В 10 версии bind по умолчанию убран из системы.
Поищем в портах что там есть
cd /usr/ports
make search name=bind
Эта команда вывела слишком много текста, так что урежем
make search name=bind | grep dns
Path: /usr/ports/dns/bind-tools
Path: /usr/ports/dns/bind10
Path: /usr/ports/dns/bind910
Path: /usr/ports/dns/bind99
Path: /usr/ports/dns/bindgraph
Path: /usr/ports/dns/libbind
Path: /usr/ports/dns/p5-BIND-Conf_Parser
Path: /usr/ports/dns/p5-BIND-Config-Parser
Port: dns/bind9-dlz
Moved: dns/bind94
Port: dns/bind9
Reason: EOL - Update to dns/bind97 or dns/bind96
Port: dns/bind95
Reason: Entered EOL 2010-09 - Update to dns/bind97 or dns/bind96
Port: dns/bind94
Reason: EOL - Update to dns/bind97 or dns/bind96
Port: dns/bind94-geoip
Port: dns/bind9-sdb-ldap
Port: dns/bind9-sdb-postgresql
Port: dns/bind97
Port: dns/bind97-sdb
Port: dns/bind96
Port: dns/bind98
Moved: dns/bind99
На сайте https://www.isc.org/downloads/ посмотрим последнюю стабильную версию.
На момент написания она была 9.10.3. - её и будем ставить.
cd /usr/ports/dns/bind910/
make config-recursive && make checksum-recursive
make install clean
* BIND requires configuration of rndc, including a "secret" key. *
* The easiest, and most secure way to configure rndc is to run *
* 'rndc-confgen -a' to generate the proper conf file, with a new *
* random key, and appropriate file permissions. *
* *
* The /usr/local/etc/rc.d/named script will do that for you.
Добавляем в /etc/rc.conf строки:
named_enable="YES"
named_chrootdir="/var/named" # chroot директория.
named_chroot_autoupdate="YES" # автообновление или создание chroot структуры
named_symlink_enable="YES"
Пробуем запустить named:
[root@gw-05-10-2015 /usr/local/etc/rc.d]# /usr/local/etc/rc.d/named restart
named not running? (check /var/run/named/pid).
/usr/local/etc/rc.d/named: WARNING: /var/named is not a directory. # ошибочка!!! нужно создать директорию
/usr/local/etc/rc.d/named: WARNING: failed precmd routine for named
[root@gw-05-10-2015 /usr/local/etc/rc.d]# mkdir -p /var/named
[root@gw-05-10-2015 /usr/local/etc/rc.d]# /usr/local/etc/rc.d/named restart
named not running? (check /var/run/named/pid).
/usr/local/etc/rc.d/named: WARNING: named chroot: Moving current configuration in the chroot!
./dev missing (created)
./etc missing (created)
./var missing (created)
./var/dump missing (created)
./var/log missing (created)
./var/run missing (created)
./var/run/named missing (created)
./var/stats missing (created)
etc/namedb/dynamic:
gid (0, 53, modified)
etc/namedb/slave:
gid (0, 53, modified)
etc/namedb/working:
gid (0, 53, modified)
Starting named.
Структура создалась при помощи файла /usr/local/etc/mtree/BIND.chroot.dist
После этого мне пришлось перезапустить named ещё раз, перед этим убив процесс.
[root@gw-05-10-2015 /etc]# ps ax | grep nam
14344 - Ss 0:00.15 /usr/local/sbin/named -t /var/named -u bind -c /usr/local/etc/namedb/named.conf
14347 1 S+ 0:00.00 grep nam
[root@gw-05-10-2015 /etc]# kill 14344
[root@gw-05-10-2015 /usr/local/etc/rc.d]# /usr/local/etc/rc.d/named restart
Генерируем ключ для динамического обновления зон DHCP сервером:
/usr/local/etc/namedb]# rndc-confgen -A hmac-sha512 -b 512 -k DHCP_UPDATER -c dhcp.key -a
wrote key file "dhcp.key"
