系統環境:
系統:centos 6.8 Mysql: 5.1 BIND: bind-9.11.0-P2.tar.gz IP地址:192.168.153.130 軟件下載地址:http://ftp.isc.org/
一、安裝並配置MySQL.
1.編譯環境相關依賴包安裝.
yum install openssl-devel openldap-devel unixODBC-devel gcc
2.安裝MySQL數據庫
yum -y install mysql mysql-server mysql-devel
3.驗證是否安裝成功
[root@localhost ~]# rpm -qi mysql-server
4.啟動MySql服務
[root@localhost ~]# /etc/init.d/mysqld start
5.登錄並設置密碼
[root@localhost ~]# mysql -u root mysql> show databases; mysql> use mysql; mysql> update user set password=password('123456') where user='root';
6.開放遠程登錄權限
mysql> GRANT ALL PRIVILEGES ON *.* TO 'root'@'%' IDENTIFIED BY '123456' WITH GRANT OPTION; Query OK, 0 rows affected (0.00 sec) mysql> FLUSH PRIVILEGES; Query OK, 0 rows affected (0.00 sec)
7.設置開機啟動(非必須)
[root@localhost ~]#chkconfig mysqld on
二、下載並安裝Bind-DLZ
1.下載並解壓Bind-DLZ軟件包
[root@localhost opt]#wget http://ftp.isc.org/isc/bind9/9.11.0-P2/bind-9.11.0-P2.tar.gz [root@localhost opt]#tar -zxvf bind-9.11.0-P2.tar.gz
2.在64位系統上編譯,您可能需要設置一些變量,以便找到適當的mysql庫:
[root@localhost ~]# export CPPFLAGS="-I/usr/lib64/mysql $CPPFLAGS" [root@localhost ~]# export LDFLAGS="-L/usr/lib64/mysql $LDFLAGS" [root@localhost ~]# export LD_LIBRARY_PATH="/usr/lib64/mysql"
3.編譯安裝Bind-DLZ.
[root@localhost opt]# cd bind-9.11.0-P2 [root@localhost bind-9.11.0-P2]#./configure --prefix=/usr/local/bind --enable-threads \ --enable-largefile --disable-ipv6 \ --disable-openssl-version-check \ --with-dlz-mysql=yes [root@localhost bind-9.11.0-P2]# make [root@localhost bind-9.11.0-P2]# make install
4.查看版本並測試軟件是否安裝成功
[root@localhost bind-9.11.0-P2]# /usr/local/bind/sbin/named -v BIND 9.11.0-P2 <id:9713922>
5.配置rndc.conf和named.conf文件
生成rndc.conf:
[root@localhost ~]# cd /usr/local/bind/etc/
[root@localhost etc]# rndc-confgen -r /dev/urandom > rndc.conf
提供ca文件
[root@localhost etc]#wget -O named.ca http://www.internic.net/domain/named.root
創建並生成named.conf
[root@localhost etc]# tail -10 rndc.conf | head -9 | sed s/#\ //g > named.conf
生成的named.conf文件只key和controls部分,需要自己手動添加logging和options部分,完整文件如下:
[root@localhost etc]# cat named.conf key "rndc-key" { algorithm hmac-md5; secret "X0k0Uz62Actu11IXrnA48A=="; }; controls { inet 127.0.0.1 port 953 allow { 127.0.0.1; } keys { "rndc-key"; }; }; logging { channel bind_log { file "/tmp/bind.log" versions 3 size 20m; severity info; print-time yes; print-severity yes; print-category yes; }; category default { bind_log; }; }; options { listen-on port 53 { 192.168.153.130; }; directory "/usr/local/bind"; Pid-file "named.pid"; allow-query-cache { any; }; allow-query { any; }; }; dlz "Mysql zone" { database "mysql {host=192.168.153.130 dbname=bind ssl=false port=3306 user=root pass=123456} {select zone from dns_records where zone = '$zone$' and view = 'any' limit 1} {select ttl,type,if(mx_priority>0,mx_priority,NULL),case when lower(type)='txt' then concat('\"',data,'\"') when lower(type) = 'soa' then concat_ws(' ', data, resp_person, serial, refresh, retry, expire, minimum) else data end as mydata from dns_records where zone = '$zone$' and host = '$record$' and view = 'any'}"; }; [root@localhost etc]#
6.創建named用戶,使bind服務以named用戶運行,
[root@localhost ~]#groupadd -r -g 25 named [root@localhost ~]#useradd -r -u 25 -s /bin/nologin -d /usr/local/named -g named named [root@localhost ~]#chown -R named:named /usr/local/bind/
7.前台啟動named服務,看看配置是否正常.
