• DNS-基于Bind-dlz的智能DNS实现


    简介

    本文主要介绍bind结合mysql实现智能dns,以centos-6 32为例安装(原文为编译安装,我搭建的是yum安装!结合之前的DNS环境部署)
    注:bind 9.4.0之后的版本都已经打了dlz的补丁了!

    部署过程

    1、安装mysql

    yum install gcc gcc-c++ openssl-devel wget ncurses-devel make
    groupadd mysql
    useradd -g mysql mysql -s /sbin/nologin
    cd /tmp
    wget http://cdn.mysql.com/Downloads/MySQL-5.1/mysql-5.1.65.tar.gz
    tar xzf mysql-5.1.65.tar.gz
    cd mysql-5.1.65
    ./configure --prefix=/usr/local/mysql/ --without-pthread --with-unix-socket-path=/tmp/mysql.sock --with-extra-charsets=gbk,gb2312,utf8
    make
    make install
    cp support-files/my-medium.cnf /etc/my.cnf
    /usr/local/mysql/bin/mysql_install_db --user=mysql
    chown -R root.mysql /usr/local/mysql
    chown -R mysql /usr/local/mysql/var
    cp support-files/mysql.server /etc/init.d/mysqld
    chown root.root /etc/rc.d/init.d/mysqld
    chmod 755 /etc/rc.d/init.d/mysqld
    chkconfig --add mysqld
    chkconfig  mysqld on
    ln -s /usr/local/mysql/bin/mysql /usr/bin
    ln -s /usr/local/mysql/bin/mysqladmin /usr/bin
    service mysqld start
    mysqladmin -u root password root
    

    2、安装bind

    cd /tmp
    wget http://ftp.isc.org/isc/bind9/cur/9.9/bind-9.9.1-P2.tar.gz
    tar xzf bind-9.9.1-P2.tar.gz
    cd bind-9.9.1-P2
    ./configure --prefix=/usr/local/bind/ --disable-openssl-version-check --with-dlz-mysql=/usr/local/mysql
    make
    make install
    

    3、配置bind

    cd /usr/local/bind/etc
    ../sbin/rndc-confgen -r /dev/urandom >rndc.conf
    tail -n10 rndc.conf | head -n9 | sed -e s/#//g>named.conf
    

    vi named.conf
    在后面增加:

    include "/usr/local/bind/etc/CHINANET.acl"; //联通ACL
    include "/usr/local/bind/etc/CNC.acl"; //电信ACL
    include "/usr/local/bind/etc/view.conf"; //DLZ相关的配置
    

    acl文件:

    注:通过如下网址进行实时更新筛选
    https://tsov.net/uupee/22325/
    http://ftp.apnic.net/apnic/stats/apnic/delegated-apnic-latest

    view.conf内容:

    其中需要修改的字段为user=root pass=root,即此处mysql用户为root,密码为root。

    view "CHINANET_view" {
      match-clients  { CHINANET; };
      allow-query-cache { none; };
      allow-recursion { none; };
      allow-transfer { none; };
      recursion no;
     
        dlz "Mysql zone" {
        database "mysql
        {host=127.0.0.1 dbname=dns_data ssl=false port=3306 user=root pass=root}
        {select zone from dns_records where zone = '$zone$' and  view = 'any' limit 1}
        {select ttl,type,mx_priority,case when lower(type)='txt' then concat('"',data,'"') when lower(type)    =  'soa'  then   concat_ws(' ',  data,  resp_person,  serial,  refresh,  retry,  expire,  minimum)   else   data   end   as   mydata   from   dns_records where zone = '$zone$'   and host = '$record$' and view=(select view from dns_records where zone = '$zone$' and host = '$record$' and (view='CHINANET' or view='any') order by priority asc limit 1)}";
    };
    };
    view "CNC_view" {
      match-clients  { CNC; };
      allow-query-cache { none; };
      allow-recursion { none; };
      allow-transfer { none; };
      recursion no;
     
        dlz "Mysql zone" {
        database "mysql
        {host=127.0.0.1 dbname=dns_data ssl=false port=3306 user=root pass=root}
        {select zone from dns_records where zone = '$zone$' and  view = 'any' limit 1}
        {select ttl,type,mx_priority,case when lower(type)='txt' then concat('"',data,'"') when lower(type)    =  'soa'  then   concat_ws(' ',  data,  resp_person,  serial,  refresh,  retry,  expire,  minimum)   else   data   end   as   mydata   from   dns_records where zone = '$zone$'   and host = '$record$' and view=(select view from dns_records where zone = '$zone$' and host = '$record$' and (view='CNC' or view='any') order by priority asc limit 1)}";
    };
    };
    view "any_view" {
      match-clients  { any; };
      allow-query-cache { none; };
      allow-recursion { none; };
      allow-transfer { none; };
      recursion no;
     
        dlz "Mysql zone" {
        database "mysql
        {host=127.0.0.1 dbname=dns_data ssl=false port=3306 user=root pass=root}
        {select zone from dns_records where zone = '$zone$' and view = 'any' limit 1}
        {select ttl,type,mx_priority,case when lower(type)='txt' then concat('"',data,'"') when lower(type) = 'soa' then concat_ws(' ',data,resp_person,serial,refresh,retry,expire,minimum) else  data end as mydata from dns_records where zone = '$zone$' and host ='$record$' and view = 'any'}";
    };
    };
    

