bindview+dlz(mysql) - feral - 博客园


本站和网页 https://www.cnblogs.com/feral/p/6551707.html 的作者无关,不对其内容负责。快照谨为网络故障时之索引,不代表被搜索网站的即时页面。

bindview+dlz(mysql) - feral - 博客园
首页
新闻
博问
专区
闪存
班级
我的博客
我的园子
账号设置
简洁模式 ...
退出登录
注册
登录
feral
博客园
首页
新随笔
联系
订阅
管理
bindview+dlz(mysql)
系统准备
配置iptables
iptables -F
iptables -P OUTPUT ACCEPT
iptables -P FORWARD DROP
iptables -A INPUT -p tcp --dport 22 -j ACCEPT
iptables -P INPUT DROP
iptables -A INPUT -p tcp --dport 53 -j ACCEPT
iptables -A INPUT -p udp --dport 53 -j ACCEPT
iptables -A INPUT -p tcp --dport 3306 -j ACCEPT
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A INPUT -p icmp -j ACCEPT
iptables -A INPUT -i lo -p all -j ACCEPT
service iptables save
service iptables restart
关闭selinux
sed -i s/SELINUX=enforcing/SELINUX=disabled/g /etc/sysconfig/selinux
setenforce 0
安装配置mysql
二进制安装
yum -y install lrzsz
cd /usr/local/src
rz
tar zxvf mysql* -C /usr/local
cd /usr/local
ln -sv mysql* mysql
cd mysql
mkdir -pv /data/mysql
useradd -r -U -s /sbin/nologin -d /data/mysql mysql
chown mysql:mysql /data/mysql -R
chown mysql:mysql /usr/local/mysql -R
scripts/mysql_install_db --user=mysql --datadir=/data/mysql
chown -R root .
cp support-files/my-large.cnf /etc/my.cnf
core=`cat /proc/cpuinfo |grep "processor" |wc -l`
sed -i "s/thread_concurrency = 8/thread_concurrency = `expr 2 \* $core`/g" /etc/my.cnf
sed -i -e '/\[mysqld\]/a \datadir = \/data\/mysql' /etc/my.cnf
cp support-files/mysql.server /etc/rc.d/init.d/mysqld
chmod +x /etc/rc.d/init.d/mysqld
chkconfig mysqld on
ln -sv /usr/local/mysql/include /usr/include/mysql
echo '/usr/local/mysql/lib' > /etc/ld.so.conf.d/mysql.conf
ldconfig
echo -e 'PATH=/usr/local/mysql/bin:$PATH' >> /etc/profile
source /etc/profile
mysql建立表
service mysqld start
mysql_secure_ installation
mysql>create database dns_view;
mysql>use dns_view;
CREATE TABLE `dnstb` (
`id` int(10) unsigned NOT NULL auto_increment,
`zone` varchar(255) NOT NULL,
`host` varchar(255) NOT NULL default '@',
`type` enum('MX','CNAME','NS','SOA','A','PTR') NOT NULL,
`data` varchar(255) default NULL,
`ttl` int(11) NOT NULL default '600',
`view` char(20) default 'OP',
`mx_priority` int(11) default NULL,
`refresh` int(11) NOT NULL default '600',
`retry` int(11) NOT NULL default '3600',
`expire` int(11) NOT NULL default '86400',
`minimum` int(11) NOT NULL default '3600',
`serial` bigint(20) NOT NULL default '2011061200',
`resp_person` varchar(64) NOT NULL default 'root.foo.com.',
`primary_ns` varchar(64) NOT NULL default 'ns1.foo.com.',
`data_count` int(11) NOT NULL default '0',
PRIMARY KEY (`id`),
KEY `type` (`type`),
KEY `host` (`host`),
KEY `zone` (`zone`)
) ENGINE=MyISAM AUTO_INCREMENT=1 DEFAULT CHARSET=gbk;
mysql授权:
grant all privileges on dns_view.* to root@'172.16.1.104' identified by '123456';
安装配置bind9.11
编译安装bind9.11
yum -y install gcc zlib-devel perl
cd /usr/local/src
tar zxvf bind-9.11.0-P3.tar.gz
cd bind-9.11.0-P3
./configure --prefix=/usr/local/bind --with-dlz-mysql=/usr/local/mysql --enable-treads=no --enable-largefile --disable-ipv6 --with-openssl=no
make && make install
echo -e 'PATH=/usr/local/bind/bin:/usr/local/bind/sbin:$PATH' >> /etc/profile
source /etc/profile
配置rndc
cd /usr/local/bind/etc/
echo -e "ajksdfhiwurhi23y789asd8fh23bjkfasdf2iu3jkweafsdfl" > random
rndc-confgen -r random > rndc.conf
tail -n10 rndc.conf | head -n9 |sed -e s/#\//g > named.conf
配置bind
logging {
channel query_log {
file "/var/log/named.log" versions 3 size 20m;
severity info;
print-time yes;
print-category yes;
print-severity yes;
};
category queries {
query_log;
};
category lame-servers {
null;
};
};
options {
directory "/usr/local/bind/etc";
forwarders {119.29.29.29;8.8.8.8;};
forward only ;
pid-file "named.pid";
allow-query {any;};
