本文主要介紹bind結合mysql實現智能dns,以centos-6 32爲例安裝(原文爲編譯安裝,我搭建的是yum安裝!結合以前的DNS環境部署)
注:bind 9.4.0以後的版本都已經打了dlz的補丁了!php
yum install gcc gcc-c++ openssl-devel wget ncurses-devel make groupadd mysql useradd -g mysql mysql -s /sbin/nologin cd /tmp wget http://cdn.mysql.com/Downloads/MySQL-5.1/mysql-5.1.65.tar.gz tar xzf mysql-5.1.65.tar.gz cd mysql-5.1.65 ./configure --prefix=/usr/local/mysql/ --without-pthread --with-unix-socket-path=/tmp/mysql.sock --with-extra-charsets=gbk,gb2312,utf8 make make install cp support-files/my-medium.cnf /etc/my.cnf /usr/local/mysql/bin/mysql_install_db --user=mysql chown -R root.mysql /usr/local/mysql chown -R mysql /usr/local/mysql/var cp support-files/mysql.server /etc/init.d/mysqld chown root.root /etc/rc.d/init.d/mysqld chmod 755 /etc/rc.d/init.d/mysqld chkconfig --add mysqld chkconfig mysqld on ln -s /usr/local/mysql/bin/mysql /usr/bin ln -s /usr/local/mysql/bin/mysqladmin /usr/bin service mysqld start mysqladmin -u root password root
cd /tmp wget http://ftp.isc.org/isc/bind9/cur/9.9/bind-9.9.1-P2.tar.gz tar xzf bind-9.9.1-P2.tar.gz cd bind-9.9.1-P2 ./configure --prefix=/usr/local/bind/ --disable-openssl-version-check --with-dlz-mysql=/usr/local/mysql make make install
cd /usr/local/bind/etc ../sbin/rndc-confgen -r /dev/urandom >rndc.conf tail -n10 rndc.conf | head -n9 | sed -e s/#\//g>named.conf
vi named.conf
在後面增長:mysql
include "/usr/local/bind/etc/CHINANET.acl"; //聯通ACL include "/usr/local/bind/etc/CNC.acl"; //電信ACL include "/usr/local/bind/etc/view.conf"; //DLZ相關的配置
注:經過以下網址進行實時更新篩選
https://tsov.net/uupee/22325/
http://ftp.apnic.net/apnic/stats/apnic/delegated-apnic-latestc++
其中須要修改的字段爲user=root pass=root,即此處mysql用戶爲root,密碼爲root。sql
view "CHINANET_view" { match-clients { CHINANET; }; allow-query-cache { none; }; allow-recursion { none; }; allow-transfer { none; }; recursion no; dlz "Mysql zone" { database "mysql {host=127.0.0.1 dbname=dns_data ssl=false port=3306 user=root pass=root} {select zone from dns_records where zone = '$zone$' and view = 'any' limit 1} {select ttl,type,mx_priority,case when lower(type)='txt' then concat('\"',data,'\"') when lower(type) = 'soa' then concat_ws(' ', data, resp_person, serial, refresh, retry, expire, minimum) else data end as mydata from dns_records where zone = '$zone$' and host = '$record$' and view=(select view from dns_records where zone = '$zone$' and host = '$record$' and (view='CHINANET' or view='any') order by priority asc limit 1)}"; }; }; view "CNC_view" { match-clients { CNC; }; allow-query-cache { none; }; allow-recursion { none; }; allow-transfer { none; }; recursion no; dlz "Mysql zone" { database "mysql {host=127.0.0.1 dbname=dns_data ssl=false port=3306 user=root pass=root} {select zone from dns_records where zone = '$zone$' and view = 'any' limit 1} {select ttl,type,mx_priority,case when lower(type)='txt' then concat('\"',data,'\"') when lower(type) = 'soa' then concat_ws(' ', data, resp_person, serial, refresh, retry, expire, minimum) else data end as mydata from dns_records where zone = '$zone$' and host = '$record$' and view=(select view from dns_records where zone = '$zone$' and