利用Bind9-MySQL构建智能DNS

智能DNS（Bind-view）：
智能DNS 原理很简单：在用户解析一个域名的时候的，判断一下用户使用的IP，然后跟DNS 服务器内部的IP 表匹配一下，看看用户是电信还是网通用户，然后给用户返回对应的IP 地址。目前的域名服务运营商不提供智能DNS 服务，所以必须自行架设DNS 服务或者使用网上免费的智能DNS 服务，如DNSPOD。

安装 MYSQL 5.5.23 根据之前发的文章安装

安装BIND9需要OPENSSL版本，所以安装下最新的openssl-0.9.8x
下载地址：http://www.openssl.org/source/openssl-0.9.8x.tar.gz

wget http://www.openssl.org/source/openssl-0.9.8x.tar.gztar zxvf openssl-0.9.8x.tar.gzcd openssl-0.9.8xmake && make installcd ..

采用BIND9.8.2搭建智能DNS
下载地址：ftp://ftp.isc.org/isc/bind9/9.8.2/bind-9.8.2.tar.gz

wget ftp://ftp.isc.org/isc/bind9/9.8.2/bind-9.8.2.tar.gztar zxvf bind-9.8.2.tar.gzcd bind-9.8.2./configure --with-dlz-mysql --enable-largefile --enable-threads=no --prefix=/usr/local/bind --with-openssl=/usr/local/ssl/make && make install

配置BIND9

cd /usr/local/bind/etc/../sbin/rndc-confgen > rndc.conf

长时间没反应？ctrl+c 终止

vim random

随意输入点什么，保存 :wq

../sbin/rndc-confgen -r random > rndc.conf

去掉 # 保存为 named.conf

tail -n10 rndc.conf | head -n9 | sed -e s/#\//g > named.conf

vim localhost.zone

ttl 86400@ IN SOA localhost. root.localhost. (1997022700 ; Serial28800 ; Refresh14400 ; Retry3600000 ; Expire86400 ) ; MinimumIN NS localhost.1 IN PTR localhost.

dig > named.root （需要配置本机DNS，并且可以连接外网）

named.root内容如下：

; <<>> DiG 9.3.6-P1-RedHat-9.3.6-16.P1.el5 <<>>;; global options:  printcmd;; Got answer:;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 2302;; flags: qr rd ra; QUERY: 1, ANSWER: 13, AUTHORITY: 0, ADDITIONAL: 14;; QUESTION SECTION:;.                              IN      NS;; ANSWER SECTION:.                       349121  IN      NS      b.root-servers.net..                       349121  IN      NS      f.root-servers.net..                       349121  IN      NS      d.root-servers.net..                       349121  IN      NS      g.root-servers.net..                       349121  IN      NS      e.root-servers.net..                       349121  IN      NS      c.root-servers.net..                       349121  IN      NS      l.root-servers.net..                       349121  IN      NS      j.root-servers.net..                       349121  IN      NS      i.root-servers.net..                       349121  IN      NS      h.root-servers.net..                       349121  IN      NS      k.root-servers.net..                       349121  IN      NS      a.root-servers.net..                       349121  IN      NS      m.root-servers.net.;; ADDITIONAL SECTION:a.root-servers.net.     98117   IN      A       198.41.0.4a.root-servers.net.     490100  IN      AAAA    2001:503:ba3e::2:30b.root-servers.net.     235443  IN      A       192.228.79.201c.root-servers.net.     235566  IN      A       192.33.4.12d.root-servers.net.     235253  IN      A       128.8.10.90d.root-servers.net.     269043  IN      AAAA    2001:500:2d::de.root-servers.net.     235038  IN      A       192.203.230.10f.root-servers.net.     235539  IN      A       192.5.5.241f.root-servers.net.     259446  IN      AAAA    2001:500:2f::fg.root-servers.net.     99150   IN      A       192.112.36.4h.root-servers.net.     235861  IN      A       128.63.2.53h.root-servers.net.     528457  IN      AAAA    2001:500:1::803f:235i.root-servers.net.     240379  IN      A       192.36.148.17i.root-servers.net.     537415  IN      AAAA    2001:7fe::53;; Query time: 106 msec;; SERVER: 211.95.72.1#53(211.95.72.1);; WHEN: Sun May 13 13:21:31 2012;; MSG SIZE  rcvd: 512

vim named.conf  在后面加入：

include "/usr/local/bind/etc/cnc_acl.conf"; //网通ACLinclude "/usr/local/bind/etc/ctc_acl.conf"; //电信ACLinclude "/usr/local/bind/etc/view.conf"; //DLZ相关的配置

