下面是我转载的博文和链接

DNS服务器bind配置文件语法详解 

智能DNS系统服务规划与测试  BIND配置文件详解    view语法讲解 BIND 9 配置语法简介

注对于配置智能DNS主要用途为1、解决网通与电信问题 2、实现区域规划不同区域访问各自最近的服务器下面以解决网通与电信连接问题的配置。至于实现2的功能只需稍加更改即可。

一、DNS服务器安装......................................................................................... 1 

二、named.conf的配置....................................................................................... 2三、更新根区文件.......................................................................................... 3四、建立启动脚本.......................................................................................... 4 五、添加一个NS............................................................................................... 5六、添加一个域名.............................................................................................. 5附获取IP地址范围方法:................................................................................. 7

一、DNS服务器安装

1、 软件列表

BIND 9.3.2 2、 安装BIND 9安装BIND9# tar zxvf bind-9.3.2.tar.gz# cd bind-9.3.2# ./configure --prefix=/usr/local/named --disable-ipv6 # make && make install建立BIND用户# groupadd bind# useradd -g bind -d /usr/local/named -s /sbin/nologin bind创建配置文件目录# mkdir ?Cp /usr/local/named/etc# chown bind:bind /usr/local/named/etc# chmod 700 /usr/local/named/etc

二、named.conf的配置

创建主要的配置文件

# vi /usr/local/named/etc/named.conf===========================named.conf=======================acl "trust-lan" { 127.0.0.1/8; 192.168.0.0/16;};options { directory "/usr/local/named/etc/";  //启动服务器的目录pid-file "/var/run/named/named.pid";version "0.0.0";            //服务器的真实版本号datasize 40M; allow-transfer { "trust-lan";};recursion yes;   //是否代表客户机查询其他DNS服务器allow-notify { "trust-lan";};allow-recursion { "trust-lan";};auth-nxdomain no;forwarders {                  //指向外部转发器211.162.106.9;211.162.106.254;};};logging {             //指定日志记录分类和他们的目标位置channel warning{ file "/var/log/named/dns_warnings" versions 3 size 1240k;severity warning;print-category yes; print-severity yes;print-time yes;};channel general_dns{ file "/var/log/named/dns_logs" versions 3 size 1240k;severity info;print-category yes;print-severity yes;print-time yes; };category default { warning; };category queries { general_dns; };};zone "." { type hint;file "named.root";};acl "CNC" { 58.16.0.0/16 ;58.17.0.0/17;58.17.128.0/17;58.18.0.0/16;58.19.0.0/16;58.20.0.0/16;58.21.0.0/16;

61.45.0.0/16;

注这些根据情况输入IP地址段};view "view_cnc" { match-clients { CNC; };zone "." { type hint;file "named.root"; };zone "0.0.127.IN-ADDR.ARPA" { type master;file "localhost.rev";};include "master/cnc.def";   将其他文件包含到本配置文件当中};view "view_any" { match-clients { any; };zone "." { type hint;file "named.root";};zone "0.0.127.IN-ADDR.ARPA" { type master;file "localhost.rev";};include "master/telecom.def";};添加完成后保存。

三、更新根区文件

# cd /usr/local/named/etc/

# wget 创建PID和日志文件# mkdir /var/run/named/# chmod 777 /var/run/named/ # chown bind:bind /var/run/named/# mkdir /var/log/named/# touch /var/log/named/dns_warnings# touch /var/log/named/dns_logs# chown bind:bind /var/log/named/*# mkdir master# touch master/cnc.def# touch master/telecom.def生成rndc-key# cd /usr/local/named/etc/# ../sbin/rndc-confgen > rndc.conf把rndc.conf中# Use with the following in named.conf, adjusting the allow list as needed:后面以的部分加到/usr/local/named/etc/named.conf中并去掉注释 运行测试# /usr/local/named/sbin/named -gc /usr/local/named/etc/named.conf &状态检查# /usr/local/named/sbin/rndc status