host = '$record$' and (view='CNC' or view='any') order by priority asc limit 1)}"; }; }; view "any_view" { match-clients { any; }; allow-query-cache { none; }; allow-recursion { none; }; allow-transfer { none; }; recursion no; dlz "Mysql zone" { database "mysql {host=127.0.0.1 dbname=dns_data ssl=false port=3306 user=root pass=root} {select zone from dns_records where zone = '$zone$' and view = 'any' limit 1} {select ttl,type,mx_priority,case when lower(type)='txt' then concat('\"',data,'\"') when lower(type) = 'soa' then concat_ws(' ',data,resp_person,serial,refresh,retry,expire,minimum) else data end as mydata from dns_records where zone = '$zone$' and host ='$record$' and view = 'any'}"; }; };
view "CNC_View" { match-clients { CNC; }; allow-query-cache { any; }; #allow-recursion { none; }; allow-transfer { none; }; recursion no; dlz "Mysql zone" { database "mysql {host=127.0.0.1 dbname=dns_data ssl=false port=3306 user=root pass=root} {select zone from dns_CNC where zone = '$zone$'} {select ttl, type, mx_priority, case when lower(type)='txt' then concat('\"', data, '\"') when lower(type) = 'soa' then concat_ws(' ', data, resp_person, serial, refresh, retry, expire, minimum) else data end from dns_CNC where zone = '$zone$' and host = '$record$'}"; }; }; view "CHINANET_View" { match-clients { CHINANET; }; allow-query-cache { any; }; #allow-recursion { none; }; allow-transfer { none; }; recursion no; dlz "Mysql zone" { database "mysql {host=127.0.0.1 dbname=dns_data ssl=false port=3306 user=root pass=root} {select zone from dns_CHINANET where zone = '$zone$'} {select ttl, type, mx_priority, case when lower(type)='txt' then concat('\"', data, '\"') when lower(type) = 'soa' then concat_ws(' ', data, resp_person, serial, refresh, retry, expire, minimum) else data end from dns_CHINANET where zone = '$zone$' and host = '$record$'}"; }; }; view "CMCC_View" { match-clients { CMCC; }; allow-query-cache { any; }; #allow-recursion { none; }; allow-transfer { none; }; recursion no; dlz "Mysql zone" { database "mysql {host=127.0.0.1 dbname=dns_data ssl=false port=3306 user=root pass=root} {select zone from dns_CMCC where zone = '$zone$'} {select ttl, type, mx_priority, case when lower(type)='txt' then concat('\"', data, '\"') when lower(type) = 'soa' then concat_ws(' ', data, resp_person, serial, refresh, retry, expire, minimum) else data end from dns_CMCC where zone = '$zone$' and host = '$record$'}"; }; }; view "OTHER_View" { match-clients { OTHER; }; allow-query-cache { any; }; #allow-recursion { none; }; allow-transfer { none; }; recursion no; dlz "Mysql zone" { database "mysql {host=127.0.0.1 dbname=dns_data ssl=false port=3306 user=root pass=root} {select zone from dns_OTHER where zone = '$zone$'} {select ttl, type, mx_priority, case when lower(type)='txt' then concat('\"', data, '\"') when lower(type) = 'soa' then concat_ws(' ', data, resp_person, serial, refresh, retry, expire, minimum) else data end from dns_OTHER where zone = '$zone$' and host = '$record$'}"; }; };
