サーバー構築 : DNSサーバー構築

DNSサーバーを構築します。
そのためのソフトがbind（Berkeley Internet Name Domain）です。
詳しい内容の解説はインターネットで検索してください。
インストールするのは、bind　bind-chroot　caching-nameserverなのですが、yum install bind　bind-chroot　caching-nameserverと併記してうまく行かなかったような経験があるので、最近は１個づつインストール事が多くなりました。
ここでも、そのようにしています。

[root@meckk ~]# yum -y install bind
Loading "installonlyn" plugin
Setting up Install Process
Setting up repositories
Reading repository metadata in from local files
Parsing package install arguments
Resolving Dependencies
--> Populating transaction set with selected packages. Please wait.
---> Downloading header for bind to pack into transaction set.
bind-9.3.4-3.fc6.ppc.rpm 100% |=========================| 50 kB 00:01
---> Package bind.ppc 31:9.3.4-3.fc6 set to be updated
--> Running transaction check
--> Processing Dependency: policycoreutils for package: bind
--> Restarting Dependency Resolution with new changes.
--> Populating transaction set with selected packages. Please wait.
---> Downloading header for policycoreutils to pack into transaction set.
policycoreutils-1.34.1-4. 100% |=========================| 68 kB 00:01
---> Package policycoreutils.ppc 0:1.34.1-4.fc6 set to be updated
--> Running transaction check
--> Processing Dependency: libsemanage.so.1(LIBSEMANAGE_1.0) for package: policycoreutils
--> Processing Dependency: libsemanage >= 1.6.17-1 for package: policycoreutils
--> Processing Dependency: libsemanage.so.1 for package: policycoreutils
--> Processing Dependency: audit-libs-python >= 1.1.4-3 for package: policycoreutils
--> Processing Dependency: libselinux-python for package: policycoreutils
--> Processing Dependency: /usr/bin/diff for package: policycoreutils
--> Restarting Dependency Resolution with new changes.
--> Populating transaction set with selected packages. Please wait.
---> Downloading header for libselinux-python to pack into transaction set.
libselinux-python-1.33.4- 100% |=========================| 35 kB 00:00
---> Package libselinux-python.ppc 0:1.33.4-2.fc6 set to be updated
---> Downloading header for audit-libs-python to pack into transaction set.
audit-libs-python-1.4.2-3 100% |=========================| 13 kB 00:00
---> Package audit-libs-python.ppc 0:1.4.2-3.fc6 set to be updated
---> Downloading header for libsemanage to pack into transaction set.
libsemanage-1.6.17-1.ppc. 100% |=========================| 26 kB 00:00
---> Package libsemanage.ppc 0:1.6.17-1 set to be updated
---> Downloading header for diffutils to pack into transaction set.
diffutils-2.8.1-15.2.2.pp 100% |=========================| 9.4 kB 00:00
---> Package diffutils.ppc 0:2.8.1-15.2.2 set to be updated
--> Running transaction check

Dependencies Resolved

=============================================================================
Package Arch Version Repository Size
=============================================================================
Installing:
bind ppc 31:9.3.4-3.fc6 updates 1.0 M
Installing for dependencies:
audit-libs-python ppc 1.4.2-3.fc6 updates 83 k
diffutils ppc 2.8.1-15.2.2 core 219 k
libselinux-python ppc 1.33.4-2.fc6 updates 58 k
libsemanage ppc 1.6.17-1 core 146 k
policycoreutils ppc 1.34.1-4.fc6 updates 559 k

Transaction Summary
=============================================================================
Install 6 Package(s)
Update 0 Package(s)
Remove 0 Package(s)

Total download size: 2.0 M
Downloading Packages:
(1/6): bind-9.3.4-3.fc6.p 100% |=========================| 1.0 MB 00:05
(2/6): policycoreutils-1. 100% |=========================| 559 kB 00:03
(3/6): libselinux-python- 100% |=========================| 58 kB 00:01
(4/6): audit-libs-python- 100% |=========================| 83 kB 00:01
(5/6): libsemanage-1.6.17 100% |=========================| 146 kB 00:01
(6/6): diffutils-2.8.1-15 100% |=========================| 219 kB 00:02
Running Transaction Test
Finished Transaction Test
Transaction Test Succeeded
Running Transaction
Installing: diffutils ######################### [1/6]
Installing: libsemanage ######################### [2/6]
Installing: audit-libs-python ######################### [3/6]
Installing: libselinux-python ######################### [4/6]
Installing: policycoreutils ######################### [5/6]
Installing: bind ######################### [6/6]

