linux+bind9.4.1 配置主备dns同步
Southeast
|
1#
Southeast 发表于 2007-07-08 00:50
linux+bind9.4.1 配置主备dns同步
bind9.4.1下载地址:http://ftp.isc.org/isc/bind9/9.4.1/bind-9.4.1.tar.gz
下载bind-9.4.1.tar.gz 放到/usr/local/src/目录下 # tar zxvf bind-9.4.1.tar.gz # cd bind-9.4.1 # ./configure --prefix=/usr/local/named --enable-threads # make # make install # cd /usr/local/named/etc 建立主dns IP:1.2.3.4 域名:ns1.XXX.com # ../sbin/rndc-confgen copy下面注释的部分代码,并去掉注释,修改rndc-key为ns1,有两处啊。。。再把代码加入named.conf # key "rndc-key" { # algorithm hmac-md5; # secret "XXXXXXXXXXXXXXXXXXXXXXX"; # }; # # controls { # inet 127.0.0.1 port 953 # allow { 127.0.0.1; } keys { "rndc-key"; }; # }; 建立named.conf 例子: # vi named.conf options { directory "/usr/local/named/etc/"; }; logging { category lame-servers { null; }; }; key "ns1" { algorithm hmac-md5; secret "XXXXXXXXXXXXXXXXXXXXXXX"; }; controls { inet 127.0.0.1 port 953 allow { 127.0.0.1; } keys { "ns1"; }; }; zone "." IN { type hint; file "named.ca"; }; zone "localhost" IN { type master; file "localhost.zone"; allow-update { none; }; }; zone "0.0.127.in-addr.arpa" IN { type master; file "named.local"; allow-update { none; }; }; zone "XXX.com" IN { type master; file "db.XXX.com"; }; zone "3.2.1.in-addr.arpa" IN { type master; file "named.rev"; }; 生成named.ca文件 # dig > named.ca named.ca例子: ; This file holds the information on root name servers needed to ; initialize cache of Internet domain name servers ; (e.g. reference this file in the "cache . <file>" ; configuration file of BIND domain name servers). ; ; This file is made available by InterNIC registration services ; under anonymous FTP as ; file /domain/named.root ; on server FTP.RS.INTERNIC.NET ; -OR- under Gopher at RS.INTERNIC.NET ; under menu InterNIC Registration Services (NSI) ; submenu InterNIC Registration Archives ; file named.root ; ; last update: Aug 22, 1997 ; related version of root zone: 1997082200 ; ; ; formerly NS.INTERNIC.NET ; . 3600000 IN NS A.ROOT-SERVERS.NET. A.ROOT-SERVERS.NET. 3600000 A 198.41.0.4 ; ; formerly NS1.ISI.EDU ; . 3600000 NS B.ROOT-SERVERS.NET. B.ROOT-SERVERS.NET. 3600000 A 128.9.0.107 ; ; formerly C.PSI.NET ; . 3600000 NS C.ROOT-SERVERS.NET. C.ROOT-SERVERS.NET. 3600000 A 192.33.4.12 ; ; formerly TERP.UMD.EDU ; . 3600000 NS D.ROOT-SERVERS.NET. D.ROOT-SERVERS.NET. 3600000 A 128.8.10.90 ; ; formerly NS.NASA.GOV ; . 3600000 NS E.ROOT-SERVERS.NET. E.ROOT-SERVERS.NET. 3600000 A 192.203.230.10 ; ; formerly NS.ISC.ORG ; . 3600000 NS F.ROOT-SERVERS.NET. F.ROOT-SERVERS.NET. 3600000 A 192.5.5.241 ; ; formerly NS.NIC.DDN.MIL ; . 3600000 NS G.ROOT-SERVERS.NET. G.ROOT-SERVERS.NET. 3600000 A 192.112.36.4 ; ; formerly AOS.ARL.ARMY.MIL ; . 