- 论坛徽章:
- 0
|
安装DNS服务器
1、从www.isc.org下载bind 域名服务器软件。我们这里用的是bind8.3.0,bind8分支和bind9分支是并行发展的。根据自己的实际情况选择合适的bind版本。
2、mkdir /usr/src/bind83
3、下载的文件叫bind-src.tar.gz,复制到/usr/local/src/bind83目录下。
4、cd /usr/local/src/bind83
5、tar zxvf bind-src.tar.gz
6、cd src
7、make stdlinks
8、make clean
9、make depend
10、make all
11、make install
12、编辑配置文件:/etc/named.conf内容如下,需要更改的部分用黑体标出:
/*
* This is a worthless, nonrunnable example of a named.conf file that has
* every conceivable syntax element in use. We use it to test the parser.
* It could also be used as a conceptual template for users of new features.
*/
/*
* C-style comments are OK
*/
// So are C++-style comments
# So are shell-style comments
// watch out for ";" -- it's important!
options {
directory "/var/named";
// use current directory
named-xfer "/usr/libexec/named-xfer";
// _PATH_XFER
dump-file "named_dump.db";
// _PATH_DUMPFILE
pid-file "/var/run/named.pid";
// _PATH_PIDFILE
statistics-file "named.stats";
// _PATH_STATS
memstatistics-file "named.memstats";
// _PATH_MEMSTATS
check-names master fail;
check-names slave warn;
check-names response ignore;
host-statistics no;
deallocate-on-exit no;
// Painstakingly deallocate all
// objects when exiting instead of
// letting the OS clean up for us.
// Useful a memory leak is suspected.
// Final statistics are written to the
// memstatistics-file.
datasize default;
stacksize default;
coresize default;
files unlimited;
recursion yes;
fetch-glue yes;
fake-iquery no;
notify yes;
// send NOTIFY messages. You can set
// notify on a zone-by-zone
// basis in the "zone" statement
// see (below)
serial-queries 4;
// number of parallel SOA queries
// we can have outstanding for master
// zone change testing purposes
auth-nxdomain yes;
// always set AA on NXDOMAIN.
// don't set this to 'no' unless
// you know what you're doing -- older
// servers won't like it.
multiple-cnames no;
// if yes, then a name my have more
// than one CNAME RR. This use
// is non-standard and is not
// recommended, but it is available
// because previous releases supported
// it and it was used by large sites
// for load balancing.
allow-query { any; };
allow-transfer { any; };
transfers-in 10;
// DEFAULT_XFERS_RUNNING, cannot be
// set > than MAX_XFERS_RUNNING (20)
transfers-per-ns 2;
// DEFAULT_XFERS_PER_NS
transfers-out 0;
// not implemented
max-transfer-time-in 120;
// MAX_XFER_TIME; the default number
// of minutes an inbound zone transfer
// may run. May be set on a per-zone
// basis.
transfer-format one-answer;
query-source address * port *;
/*
* The "forward" option is only meaningful if you've defined
* forwarders. "first" gives the normal BIND
* forwarding behavior, i.e. ask the forwarders first, and if that
* doesn't work then do the full lookup. You can also say
* "forward only;" which is what used to be specified with
* "slave" or "options forward-only". "only" will never attempt
* a full lookup; only the forwarders will be used.
*/
forward first;
forwarders { };
// default is no forwarders
topology { localhost; localnets; };
// prefer local nameservers
listen-on port 53 { any; };
// listen for queries on port 53 on
// any interface on the system
// (i.e. all interfaces). The
// "port 53" is optional; if you
// don't specify a port, port 53
// is assumed.
/*
* Interval Timers
*/
cleaning-interval 60;
// clean the cache of expired RRs
// every 'cleaning-interval' minutes
interface-interval 60;
// scan for new or deleted interfaces
// every 'interface-interval' minutes
statistics-interval 60;
// log statistics every
// 'statistics-interval' minutes
maintain-ixfr-base no;
// If yes, keep transaction log file for IXFR
max-ixfr-log-size 20;
// Not implemented, maximum size the
// IXFR transaction log file to grow
};
/*
* Control listeners, for "ndc". Every nameserver needs at least one.
