{"id":18641,"date":"2024-11-19T20:35:57","date_gmt":"2024-11-19T12:35:57","guid":{"rendered":"https:\/\/fwq.ai\/blog\/?p=18641"},"modified":"2024-11-19T20:35:57","modified_gmt":"2024-11-19T12:35:57","slug":"bind%e7%9a%84%e5%ae%89%e8%a3%85%e4%b8%8e%e8%af%a6%e7%bb%86%e9%85%8d%e7%bd%ae","status":"publish","type":"post","link":"https:\/\/fwq.ai\/blog\/18641\/","title":{"rendered":"Bind\u7684\u5b89\u88c5\u4e0e\u8be6\u7ec6\u914d\u7f6e"},"content":{"rendered":"

BInd\u7684\u5b98\u65b9\u7f51\u7ad9\uff1ahttps:\/\/www.isc.org\/downloads\/<\/p>\n

\u5b98\u65b9\u6587\u6863\uff1ahttp:\/\/ftp.isc.org\/isc\/bind9\/9.11.0-P3\/doc\/arm\/Bv9ARM.pdf<\/p>\n

 <\/p>\n

\u4e00\u3001\u6e90\u7801\u5b89\u88c5<\/h1>\n

\u4e0b\u8f7d\uff1abind-9.11.0-P3.tar.gz<\/p>\n

# tar xzf bind-9.11.0-P3.tar.gz\r\n# .\/configure --prefix=\/usr\/local\/named --enable-threads --enable-epoll \r\n--disable-openssl-version-check\r\n# .\/configure --help\uff0c\u53ef\u4ee5\u770b\u5230\u6709\u5f88\u591a\u7684\u914d\u7f6e\u9009\u9879\r\n# make\r\n# make install\r\n\r\n#\u4e3a\u4e86\u547d\u4ee4\u65b9\u4fbf\r\n# vim \/etc\/profile\r\nexport PATH=${PATH}:\/usr\/local\/named\/bin:\/usr\/local\/named\/sbin<\/pre>\n
\u00a0\u4e8c\u3001YUM\u7684\u5b89\u88c5<\/h1>\n
# yum list | grep ^bind<\/p>\n
\u53ef\u4ee5\u770b\u5230\u6709\u5f88\u591abind\u7684\u5b89\u88c5\u5305\uff0c\u5176\u4e2d\u81f3\u5c11\u9700\u8981\u5b89\u88c5\u4e09\u4e2a<\/p>\n
bind.x86_64\r\nbind-chroot.x86_64\r\nbind-utils.x86_64<\/pre>\n
\u8fd9\u91cc\u4e0d\u5728\u8be6\u7ec6\u4ecb\u7ecd\uff0c\u672c\u4eba\u63a8\u8350\u4f7f\u7528\u6e90\u7801\u5b89\u88c5\u3002<\/p>\n
\u4e09\u3001\u8be6\u7ec6\u914d\u7f6e<\/h1>\n
1\u3001ACL\u8bed\u53e5<\/b><\/h3>\n
ACL\u8bed\u53e5\u7684\u4f7f\u7528\u65b9\u6cd5\u53c2\u8003\uff1aBind\u4e2d\u5b9a\u4e49\u548c\u4f7f\u7528\u8bbf\u95ee\u63a7\u5236\u5217\u8868(ACL)\uff3b\u5fc5\u8bfb\uff3d\uff0c\u901a\u8fc7\u6587\u7ae0\u7684\u4e86\u89e3\u80fd\u591f\u5bf9ACL\u8bed\u53e5\u7684\u4f7f\u7528\u6709\u4e2a\u975e\u5e38\u6e05\u6670\u7684\u4e86\u89e3\u3002<\/p>\n
2\u3001controls<\/b>\u8bed\u53e5<\/b><\/h3>\n
controls\u8bed\u53e5\u7684\u4f7f\u7528\u65b9\u6cd5\u53c2\u8003\uff1aBind\u4e2d\u63a7\u5236\u8bed\u53e5 controls \u7684\u5b9a\u4e49\u548c\u4f7f\u7528\uff3b\u5fc5\u8bfb\uff3d<\/p>\n
3\u3001include\u8bed\u53e5<\/h3>\n
\u540c\u5176\u4ed6\u7684\u8bed\u8a00\u7684include\u529f\u80fd\u4e00\u6837\uff0c\u8fd9\u91cc\u4e0d\u4ecb\u7ecd\u3002<\/p>\n
4\u3001key\u8bed\u53e5<\/h3>\n
# \u4f7f\u7528\u8fd9\u4e2a\u547d\u4ee4\u751f\u6210rndc.key\r\n# rndc-confgen -r \/dev\/urandom -a<\/pre>\n
key \u8bed\u53e5\u5b9a\u4e49\u4e86\u4e00\u4e2a\u7528\u4e8eTSIG\u7684\u5171\u4eab\u5bc6\u5319\u3002
