Linux
CentOS 7 (1503) - BIND9 新安裝不響應外部 DNS 請求
我試圖建立一個權威的 BIND 伺服器,每次我在 CentOS 上遇到同樣的問題。我可以在本地為伺服器上的區域執行 dig 命令,但是當我
nslookup - serverip
從 cmd.exe 執行時,我沒有得到任何響應。伺服器上的防火牆是打開的,並且 bind 沒有顯示 in
/var/log/messeges
或 in/var/named/data/named.run
這是我的 /etc/named.conf
options { listen-on port 53 { 127.0.0.1; 172.16.100.1; 1.1.1.1; }; //listen-on-v6 port 53 { ::1; }; directory "/var/named"; dump-file "/var/named/data/cache_dump.db"; statistics-file "/var/named/data/named_stats.txt"; memstatistics-file "/var/named/data/named_mem_stats.txt"; allow-query { any; }; allow-transfer { localhost; 172.16.100.67; }; recursion no; dnssec-enable yes; dnssec-validation yes; dnssec-lookaside auto; /* Path to ISC DLV key */ bindkeys-file "/etc/named.iscdlv.key"; managed-keys-directory "/var/named/dynamic"; pid-file "/run/named/named.pid"; session-keyfile "/run/named/session.key"; }; logging { channel default_debug { file "data/named.run"; severity dynamic; }; }; zone "." IN { type hint; file "named.ca"; }; include "/etc/named/zones.conf"; include "/etc/named.rfc1912.zones"; include "/etc/named.root.key";
我已重新啟動並禁用 SELinux 以消除它。我已經檢查了正確的防火牆設置。
named-checkconf /etc/named.conf
顯示沒有錯誤並且服務啟動成功,我可以ping伺服器。提前致謝!
當您對此進行測試時,您會將查詢發送到
172.16.100.66
.您
named.config
指定以下地址:listen-on port 53 { 127.0.0.1; 172.16.100.67; 100.111.100.121; };
即,我希望這
named
不會監聽您將查詢發送到的地址。