CentOS に yum でインストールされた
BIND をキャッシュDNSサーバーとして設定する。
caching-nameserver
yum info
|
+
|
... |
[root@localhost ~]# yum info caching-nameserver
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* base: rsync.atworks.co.jp
* extras: rsync.atworks.co.jp
* updates: rsync.atworks.co.jp
Available Packages
Name : caching-nameserver
Arch : x86_64
Epoch : 30
Version : 9.3.6
Release : 16.P1.el5_7.1
Size : 62 k
Repo : updates
Summary : Default BIND configuration files for a caching nameserver
URL : http://www.isc.org/products/BIND/
License : BSD-like
Description: The caching-nameserver package includes the configuration files which will make
: the ISC BIND named DNS name server act as a simple caching nameserver.
: A caching nameserver is a DNS Resolver, as defined in RFC 1035, section 7.
: ISC BIND named(8) provides a very efficient, flexible and robust resolver as
: well as a server of authoritative DNS data - many users use this package
: along with BIND to implement their primary system DNS resolver service.
: If you would like to set up a caching name server, you'll need to install
: bind, bind-libs, and bind-utils along with this package.}
|
bind97 をインストールしていると cashing-nameserverはインストールできない。
yum で入れようとすると
Error: bind97 conflicts with bind
Error: bind97 conflicts with caching-nameserver
Error: bind97-libs conflicts with bind-libs
とエラー出力される。
yumインストール直後のnamed.conf
/etc/named.conf
|
+
|
... |
[root@localhost ~]# cat /etc/named.conf
//
// named.conf
//
// Provided by Red Hat bind package to configure the ISC BIND named(8) DNS
// server as a caching only nameserver (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
options {
listen-on port 53 { 127.0.0.1; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { localhost; };
recursion yes;
dnssec-enable yes;
dnssec-validation yes;
dnssec-lookaside auto;
/* Path to ISC DLV key */
bindkeys-file "/etc/named.iscdlv.key";
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
zone "." IN {
type hint;
file "named.ca";
};
include "/etc/named.rfc1912.zones";
|
実は何も設定しなくてもインストール直後に動作はする
/var/log/message
|
+
|
... |
[root@localhost ~]# cat /var/log/messages
Feb 23 03:18:38 localhost named[2614]: starting BIND 9.7.0-P2-RedHat-9.7.0-6.P2.el5_7.4 -u named -t /var/named/chroot
Feb 23 03:18:38 localhost named[2614]: built with '--build=x86_64-redhat-linux-gnu' '--host=x86_64-redhat-linux-gnu' '--target=x86_64-redhat-linux-gnu' '--program-prefix=' '--prefix=/usr' '--exec-prefix=/usr' '--bindir=/usr/bin' '--sbindir=/usr/sbin' '--sysconfdir=/etc' '--datadir=/usr/share' '--includedir=/usr/include' '--libdir=/usr/lib64' '--libexecdir=/usr/libexec' '--sharedstatedir=/usr/com' '--mandir=/usr/share/man' '--infodir=/usr/share/info' '--with-libtool' '--localstatedir=/var' '--enable-threads' '--enable-ipv6' '--with-pic' '--disable-static' '--disable-openssl-version-check' 'CFLAGS= -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4 -m64 -mtune=generic' 'CPPFLAGS= -DDIG_SIGCHASE' 'CXXFLAGS=-O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4 -m64 -mtune=generic' 'FFLAGS=-O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4 -m64 -mtune=generic' 'build_alias=x86
Feb 23 03:18:38 localhost named[2614]: adjusted limit on open files from 1024 to 1048576
Feb 23 03:18:38 localhost named[2614]: found 1 CPU, using 1 worker thread
Feb 23 03:18:38 localhost named[2614]: using up to 4096 sockets
Feb 23 03:18:38 localhost named[2614]: loading configuration from '/etc/named.conf'
Feb 23 03:18:38 localhost named[2614]: reading built-in trusted keys from file '/etc/named.iscdlv.key'
Feb 23 03:18:38 localhost named[2614]: using default UDP/IPv4 port range: [1024, 65535]
Feb 23 03:18:38 localhost named[2614]: using default UDP/IPv6 port range: [1024, 65535]