mysql>create database dns_data; //建立數據庫名爲 dns_data mysql>use dns_data; DROP TABLE IF EXISTS `dns_records`; CREATE TABLE `dns_records` ( `id` int(10) unsigned NOT NULL auto_increment, `zone` varchar(255) NOT NULL, `host` varchar(255) NOT NULL default '@', `type` enum('MX','CNAME','NS','SOA','A','PTR') NOT NULL, `data` varchar(255) default NULL, `ttl` int(11) NOT NULL default '800', `view` char(20) default 'any', //any 表明默認,SOA 查詢需,其它能夠分,CNC…… `mx_priority` int(11) default NULL, `priority` int(3) default 255, //any爲255,其它如CNC,CHINANET等線路爲200 `refresh` int(11) NOT NULL default '3600', `retry` int(11) NOT NULL default '3600', `expire` int(11) NOT NULL default '86400', `minimum` int(11) NOT NULL default '3600', `serial` bigint(20) NOT NULL default '2008082700', `resp_person` varchar(64) NOT NULL default 'root.domain.com.', `primary_ns` varchar(64) NOT NULL default 'ns1.domain.com.', `data_count` int(11) NOT NULL default '0', PRIMARY KEY (`id`), KEY `type` (`type`), KEY `host` (`host`), KEY `zone` (`zone`) ) ENGINE=MyISAM AUTO_INCREMENT=1 DEFAULT CHARSET=gbk;
此處我使用phpMyadmin進行建立數據庫
mysql> describe dns_records; +-------------+------------+------+-----+---------+-------+ | Field | Type | Null | Key | Default | Extra | +-------------+------------+------+-----+---------+-------+ | zone | text | YES | | NULL | | | host | text | YES | | NULL | | | type | text | YES | | NULL | | | data | text | | | | | | ttl | int(11) | YES | | NULL | | | mx_priority | text | YES | | NULL | | | refresh | int(11) | YES | | NULL | | | retry | int(11) | YES | | NULL | | | expire | int(11) | YES | | NULL | | | minimum | int(11) | YES | | NULL | | | serial | bigint(20) | YES | | NULL | | | resp_person | text | YES | | NULL | | | primary_ns | text | YES | | NULL | | +-------------+------------+------+-----+---------+-------+ 13 rows in set (0.00 sec)
# /usr/local/bind/sbin/named -uroot -g -d 9 //調試狀態,若是沒有報錯說明環境配置正確。
作成啓動服務. Debug 的時候多用此模式啓動bind.centos
# /usr/local/bind/sbin/rndc reload 重載 named.conf 相關配置文件. # /usr/local/bind/sbin/named -uroot -c /usr/local/bind/etc/named.conf 啓動 bind 服務.
--SOA INSERT INTO `dns_records` (`zone`,`host`,`type`,`data`,`ttl`,`mx_priority`,`refresh`, `retry`,`expire`,`minimum`,`serial`,`resp_person`,`primary_ns`,`data_count`) VALUES ('centos.bz', '@','SOA','ns1.centos.bz.',10,NULL,3600,3600,86400,10,2008082700,'root.centos.bz.','ns1.centos.bz.', 0); --@ NS INSERT INTO `dns_records` (`zone`,`host`,`type`,`data`) VALUES ('centos.bz','@','NS','ns1.centos.bz.'),('centos.bz','@','NS','ns2.centos.bz.'); --NS A INSERT INTO `dns_records` (`zone`,`host`,`type`,`data`) VALUES ('centos.bz', 'ns1', 'A', '211.100.72.137'), ('centos.bz', 'ns2', 'A', '219.232.244.11'); --A INSERT INTO `dns_records` (`zone`, `host`, `type`, `data`, `ttl`, `view`,`priority`) VALUES ('centos.bz', 'www', 'A', '210.51.36.116', 3600, 'CNC',200), ('centos.bz', 'www', 'A','221.238.249.178', 3600, 'CHINANET',200), ('centos.bz', 'www', 'A', '211.103.156.230', 3600, 'any',255); --CNAME INSERT INTO dns_records (zone,host,type,DATA,view,priority) VALUES ('centos.bz', 'man', 'CNAME', 'www','CNC',200),('centos.bz', 'man', 'CNAME', 'www','CHINANET',200), ('centos.bz', 'man', 'CNAME', 'www','any',255);