BIND+DLZ+MYSQL
BIND-DLZ實驗環境:RHEL4
所用到的軟體包:BIND-9.5.0-P2.tar.gz(9.4.2以上版本都已經包含了DLZ更新檔)、Mysql-5.0.56.tar.gz
寫在前面:DLZ(Dynamically Loadable Zones),它允許你的區域記錄放置到資料庫中,并且支援多種資料庫。你可以在
<a href="http://bind-dlz.sourceforge.net/">BIND-DLZ</a>
上找到相應的資料。
1、先安裝mysql
shell>tar zxvf mysql-version.tar.gz
shell>cd mysql-*
shell>./configure --prefix=/usr/local/mysql /
>--localstatedir=/usr/local/mysql/data /
>--libexecdir=/usr/local/mysql/lib /
>--disable-shared
shell>make && make install
安裝完成後。
進入安裝mysql的目錄
>cd /usr/local/mysql
>chown -R mysql .
>chgrp -R mysql .
>chown -R mysql data
>chown -R mysql lib
>groupadd -g 1003 mysql
>adduser -g 1003 mysql
>./bin/mysql_install_db --user=mysql //以mysql使用者的身份安裝
>chown -R root .
>./bin/mysqld_safe --user=mysql & //啟動mysql并轉入背景自行處理
>/usr/local/mysql/bin/mysqladmin -u root -p password '*******'
password:(由于初始密碼為空,此處直接敲回車)
>/usr/local/mysql/bin/mysql -u root -p
password:(輸入你的密碼)
mysql>
2、安裝bind
shell>tar zxvf bind-9.5.0-p2.tar.gz
shell>cd bind-9.5.0-p2
shell>./configure --prefix=/usr/local/bind9 --with-dlz-mysql=/usr/local/mysql --enabl-threads=no --disable-openssl-version-check
--with-dlz-mysql=/usr/local/mysql 要求bind安裝中支援DLZ
--enabl-threads=no 關閉多線程
--disable-openssl-version-check 這項是禁止openssl版本的檢查
shell>make
shell>make install
3、建立資料庫、表
mysql>create database mydata;
mysql>use mydata;
mysql>create table other_dns_records (
>zone varchar (255),
>host varchar (255),
>type varchar (255),
>data varchar (255),
>ttl int(11),
>mx_priority varchar (255),
>refresh int(11),
>retry int(11),
>expire int(11),
>minimum int(11),
>serial bigint(20),
>resp_person varchar (255),
>primary_ns varchar (255)
>);
mysql>create table cnc_dns_records (
>//向表中添加一條記錄
>insert into other_dns_records (zone,host,type,data,ttl,retry) values ('aaa.com','www','A','192.168.199.2','86400','15');
>insert into cnc_dns_records (zone,host,type,data,ttl,retry) values ('bbb.com','www','A','192.199.22.22','86400','13');
4、編輯/usr/local/bind9/etc/named.conf
>cd /usr/local/bind9/etc
>../sbin/rndc-config -a
>../sbin/rndc-config > named.conf
>vi !$
//删除# Use with the following in named.conf, adjusting the allow list as needed: 以前的行
将# Use with the following in named.conf, adjusting the allow list as needed: 和 # End of named.conf 之間的行前#号
最終的etc/named.conf檔案如下:
# Use with the following in named.conf, adjusting the allow list as needed:
key "rndc-key" {
algorithm hmac-md5;
secret "2rkqGUle0VlsawCL2+IKsA==";
};
controls {
inet 127.0.0.1 port 953
allow { 127.0.0.1; } keys { "rndc-key"; };
# End of named.conf
options {
directory "/usr/local/binid/etc/";
pid-file "/usr/local/binid/var/run/named.pid";
allow-query { any; };
recursion no;
version "gaint-d1";
include "/usr/local/binid/etc/cnc.cl";
include "/usr/local/binid/etc/other.cl";
view "cnc-user" {
match-clients { cnc; };
dlz "Mysql zone" {
database "mysql
{host=localhost dbname=mydb ssl=false port=3306 user=root pass=abc123!}
{select zone from cnc_dns_records where zone='%zone%'}
{select ttl, type, mx_priority, case when lower(type)='txt' then concat('/"', data, '/"')
when lower(type)='soa' then concat_ws(' ',data,resp_person,serial,refresh,retry,expire,minimum) else data end as mydata from cnc_dns_records where zone='%zone%' and host='%record%'}";
};
view "other-user" {
match-clients { other; };
{select zone from other_dns_records where zone='%zone%'}
when lower(type)='soa' then concat_ws(' ',data,resp_person,serial,refresh,retry,expire,minimum) else data end as mydata from other_dns_records where zone='%zone%' and host='%record%'}";
etc/cnc.cl如下:
acl "cnc" {
192.168.9.0/24;
etc/other.cl如下:
acl "other" {
127.0.0.0/18;
5、測試
打開named測試/usr/local/bind9/sbin/named -g -d 1 -c /usr/local/bind9/etc/named.conf
注:如果不想寫全路徑來啟動bind和mysql的話,可以編輯:
>vi /root/.bash_profile
加入如下兩行:
PATH=$PATH:/usr/local/bind9/sbin
PATH=$PATH:/usr/local/mysql/bin/
儲存退出
> . /root/.bash_profile (或者:. !$)
這次的實驗隻是做了一部分,可能也會用到區域傳送。這些查詢可以參照
【zonshy】
未完待續......
![【MySQL資料庫】資料庫索引事務1.索引2.事務[圖]](data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=)