[root@localhost ~]#/usr/local/bind/sbin/named -c /usr/local/bind/etc/named.conf -f -g -u named
如果以上的配置啟動都沒有報錯,那么接下來就可以添加MySQL,這樣就可以將區域信息寫入到數據庫中.
三、配置dlz數據庫查詢
1.登錄MySQL,並創建庫和表.
mysql> create database bind; Query OK, 1 row affected (0.00 sec) > CREATE TABLE IF NOT EXISTS `dns_records` ( `id` int(10) unsigned NOT NULL AUTO_INCREMENT, `zone` varchar(255) NOT NULL, `host` varchar(255) NOT NULL DEFAULT '@', `type` enum('A','MX','CNAME','NS','SOA','PTR','TXT','AAAA','SVR','URL') NOT NULL, `data` varchar(255) DEFAULT NULL, `ttl` int(11) NOT NULL DEFAULT '3600', `mx_priority` int(11) DEFAULT NULL, `view` enum('any', 'Telecom', 'Unicom', 'CMCC', 'ours') NOT NULL DEFAULT "any" , `priority` tinyint UNSIGNED NOT NULL DEFAULT '255', `refresh` int(11) NOT NULL DEFAULT '28800', `retry` int(11) NOT NULL DEFAULT '14400', `expire` int(11) NOT NULL DEFAULT '86400', `minimum` int(11) NOT NULL DEFAULT '86400', `serial` bigint(20) NOT NULL DEFAULT '2015050917', `resp_person` varchar(64) NOT NULL DEFAULT 'ddns.net', `primary_ns` varchar(64) NOT NULL DEFAULT 'ns.ddns.net.', PRIMARY KEY (`id`), KEY `type` (`type`), KEY `host` (`host`), KEY `zone` (`zone`) ) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=1 ; Query OK, 0 rows affected (0.02 sec)
2.數據庫中插入數據:
mysql> insert into bind.dns_records (zone, host, type, data, ttl) VALUES ('testinfo.com', 'www', 'A', '1.1.1.1', '600'); Query OK, 1 row affected (0.00 sec) mysql> insert into bind.dns_records (zone, host, type, data, ttl) VALUES ('testinfo.com', 'bbs', 'A', '2.2.2.2', '600'); Query OK, 1 row affected (0.00 sec) mysql> insert into bind.dns_records (zone, host, type, data, ttl) VALUES ('testinfo.com', 'm', 'A', '3.3.3.3', '600'); Query OK, 1 row affected (0.00 sec) mysql>
3.后台啟動named服務:
[root@localhost ~]# /usr/local/bind/sbin/named -c /usr/local/bind/etc/named.conf -f -g -u named &
4.在/etc/resolv.conf 文件中添加本機192.168.153.130為第一dns解析地址:
[root@localhost ~]# vim /etc/resolv.conf ; generated by /sbin/dhclient-script #search localdomain nameserver 192.168.153.130 nameserver 192.168.153.2 nameserver 8.8.8.8
5.解析測試:本地添加的test.info.com域名通過192.168.153.130解析,外網的www.baidu.com使用第二個dns解析.
[root@localhost ~]# nslookup > www.testinfo.com Server: 192.168.153.130 Address: 192.168.153.130#53 Name: www.testinfo.com Address: 1.1.1.1 > bbs.testinfo.com Server: 192.168.153.130 Address: 192.168.153.130#53 Name: bbs.testinfo.com Address: 2.2.2.2 > m.testinfo.com Server: 192.168.153.130 Address: 192.168.153.130#53 Name: m.testinfo.com Address: 3.3.3.3 > www.baidu.com Server: 192.168.153.2 Address: 192.168.153.2#53 Non-authoritative answer: www.baidu.com canonical name = www.a.shifen.com. Name: www.a.shifen.com Address: 220.181.111.188 Name: www.a.shifen.com Address: 220.181.112.244
至此Bind-MySQL部署完成.
參考文檔:
https://itsecureadmin.com/2010/09/bind-dlz-with-mysql/
https://www.jianshu.com/p/1318ef8865ba
https://www.cnblogs.com/jiangxu67/p/4801230.html