DNS(bind9)配置后报错,帮分析分析
----------------------------
环境:
192.168.1.32是DNS虚拟机
192.168.1.100是测试虚拟机
RHEL5:2.6.18-164.el5 x86_64
BIND:BIND 9.7.3-RedHat-9.7.3-1.el5
----------------------------
#/usr/sbin/named -gc /etc/named.conf &
。。。
26-May-2011 17:43:57.673 command channel listening on 127.0.0.1#953
26-May-2011 17:43:57.675 command channel listening on ::1#953
26-May-2011 17:43:57.675 ignoring config file logging statement due to -g option
26-May-2011 17:43:57.677 zone 0.0.127.in-addr.arpa/IN: loaded serial 1
26-May-2011 17:43:57.678 zone 1.168.192.in-addr.arpa/IN: loaded serial 2
26-May-2011 17:43:57.680 zone abc.com/IN: loaded serial 2
26-May-2011 17:43:57.681 managed-keys-zone ./IN: loaded serial 1
26-May-2011 17:43:57.682 running
测试机器DNS指向这台机器,报如下错。
26-May-2011 17:44:20.841 client 192.168.1.100#53354: query 'www.abc.com/A/IN' denied
26-May-2011 17:44:42.879 client 192.168.1.100#53355: query '32.1.168.192.in-addr.arpa/PTR/IN' denied
发现在DNS服务器上,检查
[root@rac2 named]# nslookup www.abc.com
Server: 127.0.0.1
Address: 127.0.0.1#53
Name: www.abc.com
Address: 192.168.1.100
=======================================
配置文件:
name.conf
其中abc.com的域配置文件:
烦请各位高手帮忙分析分析,感谢!
环境:
192.168.1.32是DNS虚拟机
192.168.1.100是测试虚拟机
RHEL5:2.6.18-164.el5 x86_64
BIND:BIND 9.7.3-RedHat-9.7.3-1.el5
----------------------------
#/usr/sbin/named -gc /etc/named.conf &
。。。
26-May-2011 17:43:57.673 command channel listening on 127.0.0.1#953
26-May-2011 17:43:57.675 command channel listening on ::1#953
26-May-2011 17:43:57.675 ignoring config file logging statement due to -g option
26-May-2011 17:43:57.677 zone 0.0.127.in-addr.arpa/IN: loaded serial 1
26-May-2011 17:43:57.678 zone 1.168.192.in-addr.arpa/IN: loaded serial 2
26-May-2011 17:43:57.680 zone abc.com/IN: loaded serial 2
26-May-2011 17:43:57.681 managed-keys-zone ./IN: loaded serial 1
26-May-2011 17:43:57.682 running
测试机器DNS指向这台机器,报如下错。
26-May-2011 17:44:20.841 client 192.168.1.100#53354: query 'www.abc.com/A/IN' denied
26-May-2011 17:44:42.879 client 192.168.1.100#53355: query '32.1.168.192.in-addr.arpa/PTR/IN' denied
发现在DNS服务器上,检查
[root@rac2 named]# nslookup www.abc.com
Server: 127.0.0.1
Address: 127.0.0.1#53
Name: www.abc.com
Address: 192.168.1.100
=======================================
配置文件:
name.conf
options {
# listen-on port 53 { 192.168.1.32; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { localhost; };
recursion yes;
dnssec-enable yes;
dnssec-validation yes;
dnssec-lookaside auto;
/* Path to ISC DLV key */
bindkeys-file "/etc/named.iscdlv.key";
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
zone "." {
type hint;
file "named.ca";
};
zone "0.0.127.in-addr.arpa" {
type master;
file "named.local";
};
zone "abc.com" {
type master;
file "abc.com.dns";
};
zone "1.168.192.in-addr.arpa" {
type master;
file "abc.com.rev";
};
其中abc.com的域配置文件:
$TTL 86400
$ORIGIN abc.com.
@ IN SOA abc.com. root.abc.com. (
2 ; serial
120 ; refresh
14400 ; retry
3600000 ; expiry
86400 ;
)
IN NS ns1.abc.com.
ns1 IN A 192.168.1.32
master IN A 192.168.1.32
www IN A 192.168.1.100
烦请各位高手帮忙分析分析,感谢!
8同行回答
学习学习收起
浏览1278
感谢wjlcn
-----------
C:\Users\Yang>nslookup master.abc.com
Server: UnKnown
Address: 192.168.1.32
Name: master.abc.com
Address: 192.168.1.32
C:\Users\Yang>nslookup www.abc.com
Server: UnKnown
Address: 192.168.1.32
Name: www.abc.com
Address: 192.168.1.100收起
-----------
C:\Users\Yang>nslookup master.abc.com
Server: UnKnown
Address: 192.168.1.32
Name: master.abc.com
Address: 192.168.1.32
C:\Users\Yang>nslookup www.abc.com
Server: UnKnown
Address: 192.168.1.32
Name: www.abc.com
Address: 192.168.1.100收起
浏览1285
兄弟把name.conf options中 “allow-query { localhost; };”allow-query { any;};再有问题,可以 ...wjlcn 发表于 2011-5-26 18:01
非常非常感谢,一句话就解决了:handshake我到处找在哪apply了,谢谢了!...兄弟
把name.conf options中 “allow-query { localhost; };”
allow-query { any;};
再有问题,可以 ...
wjlcn 发表于 2011-5-26 18:01
非常非常感谢,一句话就解决了:handshake
我到处找在哪apply了,谢谢了!收起
浏览1287
浏览1325