• bind主从搭建


    安装主节点bind

     yum -y install gcc gcc-c++ openssl-devel openssh-clients wget net-tools pcre-devel  make lrzsz unzip zip xz ntpdate lsof python-setuptools python-devel telnet vim tree
    wget ftp://ftp.isc.org/isc/bind9/9.6.1/bind-9.6.1.tar.gz
    ./configure --prefix=/data/server/bind --enable-threads --enable-largefile
    Make && make install
    /data/server/bind/sbin/rndc-confgen > /data/server/bind/etc/rndc.conf
    cd /data/server/bind/etc
    tail -10 rndc.conf | head -9 | sed s/# //g > named.conf

    vim /data/server/bind/etc/named.conf

    key "rndc-key" {
            algorithm hmac-md5;
            secret "/HtAntfnCIY55pG8+RM7aQ==";
    };
    
    controls {
            inet 127.0.0.1 port 953
            allow { 127.0.0.1; } keys { "rndc-key"; };
    };
    
    options {
            directory       "/data/server/bind/etc";
            pid-file        "/data/server/bind/var/run/named.pid";
            allow-query     { any; };
            version "unsupported on this platform";  // 隐藏版本信息
            recursion yes;                           // 允许递归
            allow-transfer { 10.9.180.152; };        // 允许从节点同步zone
            also-notify { 10.9.180.152; };           // 当新的zone文件被调入系统,通知从节点
    
            managed-keys-directory "/data/server/bind/var/run/named";
    };
    
    logging{
            channel named.log {
            file            "/data/logs/bind/named.log" versions 5 size 20m;
            severity        info;
            print-time      yes;
            print-severity  yes;
            print-category  yes;
            };
            category default {
            named.log;
            };
            category lame-servers {
            null;
            };
    };
    
    zone "." IN {
            type hint;
            file "/data/server/bind/etc/named.root";
    
    };
    
    include "/data/server/bind/etc/named.dns.missfresh.zones";
    include "/data/server/bind/etc/named.root.key";

    cat /data/server/bind/etc/named.dns.missfresh.zones

    zone "dns.missfresh.net" IN {
            type master;
            file "/data/server/bind/etc/named.dns.missfresh.net";
            allow-update { none; };
            notify yes;
    };
     
    zone "10.in-addr.arpa" IN {
            type master;
            file "/data/server/bind/etc/named.dns.missfresh.local";
            allow-update { none; };
    };
    
    
    zone "dns.missfresh.cn" IN {
            type master;
            file "/data/server/bind/etc/named.dns.missfresh.cn";
            allow-update { none; };
            notify yes;
    };
    
    zone "2.10.in-addr.arpa" IN {
            type master;
            file "/data/server/bind/etc/named.dns.missfresh.cn.local";
            allow-update { none; };
    };

    cat /data/server/bind/etc/named.dns.missfresh.net

    $TTL 1D
    @       IN SOA ns.dns.missfresh.net. root.dns.missfresh.net. (
                                            2017040503 ; serial
                                            1D         ; refresh
                                            1H         ; retry
                                            1W         ; expire
                                            3H )       ; minimum
                        IN  NS      ns.dns.missfresh.net.
    ns                  IN  A       10.9.183.92 
    idc01-sre-dns-00        IN  A       10.9.183.92 
    idc01-sre-dns-01        IN  A       10.9.180.152         
    idc01-as-web-00            IN  A       10.10.101.246
    idc01-as-web-01            IN  A       10.10.112.46

    cat /data/server/bind/etc/named.dns.missfresh.local

    $TTL 1D
    @       IN SOA ns.dns.missfresh.net. root.dns.missfresh.net. (
                                            2017040503 ; serial
                                            1D         ; refresh
                                            1H         ; retry
                                            1W         ; expire
                                            3H )       ; minimum
                IN  NS      ns.dns.missfresh.net.
    92.183.9    IN  PTR     idc01-sre-dns-00.dns.missfresh.net.
    152.180.9    IN  PTR        idc01-sre-dns-01.dns.missfresh.net.
    246.101.10    IN  PTR     idc01-as-web-00.dns.missfresh.net.
    46.112.10       IN  PTR     idc01-as-web-01.dns.missfresh.net.

    测试bind启动:
    /data/server/bind/sbin/named -gc /data/server/bind/etc/named.conf
    启动bind服务:
    /data/server/bind/sbin/named -c /data/server/bind/etc/named.conf

    注意一:每次更改完master节点解析配置时,2017040503 ; serial +1 注意二:需配置search

    cat /etc/resolv.conf 
    options timeout:2
    search dns.missfresh.net
    

    从节点配置

    vim /data/server/bind/etc/named.conf

    key "rndc-key" {
            algorithm hmac-md5;
            secret "/HtAntfnCIY55pG8+RM7aQ==";
    };
    
    controls {
            inet 127.0.0.1 port 953
            allow { 127.0.0.1; } keys { "rndc-key"; };
    };
    
    options {
            directory       "/data/server/bind/etc";
            pid-file        "/data/server/bind/var/run/named.pid";
            allow-query     { any; };
            version "unsupported on this platform";  // 隐藏版本信息
            recursion yes;                           // 允许递归
    
            managed-keys-directory "/data/server/bind/var/run/named";
    };
    
    logging{
            channel named.log {
            file            "/data/logs/bind/named.log" versions 5 size 20m;
            severity        info;
            print-time      yes;
            print-severity  yes;
            print-category  yes;
            };
            category default {
            named.log;
            };
            category lame-servers {
            null;
            };
    };
    
    zone "." IN {
            type hint;
            file "/data/server/bind/etc/named.root";
    