Feb 23 03:18:38 localhost named[2614]: listening on IPv4 interface lo, 127.0.0.1#53
Feb 23 03:18:38 localhost named[2614]: listening on IPv6 interface lo, ::1#53
Feb 23 03:18:38 localhost named[2614]: generating session key for dynamic DNS
Feb 23 03:18:38 localhost named[2614]: using built-in trusted-keys for view _default
Feb 23 03:18:38 localhost named[2614]: automatic empty zone: 127.IN-ADDR.ARPA
Feb 23 03:18:38 localhost named[2614]: automatic empty zone: 254.169.IN-ADDR.ARPA
Feb 23 03:18:38 localhost named[2614]: automatic empty zone: 2.0.192.IN-ADDR.ARPA
Feb 23 03:18:38 localhost named[2614]: automatic empty zone: 255.255.255.255.IN-ADDR.ARPA
Feb 23 03:18:38 localhost named[2614]: automatic empty zone: 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA
Feb 23 03:18:38 localhost named[2614]: automatic empty zone: D.F.IP6.ARPA
Feb 23 03:18:38 localhost named[2614]: automatic empty zone: 8.E.F.IP6.ARPA
Feb 23 03:18:38 localhost named[2614]: automatic empty zone: 9.E.F.IP6.ARPA
Feb 23 03:18:38 localhost named[2614]: automatic empty zone: A.E.F.IP6.ARPA
Feb 23 03:18:38 localhost named[2614]: automatic empty zone: B.E.F.IP6.ARPA
Feb 23 03:18:38 localhost named[2614]: using built-in trusted-keys for view _meta
Feb 23 03:18:38 localhost named[2614]: set up managed-keys.bind meta-zone
Feb 23 03:18:38 localhost named[2614]: command channel listening on 127.0.0.1#953
Feb 23 03:18:38 localhost named[2614]: command channel listening on ::1#953
Feb 23 03:18:38 localhost named[2614]: the working directory is not writable
Feb 23 03:18:38 localhost named[2614]: zone 0.in-addr.arpa/IN: loaded serial 0
Feb 23 03:18:38 localhost named[2614]: zone 1.0.0.127.in-addr.arpa/IN: loaded serial 0
Feb 23 03:18:38 localhost named[2614]: zone 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN: loaded serial 0
Feb 23 03:18:38 localhost named[2614]: zone localhost.localdomain/IN: loaded serial 0
Feb 23 03:18:38 localhost named[2614]: zone localhost/IN: loaded serial 0
Feb 23 03:18:38 localhost named[2614]: zone managed-keys.bind/IN/_meta: loading from master file dynamic/managed-keys.bind failed: file not found
Feb 23 03:18:38 localhost named[2614]: zone managed-keys.bind/IN/_meta: loaded serial 0
Feb 23 03:18:38 localhost named[2614]: running
Feb 23 03:18:38 localhost named[2614]: error (network unreachable) resolving 'dlv.isc.org/DNSKEY/IN': 2001:500:f::1#53
Feb 23 03:18:38 localhost named[2614]: error (network unreachable) resolving 'dlv.isc.org/DNSKEY/IN': 2001:500:40::1#53
Feb 23 03:18:39 localhost named[2614]: error (network unreachable) resolving 'ns.isc.afilias-nst.info/AAAA/IN': 2001:500:41::1#53
Feb 23 03:18:39 localhost named[2614]: error (network unreachable) resolving 'ns.isc.afilias-nst.info/AAAA/IN': 2001:500:1b::1#53
Feb 23 03:18:39 localhost named[2614]: error (network unreachable) resolving 'ns.isc.afilias-nst.info/AAAA/IN': 2001:500:19::1#53
Feb 23 03:18:39 localhost named[2614]: error (network unreachable) resolving 'ns.isc.afilias-nst.info/AAAA/IN': 2001:500:1a::1#53
Feb 23 03:18:39 localhost named[2614]: error (network unreachable) resolving 'ns.isc.afilias-nst.info/A/IN': 2001:500:1c::1#53
Feb 23 03:18:39 localhost named[2614]: error (network unreachable) resolving 'ns1.isc.ultradns.net/AAAA/IN': 2001:503:ba3e::2:30#53
Feb 23 03:18:39 localhost named[2614]: error (network unreachable) resolving 'ns2.isc.ultradns.net/A/IN': 2001:500:2f::f#53
Feb 23 03:18:39 localhost named[2614]: error (network unreachable) resolving 'ns2.isc.ultradns.net/AAAA/IN': 2001:503:c27::2:30#53
Feb 23 03:18:39 localhost named[2614]: error (network unreachable) resolving 'ns1.isc.ultradns.net/AAAA/IN': 2001:500:2f::f#53
Feb 23 03:18:39 localhost named[2614]: error (network unreachable) resolving 'ns2.isc.ultradns.net/AAAA/IN': 2001:500:2f::f#53