\nkey \u8bed\u53e5\u53ef\u4ee5\u51fa\u73b0\u5728\u914d\u7f6e\u6587\u4ef6\u7684\u5f00\u59cb\u6216\u8005\u5728\u4e00\u4e2aview\u8bed\u53e5\u4e2d\u3002\u5b9a\u4e49\u5728\u5f00\u59cb\u7684key\u8bed\u53e5\u53ef\u4ee5\u5728\u6240\u6709\u89c6\u56fe\u4e2d\u5e94\u7528\u3002\u5728controls\u8bed\u53e5\u4e2d\u4f7f\u7528\u7684key\u5fc5\u987b\u4e8b\u5148\u5b9a\u4e49\u5728\u6587\u4ef6\u7684\u5f00\u59cb\u3002
\nkey_id\uff0c\u4e5f\u53eb\u505a\u5bc6\u5319\u540d\uff0c\u662f\u786e\u8ba4\u4e00\u4e2a\u57df\u540d\u7684\u552f\u4e00\u5bc6\u5319\u3002\u53ef\u4ee5\u5728\u4e00\u4e2a\u201cserver\u201d\u8bed\u53e5\u4e2d\u4f7f\u7528\uff0c\u4f7f\u5f97\u53d1\u7ed9\u8fd9\u4e2a\u670d\u52a1\u5668\u7684\u8bf7\u6c42\u90fd\u4f1a\u7528\u8fd9\u4e2a\u5bc6\u5319\u8fdb\u884c\u52a0\u5bc6\uff0c\u6216\u8005\u7528\u4e8e\u786e\u8ba4\u6765\u81ea\u4e8e\u5730\u5740\u5339\u914d\u5217\u8868\u4e2d\u7684\u4e3b\u673a\u7684\u8bf7\u6c42\uff0c\u662f\u5426\u5df2\u7ecf\u7528\u8fd9\u4e2a\u540d\u5b57\u3001\u7b97\u6cd5\u548csecret\u7684\u5bc6\u5319\u8fdb\u884c\u4e86\u52a0\u5bc6\u3002
\nalgorithm_id \u662f\u4e00\u4e2a\u6807\u8bb0\u5b89\u5168\/\u9274\u5b9a\u7684\u5b57\u7b26\u4e32\u3002\u76ee\u524d\u552f\u4e00\u7531TSIG\u9274\u522b\u652f\u6301\u7684\u7b97\u6cd5\u662fhmac-md5\u3002secret_string \u662f\u7b97\u6cd5\u8981\u4f7f\u7528\u7684\u673a\u5bc6\u7ea7\uff0c\u662f\u4e00\u4e2a64\u4f4d\u7f16\u7801\u7684\u5b57\u7b26\u4e32\u3002<\/p>\n
5\u3001logging\u8bed\u53e5<\/h1>\n
bind\u4e2d\u65e5\u5fd7\u7684\u8bbe\u7f6e\u53c2\u8003\uff1abind\u4e2d\u65e5\u5fd7logging\u7684\u7528\u6cd5<\/p>\n
6\u3001lwres\u8bed\u53e5<\/h1>\n
\n
\n
\n
lwres\u8bed\u53e5\u628a\u540d\u5b57\u670d\u52a1\u5668\u914d\u7f6e\u6210\u4e3a\u4e00\u4e2a\u8f7b\u91cf\u7ea7\u7684\u89e3\u6790\u670d\u52a1\u5668\u3002\u53ef\u4ee5\u6709\u591a\u4e2alwres\u8bed\u53e5 \u914d\u7f6e\u8f7b\u91cf\u7ea7\u89e3\u6790\u670d\u52a1\u5668\u7684\u4e0d\u540c\u5c5e\u6027\u3002<\/p>\n
\u8bed\u6cd5\u683c\u5f0f\uff1a<\/p>\n
\n
\n
\n
lwres {\r\n    [ listen-on { ip_addr [port ip_port] ; [ ip_addr [port ip_port] ; ... ] }; ]\r\n    [ view view_name; ]\r\n    [ search { domain_name ; [ domain_name ; ... ] }; ]\r\n    [ ndots number; ]\r\n};<\/pre>\n<\/div>\n<\/div>\n<\/div>\n
    \n
  • listen-on\u8bed\u53e5\u6307\u5b9a\u4e00\u4e2a\u8f7b\u91cf\u7ea7\u89e3\u6790\u670d\u52a1\u80fd\u591f\u63a5\u53d7\u8bf7\u6c42\u7684\u5730\u5740(\u548c\u7aef\u53e3)\u7684\u540d\u5355\u3002\u5982\u679c\u6ca1\u6709\u6307\u5b9a\u7aef\u53e3, \u5c31\u4f7f\u7528921\u7aef\u53e3\u3002\u5982\u679c\u8fd9\u4e2a\u8bed\u53e5\u88ab\u7701\u7565,\u8bf7\u6c42\u5c06\u5728\u5730\u5740127.0.0.1\u7684921\u7aef\u53e3\u88ab\u63a5\u53d7\u3002<\/li>\n
