Domain-Name-System
綁定 DNS 配置,dig 命令不解析名稱
我正在使用帶有綁定 9 的 Fedora 17。
我嘗試為網路手動配置 DNS,編輯 /etc/named.conf:
options { listen-on port 53 { localhost; }; listen-on-v6 port 53 { ::1; }; directory "/var/named"; dump-file "/var/named/data/cache_dump.db"; statistics-file "/var/named/data/named_stats.txt"; memstatistics-file "/var/named/data/named_mem_stats.txt"; allow-query { any;}; recursion yes; dnssec-enable yes; dnssec-validation yes; dnssec-lookaside auto; /* Path to ISC DLV key */ bindkeys-file "/etc/named.iscdlv.key"; managed-keys-directory "/var/named/dynamic"; }; logging { channel default_debug { file "data/named.run"; severity dynamic; }; }; zone "." IN {//Per tutte le zone di cui non è autoritario; type hint; file "named.ca"; }; zone "gruppo13.labreti.it" { type master; file "gruppo13.labreti.it.zone"; }; zone "13.168.192.in-addr.arpa" IN { type master; file "gruppo13.labreti.it.reverse.zone"; } include "/etc/named.rfc1912.zones"; include "/etc/named.root.key";
PS:在原始文件中有更多的表格,我只是將其編輯為將其格式化為程式碼。如果我使用 named-checkconf 查找語法錯誤,它會說一切正常。
這是 gruppo13.labreti.it.zone:
$TTL 48h @ IN SOA gruppo13.labreti.it. master.gruppo13.labreti.it. ( 2013032511 1d 2h 4w 1h ) IN NS dns MX 1 mail localhost A 127.0.0.1 gruppo13.labreti.it. A 192.168.13.1 AAAA 2000:0::d:1 dns A 192.168.13.2 AAAA 2000:0::d:2 www A 192.168.13.8 AAAA 2000:0::d:8 ftp CNAME gruppo13.labreti.it. mail A 192.168.13.3 AAAA 2000:0::d:3
PS:此文件和以下文件同樣有效。
這是 gruppo13.labreti.it.reverse.zone:
$TTL 48h @ IN SOA gruppo13.labreti.it. master.gruppo13.labreti.it. ( 2013032511 1d 2h 4w 1h ) NS gruppo13.labreti.it. 2 PTR dns 8 PTR www 3 PTR mail
我使用以下命令命名開始:
$ sudo systemctl start named.service
然後我輸入這個命令:
$ sudo ifconfig eth0 192.168.13.100 netmask 255.255.255.0 broadcast 192.168.13.255
在此之後,我以 DNS 具有地址 192.168.13.100 的方式編輯 resolv.conf。
但是,如果我執行 dig:
$ dig gruppo13.labreti.it
我沒有得到答案,這是日誌:
; <<>> DiG 9.9.2-rl.028.23-P1-RedHat-9.9.2-5.P1.fc17 <<>> gruppo13.labreti.it ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 58814 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ;; QUESTION SECTION: ;gruppo13.labreti.it. IN A ;; Query time: 13 msec ;; SERVER: 192.168.13.100#53(192.168.13.100) ;; WHEN: Mon Mar 25 23:31:28 2013 ;; MSG SIZE rcvd: 48
如果按此順序執行此操作,則需要在開始偵聽此 IP 之前重新載入綁定。您可以通過以下方式檢查 bind 正在偵聽的位置:
netstat -an | grep :53
(對於普通查詢,udp 很有趣,像這樣:
udp 0 0 127.0.0.2:53 0.0.0.0:* udp 0 0 127.0.0.1:53 0.0.0.0:*
)