[安裝過程-01] 編譯 安裝 設定 BIND - 2



贊助商連結


bx2aa
2008-09-22, 11:42 PM
增加使用者 named 不給 Shell 不給 ~
useradd -s /bin/false -d /dev/null named

建立 named 的 pid-file 使用的目錄
mkdir /var/run/named

修改 /var/run/named 擁有者
chown named.named /var/run/named

修改 /var/run/named 使用者 named 擁有 讀寫執行權限 其餘所有無任何權限
chmod 700 /var/run/named

將 named group 加入 /var/named 有存取權
nachgrp named /var/named

終止執行中的 named
killall -9 named

named 以 User named 執行
named -u named

將 named -u named 附加到 rc.local 使每次開機都自動執行
echo "/usr/local/sbin/named -u named" >> /etc/rc.local

修改 named.conf
增加 zone localhost 和 amateur.radio
增加反向 zone 0.0.127.in-addr.arpa 與 192.168.0.zone
vi /etc/named.conf
options {
directory "/var/named";
pid-file "/var/run/named/named.pid";
};

zone "." {
type hint;
file "named.ca";
};

zone "localhost" {
type master;
file "named.local";
};

zone "amateur.radio" {
type master;
file "amateur.radio.zone";
};


zone "0.0.127.in-addr.arpa" {
type master;
file "127.0.0.zone";
};

zone "0.168.192.in-addr.arpa" {
type master;
file "192.168.0.zone";
};

key "rndc-key" {
algorithm hmac-md5;
secret "SSYN1ZOIcz1l76MPVPqfGQ==";
};

controls {
inet 127.0.0.1 port 953
allow { 127.0.0.1; } keys { "rndc-key"; };
};






編輯 localhost zone
vi /var/named/named.local
@ IN SOA localhost. root ( 2008092001 1H 15M 1W 1D )
IN NS @
IN A 127.0.0.1

編輯 localhost 反查
vi /var/named/127.0.0.zone
@ IN SOA @ root.localhost. ( 2004081201 1H 15M 1W 1D )
IN NS localhost.
1 IN PTR localhost.

編輯 amateur.radio zone
vi /var/named/amateur.radio.zone
@ IN SOA @ root ( 2008092201 1H 15M 1W 1D )
IN NS @
IN A 192.168.0.249
IN MX 10 mail.amateur.radio.
ns IN A 192.168.0.249
mail IN A 192.168.0.249
www IN A 192.168.0.249
news IN CNAME www
nb IN A 192.168.0.129

編輯 amateur.radio 反查
vi /var/named/192.168.0.zone
@ IN SOA amateur.radio. root.amateur.radio. ( 2008092201 1H 15M 1W 1D )
IN NS amateur.radio.
129 IN PTR nb.amateur.radio.
249 IN PTR www.amateur.radio.
249 IN PTR mail.amateur.radio.

重新載入設定
rndc reload

測試所設定的是否正確
host localhost
host nb.amateur.radio
host www.amateur.radio
host mail.amateur.radio

nslookup
server 127.0.0.1
127.0.0.1
192.168.0.129
129.168.0.249