17 06 2020

先安裝相關所需套件

apt install build-essential pkg-config libuv1-dev python-ply python3-ply libssl-dev libcap-dev default-libmysqlclient-dev

建立使用者、群組

groupadd -r named
useradd -s /sbin/nologin -M -r -g named named

下載 Bind9 9.16.3

https://downloads.isc.org/isc/bind9/9.16.3/bind-9.16.3.tar.xz

解壓縮後,開始編譯與安裝

./configure --with-dlz-mysql --enable-largefile --prefix=/usr/local/bind --with-openssl
make
make install 

配置 Bind9

cd /usr/local/bind/etc
../sbin/rndc-confgen >rndc.conf
tail -n10 rndc.conf | head -n9 | sed -e 's/# //g' > named.conf
wget https://www.internic.net/domain/named.root
mkdir /usr/local/bind/log/
mkdir /usr/local/bind/db/

將以下內容附加於 named.conf

zone "." IN {
    type hint;
    file "/usr/local/bind/etc/named.root";
};

options {
        listen-on-v6 { any; };
        tcp-clients 50000;
        directory "/usr/local/bind/var";
        pid-file "/usr/local/bind/var/bind.pid";
        dump-file "/usr/local/bind/var/bind_dump.db";
        statistics-file "/usr/local/bind/var/bind.stats";
        rate-limit {
                nxdomains-per-second 3;
                window 1;
        };
        notify yes;
        recursion no;
        version "ooxx-bind:1.0.24";
        allow-notify       { none; };
        allow-recursion    { any; };
        allow-transfer     { none; };
        allow-query        { any; };
        additional-from-cache no;
};

logging {
        channel bind_log {
                file "/usr/local/bind/log/bind.log" versions 3 size 20m;
                severity info;
                print-time yes;
                print-severity yes;
                print-category yes;
        };
        category default {
                bind_log;
        };
};
zone "csie.online" in {
    type    master;
    file    "/usr/local/bind/db/csie.online/csie.online.db";
};

編輯 /usr/local/bind/db/csie.online/csie.online.db 內容

$TTL 60
$ORIGIN csie.online.
@            IN    SOA    csie.online. admin.csie.online. (
                2019111200 ; Serial
                300 ; Refresh
                300 ; Retry
                300 ; Expire
                60 ) ; Negative Cache TTL

@            IN    NS    ns1.csie.online.
@            IN    NS    ns2.csie.online.
@            IN    A    999.444.555.34
@            IN    AAAA    XXXX:1688:1688:1688::1688
@            IN    MX 10   mail.server.
*            IN    A    999.444.555.34
*            IN    AAAA    XXXX:1688:1688:1688::1688

將 bind 目錄賦予給 named 權限

chown named:named /usr/local/bind/ -R

建立開機啟動

vi /usr/lib/systemd/system/named.service

貼上以下內容

[Unit]
Description=Internet domain name server
After=network.target

[Service]
ExecStart=/usr/local/bind/sbin/named -f -u named
ExecReload=/usr/local/bind/sbin/rndc reload
ExecStop=/usr/local/bind/sbin/rndc stop

[Install]
WantedBy=multi-user.target
Alias=bind.service

設定開機啟動

systemctl enable named
systemctl start named
延伸閱讀
  1. 什麼是原生 IP?
  2. Debian 10 加入 sudo
  3. Debian 10 把 rc.local 加回來
  4. Debian 10 可以直接於 vim 中使用複製貼上
  5. 在 Debian 10 安裝 Wireguard (安全又快速的 VPN 隧道)
  6. 在 Debian 10 中增加 4G 連網 (本篇使用 wvdial)
更多閱讀
  1. 上一篇:什麼是原生 IP?
  2. 下一篇:沒有了
發表評論 搶頭香
評論已經關閉