Jul-2010 15:35:02.846 running
看到running表示安装启动成功。
把named 添加到启动项，随centos一起启动。

# vi /etc/rc.local
在最后添加以下内容
/usr/local/named/sbin/named –gc /usr/local/named/etc/named.conf
退出保存。
可以尝试重启服务器，然后telnet 服务器IP地址的53端口，验证centos bind安装是否启动。
可以用netstat -ntpl查看当前活动的tcp端口
# shutdown –r now
# telnet x.x.x.x 53
如果测试找不到域名名字那直接修改vi /etc/hosts
[root@localhost ~]# vi /etc/hosts
# Do not remove the following line, or various programs
# that require network functionality will fail.
127.0.0.1       localhost.localdomain   localhost       ns1

192.168.10.107  www.zh888.com
::1     localhost6.localdomain6 localhost6

ping  www.zh888.com
[root@localhost ~]# ping  www.zh888.com
PING  www.zh888.com (192.168.10.107) 56(84) bytes of data.
64 bytes from  www.zh888.com (192.168.10.107): icmp_seq=1 ttl=64 time=0.037 ms
64 bytes from  www.zh888.com (192.168.10.107): icmp_seq=2 ttl=64 time=0.034 ms

[root@localhost ~]# cat /etc/resolv.conf 
; generated by /sbin/dhclient-script
#search localdomain
search zh888.com
nameserver 192.168.10.107

 

但是遇到一个问题就是nslookup -sij的时候

[root@localhost ~]# nslookup
>  www.zh888.com
Server:         192.168.10.107
Address:        192.168.10.107#53

** server can't find  www.zh888.com: SERVFAIL
>

百度查询到的ping [url]www.example.com[/url]的时候，因为nsswitch.conf中的hosts条目是先files,后dns，所以，机器去hosts文件找[url]www.example.com[/url]，结果就找到了，所以是ALIVE；你用nslookup的时候，是使用dns解析，dns解析需要到/etc/resolv.conf文件中找DNS服务器的地址。。。。估计你也没配置。

希望哪位网友赐教一下。