Install the DNS server-Linux Enterprise Application-Linux server application information. For more information, see. 1. Download the bind Domain Name Server software from www.isc.org. Here we use bind8.3.0, bind8 branch, and bind9 branch. Select the appropriate bind version based on your actual situation.
2. mkdir/usr/src/bind83
3. The downloaded file bind-src.tar.gz is copied to the/usr/local/src/bind83 directory.
4. cd/usr/local/src/bind83
5. tar zxvf bind-src.tar.gz
6. cd src
7. make stdlinks
8. make clean
9. make depend
10. make all
11. make install
12. Edit the configuration file:/etc/named. conf. The content of the file to be changed is marked in bold:
/*
* This is a worthless, nonrunnable example of a named. conf file that has
* Every conceivable syntax element in use. We use it to test the parser.
* It cocould also be used as a conceptual template for users of new features.
*/
/*
* C-style comments are OK
*/
// So are C ++-style comments
# So are shell-style comments
// Watch out for ";" -- it's important!
Options {
Directory "/var/named ";
// Use current directory
Named-xfer "/usr/libexec/named-xfer ";
// _ PATH_XFER
Dump-file "named_dump.db ";
// _ PATH_DUMPFILE
Pid-file "/var/run/named. pid ";
// _ PATH_PIDFILE
Statistics-file "named. stats ";
// _ PATH_STATS
Memstatistics-file "named. memstats ";
// _ PATH_MEMSTATS
Check-names master fail;
Check-names slave warn;
Check-names response ignore;
Host-statistics no;
Deallocate-on-exit no;
// Painstakingly deallocate all
// Objects when exiting instead
// Leyun the OS clean up for us.
// Useful a memory leak is suspected.
// Final statistics are written to
// Memstatistics-file.
Datasize default;
Stacksize default;
Coresize default;
Files unlimited;
Recursion yes;
Fetch-glue yes;
Fake-iquery no;
Optional Y yes;
// Send messages y messages. You can set
// Configure y on a zone-by-zone
// Basis in the "zone" statement
// See (below)
Serial-queries 4;
// Number of parallel SOA queries
// We can have outstanding for master
// Zone change testing purposes
Auth-nxdomain yes;
// Always set AA on NXDOMAIN.
// Don't set this to 'no' unless
// You know what you're doing -- older
// Servers won't like it.
Multiple-cnames no;
// If yes, then a name my have more
// Than one cname rr. This use
// Is non-standard and is not
// Recommended, but it is available
// Because previous releases supported
// It and it was used by large sites
// For load balancing.
Allow-query {any ;};
Allow-transfer {any ;};
Transfers-in 10;
// DEFAULT_XFERS_RUNNING, cannot be
// Set> than MAX_XFERS_RUNNING (20)
Transfers-per-ns 2;
// DEFAULT_XFERS_PER_NS
Transfers-out 0;
// Not implemented
Max-transfer-time-in 120;
// MAX_XFER_TIME; the default number
// Of minutes an inbound zone transfer
// May run. May be set on a per-zone
// Basis.
Transfer-format one-answer;
Query-source address * port *;
/*
* The "forward" option is only meaningful if you're 've defined
* Forwarders. "first" gives the normal BIND
* Forwarding behavior, I. e. ask the forwarders first, and if that
* Doesn' t work then do the full lookup. You can also say
* "Forward only;" which is what used to be specified
* "Slave" or "options forward-only". "only" will never attempt
* A full lookup; only the forwarders will be used.
*/
Forward first;
Forwarders {};
// Default is no forwarders
Topology {localhost; localnets ;};
// Prefer local nameservers
Listen-on port 53 {any ;};
// Listen for queries on port 53 on
// Any interface on the system
// (I. e. all interfaces).
// "Port 53" is optional; if you
// Don't specify a port, port 53
// Is assumed.
