本例中.Freebsd4.9+bind8+hcpost.com 域名 待升到bind9.2.3
首先我下载了一个最新的bind9.2.3.tar.gz.到/home/里
freebsd# tar zxvf bind9.2.3.tar.gz -C /usr/local
freebsd# cd bind9.2.3
freebsd# ./configure ---->;我没有prefix= 装的,默认启动文件在/usr/local/sbin里
freebsd# make
freebsd# make install
到此,bind9 已经安装完成.看一看版本现版本是多少.
freebsd# /usr/local/sbin/named -v
BIND 9.2.3
我的named.conf 配置文档在/etc/namedb 文件里. bind9 规定,如果要使用
rndc 来控制dns
必须先生成验证文件.rndc.conf 和密锁.
****注:这部最重要了.
freebsd# /usr/local/sbin/rndc-confgen >; /etc/rndc.conf 生成这个文件按你--prefix 而定.
(freebsd# /usr/local/sbin/named -g
Jan 11 11:56:45.075 starting BIND 9.2.3 -g
Jan 11 11:56:45.076 using 1 CPU
Jan 11 11:56:45.079 loading configuration from ‘/etc/named.conf‘
用这一条确定.你应该把/rndc.conf 生成到目录下.)
注:好象freebsd 要生成rndc.conf 文件.必须在/etc/rc.conf 加这一条,要不然.运行rndc-confgen屏目就一直不动了.解决方法是在/etc/rc.conf 加入
rand_irqs="3 14 15"
然后,
freebsd# /etc/netstart 从新加载rc.conf 文件,如果netstart不行.就reboot
生成的rndc.conf 大至如下.
freebsd# /usr/local/sbin/rndc-confgen
# Start of rndc.conf
key "rndc-key" {
algorithm hmac-md5;
secret "Cm9Lc0JG5wJcsoRj3PbKqw==";
};
options {
default-key "rndc-key";
default-server 127.0.0.1;
default-port 953;
};
# End of rndc.conf
# Use with the following in named.conf, adjusting the allow list as needed:
# key "rndc-key" {
# algorithm hmac-md5;
# secret "Cm9Lc0JG5wJcsoRj3PbKqw==";
# };
#
# controls {
# inet 127.0.0.1 port 953
# allow { 127.0.0.1; } keys { "rndc-key"; };
# };
# End of named.conf
打开刚在/etc/rndc.conf 文件.打# Use with the following in named.conf, adjusting the allow list as needed:
这行下的所有复制到
你的named.conf 文件里
偶的是.
freebsd# cat /etc/namedb/named.conf
options {
directory "/etc/namedb";
notify yes;
allow-transfer { 218.24.233.11; };---->;>;这个是只转发到我辅dns 上.
};
# Use with the following in named.conf, adjusting the allow list as needed:
key "rndc-key" {
algorithm hmac-md5;
secret "5hhmFj6S3Pn6EoDnOvlblg==";
};
controls {
inet 127.0.0.1 port 953
allow { 127.0.0.1; } keys { "rndc-key"; };
};
# End of named.conf
zone "." {
type hint;
file "named.root";
};
zone "0.0.127.IN-ADDR.ARPA" {
type master;
file "localhost.rev";
};
zone "hcpost.com" {
type master;
file "/etc/namedb/hosts/hcpost.com.hosts";
};
zone "233.24.218.in-addr.arpa" {
type master;
file "/etc/namedb/rev/218.24.233.rev";
};
完成,最后启动bind9 .
freebsd# /usr/local/sbin/named -c /etc/namedb/named.conf
测试rndc是否成功
freebsd# rndc status
number of zones: 5
debug level: 0
xfers running: 0
xfers deferred: 0
soa queries in progress: 0
query logging is OFF
server is up and running
出现如下.代表rndc 已经成功控制bind9
如果想启动就加载.
可以在/usr/local/etc/rc.d/ 写一个.sh 脚本文件,小弟就简单了.
vi /usr/local/etc/rc.d/startbind.sh
加入
#!/bin/sh
/usr/local/sbin/named -c /etc/namedb/named.conf