BIND+DLZ+MYSQL
BIND-DLZ实验环境:RHEL4
所用到的软件包:BIND-9.5.0-P2.tar.gz(9.4.2以上版本都已经包含了DLZ补丁)、Mysql-5.0.56.tar.gz
写在前面:DLZ(Dynamically Loadable Zones),它允许你的区域记录放置到数据库中,并且支持多种数据库。你可以在
<a href="http://bind-dlz.sourceforge.net/">BIND-DLZ</a>
上找到相应的资料。
1、先安装mysql
shell>tar zxvf mysql-version.tar.gz
shell>cd mysql-*
shell>./configure --prefix=/usr/local/mysql /
>--localstatedir=/usr/local/mysql/data /
>--libexecdir=/usr/local/mysql/lib /
>--disable-shared
shell>make && make install
安装完成后。
进入安装mysql的目录
>cd /usr/local/mysql
>chown -R mysql .
>chgrp -R mysql .
>chown -R mysql data
>chown -R mysql lib
>groupadd -g 1003 mysql
>adduser -g 1003 mysql
>./bin/mysql_install_db --user=mysql //以mysql用户的身份安装
>chown -R root .
>./bin/mysqld_safe --user=mysql & //启动mysql并转入后台自行处理
>/usr/local/mysql/bin/mysqladmin -u root -p password '*******'
password:(由于初始密码为空,此处直接敲回车)
>/usr/local/mysql/bin/mysql -u root -p
password:(输入你的密码)
mysql>
2、安装bind
shell>tar zxvf bind-9.5.0-p2.tar.gz
shell>cd bind-9.5.0-p2
shell>./configure --prefix=/usr/local/bind9 --with-dlz-mysql=/usr/local/mysql --enabl-threads=no --disable-openssl-version-check
--with-dlz-mysql=/usr/local/mysql 要求bind安装中支持DLZ
--enabl-threads=no 关闭多线程
--disable-openssl-version-check 这项是禁止openssl版本的检查
shell>make
shell>make install
3、创建数据库、表
mysql>create database mydata;
mysql>use mydata;
mysql>create table other_dns_records (
>zone varchar (255),
>host varchar (255),
>type varchar (255),
>data varchar (255),
>ttl int(11),
>mx_priority varchar (255),
>refresh int(11),
>retry int(11),
>expire int(11),
>minimum int(11),
>serial bigint(20),
>resp_person varchar (255),
>primary_ns varchar (255)
>);
mysql>create table cnc_dns_records (
>//向表中添加一条记录
>insert into other_dns_records (zone,host,type,data,ttl,retry) values ('aaa.com','www','A','192.168.199.2','86400','15');
>insert into cnc_dns_records (zone,host,type,data,ttl,retry) values ('bbb.com','www','A','192.199.22.22','86400','13');
4、编辑/usr/local/bind9/etc/named.conf
>cd /usr/local/bind9/etc
>../sbin/rndc-config -a
>../sbin/rndc-config > named.conf
>vi !$
//删除# Use with the following in named.conf, adjusting the allow list as needed: 以前的行
将# Use with the following in named.conf, adjusting the allow list as needed: 和 # End of named.conf 之间的行前#号
最终的etc/named.conf文件如下:
# Use with the following in named.conf, adjusting the allow list as needed:
key "rndc-key" {
algorithm hmac-md5;
secret "2rkqGUle0VlsawCL2+IKsA==";
};
controls {
inet 127.0.0.1 port 953
allow { 127.0.0.1; } keys { "rndc-key"; };
# End of named.conf
options {
directory "/usr/local/binid/etc/";
pid-file "/usr/local/binid/var/run/named.pid";
allow-query { any; };
recursion no;
version "gaint-d1";
include "/usr/local/binid/etc/cnc.cl";
include "/usr/local/binid/etc/other.cl";
view "cnc-user" {
match-clients { cnc; };
dlz "Mysql zone" {
database "mysql
{host=localhost dbname=mydb ssl=false port=3306 user=root pass=abc123!}
{select zone from cnc_dns_records where zone='%zone%'}
{select ttl, type, mx_priority, case when lower(type)='txt' then concat('/"', data, '/"')
when lower(type)='soa' then concat_ws(' ',data,resp_person,serial,refresh,retry,expire,minimum) else data end as mydata from cnc_dns_records where zone='%zone%' and host='%record%'}";
};
view "other-user" {
match-clients { other; };
{select zone from other_dns_records where zone='%zone%'}
when lower(type)='soa' then concat_ws(' ',data,resp_person,serial,refresh,retry,expire,minimum) else data end as mydata from other_dns_records where zone='%zone%' and host='%record%'}";
etc/cnc.cl如下:
acl "cnc" {
192.168.9.0/24;
etc/other.cl如下:
acl "other" {
127.0.0.0/18;
5、测试
打开named测试/usr/local/bind9/sbin/named -g -d 1 -c /usr/local/bind9/etc/named.conf
注:如果不想写全路径来启动bind和mysql的话,可以编辑:
>vi /root/.bash_profile
加入如下两行:
PATH=$PATH:/usr/local/bind9/sbin
PATH=$PATH:/usr/local/mysql/bin/
保存退出
> . /root/.bash_profile (或者:. !$)
这次的实验只是做了一部分,可能也会用到区域传送。这些查询可以参照
【zonshy】
未完待续......
![【MySQL数据库】数据库索引事务1.索引2.事务[图]](data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=)