allow-query-cache { any; };
allow-recursion { any; };
# recursion yes;
dnssec-enable no;
dnssec-validation no;
listen-on port 53 {
192.168.1.5;
};
#listen-on-v6 port 53 { any;};
};
include "/usr/local/bind/etc/ip/dev.txt";
include "/usr/local/bind/etc/ip/prod.txt";
include "/usr/local/bind/etc/view.conf";
配置acl和view
mkdir ip
vi ip/dev.txt
acl dev{
10.1.1.0/24;
172.16.1.0/24;
192.168.36.0/24;
};
vi ip/prod.txt
acl prod{
172.16.2.0/24;
};
vi view.conf
view "dev" {
match-clients {dev;};
dlz "Mysql zone" {
database "mysql
{host=127.0.0.1 dbname=dns_view ssl=false port=3306 user=root pass=123456 }
{select zone from dnstb where zone = '$zone$' and view = 'dev' limit 1 }
{select ttl, type, mx_priority, case when lower(type)='txt' then concat('\"', data,
'\"') when lower(type) = 'soa' then concat_ws(' ', data, resp_person, serial,
refresh, retry, expire, minimum) else data end as mydata from dnstb where zone
= '$zone$' and host = '$record$' and (view = 'dev' or view = 'OP')}
{}
{select ttl, type, host, mx_priority, case when lower(type)='txt' then concat('\"',
data, '\"') else data end as mydata, resp_person, serial, refresh, retry, expire,
minimum from dnstb where zone = '$zone$' and view='dev'}
{select zone from xfr_table where zone = '$zone$' and client = '$client$' and
view='dev' limit 1}
{update data_count set count = count + 1 where zone ='$zone$' and view='dev'}";
};
};
view "prod" {
match-clients { prod; };
dlz "Mysql zone" {
database "mysql
{host=127.0.0.1 dbname=dns_view ssl=false port=3306 user=root pass=123456 }
{select zone from dnstb where zone = '$zone$' and view = 'prod' limit 1 }
{select ttl, type, mx_priority, case when lower(type)='txt' then concat('\"', data,
'\"') when lower(type) = 'soa' then concat_ws(' ', data, resp_person, serial,
refresh, retry, expire, minimum) else data end as mydata from dnstb where zone
= '$zone$' and host = '$record$' and (view = 'prod' or view = 'OP')}
{}
{select ttl, type, host, mx_priority, case when lower(type)='txt' then concat('\"',
data, '\"') else data end as mydata, resp_person, serial, refresh, retry, expire,
minimum from dnstb where zone = '$zone$' and view='prod'}
{select zone from xfr_table where zone = '$zone$' and client = '$client$' and
view='prod' limit 1}
{update data_count set count = count + 1 where zone ='$zone$' and view='prod'}";
};
};
view "any" {
match-clients { any;};
dlz "Mysql zone" {
database "mysql
{host=127.0.0.1 dbname=dns_view ssl=false port=3306 user=root pass=123456 }
{select zone from dnstb where zone = '$zone$' and view = 'any' limit 1 }
{select ttl, type, mx_priority, case when lower(type)='txt' then concat('\"', data,
'\"') when lower(type) = 'soa' then concat_ws(' ', data, resp_person, serial,
refresh, retry, expire, minimum) else data end as mydata from dnstb where zone
= '$zone$' and host = '$record$' and (view = 'any' or view='OP')}
{}
{select ttl, type, host, mx_priority, case when lower(type)='txt' then concat('\"',
data, '\"') else data end as mydata, resp_person, serial, refresh, retry, expire,
minimum from dnstb where zone = '$zone$' and view='any'}
{select zone from xfr_table where zone = '$zone$' and client = '$client$' and
view='any' limit 1}
{update data_count set count = count + 1 where zone ='$zone$' and view='any'}";
};
};
服务使用
启动和重载配置文件
named -4 -uroot -c /usr/local/bind/etc/named.conf -d 9
rndc reload
添加dns记录
windows上安装navicat for mysql 添加DNS记录如图:
备用DNS:
步骤
安装bind和Mysql
配置rndc
配置BIND+VIEW,配置和主DNS一样,除了listen-on port 53里面的IP
配置mysql主从复制,备用DNS上的mysql为从库,设置同步的数据库为dns_view。
posted @
2017-03-15 04:03
feral
阅读(765)
评论(0)
编辑
收藏
举报
刷新评论刷新页面返回顶部
Copyright 2022 feral
Powered by .NET 7.0 on Kubernetes

Copyright ©uecom 京ICP备18064371号-3 IPV6
2024-03-29 03:29:13
tech.zxsbr.com
10.0.12.16