- 论坛徽章:
- 0
|
内网是192.168.0.x,mail server是192.168.0.125.hostname是mail.funbsd.org.
/etc/hosts内容是127.0.0.1 mail.funbsd.org localhost
域名是funbsd.org 系统是红帽9
网关是192.168.0.1,mail server用的 dns是202.96.64.68(公网)
大致过程是:
1 下载bind-9.2.4rc4
2 解压,进入目录,./configure --prefix=/usr/local --mandir=/usr/local/share/man
make
make install
3这一步是比葫芦画葫芦,至于为什么我也不知道.
# ln -s /usr/local/sbin/rndc /usr/sbin/rndc
# ln -s /usr/local/sbin/named /usr/sbin/named
4
mkdir /usr/local/etc
mkdir /var/namedb
5 在/var/namedb下创建funbsd.org.zone localhost.rev localhost.zone named.0.168.192 named.conf 这5个文件.
options {
directory "/var/namedb";
pid-file"named.pid";
};
zone "." IN {
type hint;
file "named.root";
};
zone "localhost" IN {
type master;
file "localhost.zone";
};
zone "0.0.127.in-addr.arpa" IN {
type master;
file "localhost.rev";
notify no;
};
zone "0.168.192.in-addr.arpa" IN {
type master;
file "named.0.168.192";
notify no;
};
zone "funbsd.org" IN {
type master;
file "funbsd.org.zone";
};
本地反解
[root@mail namedb]# vi localhost.rev
$TTL 86400
$ORIGIN localhost.
@ 1D IN SOA @ root (
42;
3H;
15M;
1W;
1D);
@ IN NS localhost.
1 IN PTR localhost.
本地正解
[root@mail namedb]# vi localhost.zone
$TTL 86400
@ IN SOA localhost. root.localhost. (
1997022700;
28800;
14400;
3600000;
86400
);
@ IN NS localhost.
localhost. IN A 127.0.0.1
正解
[root@mail namedb]# vi funbsd.org.zone
$TTL 86400
@ IN SOA mail.funbsd.org. postmaster.funbsd.org. (
2003061800;
28800;
14400;
3600000;
86400);
@ IN NS mail.funbsd.org.
@ IN MX 10 mail.funbsd.org.
mail IN A 192.168.0.125
反解
[root@mail namedb]# vi named.0.168.192
$TTL 86400
@ IN SOA mail.funbsd.org. postmaster.funbsd.org. (
2003061800;
28800;
14400;
3600000;
86400);
@ IN NS mail.funbsd.org.
125 IN PTR mail.funbsd.org.
下面创建rndc.conf文件
[root@mail namedb]# cd /usr/local/etc
[root@mail etc]# /usr/local/sbin/rndc-confgen >; rndc.conf
[root@mail etc]# ls
pear.conf rndc.conf
[root@mail etc]# vi rndc.conf
# Start of rndc.conf
key "rndc-key" {
algorithm hmac-md5;
secret "qBPNTxnJFqJmMj9l6qgg1g==";
};
options {
default-key "rndc-key";
default-server 127.0.0.1;
default-port 953;
};
# End of rndc.conf
# Use with the following in named.conf, adjusting the allow list as needed:
# key "rndc-key" {
# algorithm hmac-md5;
# secret "qBPNTxnJFqJmMj9l6qgg1g==";
# };
#
# controls {
# inet 127.0.0.1 port 953
# allow { 127.0.0.1; } keys { "rndc-key"; };
# };
# End of named.conf
root@mail etc]# tail -n10 rndc.conf | head -n9 | sed -e s/#\ //g >;>; /var/namedb/named.conf
打开/var/namedb/named.conf发现多了这些
key "rndc-key" {
algorithm hmac-md5;
secret "qBPNTxnJFqJmMj9l6qgg1g==";
};
controls {
inet 127.0.0.1 port 953
allow { 127.0.0.1; } keys { "rndc-key"; };
};
启动bind
[root@mail etc]# /usr/local/sbin/named -gc /usr/local/etc/named.conf &
[1] 25936
[root@mail etc]# Sep 21 16:38:11.008 starting BIND 9.2.4rc4 -gc /usr/local/etc/named.conf
Sep 21 16:38:11.009 using 1 CPU
Sep 21 16:38:11.049 loading configuration from '/usr/local/etc/named.conf'
Sep 21 16:38:11.057 no IPv6 interfaces found
Sep 21 16:38:11.076 listening on IPv4 interface lo, 127.0.0.1#53
Sep 21 16:38:11.096 listening on IPv4 interface eth0, 192.168.0.125#53
Sep 21 16:38:11.097 command channel listening on 127.0.0.1#953
Sep 21 16:38:11.116 ignoring config file logging statement due to -g option
Sep 21 16:38:11.150 running
敲入
/usr/local/sbin/rndc status 显示的却是这些!!
Sep 21 17:08:24.675 invalid command from 127.0.0.1#34600: bad auth
rndc: connection to remote host closed
This may indicate that the remote server is using an older version of
the command protocol, this host is not authorized to connect,
or the key is invalid.
请教我 的 bind哪里配错了么 ?我原来装系统的时候装了bind9.2.2,结果redhat-config-bind不好用,所以就rpm -e了,先删的是与之相关的config-cache什么的(具体名子我忘了),然后是bind9.安装时候先用./configure,make,make install, 然后又用带参数的configure了一下子,然后又make make install make clean的.难道这个导致问题的 发生?? |
|