/*
* Interval Timers
*/
Cleaning-interval 60;
// Clean the cache of expired RRs
// Every 'cleaning-interval' minutes
Interface-interval 60;
// Scan for new or deleted interfaces
// Every 'interface-interval' minutes
Statistics-interval 60;
// Log statistics every
// 'Statistics-interval' minutes
Maintain-ixfr-base no;
// If yes, keep transaction log file for IXFR
Max-ixfr-log-size 20;
// Not implemented, maximum size
// IXFR transaction log file to grow
};
/*
* Control listeners, for "ndc". Every nameserver needs at least one.
*/
Controls {
Inet * port 52 allow {any ;};
// A bad idea
Unix & quot;/var/run/ndc & quot; perm 0600 owner 0 group 0;
// The default
};
Zone "rd.xxx.com" in {
Type master;
// What used to be called "primary"
File "rd.xxx.com. db ";
Check-names fail;
Allow-update {none ;};
Allow-transfer {any ;};
Allow-query {any ;};
// Required y yes;
// Send messages y messages for this
// Zone? The global option is used
// If "policy" is not specified
// Here.
Also-policy {};
// Don't have y any nameservers other
// Than those on the NS list for this
// Zone
};
Zone "223.99.211.in-addr. arpa" in {
Type master;
// What used to be called "secondary"
File "21.9.22.db ";
};
Zone "0.0.127.in-addr. arpa" in {
Type master;
File "127.0.0.db ";
};
Zone "." in {
Type hint;
// Used to be specified w/"cache"
File "named. root ";
};
Logging {
/*
* All log output goes to one or more "channels"; you can make
* Usage of them as you want.
*/
Channel syslog_errors {
// This channel will send errors or
Syslog user;
// Or worse to syslog (user facility)
Severity error;
};
Category parser {
Syslog_errors;
// You can log to as your channels
Default_syslog;
// As you want
};
Category lame-servers {null ;};
// Don't log these at all
Channel moderate_debug {
Severity debug 3;
// Level 3 debugging to file
File "foo ";
// Foo
Print-time yes;
// Timestamp log entries
Print-category yes;
// Print category name
Print-severity yes;
// Print severity level
/*
* Note that debugging must have been turned on either
* On the command line or with a signal to get debugging
* Output (non-debugging output will still be written
* This channel ).
*/
};
/*
* If you don't want to see "zone XXXX loaded" messages but do
* Want to see any problems, you cocould do the following.
*/
Channel no_info_messages {
Syslog;
Severity notice;
};
Category load {no_info_messages ;};
/*
* You can also define category "default"; it gets used when no
* "Category" statement has been given for a category.
*/
Category default {
Default_syslog;
Moderate_debug;
};
};
13. Generate the file "rd.xxx.com. db" marked in "/var/named/" as follows:
; Authoriative data for rd.xxx.com
;
$ TTL 3600
@ In soa compaq.rd.xxx.com. tandongyu.rd.xxx.com .(
20020101; Serial
3600; Refresh 1 hour
900; Retry 15 mins
604800; Expire 7 days
86400); Mini 24 hours
; Name server NS records
@ In ns compaq.rd.xxx.com.
; Mail Exchange (MX) records
Rd.xxx.com. in mx 0 compaq
; Address (A) records.
Localhost in a 127.0.0.1
Compaq in a 21.9.22.9
Tls65 in a 21.9.22.8
Fbsd in a 21.9.22.7
14. Generate the file marked in/etc/named. conf in/var/named/: 21.9.22.db. The content is as follows:
;
;
$ TTL 3600
@ In soa compaq.rd.xxx.com. tandongyu.rd.xxx.com .(
20020101; Serial
3600; Refresh
900; Retry 15 mins
604800; Expire 7 days
86400); Mini 24 hours
; NameServer (NS) records
@ In ns compaq.rd.xxx.com.
; Address Point to Name (PTR) records
9 in ptr compaq.rd.xxx.com.
8 in ptr tls65.rd.xxx.com.
7 in ptr fbsd.rd.xxx.com.
15. Generate the file marked in/etc/named. conf in/var/named/: 127.0.0.db. The content is as follows:
; 0.0.127.in-addr. arpa
$ TTL 3600
@ In soa compaq.rd.xxx.com. tandongyu.rd.xxx.com .(
20020101; serial
3600; refresh
1800; retry
604800; expiration
3600); minimum
In ns compaq.rd.xxx.com.