Feb 23 03:18:39 localhost named[2614]: error (network unreachable) resolving 'ns.isc.afilias-nst.info/AAAA/IN': 2001:500:a::79#53
Feb 23 03:18:39 localhost named[2614]: error (network unreachable) resolving 'pdns3.ultradns.org/AAAA/IN': 2001:500:48::1#53
Feb 23 03:18:39 localhost named[2614]: error (network unreachable) resolving 'pdns4.ultradns.org/A/IN': 2001:500:e::1#53
Feb 23 03:18:39 localhost named[2614]: error (network unreachable) resolving 'pdns3.ultradns.org/AAAA/IN': 2001:500:c::1#53
Feb 23 03:18:39 localhost named[2614]: error (network unreachable) resolving 'pdns3.ultradns.org/AAAA/IN': 2001:500:b::1#53
Feb 23 03:18:39 localhost named[2614]: error (network unreachable) resolving 'dlv.isc.org/DNSKEY/IN': 2001:500:c::1#53
Feb 23 03:18:39 localhost named[2614]: error (network unreachable) resolving 'pdns6.ultradns.co.uk/A/IN': 2001:502:ad09::3#53
Feb 23 03:18:39 localhost named[2614]: error (network unreachable) resolving 'pdns6.ultradns.co.uk/AAAA/IN': 2001:502:4612::1#53
Feb 23 03:18:39 localhost named[2614]: error (network unreachable) resolving 'ns.isc.afilias-nst.info/A/IN': 2001:500:8::79#53
Feb 23 03:20:40 localhost named[2614]: error (network unreachable) resolving './NS/IN': 2001:503:ba3e::2:30#53
Feb 23 03:20:40 localhost named[2614]: error (network unreachable) resolving 'yahoo.co.jp.dlv.isc.org/DLV/IN': 2001:500:40::1#53
Feb 23 03:20:41 localhost named[2614]: error (network unreachable) resolving 'dlv.isc.org/DLV/IN': 2001:500:60::30#53
Feb 23 03:20:41 localhost named[2614]: error (network unreachable) resolving 'dlv.isc.org/DLV/IN': 2001:4f8:0:2::19#53
Feb 23 03:20:41 localhost named[2614]: error (network unreachable) resolving 'dlv.isc.org/DLV/IN': 2001:500:71::30#53
Feb 23 03:20:41 localhost named[2614]: error (network unreachable) resolving 'ns.isc.afilias-nst.info/A/IN': 2001:500:19::1#53
Feb 23 03:20:41 localhost named[2614]: error (network unreachable) resolving 'ns.isc.afilias-nst.info/A/IN': 2001:500:1b::1#53
Feb 23 03:20:41 localhost named[2614]: error (network unreachable) resolving 'ns.isc.afilias-nst.info/AAAA/IN': 2001:500:41::1#53
Feb 23 03:20:41 localhost named[2614]: error (network unreachable) resolving 'ns.isc.afilias-nst.info/AAAA/IN': 2001:500:a::79#53
Feb 23 03:20:41 localhost named[2614]: error (network unreachable) resolving 'ns.isc.afilias-nst.info/AAAA/IN': 2001:500:6::79#53
Feb 23 03:20:41 localhost named[2614]: error (network unreachable) resolving 'dlv.isc.org/DNSKEY/IN': 2001:500:71::29#53
Feb 23 03:20:41 localhost named[2614]: error (network unreachable) resolving 'dlv.isc.org/DNSKEY/IN': 2001:500:60::29#53
Feb 23 03:20:41 localhost named[2614]: error (network unreachable) resolving 'dlv.isc.org/DNSKEY/IN': 2001:4f8:0:2::20#53
Feb 23 03:20:41 localhost named[2614]: error (network unreachable) resolving 'pdns3.ultradns.org/A/IN': 2001:500:c::1#53
Feb 23 03:20:41 localhost named[2614]: error (network unreachable) resolving 'pdns3.ultradns.org/AAAA/IN': 2001:500:c::1#53
Feb 23 03:20:41 localhost named[2614]: error (network unreachable) resolving 'pdns4.ultradns.org/AAAA/IN': 2001:500:48::1#53
Feb 23 03:20:41 localhost named[2614]: error (network unreachable) resolving 'pdns6.ultradns.co.uk/AAAA/IN': 2001:7fd::1#53
Feb 23 03:20:41 localhost named[2614]: error (network unreachable) resolving 'pdns3.ultradns.org/A/IN': 2001:500:b::1#53
Feb 23 03:20:41 localhost named[2614]: error (network unreachable) resolving 'pdns6.ultradns.co.uk/AAAA/IN': 2a01:40:1001:35::2#53
Feb 23 03:20:41 localhost named[2614]: error (network unreachable) resolving 'pdns6.ultradns.co.uk/A/IN': 2001:502:ad09::3#53
Feb 23 03:20:41 localhost named[2614]: error (network unreachable) resolving 'pdns6.ultradns.co.uk/A/IN': 2001:502:4612::1#53
|
最終更新:2012年02月23日 04:27
