下面介绍bind结合mysql实现智能dns,以centos-6 32为例安装
安装mysql
- yum install gcc gcc-c++ openssl-devel wget ncurses-devel make
- groupadd mysql
- useradd -g mysql mysql -s /sbin/nologin
- cd /tmp
- wget http://cdn.mysql.com/Downloads/MySQL-5.1/mysql-5.1.65.tar.gz
- tar xzf mysql-5.1.65.tar.gz
- cd mysql-5.1.65
- ./configure --prefix=/usr/local/mysql/ --without-pthread --with-unix-socket-path=/tmp/mysql.sock --with-extra-charsets=gbk,gb2312,utf8
- make
- make install
- cp support-files/my-medium.cnf /etc/my.cnf
- /usr/local/mysql/bin/mysql_install_db --user=mysql
- chown -R root.mysql /usr/local/mysql
- chown -R mysql /usr/local/mysql/var
- cp support-files/mysql.server /etc/init.d/mysqld
- chown root.root /etc/rc.d/init.d/mysqld
- chmod 755 /etc/rc.d/init.d/mysqld
- chkconfig --add mysqld
- chkconfig mysqld on
- ln -s /usr/local/mysql/bin/mysql /usr/bin
- ln -s /usr/local/mysql/bin/mysqladmin /usr/bin
- service mysqld start
- mysqladmin -u root password root
安装bind
- cd /tmp
- wget http://ftp.isc.org/isc/bind9/cur/9.9/bind-9.9.1-P2.tar.gz
- tar xzf bind-9.9.1-P2.tar.gz
- cd bind-9.9.1-P2
- ./configure --prefix=/usr/local/bind/ --disable-openssl-version-check --with-dlz-mysql=/usr/local/mysql
- make
- make install
配置bind
- cd /usr/local/bind/etc
- ../sbin/rndc-confgen -r /dev/urandom >rndc.conf
- tail -n10 rndc.conf | head -n9 | sed -e s/#\//g>named.conf
-
- vi named.conf
- 在后面增加:
- include "/usr/local/bind/etc/CHINANET.acl"; //联通ACL
- include "/usr/local/bind/etc/CNC.acl"; //电信ACL
- include "/usr/local/bind/etc/view.conf"; //DLZ相关的配置
下载acl文件:
- wget https://www.centos.bz/wp-content/uploads/2012/02/CHINANET.acl
- wget https://www.centos.bz/wp-content/uploads/2012/02/CNC.acl
view.conf内容:
其中需要修改的字段为user=root pass=root,即此处mysql用户为root,密码为root。
- view "CHINANET_view" {
- match-clients { CHINANET; };
- allow-query-cache { none; };
- allow-recursion { none; };
- allow-transfer { none; };
- recursion no;
-
- dlz "Mysql zone" {
- database "mysql
- {host=127.0.0.1 dbname=dns_data ssl=false port=3306 user=root pass=root}
- {select zone from dns_records where zone = '$zone$' and view = 'any' limit 1}
- {select ttl,type,mx_priority,case when lower(type)='txt' then concat('\"',data,'\"') when lower(type) = 'soa' then concat_ws(' ', data, resp_person, serial, refresh, retry, expire, minimum) else data end as mydata from dns_records where zone = '$zone$' and host = '$record$' and view=(select view from dns_records where zone = '$zone$' and host = '$record$' and (view='CHINANET' or) order by priority asc limit 1)}";
- };
- };
- view "CNC_view" {
- match-clients { CNC; };
- allow-query-cache { none; };
- allow-recursion { none; };
- allow-transfer { none; };
- recursion no;
-
- dlz "Mysql zone" {
- database "mysql
- {host=127.0.0.1 dbname=dns_data ssl=false port=3306 user=root pass=root}
- {select zone from dns_records where zone = '$zone$' and view = 'any' limit 1}
- {select ttl,type,mx_priority,case when lower(type)='txt' then concat('\"',data,'\"') when lower(type) = 'soa' then concat_ws(' ', data, resp_person, serial, refresh, retry, expire, minimum) else data end as mydata from dns_records where zone = '$zone$' and host = '$record$' and view=(select view from dns_records where zone = '$zone$' and host = '$record$' and (view='CNC' or) order by priority asc limit 1)}";
- };
- };
- view "any_view" {
