First let's setup the environment, this tutorial assumes you have no previous install of bind on the server.
mkdir -p /var/local/cache/bind
mkdir -p /usr/local/etc/bind
groupadd -g 5005 bind
useradd -u 5005 -g 5005 -d /var/local/cache/bind -M -s /bin/false bind
Now let's download the bind9 source code. This tutorial assumes you have the required dependencies installed. The only one I found tricky to locate was libkrb5-dev (on Debian you can install it with apt-get install libkrb5-dev)
cd /usr/src
wget http://ftp.isc.org/isc/bind9/cur/9.9/bind-9.9.5-P1.tar.gz
tar zxvf bind-9.9.5-P1.tar.gz
cd bind-9.9.5-P1
./configure '--enable-threads' '--enable-largefile''--with-libtool' '--enable-shared' '--enable-static' '--with-openssl= /usr' '--with-gssapi=/usr' '--with-gnu-ld' '--with-geoip=/usr' '--enable-ipv6' '--enable-rrl'
make
make install
wget --user=ftp --password=ftp ftp://ftp.rs.internic.net/domain/db.cache -O /usr/local/etc/bind/db.root
Last step is to install the configuration files and startup scripts.
rndc-confgen -a -c /usr/local/etc/bind/rndc.key
cat > /etc/named.conf <<EOT
include "/usr/local/etc/bind/rndc.key";
include "/usr/local/etc/bind/named.conf";
EOT
cat > /usr/local/etc/named.conf <<EOT
#
controls {
inet 127.0.0.1 port 953
allow { 127.0.0.1; 192.168.1.100; } keys { "rndc-key"; };
};
options {
directory "/var/local/cache/bind";
allow-new-zones yes;
transfers-in 500;
empty-zones-enable yes;
//forwarders { 8.8.8.8; 8.8.4.4; };
recursion yes;
//allow-transfer {"none";};
allow-query { any; };
allow-recursion { any; };
dnssec-validation auto;
auth-nxdomain no; # conform to RFC1035
listen-on-v6 { any; };
rate-limit {
responses-per-second 5;
#window 5;
#log-only yes;
};
};
zone "." {
type hint;
file "/usr/local/etc/bind/db.root";
};
EOT
chown bind:bind -R /var/local/cache/bind
chown bind:bind -R /usr/local/etc/bind
Please note the init.d scripts only work on Debian based systems. I do not have init.d scripts for any other distribution.
Download the init.d script here
Download the init.d default file here
Copy the init.d script to /etc/init.d/bind9
Copy the init.d default file to /etc/default/bind9
chmod +x /etc/init.d/bind9
/etc/init.d/bind9 start
No comments:
Post a Comment