首页 小组 文章 搜索 用户
全部 linux Nginx Apache PHP DNS windows 其它 同步与备份 js 数据库 前端 unix

centos7下编译安装bind9.12版本并结合mysql

天边的云
发表于 2020-07-10 15:27:03

测试环境:centos7,ip地址为,192.168.0.6,先打开dns的防火墙

firewall-cmd --zone=public --add-port=53/udp --permanent
firewall-cmd --zone=public --add-port=953/udp --permanent
firewall-cmd --reload

安装必备组件

yum install -y groupinstall pcre-devel zlib-devel gcc gcc-c++ autoconf automake make pcre-devel zlib-devel openssl-devel openldap-devel unixODBC-devel gcc libtool openssl

安装mysql:https://www.osyum.com/article/show/319/

yum install mysql-community-devel.x86_64 -y

编辑/etc/my.conf,在[mysqld]下加入

wait_timeout = 864000
interactive_timeout = 864000

可有效的防止mysql无查询重连接问题

创建软连

ln -sv /usr/lib64/mysql/libmysqlclient.so.18 /usr/lib/libmysqlclient.so

下载并编译安装bind9

wget http://ftp.isc.org/isc/bind9/9.12.1/bind-9.12.1.tar.gz
tar zxvf bind-9.12.1.tar.gz
cd bind-9.12.1
./configure --prefix=/usr/local/bind --enable-threads --enable-largefile --disable-ipv6 --with-openssl --with-dlz-mysql=/usr
make&&make install

创建bind运行用户组使其运行在用户模式下,增强安全性

useradd -s /sbin/nologin -M named
mkdir /usr/local/bind/log/
chown -R named:named /usr/local/bind/

加入环境变量

echo "export PATH=${PATH}:/usr/local/bind/sbin/:/usr/local/bind/bin/" >> /etc/profile
source /etc/profile

生成配置文件

cd /usr/local/bind/etc/
rndc-confgen -r /dev/urandom > rndc.conf
head -5 rndc.conf >named.conf

下载ca文件

wget http://www.internic.net/domain/named.root

编辑named.conf文件,增加以下内容

controls {
        inet 127.0.0.1 port 953
        allow { 127.0.0.1; } keys { "rndc-key"; };
};

logging {
        channel bind_log {
                file "/tmp/bind.log" versions 3 size 20m;
                severity info;
                print-time yes;
                print-severity yes;
                print-category yes;
        };
        category default {
                bind_log;

        };
 };

options {
        listen-on port 53 { any; };
        directory "/usr/local/bind";
        Pid-file "named.pid";
        allow-query-cache { any; };
        allow-query     { any; };
};

dlz "mysql-dlz" {
    database "mysql
    {host=127.0.0.1 dbname=bind ssl=false port=3306 user=bind pass=W123456W^&}
    {select zone from dns_records where zone = '$zone$' and  view = 'any' limit 1}
    {select ttl,type,if(mx_priority>0,mx_priority,NULL),case when lower(type)='txt' then concat('"',data,'"') when lower(type)    =  'soa'  then   concat_ws(' ',  data,  resp_person,  serial,  refresh,  retry,  expire,  minimum)   else   data   end   as   mydata   from   dns_records where zone = '$zone$'   and host = '$record$' and view = 'any'}";
};
#include  "/usr/local/bind/etc/default.zones";

注意以上段在concat('"',data,'"')中少了两个反杠,正确应该是特别注意

配置mysql,创建一个bind的用户和数据库密码为W123456W^&

mysql -u root -p

输入mysql的root密码

create database bind;
GRANT ALL PRIVILEGES ON bind.* TO 'bind'@'%' IDENTIFIED BY 'W123456W^&';

进入bind数据库并创建表,注意修改其中的ns.osyum.com和ns1.osyum.com

use bind;
CREATE TABLE IF NOT EXISTS `dns_records` (
  `id` int(10) unsigned NOT NULL AUTO_INCREMENT,
  `zone` varchar(255) NOT NULL,
  `host` varchar(255) NOT NULL DEFAULT '@',
  `type` enum('A','MX','CNAME','NS','SOA','PTR','TXT','AAAA','SVR','URL') NOT NULL,
  `data` varchar(255) DEFAULT NULL,
  `ttl` int(11) NOT NULL DEFAULT '3600',
  `mx_priority` int(11) DEFAULT NULL,
  `view`  enum('any', 'Telecom', 'Unicom', 'CMCC', 'ours') NOT NULL  DEFAULT "any" ,
  `priority` tinyint UNSIGNED NOT NULL DEFAULT '255',
  `refresh` int(11) NOT NULL DEFAULT '28800',
  `retry` int(11) NOT NULL DEFAULT '14400',
  `expire` int(11) NOT NULL DEFAULT '86400',
  `minimum` int(11) NOT NULL DEFAULT '86400',
  `serial` bigint(20) NOT NULL DEFAULT '2015050917',
  `resp_person` varchar(64) NOT NULL DEFAULT 'ns.osyum.com',
  `primary_ns` varchar(64) NOT NULL DEFAULT 'ns1.osyum.com.',
  PRIMARY KEY (`id`),
  KEY `type` (`type`),
  KEY `host` (`host`),
  KEY `zone` (`zone`)
) ENGINE=MyISAM  DEFAULT CHARSET=utf8 AUTO_INCREMENT=1 ;

刷新mysql权限

FLUSH PRIVILEGES;

插入解析数据,插入一个A记录www.adw123.com域及解析

use bind;
insert into bind.dns_records (zone, host, type, data, ttl) VALUES ('adw123.com', 'www', 'A', '1.1.1.1', '600');
插入一个cname记录,如abc.adw123.com域名cname到www.adw123.com
use bind;
insert into bind.dns_records (zone, host, type, data, ttl) VALUES ('adw123.com', 'abc', 'CNAME', 'www', '600');
刷新权限并退出
FLUSH PRIVILEGES;
quit

测试启动

/usr/local/bind/sbin/named -c /usr/local/bind/etc/named.conf -f -g -u named

看有无报错

后台启动

/usr/local/bind/sbin/named -c /usr/local/bind/etc/named.conf -f -g -u named &

接下来测试bind

更新本机(centos7)的dns(如果是外网这一步不用做),为本机的ip,修改文件为/etc/resolv.conf ,把第一个nameserver,后面的ip改为本机ip。

测试

nslookup

> www.adw123.com
Server:         192.168.0.6
Address:        192.168.0.6#53

Name:   www.adw123.com
Address: 1.1.1.1
** server can't find www.adw123.com: SERVFAIL

成功。

加入系统启动,创建binddns启动文件

[Unit]
Description=Berkeley Internet Name Domain (DNS)
Wants=nss-lookup.target
Wants=named-setup-rndc.service
Before=nss-lookup.target
After=network.target
After=named-setup-rndc.service

[Service]
Type=forking
ExecStart=/usr/local/bind/sbin/named -u named -c /usr/local/bind/etc/named.conf
ExecReload=/usr/local/bind/sbin/rndc reload
ExecStop=/usr/local/bind/sbin/rndc stop

[Install]
WantedBy=multi-user.target

保存退出

创建软连

ln -s /lib/systemd/system/binddns.service /etc/systemd/system/multi-user.target.wants/binddns

载入启动

systemctl daemon-reload

启动binddns

systemctl start binddns

停止binddns

systemctl stop binddns

重启binddns

加入系统启动

systemctl enable binddns

完成。









609 9

评论 (9)