fedora 9 DNS 問題
1# flyu1985
安裝包為
# rpm -qa | grep bind
bind-utils-9.5.0-29.b2.fc9.i386
samba-winbind-3.2.0-1.pre3.9.fc9.i386
bind-devel-9.5.0-29.b2.fc9.i386
rpcbind-0.1.4-14.fc9.i386
ypbind-1.20.4-4.fc9.i386
bind-libs-9.5.0-29.b2.fc9.i386
bind-9.5.0-29.b2.fc9.i386
bind-chroot-9.5.0-29.b2.fc9.i386
配置為:
vi /etc/named.conf
zone "0.0.127.in-addr.arpa" { //這是127.0.0.1與localhost的解析
type master;
file "named.127.0.0";
};
zone "dawntech.com.cn" IN { // 定義了dawntech.com.cn域,來實現我們上面 的三個解析
type master; //定義為master主域,表示由本伺服器來維護這個域?
file "named.dawntech.com.cn"; //定義該域的文件位置為/var/named/daw
};
zone "23.168.192.in-addr.arpa" { //定義反向域,實現上面的三個反向解析
type master; //定義為master域,由本機維護資料庫
file "named.192.168.23"; //該域的文件
};
vi /var/named/chroot/var/named/named.localhost
$TTL 600
@ IN SOA localhost. root.localhost. (
2006102001 ; serial
28800 ; refresh
14400 ; retry
720000 ; expire
86400 ) ; minimum
@ IN NS localhost.
localhost. IN A 127.0.0.1
vi /var/named/chroot/var/named/named.dawntech.com.cn
$TTL 600
@ IN SOA Lxrd.dawntech.com.cn. root.Lxrd ( 2006102001 28800 14400 720000 86400 )
@ IN NS Lxrd.dawntech.com.cn.
Lxrd IN A 192.168.23.250
@ IN MX 10 Lxrd
; 其他 RR 可以加入的地方
wins2003 IN A 192.168.23.197
反解:
vi /var/named/chroot/var/named/named.127.0.0
1 $TTL 600
@ IN SOA localhost. root.localhost. (
2006102001
28800
14400
720000
86400 )
; 本領域的 DNS 伺服器的主~YC名稱與 IP 的~LQ?
@ IN NS localhost.
1 IN PTR 127.0.0.1
vi /var/named/chroot/var/named/named.192.168.23
$TTL 600
@ IN SOA Lxrd.dawntech.com.cn. root.Lxrd.dawntech.com.cn. (
2006102001 28800 14400 720000 86400 )
; 本領域的 DNS 伺服器的主~YC名稱與 IP 的~LQ?
@ IN NS Lxrd.dawntech.com.cn.
254 IN PTR Lxrd.dawntech.com.cn.
100 IN PTR wins2003.dawntech.com.cn.
/etc/init.d/named start
tail -n 20 /var/log/messages | grep named
Nov 25 21:36:52 Lxrd named: automatic empty zone: 8.E.F.IP6.ARPA
Nov 25 21:36:52 Lxrd named: automatic empty zone: 9.E.F.IP6.ARPA
Nov 25 21:36:52 Lxrd named: automatic empty zone: A.E.F.IP6.ARPA
Nov 25 21:36:52 Lxrd named: automatic empty zone: B.E.F.IP6.ARPA
Nov 25 21:36:52 Lxrd named: default max-cache-size (33554432) applies: view _bind
Nov 25 21:36:52 Lxrd named: command channel listening on 127.0.0.1#953
Nov 25 21:36:52 Lxrd named: command channel listening on ::1#953
Nov 25 21:36:52 Lxrd named: zone 0.in-addr.arpa/IN: NS '0.in-addr.arpa' has no address records (A or AAAA)
Nov 25 21:36:52 Lxrd named: zone 0.in-addr.arpa/IN: loaded serial 0
Nov 25 21:36:52 Lxrd named: zone 0.0.127.in-addr.arpa/IN: loaded serial 2006102001
Nov 25 21:36:52 Lxrd named: zone 1.0.0.127.in-addr.arpa/IN: NS '1.0.0.127.in-addr.arpa' has no address records (A or AAAA)
Nov 25 21:36:52 Lxrd named: zone 1.0.0.127.in-addr.arpa/IN: loaded serial 0
Nov 25 21:36:52 Lxrd named: zone 23.168.192.in-addr.arpa/IN: loaded serial 2006102001
Nov 25 21:36:52 Lxrd named: zone 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN: NS '1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa' has no address records (A or AAAA)
Nov 25 21:36:52 Lxrd named: zone 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN: loaded serial 0
Nov 25 21:36:52 Lxrd named: zone dawntech.com.cn/IN: loaded serial 2006102001
Nov 25 21:36:52 Lxrd named: named.localhost:9: ignoring out-of-zone data (localhost)
Nov 25 21:36:52 Lxrd named: zone localhost.localdomain/IN: loaded serial 2006102001
Nov 25 21:36:52 Lxrd named: zone localhost/IN: loaded serial 2006102001
Nov 25 21:36:52 Lxrd named: running
這是整個過程,請大家幫忙看看,哪裡不對?謝謝
《解決方案》
大概看一眼沒發現什麼問題
command channel listening on 127.0.0.1#953
埠改了?