以下是named.conf的配置文件

 key "rndc-key" {        algorithm hmac-md5;        secret "JY52sPoTdeBWiBBquOchqg=="; }; controls {        inet 127.0.0.1 port 953                allow { 127.0.0.1; } keys { "rndc-key"; }; }; logging {        channel query_log {                file "/var/log/named.log" versions 3 size 20m;                severity info;                print-time yes;                print-category yes;                print-severity yes;        };        category queries {                query_log;        }; }; options{        directory "/usr/local/bind/etc";        pid-file "named.pid"; }; acl "dns-ip-list"{        114.80.227.188; #master DNS IP        112.65.230.188; #slave DNS IP        2001:da8:8000:d011:0:5efe:7250:e3bc; #ipv6 DNS IP };include "/usr/local/bind/etc/cnc_acl.conf";include "/usr/local/bind/etc/ctc_acl.conf";include "/usr/local/bind/etc/view.conf";

# cat cnc_acl.confacl cnc {1.1.1.1/32;2.2.2.2/32; //这里是网通的所有ip};

# cat ctc_acl.confacl ct {3.3.3.3/32;4.4.4.4/32; //这里是电信的所有ip};

配置 Bind-view-DLZ-MySQL 核心部分

vi /usr/local/bind/etc/view.conf

view "cnc_view" {	match-clients { cnc;dns-ip-list;};	dlz "Mysql zone" {		database "mysql		{host=127.0.0.1 dbname=dns ssl=false port=3306 user=root pass= }		{select zone from dns_records where zone = '$zone$' and view = 'CNC' limit 1 }		{select ttl, type, mx_priority, case when lower(type)='txt' then concat('\"', data, '\"') when lower(type) = 'soa' then concat_ws(' ', data, resp_person, serial, refresh, retry, expire, minimum) else data end as mydata from dns_records where zone = '$zone$' and host = '$record$' and (view = 'CNC' or view = 'DF')}		{}		{select ttl, type, host, mx_priority, case when lower(type)='txt' then concat('\"', data, '\"') else data end as mydata, resp_person, serial, refresh, retry, expire, minimum from dns_records where zone = '$zone$' and view='CNC'}		{select zone from xfr_table where zone = '$zone$' and client = '$client$' and view='CNC' limit 1}		{update data_count set count = count + 1 where zone ='$zone$' and view='CNC'}";	};};view "ctc_view" {	match-clients { ctc;dns-ip-list;};	dlz "Mysql zone" {		database "mysql		{host=127.0.0.1 dbname=dns ssl=false port=3306 user=root pass= }		{select zone from dns_records where zone = '$zone$' and view = 'CTC' limit 1}		{select ttl, type, mx_priority, case when lower(type)='txt' then concat('\"', data, '\"') when lower(type) = 'soa' then concat_ws(' ', data, resp_person, serial, refresh, retry, expire, minimum) else data end as mydata from dns_records where zone = '$zone$' and host = '$record$' and view = 'CTC'}		{}		{select ttl, type, host, mx_priority, case when lower(type)='txt' then concat('\"', data, '\"') else data end as mydata, resp_person, serial, refresh, retry, expire, minimum from dns_records where zone = '$zone$' and view='CTC'}		{select zone from xfr_table where zone = '$zone$' and client = '$client$' and view='CTC' limit 1}		{update data_count set count = count + 1 where zone ='$zone$' and view='CTC'}";	};};

创建DLZ相关数据库表的架构

mysql>create database cdn_view; //创建数据库名为cdn_view与view中的dbname对应mysql>use cdn_view;DROP TABLE IF EXISTS `dns_records`;CREATE TABLE `dns_records` (`id` int(10) unsigned NOT NULL auto_increment,`zone` varchar(255) NOT NULL,`host` varchar(255) NOT NULL default '@',`type` enum('MX','CNAME','NS','SOA','A','PTR') NOT NULL,`data` varchar(255) default NULL,`ttl` int(11) NOT NULL default '800',`view` char(20) default 'DF',`mx_priority` int(11) default NULL,`refresh` int(11) NOT NULL default '3600',`retry` int(11) NOT NULL default '3600',`expire` int(11) NOT NULL default '86400',`minimum` int(11) NOT NULL default '3600',`serial` bigint(20) NOT NULL default '2008082700',`resp_person` varchar(64) NOT NULL default 'root.domain.com.',`primary_ns` varchar(64) NOT NULL default 'ns1.domain.com.',`data_count` int(11) NOT NULL default '0',PRIMARY KEY (`id`),KEY `type` (`type`),KEY `host` (`host`),KEY `zone` (`zone`)) ENGINE=MyISAM AUTO_INCREMENT=1;

关联libmysqlclient.so.XX 因为我安装的是5.5.23 所以是18
ln -s /usr/local/mysql/lib/libmysqlclient.so.18 /usr/lib/
ldconfig

/usr/local/bind/sbin/named -uroot -g -d 9
调试状态，如果没有报错说明环境配置正确。
做成启动服务. Debug的时候多用此模式启动bind. ,如果没问题，杀掉进程使用下面的命令启动服务

/usr/local/bind/sbin/rndc reload #重载named.conf相关配置文件.
/usr/local/bind/sbin/named -uroot -c /usr/local/bind/etc/named.conf #启动bind 服务.