1 in ptr localhost.
16. Generate the file marked in/etc/named. conf in/var/named/: named. root. The content is roughly as follows. This file marks 14 domain name servers. You can get the latest sample of This file from ftp.rs.internic.net: named. hosts and rename it as needed. This file holds the information on root name servers needed
; Initialize cache of Internet domain name servers
; (E.g. reference this file in the "cache ."
; Configuration file of BIND domain name servers ).
;
; This file is made available by InterNIC registration services
; Under anonymous FTP
; File/domain/named. root
; On server FTP. RS. INTERNIC. NET
;-OR-under Gopher at RS. INTERNIC. NET
; Under menu InterNIC Registration Services (NSI)
; Submenu InterNIC Registration Archives
; File named. root
;
; Last update: Aug 22,199 7
; Related version of root zone: 1997082200
;
;
; Formerly NS. INTERNIC. NET
;
. 3600000 in ns A.ROOT-SERVERS.NET.
A.ROOT-SERVERS.NET. 3600000 A 198.41.0.4
;
; Formerly NS1.ISI. EDU
;
. 3600000 NS B .ROOT-SERVERS.NET.
B .ROOT-SERVERS.NET 3600000 A 128.9.0.107
;
; Formerly C. PSI. NET
;
. 3600000 NS C.ROOT-SERVERS.NET.
C.ROOT-SERVERS.NET. 3600000 A 192.33.4.12
;
; Formerly TERP. UMD. EDU
;
. 3600000 NS D.ROOT-SERVERS.NET.
D.ROOT-SERVERS.NET. 3600000 A 128.8.10.90
;
Formerly NS. NASA. GOV
;
. 3600000 NS E.ROOT-SERVERS.NET.
E.ROOT-SERVERS.NET. 3600000 A 192.203.230.10
;
; Formerly NS. ISC. ORG
;
. 3600000 NS F.ROOT-SERVERS.NET.
F.ROOT-SERVERS.NET 3600000 A 192.5.5.241
;
; Formerly NS. NIC. DDN. MIL
;
. 3600000 NS G.ROOT-SERVERS.NET.
G.ROOT-SERVERS.NET. 3600000 A 192.112.36.4
;
; Formerly AOS. ARL. ARMY. MIL
;
. 3600000 NS H.ROOT-SERVERS.NET.
H.ROOT-SERVERS.NET. 3600000 A 128.63.2.53
;
; Formerly NIC. NORDU. NET
;
. 3600000 NS I .ROOT-SERVERS.NET.
I .ROOT-SERVERS.NET. 3600000 A 192.36.148.17
;
; Temporarily housed at NSI (InterNIC)
;
. 3600000 NS J.ROOT-SERVERS.NET.
J.ROOT-SERVERS.NET. 3600000 A 198.41.0.10
;
; Housed in LINX, operated by RIPE NCC
;
. 3600000 NS K.ROOT-SERVERS.NET.
K.ROOT-SERVERS.NET. 3600000 A 193.0.14.129
;
; Temporarily housed at ISI (IANA)
;
. 3600000 NS L.ROOT-SERVERS.NET.
L.ROOT-SERVERS.NET 3600000 A 198.32.64.12
;
; Housed in Japan, operated by WIDE
;
. 3600000 NS M.ROOT-SERVERS.NET.
M.ROOT-SERVERS.NET. 3600000 A 202.12.27.33
; End of File
17. We also need to configure the/etc/resolv. conf,/etc/hosts, and/etc/hosts. conf files to adapt to the new situation.
18. After everything ends, run the/usr/sbin/ndc start command to start bind. Similarly, you can use command parameters such as stop, restart, and reload.
19. Run the nslookup command after startup (some systems recommend using the dig command) to check whether the command is correct. If an error occurs, the command cannot be started. Common Errors are caused by incorrect database files or configuration files. For example, the missing "." file is incorrect.
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.