- match-clients { any; };
- allow-query-cache { none; };
- allow-recursion { none; };
- allow-transfer { none; };
- recursion no;
-
- dlz "Mysql zone" {
- database "mysql
- {host=127.0.0.1 dbname=dns_data ssl=false port=3306 user=root pass=root}
- {select zone from dns_records where zone = '$zone$' and view = 'any' limit 1}
- {select ttl,type,mx_priority,case when lower(type)='txt' then concat('\"',data,'\"') when lower(type) = 'soa' then concat_ws(' ', data, resp_person, serial, refresh, retry, expire, minimum) else data end as mydata from dns_records where zone = '$zone$' and host = '$record$' and view = 'any'}";
- };
- };
数据库配置
- mysql>create database dns_data; //创建数据库名为 dns_data
- mysql>use dns_data;
- DROP TABLE IF EXISTS `dns_records`;
- CREATE TABLE `dns_records` (
- `id` int(10) unsigned NOT NULL auto_increment,
- `zone` varchar(255) NOT NULL,
- `host` varchar(255) NOT NULL default '@',
- `type` enum('MX','CNAME','NS','SOA','A','PTR') NOT NULL,
- `data` varchar(255) default NULL,
- `ttl` int(11) NOT NULL default '800',
- `view` char(20) default 'any', //any 代表默认,SOA 查询需,其它可以分,CNC……
- `mx_priority` int(11) default NULL,
- `priority` int(3) default 255, //any为255,其它如CNC,CHINANET等线路为200
- `refresh` int(11) NOT NULL default '3600',
- `retry` int(11) NOT NULL default '3600',
- `expire` int(11) NOT NULL default '86400',
- `minimum` int(11) NOT NULL default '3600',
- `serial` bigint(20) NOT NULL default '2008082700',
- `resp_person` varchar(64) NOT NULL default 'root.domain.com.',
- `primary_ns` varchar(64) NOT NULL default 'ns1.domain.com.',
- `data_count` int(11) NOT NULL default '0',
- PRIMARY KEY (`id`),
- KEY `type` (`type`),
- KEY `host` (`host`),
- KEY `zone` (`zone`)
- ) ENGINE=MyISAM AUTO_INCREMENT=1 DEFAULT CHARSET=gbk;
启动bind服务
# /usr/local/bind/sbin/named -uroot -g -d 9 //调试状态,如果没有报错说明环境配置正确。
做成启动服务. Debug 的时候多用此模式启动bind.
# /usr/local/bind/sbin/rndc reload 重载 named.conf 相关配置文件.
# /usr/local/bind/sbin/named -uroot -c /usr/local/bind/etc/named.conf 启动 bind 服务.
#插入记录的sql实例
- --SOA
-
- INSERT INTO `dns_records` (`zone`, `host`, `type`, `data`, `ttl`,`mx_priority`, `refresh`, `retry`, `expire`, `minimum`, `serial`, `resp_person`, `primary_ns`, `data_count`) VALUES ('centos.bz', '@', 'SOA', 'ns1.centos.bz.', 10, NULL, 3600, 3600, 86400, 10, 2008082700, 'root.centos.bz.', 'ns1.centos.bz.', 0);
-
- --@ NS
-
- INSERT INTO `dns_records` (`zone`, `host`, `type`, `data`) VALUES ('centos.bz', '@', 'NS', 'ns1.centos.bz.'), ('centos.bz', '@', 'NS', 'ns2.centos.bz.');
-
- --NS A
-
- INSERT INTO `dns_records` (`zone`, `host`, `type`, `data`) VALUES ('centos.bz', 'ns1', 'A', '211.100.72.137'), ('centos.bz', 'ns2', 'A', '219.232.244.11');
-
- --A
-
- INSERT INTO `dns_records` (`zone`, `host`, `type`, `data`, `ttl`, `view`,`priority`) VALUES ('centos.bz', 'www', 'A', '210.51.36.116', 3600, 'CNC',200), ('centos.bz', 'www', 'A', '221.238.249.178', 3600, 'CHINANET',200), ('centos.bz', 'www', 'A', '211.103.156.230', 3600, 'any',255);
-
- --CNAME
-
- INSERT INTO dns_records (zone,host,type,DATA,view,,priority) VALUES ('centos.bz', 'man', 'CNAME', 'www','CNC',200), ('centos.bz', 'man', 'CNAME', 'www','CHINANET',200), ('centos.bz', 'man', 'CNAME', 'www','any',255);
联通acl:https://www.centos.bz/wp-content/uploads/2012/02/CNC.acl
电信acl:https://www.centos.bz/wp-content/uploads/2012/02/CHINANET.acl