![[PukiWiki]](image/pukiwiki.png "[PukiWiki]")
rpm -qa |grep bind rpm -qa |grep caching
http://www.isc.org/index.pl?/sw/bind/
make make test make install
groupadd named useradd named -g named -m -d /var/named -s /sbin/nologin
rndc-confgen -a -b 256 -k rndckey
mkdir /var/log/named chown named:named /var/log/named cd /var/log/named touch named.log chown named:named named.log
cd /var/named wget ftp://ftp.rs.internic.net/domain/named.root
!/bin/bash
#
# named This shell script takes care of starting and stopping
# named (BIND DNS server).
#
# chkconfig: - 55 45
# description: named (BIND) is a Domain Name Server (DNS) \
# that is used to resolve host names to IP addresses.
# probe: true
# Source function library.
. /etc/rc.d/init.d/functions
# Source networking configuration.
[ -r /etc/sysconfig/network ] && . /etc/sysconfig/network
RETVAL=0
prog="named"
# Check that networking is up.
[ "${NETWORKING}" = "no" ] && exit 0
[ -r /etc/sysconfig/named ] && . /etc/sysconfig/named
[ -x /usr/local/sbin/named ] || exit 0
[ -r ${ROOTDIR}/etc/named.conf ] || exit 0
start() {
# Start daemons.
if [ -n "`/sbin/pidof named`" ]; then
echo -n $"$prog: already running"
return 1
fi
echo -n $"Starting $prog: "
if [ -n "${ROOTDIR}" -a "x${ROOTDIR}" != "x/" ]; then
OPTIONS="${OPTIONS} -t ${ROOTDIR}"
fi
daemon /usr/local/sbin/named -u named ${OPTIONS}
RETVAL=$?
[ $RETVAL -eq 0 ] && touch /var/lock/subsys/named
echo
return $RETVAL
}
stop() {
# Stop daemons.
echo -n $"Stopping $prog: "
/usr/local/sbin/rndc stop
RETVAL=$?
[ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/named || {
killproc named
RETVAL=$?
[ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/named
echo
return $RETVAL
}
success
echo
return $RETVAL
}
rhstatus() {
/usr/local/sbin/rndc status
return $?
}
restart() {
stop
# wait a couple of seconds for the named to finish closing down
sleep 2
start
}
reload() {
echo -n $"Reloading $prog: "
/usr/local/sbin/rndc reload >/dev/null 2>&1 || /usr/bin/killall -HUP `/sbin/pidof -o %PPID named`
[ "$?" -eq 0 ] && success $"$prog reload" || failure $"$prog reload"
echo
return $?
}
probe() {
# named knows how to reload intelligently; we don't want linuxconf
# to offer to restart every time
/usr/local/sbin/rndc reload >/dev/null 2>&1 || echo start
return $?
}
# See how we were called.
case "$1" in
start)
start
;;
stop)
stop
;;
status)
rhstatus
;;
restart)
restart
;;
condrestart)
[ -e /var/lock/subsys/named ] && restart
;;
reload)
reload
;;
probe)
probe
;;
*)
echo $"Usage: $0 {start|stop|status|restart|condrestart|reload|probe}"
exit 1
esac
exit $?
