DNS的第二個域名無法解析
在部門新搭建了一個DNS 伺服器,伺服器里有兩個域名,一個www.syvecertificate.net,一個www.mutliIP.net。
第一個域名工作正常,我嘗試添加了第二個域名www.mutliIP.net后,第一個工作是正常的,但是新加的www.mutliIP.net這個域名。
用nslookup命令查看第二個域名時,老是報no servers could be reached
# nslookup www.mutliIP.net
;; Got SERVFAIL reply from 127.0.0.1, trying next server
;; connection timed out; no servers could be reached
第二個域名反向IP到域名的解析輸出如下:
# nslookup 10.68.143.154
;; Got SERVFAIL reply from 127.0.0.1, trying next server
;; Got SERVFAIL reply from 127.0.0.1, trying next server
Server: ::1
Address: ::1#53
** server can't find 154.143.68.10.in-addr.arpa: SERVFAIL
第二個域名正向域名到IP的解析輸出如下:
# nslookup www.mutliIP.net
;; Got SERVFAIL reply from 127.0.0.1, trying next server
;; connection timed out; no servers could be reached
第一個域名的nslookup輸出如下:
# nslookup 10.68.179.154
Server: 127.0.0.1
Address: 127.0.0.1#53
154.179.68.10.in-addr.arpa name = www.syvecertificate.net.
# nslookup www.syvecertificate.net
Server: 127.0.0.1
Address: 127.0.0.1#53
Name: www.syvecertificate.net
Address: 10.68.179.154
Name: www.syvecertificate.net
Address: 10.68.179.15
麻煩各位大俠幫忙查看下什麼原因。具體的配置文件列出如下
name.conf文件的配置如下//
options {
listen-on port 53 { any; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
// Those options should be used carefully because they disable port
// randomization
// query-source port 53;
// query-source-v6 port 53;
allow-query { any; };
allow-query-cache { any; };
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
view localhost_resolver {
match-clients { any; };
match-destinations { any; };
recursion yes;
include "/etc/named.rfc1912.zones";
};
named.rfc1912.zones 文件的配置如下:
zone "." IN {
type hint;
file "named.ca";
};
zone "syvecertificate.net" IN {
type master;
file "syvecertificate.net.zone";
allow-update { none; };
};
zone "179.68.10.in-addr.arpa" IN {
type master;
file "179.68.10.in-addr.local";
allow-update { none; };
};
zone "mutliIP.net" IN {
type master;
file "mutliIP.net.zone";
allow-update { none; };
};
zone "143.68.10.in-addr.arpa" IN {
type master;
file "143.68.10.in-addr.local";
allow-update { none; };
};
syvecertificate.net.zone 配置文件如下:
$TTL 86400
@ IN SOA localhost root (
42 ; serial (d. adams)
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum
IN NS syvecertificate.net
www IN A 10.68.179.154
www IN A 10.68.179.15
179.68.10.in-addr.local 的配置文件如下:
$TTL 86400
@ IN SOA localhost. root.localhost. (
1997022700 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS syvecertificate.net.
154 IN PTR www.syvecertificate.net.
mutliIP.net.zone的配置文件如下:
$TTL 86400
@ IN SOA localhost root (
43 ; serial (d. adams)
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum
IN NS mutliIP.net.
www IN A 10.68.143.154
www IN A 10.68.143.156
143.68.10.in-addr.local 的配置文件如下:
$TTL 86400
@ IN SOA localhost. root.localhost. (
2013022700 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS mutliIP.net.
144 IN PTR www.mutliIP.net.
《解決方案》
有沒有大俠幫忙看下,對這塊也是新手,不是很清楚哪裡配置有問題
《解決方案》
你的配置裡面沒有域的ns記錄的A記錄,修改下配置,將mutliIP.net.解析下
《解決方案》
回復 3# chenyx
謝謝版主回復,後面我加了DNS 的log列印以後,找到原因了。
配置沒有問題,就是文件的操作許可權有問題。
第二個域的文件操作許可權都是root/root,所以DNS 進程訪問不了
《解決方案》
謝謝樓上分享哦,dns確實接觸得很少