Installed: bind.ppc 31:9.3.4-3.fc6
Dependency Installed: audit-libs-python.ppc 0:1.4.2-3.fc6 diffutils.ppc 0:2.8.1-15.2.2 libselinux-python.ppc 0:1.33.4-2.fc6 libsemanage.ppc 0:1.6.17-1 policycoreutils.ppc 0:1.34.1-4.fc6
Complete!
[root@meckk ~]#

次にbind-chrootをインストールします。
bind-chrootを導入するとbindの設定ファイル類が階層を保ったまま移動しますので、bindがhackされた場合でもapacheに影響を与えません。
つまり、安全性が高まります。

[root@meckk ~]# yum -y install bind-chroot
Loading "installonlyn" plugin
Setting up Install Process
Setting up repositories
Reading repository metadata in from local files
Parsing package install arguments
Resolving Dependencies
--> Populating transaction set with selected packages. Please wait.
---> Downloading header for bind-chroot to pack into transaction set.
bind-chroot-9.3.4-3.fc6.p 100% |=========================| 39 kB 00:01
---> Package bind-chroot.ppc 31:9.3.4-3.fc6 set to be updated
--> Running transaction check

Dependencies Resolved

=============================================================================
Package Arch Version Repository Size
=============================================================================
Installing:
bind-chroot ppc 31:9.3.4-3.fc6 updates 40 k

Transaction Summary
=============================================================================
Install 1 Package(s)
Update 0 Package(s)
Remove 0 Package(s)

Total download size: 40 k
Downloading Packages:
(1/1): bind-chroot-9.3.4- 100% |=========================| 40 kB 00:01
Running Transaction Test
Finished Transaction Test
Transaction Test Succeeded
Running Transaction
Installing: bind-chroot ######################### [1/1]

Installed: bind-chroot.ppc 31:9.3.4-3.fc6
Complete!
[root@meckk ~]#

caching-nameserverもインストールします。
caching-nameserverは、１度問い合わせを行った内容を一定期間ローカルに記憶しておきます。
検索が早くなるのとnameserverの負荷を軽減します。

[root@meckk ~]# yum -y install caching-nameser
Loading "installonlyn" plugin
Setting up Install Process
Setting up repositories
Reading repository metadata in from local files
Parsing package install arguments
Resolving Dependencies
--> Populating transaction set with selected packages. Please wait.
---> Downloading header for caching-nameserver to pack into transaction set.
caching-nameserver-9.3.4- 100% |=========================| 41 kB 00:01
---> Package caching-nameserver.ppc 31:9.3.4-3.fc6 set to be updated
--> Running transaction check

Dependencies Resolved

=============================================================================
Package Arch Version Repository Size
=============================================================================
Installing:
caching-nameserver ppc 31:9.3.4-3.fc6 updates 56 k

Transaction Summary
=============================================================================
Install 1 Package(s)
Update 0 Package(s)
Remove 0 Package(s)

Total download size: 56 k
Downloading Packages:
(1/1): caching-nameserver 100% |=========================| 56 kB 00:01
Running Transaction Test
Finished Transaction Test
Transaction Test Succeeded
Running Transaction
Installing: caching-nameserver ######################### [1/1]

Installed: caching-nameserver.ppc 31:9.3.4-3.fc6
Complete!
[root@meckk ~]#

これからの設定ファイルの作成が結構面倒です。
手入力をしていたのでは、時間が掛かるだけでなく入力ミスも発生し易いため、コピペすべきでしょう。
色々なサイトが解説を行っておりますが、記載する内容はほとんど同一です。
ファイル名を自分のサーバー用に変更するだけですから、作業はかなり楽になります。
他所（よそ）のサイトの内容をそのまま載せる訳にはいかないでしょうから、リンクだけしておきます。
Fedora で自宅サーバー構築さんの場合です。
ここの解説通りで特に問題無くインストールできました。
私のように動作をする事が確認できれば良いのであれば、このサイトの解説で十分です。