四、建立启动脚本

# vi /etc/init.d/named

============================== named.sh============================ #!/bin/bash## named     a network name service.### chkconfig: 545 35 75# description: a name server#if [ `id -u` -ne 0 ]thenecho "ERROR:For bind to port 53,must run as root." exit 1ficase "$1" instart)if [ -x /usr/local/named/sbin/named ]; then/usr/local/named/sbin/named -u bind -c /usr/local/named/etc/named.conf && echo . && echo 'BIND9 server started.' fi;;stop)kill `cat /var/run/named/pid` && echo . && echo 'BIND9 server stopped.';;restart)echo .echo "Restart BIND9 server"$0 stopsleep 10$0 start;; *)echo "$0 start | stop | restart";;esac===============================named.sh============================# chmod 755 /etc/init.d/named# chown root:root /etc/init.d/named# chkconfig --add named # chkconfig named on

五、添加一个NS

    在域名的管理网站上设定NS服务器为你安装的DNS

六、添加一个域名

# cd /usr/local/named/etc/master

# mkdir cnc# mkdir telecom# vi cnc.def添加zone " 724cn.com" { type master;file "master/cnc/724cn.com";};# vi telecom.def添加zone "724cn.com" { type master;file "master/telecom/724cn.com"; };添加网通的解析解析到的IP为61.45.55.78#vi cnc/724cn.com添加$TTL 3600$ORIGIN 724cn.com.@ IN SOA ns.724cn.com. root.ns.724cn.com.(2005121013 ;Serial 3600 ; Refresh ( seconds )900 ; Retry ( seconds )68400 ; Expire ( seconds )15 );Minimum TTL for Zone ( seconds );@ IN NS ns.724cn.com.@ IN A 211.162.106.9www IN A 211.162.106.9;;end添加电信的解析解析到的IP为210.75.1.178#vi telecom/724cn.com添加$TTL 3600$ORIGIN 724cn.com.@ IN SOA ns.724cn.com. root.ns.724cn.com.(2005121013 ;Serial3600 ; Refresh ( seconds )900 ; Retry ( seconds )68400 ; Expire ( seconds )15 );Minimum TTL for Zone ( seconds ) ;@ IN NS ns.724cn.com.@ IN A 211.162.106.254www IN A 211.162.106.254;;end#/usr/local/named/sbin/rndc reload OK到此你的DNS服务器就算是跑起来了。试一下分别用网通和电信的线路ping一下吧.

附获取IP地址范围方法:1、 利用shell程序获取IP地址段

#!/bin/sh

FILE=/root/study/apnic/ip_apnicrm -f $FILEwget  -O $FILEgrep 'apnic|CN|ipv4|' $FILE | cut -f 4,5 -d'|'|sed -e 's/|/ /g' | while read ip cntdo    echo $ip:$cnt    mask=$(cat << EOF | bc | tail -1 pow=32;define log2(x) { if (x<=1) return (pow);pow--;return(log2(x/2));}log2($cnt)EOF)      echo $ip/$mask>> cn.net    NETNAME=`whois $ip@ whois.apnic.net | sed -e '/./{H;$!d;}' -e 'x;/netnum/!d' |grep ^netname | sed -e 's/.*:     \(.*\)/\1/g' | sed -e 's/-.*//g'`    case $NETNAME in    CNC)        echo $ip/$mask >> CNCGROUP     ;;    CHINANET|CNCGROUP)        echo $ip/$mask >> $NETNAME    ;;    CHINATELECOM)        echo $ip/$mask >> CHINANET    ;;    *)        echo $ip/$mask >> OTHER     ;;    esacdone

2、 可以利用网上的资料下面是最新的信息然后利awk行成地址段即可。

wget  新的网通路由表

wget  新的电信路由表

本文来自CSDN博客转载请标明出处