  • view\u8bed\u53e5\u5c06\u4e00\u4e2a\u8f7b\u91cf\u7ea7\u89e3\u6790\u670d\u52a1\u7ed1\u5b9a\u5230DNS\u540d\u5b57\u7a7a\u95f4\u7684\u89c6\u56fe,\u8fd9\u6837\u54cd\u5e94\u5c31\u4f1a\u4ee5\u4e0e\u8fd9\u4e2a\u89c6\u56fe\u6240\u5339\u914d\u7684 \u666e\u901aDNS\u8bf7\u6c42\u540c\u6837\u7684\u65b9\u5f0f\u88ab\u6784\u9020\u3002\u5982\u679c\u8fd9\u4e2a\u8bed\u53e5\u88ab\u7701\u7565,\u5c31\u4f7f\u7528\u7f3a\u7701\u89c6\u56fe,\u5982\u679c\u6ca1\u6709\u7f3a\u7701\u89c6\u56fe,\u5c31\u89e6 \u53d1\u4e00\u4e2a\u9519\u8bef\u3002<\/li>\n
  • search\u8bed\u53e5\u4e0e\/etc\/resolv.conf \u4e2d\u7684search\u8bed\u53e5\u7b49\u6548\u3002\u5b83\u63d0\u4f9b\u4e00\u4e2a\u8ffd\u52a0\u5230\u8bf7\u6c42\u4e2d\u7684\u76f8\u5bf9\u540d\u5b57\u7684\u57df\u540d \u5217\u8868\u3002<\/li>\n
  • ndots\u8bed\u53e5\u4e0e\/etc\/resolv.conf\u4e2d\u7684ndots\u8bed\u53e5\u7b49\u6548\u3002\u5b83\u6307\u793a\u5728\u4e00\u4e2a\u76f8\u5bf9\u57df\u540d\u4e2d\u7684\u70b9\u7684\u6700\u5c0f\u6570\u76ee, \u5c06\u5728\u8ffd\u52a0\u67e5\u627e\u8def\u5f84\u5143\u7d20\u4e4b\u524d\u4f5c\u4e00\u4e2a\u7cbe\u786e\u67e5\u627e\u3002<\/li>\n<\/ul>\n<\/div>\n<\/div>\n<\/div>\n
    7\u3001view<\/h1>\n
    \u53c2\u8003\u6587\u7ae0\uff1aBind\u4e2d\u7684view\u8bed\u53e5\u5b9a\u4e49\u548c\u7528\u6cd5<\/p>\n
    8\u3001zone<\/h1>\n
    \u53c2\u8003\u6587\u7ae0\uff1aBind\u4e2d\u7684zone\u8bed\u53e5\u7684\u5b9a\u4e49\u548c\u7528\u6cd5<\/p>\n
    9\u3001options<\/h1>\n
    \u53c2\u8003\u6587\u7ae0\uff1aBind\u4e2d\u7684 options \u8bed\u53e5\u5b9a\u4e49\u548c\u7528\u6cd5<\/p>\n
    10\u3001server<\/h1>\n
    11\u3001trusted-keys<\/h1>\n
    \u9644\u4ef6\uff1a\u672c\u4eba\u5728\u672c\u5730\u6d4b\u8bd5\u7684\u914d\u7f6e\u4e0b\u8f7d\uff1a<\/strong> named.conf.tar.gz<\/pre>\n
    \u56db\u3001\u542f\u52a8\u3001\u505c\u6b62\u3001\u91cd\u542f<\/h1>\n
    \u8fd9\u91cc\u6709\u4e00\u4e2a\u975e\u5e38\u7528\u7684\u547d\u4ee4\uff1a<\/p>\n
    # named -c \/usr\/local\/named\/etc\/named.conf -g\r\n# named\u9ed8\u8ba4\u662f\u4ee5daemon\u7684\u5f62\u5f0f\u8fd0\u884c\u7684\uff0c-g\u7684\u53c2\u6570\u8868\u793a\u524d\u7aef\u8fd0\u884c\uff0c\u8fd9\u6837\u770b\u5230\u542f\u52a8\u65f6\u7684\u9519\u8bef\u4fe1\u606f<\/pre>\n
    \u542f\u52a8<\/p>\n
    # named -c \/usr\/local\/named\/etc\/named.conf<\/pre>\n
    \u5982\u679c\u542f\u7528rndc\uff0c\u53ef\u7528\u4f7f\u7528rndc\u7684\u547d\u4ee4\u91cd\u65b0\u52a0\u8f7d\u914d\u7f6e\u3002<\/p>\n
    # rndc reload \/\/\u91cd\u65b0\u52a0\u8f7d\u914d\u7f6e\r\n# rndc stop  \/\/\u505c\u6b62\u670d\u52a1<\/pre>\n","protected":false},"excerpt":{"rendered":"