couldn't open pid file '/var/run/named.pid
mkdir -p /chroot/named
cd /chroot/named
mkdir -p dev etc/namedb/slave var/run
cp -p /etc/named.conf /chroot/named/etc/
cp -a /var/named/* /chroot/named/etc/namedb/
chown -R named:named /chroot/named/etc/namedb/slave
mknod /chroot/named/dev/null c 1 3
mknod /chroot/named/dev/random c 1 8
chmod 666 /chroot/named/dev/{null,random}
cp /etc/localtime /chroot/named/etc/
cp /etc/rndc.* /chroot/named/etc/
chown root /chroot
chmod 700 /chroot
chown named:named /chroot/named
chmod 700 /chroot/named
http://www.linux.or.jp/JF/JFdocs/Chroot-BIND-HOWTO-1.html
couldn't install keys for command channel
cp /etc/rndc.* /chroot/named/etc/
/chroot/named/etc/namedb
pid-file "/var/run/named/named.pid";
mkdir /var/run/named/ chown named:named /var/run/named/
order hosts,bind multi on nospoof on
domainname hidekazu.dhs1.sst.ne.jp nameserver 192.168.100.1 nameserver 192.168.100.2 nameserver 192.168.100.3http://www.linux.or.jp/JM/html/LDP_man-pages/man5/resolv.conf.5.html
zone "hidekazu.dhs1.sst1.ne.jp" IN {
type master;
file "hidekazu.zone";
};
zone "100.168.192.in-addr.arpa" IN {
type master;
file "hidekazu.rev";
};$TTL 86400
@ IN SOA dns.hidekazu.dhs1.sst.ne.jp. root.hidekazu.dhs1.sst.ne.jp. (
2004111702 ; serial
3600 ; refresh 1hr
900 ; retry 15min
604800 ; expire 1w
86400 ; min 24hr
)
IN NS dns.hidekazu.dhs1.sst.ne.jp.
dns IN A 192.168.100.4
hidekazu IN A 192.168.100.14$TTL 86400
@ IN SOA dns.hidekazu.dhs1.sst.ne.jp. root.hidekazu.dhs1.sst.ne.jp. (
2004111702 ; serial
3600 ; refresh 1hr
900 ; retry 15min
604800 ; expire 1w
86400 ; min 24hr
)
IN NS dns.hidekazu.dhs1.sst.ne.jp.
4 IN PTR dns.hidekazu.dhs1.sst.ne.jp.
14 IN PTR hidekazu.hidekazu.dhs1.sst.ne.jp. named-checkzone xxxx.yyyy xxxx.yyyy.zone
root@hidekazu named]# /etc/init.d/named start
[root@hidekazu named]# /etc/init.d/named stop
view "lan" {
match-clients {
127.0.0.0/8;
192.168.0.0/24;
};
recursion no;
zone "." {
...
match-clients {
127.0.0.0/8;
192.168.0.0/24;
};
acl localnetwork {
192.168.1.0/24;
192.168.100.0/24;
127.0.0.1;
};
match-clients {
localnetwork;
};
options {
version "DNS Server";
query-source address * port 53;
}
zone "test.xxx" IN {
type master;
file "test.xxx.zone";
allow-transfer { none; };
allow-query { any; };
};
logging {
channel default-log {
file "/var/log/named/named.log" versions 3 size 10m;
severity info;
print-time yes;
print-severity yes;
print-category yes;
};
category lame-servers { null; };
category default { default-log; };
};
set q=ns server A.ROOT-SERVERS.NET. server a.root-servers.net. server A.DNS.jp
set q=ns server A.ROOT-SERVERS.NET. server NS.RIPE.NET.
dig www.yahoo.co.jp
;; QUESTION SECTION: ;www.yahoo.co.jp. IN A ;; ANSWER SECTION: www.yahoo.co.jp. 42 IN A 203.216.235.201
dig ahoo.co.jp NS
;; QUESTION SECTION: ;yahoo.co.jp. IN NS ;; ANSWER SECTION: yahoo.co.jp. 124 IN NS dnsg01.yahoo.co.jp.
dig @ns10.yahoo.co.jp www.yahoo.co.jp
dig @ns10.yahoo.co.jp yahoo.co.jp ANY
;; ANSWER SECTION: yahoo.co.jp. 900 IN MX 10 mx1.mail.yahoo.co.jp. yahoo.co.jp. 900 IN NS ns10.yahoo.co.jp. yahoo.co.jp. 900 IN TXT "v=spf1 include:spf01.yahoo.co.jp include:spf02.yahoo.co.jp ~all
dig @ns10.yahoo.co.jp yahoo.co.jp AXFR
;; global options: printcmd ; Transfer failed.
dig -x 203.216.235.201
;; ANSWER SECTION: 201.235.216.203.in-addr.arpa. 163 IN PTR f3.top.vip.tnz.yahoo.co.jp.
