RedHat Enterprise Linux 의 기본적으로 딸려 있는 bind를 설치 하는것을 해보도록 하죠.
1. 우선 필요한 패키지가 설치되어있는지 확인합시다. 없다면 설치하세요.
[code][root@Theeye /]# rpm -qa | grep bind
bind-libs-9.3.3-10.el5
bind-chroot-9.3.3-10.el5
bind-utils-9.3.3-10.el5
bind-9.3.3-10.el5[/code]
2. 필요한 디렉토리를 생성해 봅시다.
[code][root@Theeye /]# cd /var/named/chroot/
[root@Theeye chroot]# mkdir log
[root@Theeye chroot]# mkdir pid
[root@Theeye chroot]# chmod 770 log pid
[root@Theeye chroot]# mkdir zone
[root@Theeye chroot]# chgrp named *
[root@Theeye chroot]# cd zone
[root@Theeye zone]# mkdir global
[root@Theeye zone]# mkdir local
[root@Theeye zone]# chmod 750 *
[root@Theeye zone]# chgrp named *[/code]
3. /var/named/chroot/etc 밑에 named.conf 파일을 생성하여 다음의 내용을 적어 봅시다.
[code]/*
DOMAIN NAME SERVER CONFIGURATION by http://theeye.pe.kr
*/
options {
version “unknown”;
directory “/zone”;
allow-transfer {
127.0.0.1;
};
auth-nxdomain no;
listen-on-v6 { any; };
pid-file “/pid/named.pid”;
allow-query { any; };
notify no;
};
controls {
inet 127.0.0.1 port 953
allow { localhost; } keys { “rndc-key”; };
};
include “/etc/rndc.key”;
logging {
channel “query-log” {
file “/log/named.log”;
severity info;
print-category yes;
print-time yes;
};
//category queries { query-log; };
category lame-servers { null; };
category unmatched { null; };
category network { null; };
category notify { null; };
category update { null; };
};
/* a caching only nameserver config */
zone “.” IN {
type hint;
file “global/named.root”;
};
/* local network configuration */
zone “localhost” IN {
type master;
file “local/localhost.zone”;
allow-update { none; };
};
zone “0.0.127.in-addr.arpa” IN {
type master;
file “local/localnetwork.rev”;
allow-update { none; };
};[/code]
4. /var/named/chroot/zone/global 밑에 named.root 파일을 생성하여 다음을 적어봅시다.
[code]; This file holds the information on root name servers needed to
; initialize cache of Internet domain name servers
; (e.g. reference this file in the “cache . <file>”
; configuration file of BIND domain name servers).
;
; This file is made available by InterNIC
; under anonymous FTP as
; file /domain/named.root
; on server FTP.INTERNIC.NET
; -OR- RS.INTERNIC.NET
;
; last update: Jan 29, 2004
; related version of root zone: 2004012900
;
;
; formerly NS.INTERNIC.NET
;
. 3600000 IN NS A.ROOT-SERVERS.NET.
A.ROOT-SERVERS.NET. 3600000 A 198.41.0.4
;
; formerly NS1.ISI.EDU
;
. 3600000 NS B.ROOT-SERVERS.NET.
B.ROOT-SERVERS.NET. 3600000 A 192.228.79.201
;
; formerly C.PSI.NET
;
. 3600000 NS C.ROOT-SERVERS.NET.
C.ROOT-SERVERS.NET. 3600000 A 192.33.4.12
;
; formerly TERP.UMD.EDU
;
. 3600000 NS D.ROOT-SERVERS.NET.
D.ROOT-SERVERS.NET. 3600000 A 128.8.10.90
;
; formerly NS.NASA.GOV
;
. 3600000 NS E.ROOT-SERVERS.NET.
E.ROOT-SERVERS.NET. 3600000 A 192.203.230.10
;
; formerly NS.ISC.ORG
;
. 3600000 NS F.ROOT-SERVERS.NET.
F.ROOT-SERVERS.NET. 3600000 A 192.5.5.241
;
; formerly NS.NIC.DDN.MIL
;
. 3600000 NS G.ROOT-SERVERS.NET.
G.ROOT-SERVERS.NET. 3600000 A 192.112.36.4
;
; formerly AOS.ARL.ARMY.MIL
;
. 3600000 NS H.ROOT-SERVERS.NET.
H.ROOT-SERVERS.NET. 3600000 A 128.63.2.53
;
; formerly NIC.NORDU.NET
;
. 3600000 NS I.ROOT-SERVERS.NET.
I.ROOT-SERVERS.NET. 3600000 A 192.36.148.17
;
; operated by VeriSign, Inc.
;
. 3600000 NS J.ROOT-SERVERS.NET.
J.ROOT-SERVERS.NET. 3600000 A 192.58.128.30
;
; operated by RIPE NCC
;
. 3600000 NS K.ROOT-SERVERS.NET.
K.ROOT-SERVERS.NET. 3600000 A 193.0.14.129
;
; operated by ICANN
;
. 3600000 NS L.ROOT-SERVERS.NET.
L.ROOT-SERVERS.NET. 3600000 A 198.32.64.12
;
; operated by WIDE
;
. 3600000 NS M.ROOT-SERVERS.NET.
M.ROOT-SERVERS.NET. 3600000 A 202.12.27.33
; End of File[/code]
5. 방금 생성한 named.root 의 소유자를 변경합니다.
[code][root@Theeyeglobal]# chown named.root named.root[/code]
6. /var/named/chroot/zone/local 에 localhost.zone을 생성합니다.
[code]$TTL 86400
$ORIGIN localhost.
@ IN SOA @ root (
42 ; serial (d. adams)
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum
IN NS @
IN A 127.0.0.1[/code]
7. /var/named/chroot/zone/local 에 localnetwork.rev를 생성합니다.
[code]$TTL 86400
@ IN SOA localhost. root.localhost. (
2008011100 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS localhost.
;
1 IN PTR localhost.[/code]
8. 방금 생성한 두개의 파일 모두 그룹을 변경한다.
[code][root@Theeye local]# chgrp named *[/code]
9. 방화벽 설정에서 named의 tcp/udp 포트를 추가합니다.
[code][root@Theeye local]# setup
/*
Firewall configuration – Customize
Other ports에 다음을 추가
domain:tcp domain:udp
*/[/code]
10. 서버 실행해 봅시다.
[code][root@Theeye local]# service named start
Starting named: [ OK ][/code]
도메인 추가 방법은 찾아보면 많이 나올것이다 -_-a