    我的view.conf

    view "CNC_View" {
            match-clients { CNC; };
            allow-query-cache { any; };
            #allow-recursion { none; };
            allow-transfer { none; };
            recursion no;
    
            dlz "Mysql zone" {
            database "mysql
            {host=127.0.0.1 dbname=dns_data ssl=false port=3306 user=root pass=root}
            {select zone from dns_CNC where zone = '$zone$'}
            {select ttl, type, mx_priority, case when lower(type)='txt' then concat('"', data, '"')
                    when lower(type) = 'soa' then concat_ws(' ', data, resp_person, serial, refresh, retry, expire, minimum)
                    else data end from dns_CNC where zone = '$zone$' and host = '$record$'}";
            };
    };
    
    view "CHINANET_View" {
            match-clients { CHINANET; };
            allow-query-cache { any; };
            #allow-recursion { none; };
            allow-transfer { none; };
            recursion no;
    
            dlz "Mysql zone" {
            database "mysql
            {host=127.0.0.1 dbname=dns_data ssl=false port=3306 user=root pass=root}
            {select zone from dns_CHINANET where zone = '$zone$'}
            {select ttl, type, mx_priority, case when lower(type)='txt' then concat('"', data, '"')
                    when lower(type) = 'soa' then concat_ws(' ', data, resp_person, serial, refresh, retry, expire, minimum)
                    else data end from dns_CHINANET where zone = '$zone$' and host = '$record$'}";
            };
    };
    
    view "CMCC_View" {
            match-clients { CMCC; };
            allow-query-cache { any; };
            #allow-recursion { none; };
            allow-transfer { none; };
            recursion no;
    
            dlz "Mysql zone" {
            database "mysql
            {host=127.0.0.1 dbname=dns_data ssl=false port=3306 user=root pass=root}
            {select zone from dns_CMCC where zone = '$zone$'}
            {select ttl, type, mx_priority, case when lower(type)='txt' then concat('"', data, '"')
                    when lower(type) = 'soa' then concat_ws(' ', data, resp_person, serial, refresh, retry, expire, minimum)
                    else data end from dns_CMCC where zone = '$zone$' and host = '$record$'}";
            };
    };
    
    view "OTHER_View" {
            match-clients { OTHER; };
            allow-query-cache { any; };
            #allow-recursion { none; };
            allow-transfer { none; };
            recursion no;
    
            dlz "Mysql zone" {
            database "mysql
            {host=127.0.0.1 dbname=dns_data ssl=false port=3306 user=root pass=root}
            {select zone from dns_OTHER where zone = '$zone$'}
            {select ttl, type, mx_priority, case when lower(type)='txt' then concat('"', data, '"')
                    when lower(type) = 'soa' then concat_ws(' ', data, resp_person, serial, refresh, retry, expire, minimum)
                    else data end from dns_OTHER where zone = '$zone$' and host = '$record$'}";
            };
    };
    

    4、数据库配置

    mysql>create database dns_data;        //创建数据库名为 dns_data
       mysql>use dns_data;
       DROP TABLE IF EXISTS `dns_records`;
       CREATE TABLE `dns_records` (
       `id` int(10) unsigned NOT NULL auto_increment,
       `zone` varchar(255) NOT NULL,
       `host` varchar(255) NOT NULL default '@',
       `type` enum('MX','CNAME','NS','SOA','A','PTR') NOT NULL,
       `data` varchar(255) default NULL,
       `ttl` int(11) NOT NULL default '800',
       `view` char(20) default 'any',     //any 代表默认,SOA 查询需,其它可以分,CNC……
       `mx_priority` int(11) default NULL,
       `priority` int(3) default 255,  //any为255,其它如CNC,CHINANET等线路为200
       `refresh` int(11) NOT NULL default '3600',
       `retry` int(11) NOT NULL default '3600',
       `expire` int(11) NOT NULL default '86400',
       `minimum` int(11) NOT NULL default '3600',
       `serial` bigint(20) NOT NULL default '2008082700',
       `resp_person` varchar(64) NOT NULL default 'root.domain.com.',
       `primary_ns` varchar(64) NOT NULL default 'ns1.domain.com.',
       `data_count` int(11) NOT NULL default '0',
       PRIMARY KEY          (`id`),
       KEY `type` (`type`),
       KEY `host` (`host`),
       KEY `zone` (`zone`)
       ) ENGINE=MyISAM AUTO_INCREMENT=1 DEFAULT CHARSET=gbk;
    