    };
    
    include "/data/server/bind/etc/named.dns.missfresh.zones";
    include "/data/server/bind/etc/named.root.key";

    vim /data/server/bind/etc/named.dns.missfresh.zones

    zone "dns.missfresh.net" IN {
            type slave;
            file "/data/server/bind/etc/named.dns.missfresh.net";
            masters { 10.9.183.92; };
    };
    
    zone "10.in-addr.arpa" IN {
            type slave;
            file "/data/server/bind/etc/named.dns.missfresh.local";
            masters { 10.9.183.92; };
    };
    
    zone "dns.missfresh.cn" IN {
            type slave;
            file "/data/server/bind/etc/named.dns.missfresh.cn";
            masters { 10.9.183.92; };
    };
    
    zone "2.10.in-addr.arpa" IN {
            type slave;
            file "/data/server/bind/etc/named.dns.missfresh.cn.local";
            masters { 10.9.183.92; };
    };

    配置named以服务启动:
    vim /etc/init.d/named

    #!/bin/bash
    #
    # named           This shell script takes care of starting and stopping
    #                 named (BIND DNS server).
    #
    # chkconfig: - 13 87
    # description: named (BIND) is a Domain Name Server (DNS) 
    # that is used to resolve host names to IP addresses.
    
    # Source function library.
    . /etc/rc.d/init.d/functions
    
    # Source networking configuration. 
    [ -r /etc/sysconfig/network ] && . /etc/sysconfig/network 
    
    named=named
    ROOTDIR="/data/server/bind"
    CHKCONF="$ROOTDIR/sbin/named-checkconf"
    CHKZONE="$ROOTDIR/sbin/named-checkzone"
    named_conf="$ROOTDIR/etc/named.conf"
    RNDC="$ROOTDIR/sbin/rndc"
    
    start() {
        echo -n $"Starting $named: "
        if [ -n "`/sbin/pidof -o %PPID $named`" ]; then
            echo -n $"$named: already running"
            failure
            echo
            return 1
        fi
        
        conf_ok=0;
        
        if [ -x $CHKCONF ] && [ -x $CHKZONE ] && $CHKCONF ${named_conf} >/dev/null 2>&1; then
            conf_ok=1;
        else
            RETVAL=$?;
        fi
        
        if [ $conf_ok -eq 1 ]; then
            daemon $ROOTDIR/sbin/$named -c $named_conf 
            RETVAL=$?;
            [ $RETVAL -eq 0 ] && touch /var/lock/subsys/named
            echo
            return $RETVAL
        fi
    }
    
    stop() {
        echo -n $"Stopping $named: "
        $RNDC stop >/dev/null 2>&1
        RETVAL=$?
        [ "$RETVAL" -eq 0 ] || killproc "$named" -TERM >/dev/null 2>&1
    
        if [ $RETVAL -eq 0 ]; then
            rm -f /var/lock/subsys/named &> /dev/null
            rm -f $ROOTDIR/var/run/named.pid &> /dev/null
        fi;
    
        if [ $RETVAL -eq 0 ]; then
            success
        else
            failure
        fi;
        echo
        return $RETVAL
    }
    
    restart() {
        stop
        sleep 2
        start
    }
    
    status() {
        $RNDC status
        return $?
    }
    
    reload() {
        echo -n $"Reloading $named: "
        p=`/sbin/pidof -o %PPID $named`
        RETVAL=$?
        
        if [ "$RETVAL" -eq 0 ]; then
            $RNDC reload >/dev/null 2>&1 || /bin/kill -HUP $p;
            RETVAL=$?
        fi
        
        [ "$RETVAL" -eq 0 ] && success $"$named reload" || failure $"$named reload"
        echo
        return $RETVAL
    }
    
    checkconfig() {
        if [ -x $CHKCONF ] && [ -x $CHKZONE ] && $CHKCONF ${named_conf}  ; then
            return 0;
        else
            return 1;
        fi
    }
    
    case "$1" in
        start)
           start
            ;;
        stop)
            stop
            ;;
        status)
            status
            ;;
        restart)
            restart
            ;;
        reload)
            reload
            ;;
        checkconfig|configtest|check|test)
            checkconfig
            ;;
        *)
            echo $"Usage: $0 {start|stop|status|restart|condrestart|reload|configtest|probe}"
            exit 2
            ;;
    esac
    exit $?
  • 相关阅读:
    How to Analyze Java Thread Dumps
    Attention to encodings
    Inspect Memory Leak
    Java boolean operator &=, |= and ^=
    网站PC端和移动端,用户通过设备识别
    网页平滑过渡效果和自适用,三角图形,动效
    开机自动调用.bat文件且浏览器全屏展示
    react中使用屏保
    Axios的get和post请求写法
    React在componentWillMount中请求接口数据结束后再执行render
  • 原文地址:https://www.cnblogs.com/patrick0715/p/8229167.html
Copyright © 2020-2023  润新知