Linux環境下bind9.2.3域名服務器的安裝

1.從http://www.isc.org/products/BIND/bind9.html下載bind9的源文件。目前版本為9 .23，源文件為bind-9.2.3.tar.gz。
2.將源文件bind-9.2.3.tar.gz置于/usr/local/src目錄下。
3.解壓縮源文件bind-9.2.3.tar.gz
  # tar -xzvf bind-9.2.3.tar.gz -C /usr/local/src
4.進入安裝目錄
  # cd bind-9.2.3
5.配置、編譯
  # ./configure
  # make
6.安裝
  # make install
7.生成的可執行文件位于/usr/local/sbin目錄下。最重要的可執行文件為named和rndc。
8.創建鏈接
  # ln -s /usr/local/sbin/rndc /usr/sbin/rndc
  # ln -s /usr/local/sbin/named /usr/sbin/named
9.創建rndc.conf配置文件。
  # /usr/local/sbin/rndc-confgen > /etc/rndc.conf
  # cat /etc/rndc.conf
  輸出為：
       # Start of rndc.conf
       key "rndc-key" {
              algorithm hmac-md5;
              secret "y9xvvfQjdWv9f/Fo7wquBg==";
       };
       
       options {
              default-key "rndc-key";
              default-server 127.0.0.1;
              default-port 953;
       };
       # End of rndc.conf
      
       # Use with the following in named.conf, adjusting the allow list as needed:
       # key "rndc-key" {
       #       algorithm hmac-md5;
       #       secret "y9xvvfQjdWv9f/Fo7wquBg==";
       # };
       #
       # controls {
       #       inet 127.0.0.1 port 953
       #               allow { 127.0.0.1; } keys { "rndc-key"; };
       # };
       # End of named.conf
10.創建rndc.key文件。將rndc.conf文件中注釋部分拷貝生成如下文件：
   # vi /etc/rndc.key
       key "rndc-key" {
             algorithm hmac-md5;
             secret "y9xvvfQjdWv9f/Fo7wquBg==";
       };

       controls {
             inet 127.0.0.1 port 953
                     allow { 127.0.0.1; } keys { "rndc-key"; };
       };
   檢查rndc是否正常工作:
   #/usr/local/sbin/named -g
 Jan 11 11:56:45.075 starting BIND 9.2.3 -g
 Jan 11 11:56:45.076 using 1 CPU
 Jan 11 11:56:45.079 loading configuration from '/etc/named.conf'
 ......
   #/usr/local/sbin/rndc status
11.創建named.conf配置文件。
   # vi /etc/named.conf
       // generated by named-bootconf.pl                           

       options {
       directory "/var/named";
       /*
       * If there is a firewall between you and nameservers you want
       * to talk to, you might need to uncomment the query-source
       * directive below.  Previous versions of BIND always asked  
       * questions using port 53, but BIND 8.1 uses an unprivileged
       * port by default.
       */
       // query-source address * port 53;
       };

       //
       // a caching only nameserver config
       //
       zone "." IN {
       type hint;
       file "named.root";
       };

       zone "localhost" IN {
       type master;
              file "localhost.zone";
              allow-update { none; };
       };

       zone "0.0.127.in-addr.arpa" IN {
              type master;
              file "named.local";
              allow-update { none; };
       };

       zone "domain1.net" IN {    //新加domain1.net的域
              type master;
              file "domain1.net.zone";
              allow-update { none; };
       };

       zone "252.177.61.in-addr.arpa" IN {  //新加域的反向解析
              type master;
              file "named.61.177.252";
              allow-update { none; };
       };

       include "/etc/rndc.key";
12.創建/var/named目錄
   # mkdir /var/named
   # cd /var/named
13.匿名登錄到ftp站點FTP.RS.INTERNIC.NET，獲取/domain目錄下的named.root文件和named.ca文件，將該文件置于/var/named目錄下。
14.創建localhost.zone文件
   # vi /var/named/localhost.zone
      $TTL 86400
      $ORIGIN localhost.
      @ 1D IN SOA @ root (
       42 ; serial (d. adams)
       3H ; refresh
       15M ; retry
       1W ; expiry
       1D ) ; minimum

       1D IN NS @
       1D IN A 127.0.0.1
15.創建named.local文件
   # vi named.local
      $TTL 86400
      @       IN      SOA     localhost. root.localhost.  (
                                            1997022700 ; Serial
                                            28800      ; Refresh
                                            14400      ; Retry
                                            3600000    ; Expire
                                            86400 )    ; Minimum
                    IN      NS      localhost.

