顯示頁面舊版反向連結Fold/unfold all回到頁頂 本頁是唯讀的,您可以看到原始碼,但不能更動它。您如果覺得它不應被鎖上,請詢問管理員。 ====== 在 Alpine Linux 3 底下安裝 Bind 當 DNS ====== * 採用 PVE 內提供的 alpine-3.14 (2.5MB) 建立 CT * 預計安裝與配置: * CPU:1vcore / RAM:512MB / Root Disk:8GB * 啟動主機的 IP 網段 10.20.0.0/24 * 允許本機與 10.0.0.0/8 來源詢問任何 Domain Name * 上游 DNS : 1.1.1.1 ===== 安裝與設定 BIND ===== * 安裝 BIND <cli> apk add bind </cli> * 設定 /etc/bind/named.conf <cli> options { directory "/var/bind"; pid-file "/var/run/named/named.pid"; listen-on { 127.0.0.1; 10.20.0.0/24; }; allow-query { localhost; 0.0.0.0/0; }; recursion yes; max-cache-size 218M; allow-recursion { 127.0.0.1/32; 10.0.0.0/8; }; forwarders { 1.1.1.1; }; }; </cli> * 驗證設定是否沒問題 <cli> named-checkconf </cli> * 設定開機啟動與啟動 DNS 服務 <cli> rc-update add named rc-service named start </cli> <WRAP center round tip 60%> * 啟動時如果出現以下的異常訊息 <cli> : Jul 8 07:47:30 ct-dns daemon.info named[537]: none:100: 'max-cache-size 90%' - setting to 173990MB (out of 193322MB) Jul 8 07:47:33 ct-dns daemon.err /etc/init.d/named[535]: start-stop-daemon: failed to start `/usr/sbin/named' Jul 8 07:47:33 ct-dns daemon.err /etc/init.d/named[397]: ERROR: named failed to start </cli> * 可以在 /etc/bind/named.conf 內強制設定 max-cache-size 來解決, Exp: <cli> : max-cache-size 218M; : </cli> </WRAP> ===== 增加查詢與運行的相關紀錄 ===== * 設定 /etc/bind/named.conf <cli> logging { channel default_file { file "/var/log/named/default.log" versions 3 size 5m; severity dynamic; print-time yes; }; channel general_file { file "/var/log/named/general.log" versions 3 size 5m; severity dynamic; print-time yes; }; channel database_file { file "/var/log/named/database.log" versions 3 size 5m; severity dynamic; print-time yes; }; channel security_file { file "/var/log/named/security.log" versions 3 size 5m; severity dynamic; print-time yes; }; channel config_file { file "/var/log/named/config.log" versions 3 size 5m; severity dynamic; print-time yes; }; channel resolver_file { file "/var/log/named/resolver.log" versions 3 size 5m; severity dynamic; print-time yes; }; channel xfer-in_file { file "/var/log/named/xfer-in.log" versions 3 size 5m; severity dynamic; print-time yes; }; channel xfer-out_file { file "/var/log/named/xfer-out.log" versions 3 size 5m; severity dynamic; print-time yes; }; channel notify_file { file "/var/log/named/notify.log" versions 3 size 5m; severity dynamic; print-time yes; }; channel client_file { file "/var/log/named/client.log" versions 3 size 5m; severity dynamic; print-time yes; }; channel unmatched_file { file "/var/log/named/unmatched.log" versions 3 size 5m; severity dynamic; print-time yes; }; channel queries_file { file "/var/log/named/queries.log" versions 3 size 5m; severity dynamic; print-time yes; }; channel network_file { file "/var/log/named/network.log" versions 3 size 5m; severity dynamic; print-time yes; }; channel update_file { file "/var/log/named/update.log" versions 3 size 5m; severity dynamic; print-time yes; }; channel dispatch_file { file "/var/log/named/dispatch.log" versions 3 size 5m; severity dynamic; print-time yes; }; channel dnssec_file { file "/var/log/named/dnssec.log" versions 3 size 5m; severity dynamic; print-time yes; }; channel lame-servers_file { file "/var/log/named/lame-servers.log" versions 3 size 5m; severity dynamic; print-time yes; }; category default { default_file; }; category general { general_file; }; category database { database_file; }; category security { security_file; }; category config { config_file; }; category resolver { resolver_file; }; category xfer-in { xfer-in_file; }; category xfer-out { xfer-out_file; }; category notify { notify_file; }; category client { client_file; }; category unmatched { unmatched_file; }; category queries { queries_file; }; category network { network_file; }; category update { update_file; }; category dispatch { dispatch_file; }; category dnssec { dnssec_file; }; category lame-servers { lame-servers_file; }; }; </cli> * 建立 named 的 log 路徑<cli> mkdir /var/log/named chown -R named:named /var/log/named </cli> * 重新啟動 named <cli> rc-service named restart </cli> * 在 /var/log/named 內就可以看到產生上面定義的 log 檔案, 主要的查詢紀錄會出現在 /var/log/named/queries.log 內 ===== 參考網址 ===== * https://www.hiroom2.com/2017/08/22/alpinelinux-3-6-bind-en/ * https://www.linuxquestions.org/questions/linux-server-73/bind-dns-server-reports-wrong-memory-size-when-run-in-chroot-environment-4175616253/ * https://stackoverflow.com/questions/11153958/how-to-enable-named-bind-dns-full-logging {{tag>alpine bind named dns}} tech/alpine_bind.txt 上一次變更: 2022/01/30 16:50由 jonathan