    此处我使用phpMyadmin进行创建

    mysql> describe dns_records;
    +-------------+------------+------+-----+---------+-------+
    | Field       | Type       | Null | Key | Default | Extra |
    +-------------+------------+------+-----+---------+-------+
    | zone        | text       | YES  |     | NULL    |       |
    | host        | text       | YES  |     | NULL    |       |
    | type        | text       | YES  |     | NULL    |       |
    | data        | text       |      |     |         |       |
    | ttl         | int(11)    | YES  |     | NULL    |       |
    | mx_priority | text       | YES  |     | NULL    |       |
    | refresh     | int(11)    | YES  |     | NULL    |       |
    | retry       | int(11)    | YES  |     | NULL    |       |
    | expire      | int(11)    | YES  |     | NULL    |       |
    | minimum     | int(11)    | YES  |     | NULL    |       |
    | serial      | bigint(20) | YES  |     | NULL    |       |
    | resp_person | text       | YES  |     | NULL    |       |
    | primary_ns  | text       | YES  |     | NULL    |       |
    +-------------+------------+------+-----+---------+-------+
    13 rows in set (0.00 sec)
    

    5、启动bind服务

    # /usr/local/bind/sbin/named -uroot -g -d 9 //调试状态,如果没有报错说明环境配置正确。
    

    做成启动服务. Debug 的时候多用此模式启动bind.

    # /usr/local/bind/sbin/rndc reload 重载 named.conf 相关配置文件.
    # /usr/local/bind/sbin/named -uroot -c /usr/local/bind/etc/named.conf 启动 bind 服务.
    

    6、插入记录的sql实例

    --SOA
     
         INSERT INTO `dns_records` (`zone`,`host`,`type`,`data`,`ttl`,`mx_priority`,`refresh`, `retry`,`expire`,`minimum`,`serial`,`resp_person`,`primary_ns`,`data_count`) VALUES ('centos.bz', '@','SOA','ns1.centos.bz.',10,NULL,3600,3600,86400,10,2008082700,'root.centos.bz.','ns1.centos.bz.', 0);
     
    --@ NS
     
         INSERT INTO `dns_records` (`zone`,`host`,`type`,`data`) VALUES ('centos.bz','@','NS','ns1.centos.bz.'),('centos.bz','@','NS','ns2.centos.bz.');
     
    --NS A
         INSERT INTO `dns_records` (`zone`,`host`,`type`,`data`) VALUES ('centos.bz', 'ns1', 'A', '211.100.72.137'),   ('centos.bz', 'ns2', 'A', '219.232.244.11');
     
    --A
     
         INSERT INTO `dns_records` (`zone`, `host`, `type`, `data`, `ttl`, `view`,`priority`) VALUES   ('centos.bz', 'www', 'A', '210.51.36.116', 3600, 'CNC',200), ('centos.bz', 'www', 'A','221.238.249.178', 3600, 'CHINANET',200), ('centos.bz', 'www', 'A', '211.103.156.230', 3600, 'any',255);
     
    --CNAME
     
         INSERT INTO dns_records (zone,host,type,DATA,view,priority) VALUES ('centos.bz', 'man', 'CNAME', 'www','CNC',200),('centos.bz', 'man', 'CNAME', 'www','CHINANET',200), ('centos.bz', 'man', 'CNAME', 'www','any',255);
    

    本文来自博客园,作者:sunnydoy,转载请注明原文链接:https://www.cnblogs.com/sunnydou/p/15125959.html

  • 相关阅读:
    python全栈开发,Day43(引子,协程介绍,Greenlet模块,Gevent模块,Gevent之同步与异步)
    python全栈开发,Day42(Thread类的其他方法,同步锁,死锁与递归锁,信号量,事件,条件,定时器,队列,Python标准模块--concurrent.futures)
    python全栈开发,Day41(线程概念,线程的特点,进程和线程的关系,线程和python理论知识,线程的创建)
    处理大并发之五 使用libevent利器bufferevent
    [转]./configure,make,make install的作用
    [转]Centos安装zeromq和jzmq
    [zhuan] linux 下 wxWidgets 安装,编译
    [转]面向过程的分析(POA),和面向对象的分析(OOA)
    【转】libevent和基于libevent的网络编程
    [转] Linux下 config/configure/Configure、make 、make test/make check、sudo make install 的作用
  • 原文地址:https://www.cnblogs.com/sunnydou/p/15125959.html
Copyright © 2020-2023  润新知