他を見るなら初めての自宅サーバー構築と言うサイトもあります。
深い所まで知ろうとすると、インターネット上には詳しい解説がいくらでもあります。

【2009年8月追記】
上記サイトの現在の設定の内容が玄箱HG＋Fedora6の以前の内容と大幅に異なっておりました。
以前の設定内容は以下の通りです。

[root@meckk ~]# vi /var/named/chroot/etc/named.conf　 // // named.caching-nameserver.conf // // Provided by Red Hat caching-nameserver package to configure the // ISC BIND named(8) DNS server as a caching only nameserver // (as a localhost DNS resolver only). // // See /usr/share/doc/bind*/sample/ for example named configuration files. // // DO NOT EDIT THIS FILE - use system-config-bind or an editor // to create named.conf - edits to this file will be lost on // caching-nameserver package upgrade. // options { #listen-on port 53 { 127.0.0.1; }; #listen-on-v6 port 53 { ::1; }; version "unknown"; directory "/var/named"; dump-file "/var/named/data/cache_dump.db"; statistics-file "/var/named/data/named_stats.txt"; memstatistics-file "/var/named/data/named_mem_stats.txt"; query-source port 53; query-source-v6 port 53; allow-query { localhost; localnets; }; forwarders{ 192.168.1.1; }; }; logging { channel default_debug { file "data/named.run"; severity dynamic; }; }; view localhost_resolver { match-clients { localhost; }; match-destinations { localhost; }; recursion yes; include "/etc/named.rfc1912.zones"; include "/etc/named.meckk.com.zone"; }; [root@meckk ~]# vi /var/named/chroot/var/named/1.168.192.in-addr.arpa.db　 $TTL 86400 @ IN SOA meckk.com. root.meckk.com.( 2008000004 ; Serial 28800 ; Refresh 14400 ; Retry 3600000 ; Expire 86400 ) ; Minimum IN NS meckk.com. 154 IN PTR meckk.com. [root@meckk ~]# vi /var/named/chroot/var/named/localhost.zone　 $TTL 86400 @ IN SOA @ root ( 42 ; serial (d. adams) 3H ; refresh 15M ; retry 1W ; expiry 1D ) ; minimum IN NS @ IN A 127.0.0.1 IN AAAA ::1 [root@meckk ~]# vi /var/named/chroot/var/named/named.zero　 $TTL 86400 @ IN SOA localhost. root.localhost. ( 42 ; serial (d. adams) 3H ; refresh 15M ; retry 1W ; expiry 1D ) ; minimum IN NS localhost. [root@meckk ~]# vi /var/named/chroot/var/named/meckk.com.db　 $TTL 86400 @ IN SOA meckk.com. root.meckk.com.( 2008000004 ; Serial 28800 ; Refresh 14400 ; Retry 3600000 ; Expire 86400 ) ; Minimum IN NS meckk.com. IN MX 10 meckk.com. @ IN A 192.168.1.154 * IN A 192.168.1.154 [root@meckk ~]# vi /var/named/chroot/var/named/named.ip6.local　 $TTL 86400 @ IN SOA localhost. root.localhost. ( 1997022700 ; Serial 28800 ; Refresh 14400 ; Retry 3600000 ; Expire 86400 ) ; Minimum IN NS localhost. 1 IN PTR localhost. [root@meckk ~]# vi /var/named/chroot/var/named/localdomain.zone　 TTL 86400 @ IN SOA localhost root ( 42 ; serial (d. adams) 3H ; refresh 15M ; retry 1W ; expiry 1D ) ; minimum IN NS localhost localhost IN A 127.0.0.1 [root@meckk ~]# vi /var/named/chroot/var/named/named.broadcast　 $TTL 86400 @ IN SOA localhost. root.localhost. ( 42 ; serial (d. adams) 3H ; refresh 15M ; retry 1W ; expiry 1D ) ; minimum IN NS localhost. [root@meckk ~]# vi /var/named/chroot/var/named/named.local　 $TTL 86400 @ IN SOA localhost. root.localhost. ( 1997022700 ; Serial 28800 ; Refresh 14400 ; Retry 3600000 ; Expire 86400 ) ; Minimum IN NS localhost. 1 IN PTR localhost.

以前のファイルをそのままコピー（Serialは増やす）して、BINDを起動しましたらエラー無く終了しました。
但し、正常に動作しているかの確認は十分にしておりません、

[戻る] [TOP] [次へ]

（９）DNSサーバー構築