<?xml version="1.0" encoding="UTF-8" ?>
<rss version="2.0">
<channel>
<title><![CDATA[运维进行时]]></title> 
<link>https://blog.liuts.com/index.php</link> 
<description><![CDATA[互联网运维与架构]]></description> 
<language>zh-cn</language> 
<copyright><![CDATA[运维进行时]]></copyright>
<item>
<link>https://blog.liuts.com/post/113/</link>
<title><![CDATA[用bind-9.2.4配制内网DNS服务器[原创]]]></title> 
<author>root &lt;admin@yourname.com&gt;</author>
<category><![CDATA[DNS]]></category>
<pubDate>Thu, 22 May 2008 13:01:46 +0000</pubDate> 
<guid>https://blog.liuts.com/post/113/</guid> 
<description>
<![CDATA[ 
	<strong>一、安装</strong><br/>yum -y install bind<br/>yum -y install bind-chroot<br/><br/><strong>二、生成key</strong><br/>/usr/sbin/dnssec-keygen -a hmac-md5 -b 128 -n user rndc<br/>cat Krndc.+157+13538.*<br/>将生成串更新/etc/rndc.key中secret的值。<br/><br/><strong>三、配制</strong><br/>#/var/named/chroot/etc/named.conf<br/><div class="quote"><div class="quote-title">引用</div><div class="quote-content"><br/>// Default named.conf generated by install of bind-9.2.4-28.el4<br/>options &#123;<br/>&nbsp;&nbsp;&nbsp;&nbsp;directory "/var/named";<br/>&nbsp;&nbsp;&nbsp;&nbsp;pid-file "/var/run/named/named.pid";<br/>&nbsp;&nbsp;&nbsp;&nbsp;dump-file "/var/named/data/cache_dump.db";<br/>&nbsp;&nbsp;&nbsp;&nbsp;statistics-file "/var/named/data/named_stats.txt";<br/>&nbsp;&nbsp;&nbsp;&nbsp;Allow-transfer &#123;tran;&#125;;<br/>&#125;;<br/><br/>acl tran &#123;192.168.0.174;&#125;;<br/><br/>zone "localhost" IN &#123;<br/>&nbsp;&nbsp;&nbsp;&nbsp;type master;<br/>&nbsp;&nbsp;&nbsp;&nbsp;file "localhost.zone";<br/>&nbsp;&nbsp;&nbsp;&nbsp;allow-update &#123; none; &#125;;<br/>&#125;;<br/><br/>zone "0.0.127.in-addr.arpa" IN &#123;<br/>&nbsp;&nbsp;&nbsp;&nbsp;type master;<br/>&nbsp;&nbsp;&nbsp;&nbsp;file "named.local";<br/>&nbsp;&nbsp;&nbsp;&nbsp;allow-update &#123; none; &#125;;<br/>&#125;;<br/><br/>zone"hk.hn"&#123;<br/>&nbsp;&nbsp;&nbsp;&nbsp;type master;<br/>&nbsp;&nbsp;&nbsp;&nbsp;file "hk.hn";<br/>&nbsp;&nbsp;&nbsp;&nbsp;allow-transfer &#123;192.168.100.174;&#125;;<br/>&#125;;<br/><br/>include "/etc/rndc.key";<br/></div></div><br/>#cd /etc<br/>#ln -s /var/named/chroot/etc/named.conf named.conf<br/><br/><br/>#cd /var/named/chroot/var/named/<br/><br/><strong>[localhost.zone]</strong><br/>#vi localhost.zone<br/><div class="quote"><div class="quote-title">引用</div><div class="quote-content"><br/>$TTL 86400<br/>$ORIGIN localhost.<br/>@ 1D IN SOA @ root (<br/>&nbsp;&nbsp;&nbsp;&nbsp;42 ; serial (d. adams)<br/>&nbsp;&nbsp;&nbsp;&nbsp;3H ; refresh<br/>&nbsp;&nbsp;&nbsp;&nbsp;15M ; retry<br/>&nbsp;&nbsp;&nbsp;&nbsp;1W ; expiry<br/>1D ) ; minimum<br/>1D IN NS @<br/>1D IN A 127.0.0.1<br/></div></div><br/>[named.local]<br/>#vi named.local<br/><div class="quote"><div class="quote-title">引用</div><div class="quote-content"><br/>$TTL 86400<br/>@ IN SOA localhost. root.localhost. (<br/>&nbsp;&nbsp;&nbsp;&nbsp;2008063017 ; Serial<br/>&nbsp;&nbsp;&nbsp;&nbsp;28800 ; Refresh<br/>&nbsp;&nbsp;&nbsp;&nbsp;14400 ; Retry<br/>&nbsp;&nbsp;&nbsp;&nbsp;3600000 ; Expire<br/>&nbsp;&nbsp;&nbsp;&nbsp;86400 ) ; Minimum<br/>IN NS localhost.<br/>1 IN PTR localhost.<br/></div></div><br/><br/><strong>[hk.hn]</strong><br/>#vi /var/named/hk.hn<br/><div class="quote"><div class="quote-title">引用</div><div class="quote-content"><br/>$TTL 1m<br/>@ IN SOA ns1.localhost.cn root.ns1.localhost.cn. (<br/>&nbsp;&nbsp;&nbsp;&nbsp;2008063017 ; Serial<br/>&nbsp;&nbsp;&nbsp;&nbsp;108 ; Refresh<br/>&nbsp;&nbsp;&nbsp;&nbsp;360 ; Retry<br/>&nbsp;&nbsp;&nbsp;&nbsp;3600 ; Expire<br/>&nbsp;&nbsp;&nbsp;&nbsp;360 ) ; Minimum<br/>IN NS localhost.<br/>IN NS ns1<br/>MX 5 mx<br/><br/>test1 IN A 192.168.100.1<br/>test2 IN A 192.168.100.2<br/></div></div><br/><br/><br/><strong>四、测试运行</strong><br/>#cd /var/named<br/>#ln -s /var/named/chroot/var/named/localhost.zone localhost.zone<br/>#ln -s /var/named/chroot/var/named/named.local named.local<br/>#/usr/sbin/named -u named -gc /etc/named.conf<br/>#/usr/sbin/named -u named -c /etc/named.conf<br/>或<br/>#service named start<br/>#rndc reload<br/>:)搞定<br/><br/>五、从服务器需做以下修改：<br/>#vi /etc/selinux/config<br/>SELINUX=disabled<br/>#setenforce 0<br/><br/>#vi /etc/sysconfig/named<br/>ENABLE_ZONE_WRITE=yes<br/><br/>参考：<a href="http://dns-learning.twnic.net.tw/bind/toc.html" target="_blank">http://dns-learning.twnic.net.tw/bind/toc.html</a><br/>Tags - <a href="https://blog.liuts.com/tags/dns/" rel="tag">dns</a> , <a href="https://blog.liuts.com/tags/bind/" rel="tag">bind</a>
]]>
</description>
</item><item>
<link>https://blog.liuts.com/post/113/#blogcomment24</link>
<title><![CDATA[[评论] 用bind-9.2.4配制内网DNS服务器[原创]]]></title> 
<author>root &lt;admin@yourname.com&gt;</author>
<category><![CDATA[评论]]></category>
<pubDate>Tue, 23 Feb 2010 12:52:53 +0000</pubDate> 
<guid>https://blog.liuts.com/post/113/#blogcomment24</guid> 
<description>
<![CDATA[ 
	服务器已有安装bind软件包并已正常运行。&quot;address in use&quot;
]]>
</description>
</item>
</channel>
</rss>