      1       IN      PTR     localhost.
16.創建domain1.net.zone文件
   # vi ycmail.net.zone
      $TTL    86400
      @       IN      SOA     localhost. root.localhost.  (
                                           2003061800 ; Serial
                                           28800      ; Refresh
                                           14400      ; Retry
                                           3600000    ; Expire
                                           86400 )    ; Minimum
                   IN      NS      localhost.

      mail          IN      A       61.177.252.34

      www           IN      CNAME   mail
17.創建named.61.177.252文件
   # vi named.61.177.252
      $TTL    86400
      @       IN      SOA     localhost. root.localhost.  (
                                           2003061800 ; Serial
                                           28800      ; Refresh
                                           14400      ; Retry
                                           3600000    ; Expire
                                           86400 )    ; Minimum
                   IN      NS      localhost.

      34            IN      PTR     mail.domain1.net.
18.創建啟動腳本
   # vi /etc/rc.d/init.d/named
      #!/bin/sh
      #
      # named           This shell script takes care of starting and stopping
      #                 named (BIND DNS server).
      #
      # chkconfig: 345 55 45
      # description: named (BIND) is a Domain Name Server (DNS)
      # that is used to resolve host names to IP addresses.
      # probe: true

      # Source function library.
      . /etc/rc.d/init.d/functions

      # Source networking configuration.
      . /etc/sysconfig/network

      # Check that networking is up.
      [ $ = "no" ] && exit 0

      [ -f /usr/sbin/named ] || exit 0

      [ -f /etc/named.conf ] || exit 0

      # See how we were called.
      case "" in
        start)
              # Start daemons.
              echo -n "Starting named: "
              daemon named
              echo
              touch /var/lock/subsys/named
              ;;
        stop)
              # Stop daemons.
              echo -n "Shutting down named: "
              killproc named
              rm -f /var/lock/subsys/named
              echo
              ;;
        status)
              /usr/sbin/rndc status
              exit $?
              ;;
        restart)
              stop
              start
              exit $?
              ;;
        reload)
              /usr/sbin/rndc reload
              exit $?
              ;;
        probe)
              # named knows how to reload intelligently; we don't want linuxconf
              # to offer to restart every time
              /usr/sbin/rndc reload >/dev/null 2>&1 || echo start
              exit 0
              ;;

        *)
              echo "Usage: named "
              exit 1
      esac

      exit 0
19.將/etc/rc.d/init.d/named變成可執行文件。
   # chmod 755 /etc/rc.d/init.d/named
20.創建啟動腳本symbollink
   # ln -s /etc/rc.d/init.d/named  /etc/rc.d/rc0.d/K45named
   # ln -s /etc/rc.d/init.d/named  /etc/rc.d/rc1.d/K45named
   # ln -s /etc/rc.d/init.d/named  /etc/rc.d/rc2.d/K45named
   # ln -s /etc/rc.d/init.d/named  /etc/rc.d/rc3.d/S55named
   # ln -s /etc/rc.d/init.d/named  /etc/rc.d/rc4.d/S55named
   # ln -s /etc/rc.d/init.d/named  /etc/rc.d/rc5.d/S55named
   # ln -s /etc/rc.d/init.d/named  /etc/rc.d/rc6.d/K45named
21.啟動bind9
   # /etc/rc.d/init.d/named start
   停止bind9
   # /etc/rc.d/init.d/named stop
   查看狀態
   # /etc/rc.d/init.d/named status
22.檢查配置文件及域文件
   # /usr/local/sbin/named-checkconf
   # /usr/local/sbin/named-checkzone domain1.net /var/named/domain1.net.zone

原文轉自：http://www.kjueaiud.com