*/
controls {
inet * port 52 allow { any; };
// a bad idea
unix "/var/run/ndc" perm 0600 owner 0 group 0;
// the default
};
zone "rd.21vianet.com" in {
type master;
// what used to be called "primary"
file "rd.21vianet.com.db";
check-names fail;
allow-update { none; };
allow-transfer { any; };
allow-query { any; };
// notify yes;
// send NOTIFY messages for this
// zone? The global option is used
// if "notify" is not specified
// here.
also-notify { };
// don't notify any nameservers other
// than those on the NS list for this
// zone
};
zone "223.99.211.in-addr.arpa" in {
type master;
// what used to be called "secondary"
file "211.99.223.db";
};
zone "0.0.127.in-addr.arpa" in {
type master;
file "127.0.0.db";
};
zone "." in {
type hint;
// used to be specified w/ "cache"
file "named.root";
};
logging {
/*
* All log output goes to one or more "channels"; you can make as
* many of them as you want.
*/
channel syslog_errors {
// this channel will send errors or
syslog user;
// or worse to syslog (user facility)
severity error;
};
category parser {
syslog_errors;
// you can log to as many channels
default_syslog;
// as you want
};
category lame-servers { null; };
// don't log these at all
channel moderate_debug {
severity debug 3;
// level 3 debugging to file
file "foo";
// foo
print-time yes;
// timestamp log entries
print-category yes;
// print category name
print-severity yes;
// print severity level
/*
* Note that debugging must have been turned on either
* on the command line or with a signal to get debugging
* output (non-debugging output will still be written to
* this channel).
*/
};
/*
* If you don't want to see "zone XXXX loaded" messages but do
* want to see any problems, you could do the following.
*/
channel no_info_messages {
syslog;
severity notice;
};
category load { no_info_messages; };
/*
* You can also define category "default"; it gets used when no
* "category" statement has been given for a category.
*/
category default {
default_syslog;
moderate_debug;
};
};
13、在/var/named/中生成/etc/named.conf中标记的文件:rd.21vianet.com.db,内容如下,需要修改和调整相应部分:
;Authoriative data for rd.21vianet.com
;
$TTL 3600
@ IN SOA compaq.rd.21vianet.com. tandongyu.rd.21vianet.com. (
20020101 ;Serial
3600 ;Refresh 1 hour
900 ;Retry 15 mins
604800 ;Expire 7 days
86400) ;Mini 24 hours
;Name server NS records
@ IN NS compaq.rd.21vianet.com.
;Mail Exchange (MX) records
rd.21vianet.com. IN MX 0 compaq
;Address (A) records.
localhost IN A 127.0.0.1
compaq IN A 211.99.223.9
tls65 IN A 211.99.223.8
fbsd IN A 211.99.223.7
14、在/var/named/中生成/etc/named.conf中标记的文件:211.99.223.db,内容如下,你需要修改相应部分:
;
;
$TTL 3600
@ IN SOA compaq.rd.21vianet.com. tandongyu.rd.21vianet.com. (
20020101 ;Serial
3600 ;Refresh
900 ;Retry 15 mins
604800 ;Expire 7 days
86400) ;Mini 24 hours
;NameServer (NS) records
@ IN NS compaq.rd.21vianet.com.
;Address Point to Name (PTR) records
9 IN PTR compaq.rd.21vianet.com.
8 IN PTR tls65.rd.21vianet.com.
7 IN PTR fbsd.rd.21vianet.com.
15、在/var/named/中生成/etc/named.conf中标记的文件:127.0.0.db,内容如下,你需要修改相应部分:
; 0.0.127.in-addr.arpa
$TTL 3600
@ IN SOA compaq.rd.21vianet.com. tandongyu.rd.21vianet.com. (
20020101;serial
3600 ;refresh
1800 ;retry
604800 ;expiration
3600 ) ;minimum
IN NS compaq.rd.21vianet.com.
1 IN PTR localhost.
16、在/var/named/中生成/etc/named.conf中标记的文件:named.root,内容大致如下。该文件标记了14个域名服
务器。可以从ftp.rs.internic.net获得该文件的最新样本:named.hosts,然后改名成你需要的名字,比如:
named.root
; This file holds the information on root name servers needed to
; initialize cache of Internet domain name servers
; (e.g. reference this file in the "cache . "
; configuration file of BIND domain name servers).
;
; This file is made available by InterNIC registration services
; under anonymous FTP as
; file /domain/named.root
; on server
FTP.RS.INTERNIC.NET
; -OR- under Gopher at RS.INTERNIC.NET
; under menu InterNIC Registration Services (NSI)
; submenu InterNIC Registration Archives
; file named.root
;
; last update: Aug 22, 1997
; related version of root zone: 1997082200
;
;
; formerly NS.INTERNIC.NET
;
. 3600000 IN NS A.ROOT-SERVERS.NET.
A.ROOT-SERVERS.NET. 3600000 A 198.41.0.4
;
; formerly NS1.ISI.EDU
;
. 3600000 NS B.ROOT-SERVERS.NET.