《解決方案》
回復 #2 7717060 的帖子
options {
16 listen-on port 53 { 127.0.0.1; };
17 listen-on-v6 port 53 { ::1; };
18 directory "/var/named";
19 dump-file "/var/named/data/cache_dump.db";
20 statistics-file "/var/named/data/named_stats.txt";
21 memstatistics-file "/var/named/data/named_mem_stats.txt";
22 allow-query { any; };
}
埠沒改啊
《解決方案》
listen-on port 53 { 127.0.0.1; };
這裡應該寫上網卡ip吧
《解決方案》
原帖由 flyu1985 於 2009-11-26 10:53 發表 http://linux.chinaunix.net/bbs/images/common/back.gif
options {
16 listen-on port 53 { 127.0.0.1; };
17 listen-on-v6 port 53 { ::1; };
18 directory "/var/named";
19 dump-file "/var/ ...
listen-on port 53 {any;};
listen-on-v6 port 53 {any;};
除非你打算之允許本地來解析。否則應該把埠客戶能訪問的地址上。
《解決方案》
回復 #5 blueswxs 的帖子
是打算做備份的DNS,如果伺服器解析不了,就本機解析,
# nslookup
>
>
>
> dawntech.com.cn
Server: 192.168.1.3
Address: 192.168.1.3#53
Name: dawntech.com.cn
Address: 192.168.1.3
Name: dawntech.com.cn
Address: 192.168.1.6
> rd.dawntech.com.cn
Server: 192.168.1.3
Address: 192.168.1.3#53
Name: rd.dawntech.com.cn
Address: 192.168.23.250
> jira.dawntech.com.cn
Server: 192.168.1.3
Address: 192.168.1.3#53
Name: jira.dawntech.com.cn
Address: 192.168.23.250
> wiki.dawntech.com.cn
Server: 192.168.1.3
Address: 192.168.1.3#53
Name: wiki.dawntech.com.cn
Address: 192.168.23.250
> 192.168.23.250
Server: 192.168.1.3
Address: 192.168.1.3#53
Non-authoritative answer:
*** Can't find 250.23.168.192.in-addr.arpa.: No answer
Authoritative answers can be found from:
168.192.in-addr.arpa
origin = localhost
mail addr = root.localhost
serial = 2009042201
refresh = 3600
retry = 1800
expire = 604800
minimum = 3600
> 192.168.1.3
Server: 192.168.1.3
Address: 192.168.1.3#53
** server can't find 3.1.168.192.in-addr.arpa.: NXDOMAIN
> 192.168.23.250
Server: 192.168.1.3
Address: 192.168.1.3#53
Non-authoritative answer:
*** Can't find 250.23.168.192.in-addr.arpa.: No answer
Authoritative answers can be found from:
168.192.in-addr.arpa
origin = localhost
mail addr = root.localhost
serial = 2009042201
refresh = 3600
retry = 1800
expire = 604800
minimum = 3600
> 192.168.23.250
Server: 192.168.1.3
Address: 192.168.1.3#53
Non-authoritative answer:
*** Can't find 250.23.168.192.in-addr.arpa.: No answer
《解決方案》
反向解析不行,怎麼弄?
《解決方案》
250.23.168.192反向解析寫全
《解決方案》
原帖由 flyu1985 於 2009-11-26 12:59 發表 http://linux.chinaunix.net/bbs/images/common/back.gif
反向解析不行,怎麼弄?
我看出一點問題,首先你解析是沒有問題。麻煩解答,才知道該怎麼辦:
1、你的DNS伺服器的IP地址是多少?
192.168.1.3
192.168.23.250
一個是nslookup所提示的IP,另一個是在zone文件中看到。
2、Lxrd.dawntech.com.cn.這個地址是否能解析得出來,
3、你的zone明確指出DNS是192.168.23.250
@ IN SOA Lxrd.dawntech.com.cn. root.Lxrd ( 2006102001 28800 14400 720000 86400 )
@ IN NS Lxrd.dawntech.com.cn.
Lxrd IN A 192.168.23.250
所以在nslookup中指定server 192.168.23.250,這樣先測試下。
4、這些是什麼伺服器
192.168.1.3
192.168.1.6
《解決方案》
回復 #9 blueswxs 的帖子
目的:做DNS備份,windows伺服器(主):192.168.1.3,192.168.1.6,Linux伺服器(從):192.168.23.250
當windows伺服器(主):192.168.1.3;192.168.1.6,不能解析,自動的讓Linux伺服器(從):192.168.23.250,解析。
2.> Lxrd.dawntech.com.cn
Server: 192.168.1.3
Address: 192.168.1.3#53
** server can't find Lxrd.dawntech.com.cn: NXDOMAIN
3.# nslookup
> server 192.168.23.250
Default server: 192.168.23.250
Address: 192.168.23.250#53
>