    BInd\u7684\u5b98\u65b9\u7f51\u7ad9\uff1ahttps:\/\/www.isc.org\/downloads\/ \u5b98\u65b9\u6587\u6863\uff1ahttp:\/\/ftp.isc.org\/isc\/bind9\/9.11.0-P3\/doc\/arm\/Bv9ARM.pdf   \u4e00\u3001\u6e90\u7801\u5b89\u88c5 \u4e0b\u8f7d\uff1abind-9.11.0-P3.tar.gz # tar xzf bind-9.11.0-P3.tar.gz # .\/configure –prefix=\/usr\/local\/named –enable-threads –enable-epoll –disable-openssl-version-check # .\/configure –help\uff0c\u53ef\u4ee5\u770b\u5230\u6709\u5f88\u591a\u7684\u914d\u7f6e\u9009\u9879 # make # make install #\u4e3a\u4e86\u547d\u4ee4\u65b9\u4fbf # vim \/etc\/profile export PATH=${PATH}:\/usr\/local\/named\/bin:\/usr\/local\/named\/sbin \u00a0\u4e8c\u3001YUM\u7684\u5b89\u88c5 # yum list | grep ^bind \u53ef\u4ee5\u770b\u5230\u6709\u5f88\u591abind\u7684\u5b89\u88c5\u5305\uff0c\u5176\u4e2d\u81f3\u5c11\u9700\u8981\u5b89\u88c5\u4e09\u4e2a bind.x86_64 bind-chroot.x86_64 bind-utils.x86_64 \u8fd9\u91cc\u4e0d\u5728\u8be6\u7ec6\u4ecb\u7ecd\uff0c\u672c\u4eba\u63a8\u8350\u4f7f\u7528\u6e90\u7801\u5b89\u88c5\u3002 \u4e09\u3001\u8be6\u7ec6\u914d\u7f6e 1\u3001ACL\u8bed\u53e5 ACL\u8bed\u53e5\u7684\u4f7f\u7528\u65b9\u6cd5\u53c2\u8003\uff1aBind\u4e2d\u5b9a\u4e49\u548c\u4f7f\u7528\u8bbf\u95ee\u63a7\u5236\u5217\u8868(ACL)\uff3b\u5fc5\u8bfb\uff3d\uff0c\u901a\u8fc7\u6587\u7ae0\u7684\u4e86\u89e3\u80fd\u591f\u5bf9ACL\u8bed\u53e5\u7684\u4f7f\u7528\u6709\u4e2a\u975e\u5e38\u6e05\u6670\u7684\u4e86\u89e3\u3002 2\u3001controls\u8bed\u53e5 controls\u8bed\u53e5\u7684\u4f7f\u7528\u65b9\u6cd5\u53c2\u8003\uff1aBind\u4e2d\u63a7\u5236\u8bed\u53e5 controls \u7684\u5b9a\u4e49\u548c\u4f7f\u7528\uff3b\u5fc5\u8bfb\uff3d 3\u3001include\u8bed\u53e5 \u540c\u5176\u4ed6\u7684\u8bed\u8a00\u7684include\u529f\u80fd\u4e00\u6837\uff0c\u8fd9\u91cc\u4e0d\u4ecb\u7ecd\u3002 4\u3001key\u8bed\u53e5 # \u4f7f\u7528\u8fd9\u4e2a\u547d\u4ee4\u751f\u6210rndc.key # rndc-confgen […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[8],"tags":[],"class_list":["post-18641","post","type-post","status-publish","format-standard","hentry","category-os"],"_links":{"self":[{"href":"https:\/\/fwq.ai\/blog\/wp-json\/wp\/v2\/posts\/18641","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/fwq.ai\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/fwq.ai\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/fwq.ai\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/fwq.ai\/blog\/wp-json\/wp\/v2\/comments?post=18641"}],"version-history":[{"count":1,"href":"https:\/\/fwq.ai\/blog\/wp-json\/wp\/v2\/posts\/18641\/revisions"}],"predecessor-version":[{"id":18642,"href":"https:\/\/fwq.ai\/blog\/wp-json\/wp\/v2\/posts\/18641\/revisions\/18642"}],"wp:attachment":[{"href":"https:\/\/fwq.ai\/blog\/wp-json\/wp\/v2\/media?parent=18641"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/fwq.ai\/blog\/wp-json\/wp\/v2\/categories?post=18641"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/fwq.ai\/blog\/wp-json\/wp\/v2\/tags?post=18641"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}