Nic*_*day 5 domain-name-system bind centos
我正在尝试为小型本地网络设置我的第一个 BIND9 DNS 服务器,但似乎无法正常工作。我想创建一个 max.app 的“本地”域
据我所知,named 正在运行,但它似乎没有为我的域记录提供服务?
service named start
返回 OK,启动时恶魔正在运行。
如果我尝试 ping mac1,我会得到:unknown host mac1
如果我尝试 ping mac1.max.app 我得到:unknown host mac1
当我尝试 nslookup 时,我得到:
nslookup max.app
Server: 8.8.8.8
Address: 8.8.8.8#53
Non-authoritative answer:
Name: max.app
Address: 67.192.47.244
如您所见,我没有从本地绑定服务 (192.168.100.10) 提供记录
我的 /etc/resolv.conf 文件如下所示:
# Generated by NetworkManager
search max.app
nameserver 192.168.100.10
nameserver 8.8.8.8
nameserver 8.8.4.4
我的 /etc/named.conf 文件如下所示:
acl local-network { 192.168.100.0/24; };
options {
listen-on port 53 { 127.0.0.1; 192.168.100.10; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { local-network; };
recursion yes;
query-source address * port 53;
dnssec-enable yes;
dnssec-validation yes;
dnssec-lookaside auto;
/* Path to ISC DLV key */
bindkeys-file "/etc/named.iscdlv.key";
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
zone "max.app" IN {
type master;
file "max.app.zone";
allow-update { none; };
};
zone "100.168.192.in-addr.arpa" IN {
type master;
file "max.app.rr.zone";
allow-update { none; };
};
我的 /var/named/max.app.zone 文件如下所示:
$ORIGIN max.app.
$TTL 86400
@ IN SOA dns1.max.app. email.gmail.com. (
2001062501 ; serial
21600 ; refresh after 6 hours
3600 ; retry after 1 hour
604800 ; expire after 1 week
86400 ) ; minimum TTL of 1 day
IN NS dns1.max.app.
dns1 IN A 192.168.100.10
CentOS1 IN A 192.168.100.15
CentOS2 IN A 192.168.100.25
mac1 IN A 192.168.100.50
mac2 IN A 192.168.100.55
mac3 IN A 192.168.100.60
www IN CNAME CentOS1
我的 /var/named/max.app.rr.zone 文件如下所示:
$ORIGIN 100.168.192.in-addr.arpa.
$TTL 86400
@ IN SOA dns1.max.app. email.gmail.com. (
2001062501 ; serial
21600 ; refresh after 6 hours
3600 ; retry after 1 hour
604800 ; expire after 1 week
86400 ) ; minimum TTL of 1 day
IN NS dns1.max.app.
10 IN PTR dns1.max.app.
15 IN PTR CentOS1.max.app.
20 IN PTR CentOS2.max.app.
50 IN PTR mac1.max.app.
55 IN PTR mac1.max.app.
60 IN PTR mac1.max.app.
名为 status 的服务返回:
version: 9.7.0-P2-RedHat-9.7.0-5.P2.el6_0.1
CPUs found: 2
worker threads: 2
number of zones: 15
debug level: 0
xfers running: 0
xfers deferred: 0
soa queries in progress: 0
query logging is OFF
recursive clients: 0/0/1000
tcp clients: 0/100
server is up and running
named (pid 1121) is running.
这个“区域数量:15”似乎有点奇怪?当我在 named.conf 中只定义了 1 个区域时
更新 7/14 下午 5:45 CST
好的,我已遵循以下建议,但似乎仍然无法正常工作。
添加到 /etc/sysconfig/iptables
-A RH-Firewall-1-INPUT -p udp -m udp --dport 53 -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m tcp --dport 53 -j ACCEPT
dig @192.168.100.10 mac1.max.app a返回:
; <<>> DiG 9.6.0-APPLE-P2 <<>> @192.168.100.10 mac1.max.app a
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 48036
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1
;; QUESTION SECTION:
;mac1.max.app. IN A
;; ANSWER SECTION:
mac1.max.app. 86400 IN A 192.168.100.15
;; AUTHORITY SECTION:
max.app. 86400 IN NS dns1.max.app.
;; ADDITIONAL SECTION:
dns1.max.app. 86400 IN A 192.168.100.10
;; Query time: 8 msec
;; SERVER: 192.168.100.10#53(192.168.100.10)
;; WHEN: Thu Jul 14 17:30:53 2011
;; MSG SIZE rcvd: 85
挖@192.168.100.10 mac1.max.app ns 返回
; <<>> DiG 9.6.0-APPLE-P2 <<>> @192.168.100.10 mac1.max.app ns ;(找到 1 个服务器);; 全局选项:+cmd ;; 得到答案:;; ->>HEADER<<- 操作码:查询,状态:NOERROR,ID:28099 ;; 标志:qr aa rd ra;查询:1,答案:0,权威:1,附加:0
;; 问题部分:;mac1.max.app。国家安全局
;; 授权部分:max.app。86400 在 SOA 中 dns1.max.app。email.gmail.com。2001062501 21600 3600 604800 86400
;; 查询时间:8毫秒;;服务器:192.168.100.10#53(192.168.100.10);; 时间:2011 年 7 月 14 日星期四 17:18:23 ;; 味精大小接收:94
nslookup 显示 named 在端口 53 上列出
tcp 0 0 dns1:53 *:* LISTEN 2880/named
tcp 0 0 localhost.localdomain:53 *:* LISTEN 2880/named
| 归档时间: |
|
| 查看次数: |
7436 次 |
| 最近记录: |