运维开发网

域名系统 – CentOS BIND DNS疑难解答?

运维开发网 https://www.qedev.com 2020-05-08 15:44 出处:网络 作者:运维开发网整理
我正在尝试为小型本地网络设置我的第一个BIND9 DNS服务器,但似乎无法使其正常工作.我想创建一个max.app的“本地”域
我正在尝试为小型本地网络设置我的第一个BIND9 DNS服务器,但似乎无法使其正常工作.我想创建一个max.app的“本地”域

据我所知,命名是运行,但它似乎没有提供我的域记录?

service named start

返回OK,恶魔正在启动时运行.

如果我尝试ping mac1,我会得到:未知主机mac1

如果我尝试ping mac1.max.app我得到:未知主机mac1

当我尝试nslookup时,我得到:

nslookup max.app
Server: 8.8.8.8
Address:    8.8.8.8#53

Non-authoritative answer:
Name:   max.app
Address: 67.192.47.244

正如您所看到的,我不是从本地绑定服务提供记录(192.168.100.10)

我的/etc/resolv.conf文件如下所示:

# Generated by NetworkManager
search max.app
nameserver 192.168.100.10
nameserver 8.8.8.8
nameserver 8.8.4.4

我的/etc/named.conf文件如下所示:

acl local-network { 192.168.100.0/24;  }; 

options {
    listen-on port 53 { 127.0.0.1; 192.168.100.10; };
    listen-on-v6 port 53 { ::1; };
    directory   "/var/named";
    dump-file   "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
        memstatistics-file "/var/named/data/named_mem_stats.txt";
    allow-query     { local-network;  };
    recursion yes;

    query-source address * port 53;

    dnssec-enable yes;
    dnssec-validation yes;
    dnssec-lookaside auto;

    /* Path to ISC DLV key */
    bindkeys-file "/etc/named.iscdlv.key";
};


logging {
        channel default_debug {
                file "data/named.run";
                severity dynamic;
        };
};


zone "max.app" IN {   
    type master;   
    file "max.app.zone";   
    allow-update { none; }; 
};

zone "100.168.192.in-addr.arpa" IN {
    type master;   
    file "max.app.rr.zone";   
    allow-update { none; }; 
};

我的/var/named/max.app.zone文件如下所示:

$ORIGIN max.app. 
$TTL 86400 
@   IN  SOA dns1.max.app.   email.gmail.com. (
            2001062501 ; serial                     
            21600      ; refresh after 6 hours                     
            3600       ; retry after 1 hour                     
            604800     ; expire after 1 week                     
            86400 )    ; minimum TTL of 1 day  


    IN  NS  dns1.max.app.   

dns1    IN  A   192.168.100.10
CentOS1 IN  A   192.168.100.15
CentOS2 IN  A   192.168.100.25

mac1    IN  A   192.168.100.50
mac2    IN  A   192.168.100.55
mac3    IN  A   192.168.100.60

www     IN  CNAME   CentOS1

我的/var/named/max.app.rr.zone文件如下所示:

$ORIGIN 100.168.192.in-addr.arpa. 
$TTL 86400 
@   IN  SOA dns1.max.app.   email.gmail.com. (
            2001062501 ; serial                     
            21600      ; refresh after 6 hours                     
            3600       ; retry after 1 hour                     
            604800     ; expire after 1 week                     
            86400 )    ; minimum TTL of 1 day           

    IN  NS  dns1.max.app.

10  IN  PTR dns1.max.app.
15  IN  PTR CentOS1.max.app.
20  IN  PTR CentOS2.max.app.

50  IN  PTR mac1.max.app.
55  IN  PTR mac1.max.app.
60  IN  PTR mac1.max.app.

服务命名状态返回:

version: 9.7.0-P2-RedHat-9.7.0-5.P2.el6_0.1
CPUs found: 2
worker threads: 2
number of zones: 15
debug level: 0
xfers running: 0
xfers deferred: 0
soa queries in progress: 0
query logging is OFF
recursive clients: 0/0/1000
tcp clients: 0/100
server is up and running
named (pid  1121) is running.

这个“区数:15”似乎有点奇怪?当我在named.conf中只定义了1个区域时

更新7月14日下午5:45 CST

好的,我已经按照下面的建议,但似乎仍然没有工作.

添加到/ etc / sysconfig / iptables

-A RH-Firewall-1-INPUT -p udp -m udp --dport 53 -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m tcp --dport 53 -j ACCEPT

挖掘@ 192.168.100.10 mac1.max.app a返回:

; <<>> DiG 9.6.0-APPLE-P2 <<>> @192.168.100.10 mac1.max.app a
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 48036
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1

;; QUESTION SECTION:
;mac1.max.app.      IN  A

;; ANSWER SECTION:
mac1.max.app.   86400   IN  A   192.168.100.15

;; AUTHORITY SECTION:
max.app.        86400   IN  NS  dns1.max.app.

;; ADDITIONAL SECTION:
dns1.max.app.       86400   IN  A   192.168.100.10

;; Query time: 8 msec
;; SERVER: 192.168.100.10#53(192.168.100.10)
;; WHEN: Thu Jul 14 17:30:53 2011
;; MSG SIZE  rcvd: 85

dig @ 192.168.100.10 mac1.max.app ns返回

; <<>> DiG 9.6.0-APPLE-P2 <<>> @192.168.100.10 mac1.max.app ns ; (1

server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<-

opcode: QUERY, status: NOERROR, id: 28099 ;; flags: qr aa rd ra;

QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION: ;mac1.max.app. IN NS

;; AUTHORITY SECTION: max.app. 86400 IN SOA dns1.max.app.

email.gmail.com. 2001062501 21600 3600 604800 86400

;; Query time: 8 msec ;; SERVER: 192.168.100.10#53(192.168.100.10) ;;

WHEN: Thu Jul 14 17:18:23 2011 ;; MSG SIZE rcvd: 94

nslookup显示named在端口53上列出

tcp   0   0 dns1:53                    *:*   LISTEN   2880/named
tcp   0   0 localhost.localdomain:53   *:*   LISTEN   2880/named
一些建议:

从resolv.conf中删除两个google名称服务器.您的名称服务器失败,但您没有获得太多有用的信息,因为nslookup正在进入下一个名称服务器.

如果是nslookup,请使用dig. dig的状态响应有助于排除故障.

dig @192.168.100.10 mac1.max.app. a
dig @192.168.100.10 max.app. ns

确保检查日志以查看您的区域是否实际正在加载.

检查netstat以确保named正在侦听相应接口的端口53.

0

精彩评论

暂无评论...
验证码 换一张
取 消