3600000 NS H.ROOT-SERVERS.NET. H.ROOT-SERVERS.NET. 3600000 A 128.63.2.53 ; ; formerly NIC.NORDU.NET ; . 3600000 NS I.ROOT-SERVERS.NET. I.ROOT-SERVERS.NET. 3600000 A 192.36.148.17 ; ; temporarily housed at NSI (InterNIC) ; . 3600000 NS J.ROOT-SERVERS.NET. J.ROOT-SERVERS.NET. 3600000 A 198.41.0.10 ; ; housed in LINX, operated by RIPE NCC ; . 3600000 NS K.ROOT-SERVERS.NET. K.ROOT-SERVERS.NET. 3600000 A 193.0.14.129 ; ; temporarily housed at ISI (IANA) ; . 3600000 NS L.ROOT-SERVERS.NET. L.ROOT-SERVERS.NET. 3600000 A 198.32.64.12 ; ; housed in Japan, operated by WIDE ; . 3600000 NS M.ROOT-SERVERS.NET. M.ROOT-SERVERS.NET. 3600000 A 202.12.27.33 # vi localhost.zone $TTL 86400 $ORIGIN localhost. @ 1D IN SOA @ root ( 42 ; serial (d. adams) 3H ; refresh 15M ; retry 1W ; expiry 1D ) ; minimum 1D IN NS @ 1D IN A 127.0.0.1 # vi named.local $TTL 86400 @ IN SOA localhost. root.localhost. ( 1997022700 ; Serial 28800 ; Refresh 14400 ; Retry 3600000 ; Expire 86400 ) ; Minimum IN NS localhost. 1 IN PTR localhost. # vi db.XXX.com $TTL 86400 @ 1D IN SOA XXX.com. root.XXX.com. ( 2007070701 3H ; refresh 15M ; retry 1W ; expiry 1D ) ; minimum IN NS ns1.XXX.com. IN NS ns2.XXX.com. IN A 1.2.3.4 ns1 IN A 1.2.3.4 ns2 IN A 5.6.7.8 # vi named.rev $TTL 86400 @ IN SOA XXX.com. root.XXX.com. ( 2 ; Serial 28800 ; Refresh 14400 ; Retry 3600000 ; Expire 86400 ) ; Minimum IN NS ns1.XXX.com. IN NS ns2.XXX.com. 4.3.2.1.in-addr.arpa. IN PTR ns1.XXX.com. 8.7.6.5.in-addr.arpa. IN PTR ns2.XXX.com. 启动bind # /usr/local/named/sbin/named -gc /usr/local/named/etc/named.conf 建立备dns IP:5.6.7.8 域名:ns2.XXX.com # ../sbin/rndc-confgen copy下面注释的部分代码,并去掉注释,修改rndc-key为ns2,有两处啊。。。再把代码加入named.conf # key "rndc-key" { # algorithm hmac-md5; # secret "XXXXXXXXXXXXXXXXXXXXXXX"; # }; # # controls { # inet 127.0.0.1 port 953 # allow { 127.0.0.1; } keys { "rndc-key"; }; # }; 建立named.conf 例子: # vi named.conf options { directory "/usr/local/named/etc/"; }; logging { category lame-servers { null; }; }; key "ns2" { algorithm hmac-md5; secret "XXXXXXXXXXXXXXXXXXXXXXX"; }; controls { inet 127.0.0.1 port 953 allow { 127.0.0.1; } keys { "ns2"; }; }; zone "." IN { type hint; file "named.ca"; }; zone "localhost" IN { type master; file "localhost.zone"; allow-update { none; }; }; zone "0.0.127.in-addr.arpa" IN { type master; file "named.local"; allow-update { none; }; }; zone "XXX.com" IN { type s; file "db.XXX.com"; masters { 1.2.3.4; }; }; zone "3.2.1.in-addr.arpa" IN { type master; file "named.rev"; masters {1.2.3.4; }; }; 建立named.ca,localhost.zone,named.local文件,内容全部同主dns一样 # dig > named.ca # vi localhost.zone # vi named.local 启动备dns,这时个从主dns自动同步主DNS的内容。自动在你定义的工作目录内生成数据文件 # /usr/local/named/sbin/named -gc /usr/local/named/etc/named.conf & |