B.ROOT-SERVERS.NET. 3600000 A 128.9.0.107
;
; formerly C.PSI.NET
;
. 3600000 NS C.ROOT-SERVERS.NET.
C.ROOT-SERVERS.NET. 3600000 A 192.33.4.12
;
; formerly TERP.UMD.EDU
;
. 3600000 NS D.ROOT-SERVERS.NET.
D.ROOT-SERVERS.NET. 3600000 A 128.8.10.90
;
; formerly NS.NASA.GOV
;
. 3600000 NS E.ROOT-SERVERS.NET.
E.ROOT-SERVERS.NET. 3600000 A 192.203.230.10
;
; formerly NS.ISC.ORG
;
. 3600000 NS F.ROOT-SERVERS.NET.
F.ROOT-SERVERS.NET. 3600000 A 192.5.5.241
;
; formerly NS.NIC.DDN.MIL
;
. 3600000 NS G.ROOT-SERVERS.NET.
G.ROOT-SERVERS.NET. 3600000 A 192.112.36.4
;
; formerly AOS.ARL.ARMY.MIL
;
. 3600000 NS H.ROOT-SERVERS.NET.
H.ROOT-SERVERS.NET. 3600000 A 128.63.2.53
;
; formerly NIC.NORDU.NET
;
. 3600000 NS I.ROOT-SERVERS.NET.
I.ROOT-SERVERS.NET. 3600000 A 192.36.148.17
;
; temporarily housed at NSI (InterNIC)
;
. 3600000 NS J.ROOT-SERVERS.NET.
J.ROOT-SERVERS.NET. 3600000 A 198.41.0.10
;
; housed in LINX, operated by RIPE NCC
;
. 3600000 NS K.ROOT-SERVERS.NET.
K.ROOT-SERVERS.NET. 3600000 A 193.0.14.129
;
; temporarily housed at ISI (IANA)
;
. 3600000 NS L.ROOT-SERVERS.NET.
L.ROOT-SERVERS.NET. 3600000 A 198.32.64.12
;
; housed in Japan, operated by WIDE
;
. 3600000 NS M.ROOT-SERVERS.NET.
M.ROOT-SERVERS.NET. 3600000 A 202.12.27.33
; End of File
17、我们还需要配置/etc/resolv.conf、/etc/hosts、/etc/hosts.conf文件以适应新的状况。
18、一切都结束后,用/usr/sbin/ndc start命令启动bind,同样的可用stop、restart、reload等命令参数操作。
19、启动后用nslookup命令(有的系统推荐使用dig命令)检验是否正确。如果出现错误,该命令将不能启动。一般的错误都是数据库文件或配置文件笔误所至。比如少个“.”或者文件明不正确等等。
(2) 安装sendmail服务器
1、从www.sendmail.org下载最新的版本(这个snedmail倒是有必要升级为最新的版本,因为它的升级主要是安全漏洞问题)。这里说明的是用的sendmail-8.12.2.tar.gz
2、cd /usr/local/src/
3、把文件下载到:/usr/local/src中
4、tar zxvf sendmail-8.12.2.tar.gz
5、cd /usr/local/src/sendmail-8.12.2
6、chmod go-w / /etc /etc/mail /usr /var /var/spool /var/spool/mqueue
7、chown root / /etc /etc/mail /usr /var /var/spool /var/spool/mqueue
8、cd /usr/local/src/sendmail-8.12.2/sendmail
9、sh Build
10、cd /usr/local/src/sendmail-8.12.2/cf/cf
11、建立文件sendmail.mc内容如下,你可根据需要修改相应部分。
divert(-1)
dnl This is the macro config file used to generate the /etc/sendmail.cf
dnl file. If you modify thei file you will have to regenerate the
dnl /etc/sendmail.cf by running this macro config through the m4
dnl preprocessor:
dnl m4 /etc/sendmail.mc > /etc/sendmail.cf
dnl You will need to have the Sendmail-cf pacage installed for this to work.
include(`/usr/local/src/sendmail-8.12.2/cf')
define(`confDEF_USER_ID',`8:12')
OSTYPE(`linux')
undefine(`UUCP_RELAY')
undefine(`BITNET_RELAY')
define(`confTO_CONNECT', `1m')
define(`confTRY_NULL_MX_LIST',true)
define(`confDONT_PROBE_INTERFACES',true)
define(`PROCMAIL_MAILER_PATH',`/usr/bin/procmail')
define(`SMART_HOST',compaq.rd.21vianet.com)
本文来自ChinaUnix博客,如果查看原文请点:http://blog.chinaunix.net/u/3865/showart_19238.html |
|
免费注册
发表于 2005-04-03 20:03