Bind
Centos BIND 伺服器:無法啟動命名守護程序
我已經安裝了一個新的 Centos 伺服器並安裝了 bind 和 bind-utils 到它。的內容
/etc/named.conf
是:# create new options { directory "/var/named"; allow-query { localhost; 10.1.2.0/24; }; allow-transfer { localhost; 10.1.2.0/24; }; recursion yes; }; controls { inet 127.0.0.1 allow { localhost; } keys { rndckey; }; }; view "internal" { match-clients { localhost; 10.1.2.0/24; }; zone "." IN { type hint; file "named.ca"; }; zone "amadeus.netvision" IN { type master; file "amadeus.netvision.lan"; allow-update { none; }; }; zone "0.0.10.in-addr.arpa" IN { type master; file "0.0.10.db"; allow-update { none; }; }; zone "localdomain" IN { type master; file "localdomain.zone"; allow-update { none; }; }; zone "localhost" IN { type master; file "localhost.zone"; allow-update { none; }; }; zone "0.0.127.in-addr.arpa" IN { type master; file "named.local"; allow-update { none; }; }; zone "255.in-addr.arpa" IN { type master; file "named.broadcast"; allow-update { none; }; }; zone "0.in-addr.arpa" IN { type master; file "named.zero"; allow-update { none; }; }; }; view "external" { match-clients { any; }; allow-query { any; }; recursion no; zone "amadeus.netvision" IN { type master; file "amadeus.netvision.wan"; allow-update { none; }; }; }; include "/etc/rndc.key"; # allow-query ⇒ query range you permit # allow-transfer ⇒ the range you permit to transfer zone info # recursion ⇒ allow or not to search recursively # view "internal" { *** }; ⇒ write for internal definition # view "external" { *** }; ⇒ write for external definition # For How to write for reverse resolving, Write network address reversely like below. # 10.1.2.0/24 # network address⇒ 10.1.2.0 # range of network⇒ 10.1.2.0 - 10.0.0.255 # how to write⇒ 0.0.10.in-addr.arpa # 172.16.0.80/29 # network address⇒ 172.16.0.80 # range of network⇒ 172.16.0.80 - 172.16.0.87 # how to write⇒ 80.0.16.172.in-addr.arpa
當我嘗試啟動 named 守護程序時,出現以下錯誤:
[root@srv ~]# service named restart Stopping named: [ OK ] Starting named: Error in named configuration: /etc/named.conf:9: unknown key 'rndckey' [FAILED] [root@srv ~]#
我不明白我做錯了什麼,我使用下一個命令創建了 rndc.key:
rndc-confgen -a -c /etc/rndc.key
它創建了密鑰,但我仍然得到同樣的錯誤。該文件存在於正確的路徑中:/etc/rndc.key
並且它包含在/etc/named.conf
文件中。
檢查文件
/etc/rndc.key
,看看哪個是密鑰的名稱。例如:key "rndc-key" {
該名稱應在
named.conf
keys { rndc-key; };
我剛剛經歷了上述症狀。
雖然我的情況略有不同,這不是上述問題的確切答案,但希望這可以幫助某人……
就我而言,我在選項塊中指定了不正確的鍵。
key語句必須在named.conf配置文件中的任何其他語句(如選項語句塊)之外定義。
即以下是不正確的:
options { ... include "/etc/rndc.key"; };
以下是正確的:
options { ... }; include "/etc/rndc.key";