Linux

反向區域不適用於 BIND9

  • April 7, 2015

我正在嘗試使用 BIND9 服務在 UBUNTU 12.04 中配置 DNS 伺服器。我能夠成功配置相同的伺服器,並且當我執行 nslookup 命令時它執行良好。但是,主機命令似乎不起作用,這將執行反向地址區。

主機命令錯誤:

root@necacdnsone:/etc/bind/zones# 主機 10.222.190.54 主機 54.190.222.10.in-addr.arpa。未找到:3(NXDOMAIN)

成功的 NSLOOKUP 命令輸出:

nslookup necone.com
Server:         10.222.190.54
Address:        10.222.190.54#53

Name:   necone.com
Address: 10.222.190.54

配置文件具有如下所述的條目。請指導我修復反向地址​​區域問題。(主機命令)

命名.conf.local

//
// Do any local configuration here
//

// Consider adding the 1918 zones here, if they are not used in your
// organization
//include "/etc/bind/zones.rfc1918";
zone "necone.com" {
type master;
file "/etc/bind/zones/db.necone.com";
};
zone "190.222.10.in-addr.arpa" {
 type master;
 file "/etc/bind/zones/db.10";
};

db.10 文件

;
; BIND reverse data file for local loopback interface
;
$TTL    604800
@       IN      SOA     necacdnsone.necone.com. root.necone.com. (
                             1         ; Serial
                        604800         ; Refresh
                         86400         ; Retry
                       2419200         ; Expire
                        604800 )       ; Negative Cache TTL
;
       IN  NS  necacdnsone.
  1    IN  PTR gateway.necone.com.
  54   IN  PTR necacdnsone.necone.com.
  52   IN  PTR dhcpserver.necone.com.

db.necone.com

;
; BIND data file for local loopback interface
;
$TTL    604800
@       IN      SOA     necacdnsone.necone.com. root.necone.com. (
                             2         ; Serial
                        604800         ; Refresh
                         86400         ; Retry
                       2419200         ; Expire
                        604800 )       ; Negative Cache TTL
;
necone.com.      IN  NS  necacdnsone.necone.com.
necone.com.      IN  A   10.222.190.54
  ;@               IN  A   127.0.0.1
  ;@               IN  AAAA    ::1
necacdnsone       IN  A   10.222.190.54
gateway           IN  A   10.222.190.1
dhcpserver        IN  A   10.222.190.52
www       IN  CNAME   necone.com.

我認為在 named.conf.local 文件的某個地方我犯了一個錯誤。

系統日誌

tail -f /var/log/syslog
Apr  7 19:38:50 necacdnsone named[4507]: error (network unreachable) resolving '62.191.222.10.in-addr.arpa/PTR/IN': 2001:dc3::35#53
Apr  7 19:38:50 necacdnsone named[4507]: error (network unreachable) resolving '62.191.222.10.in-addr.arpa/PTR/IN': 2001:7fd::1#53
Apr  7 20:08:32 necacdnsone named[4507]: error (connection refused) resolving './DNSKEY/IN': 10.222.190.1#53
Apr  7 20:08:35 necacdnsone named[4507]: error (network unreachable) resolving './DNSKEY/IN': 2001:7fe::53#53
Apr  7 20:08:42 necacdnsone named[4507]: error (network unreachable) resolving './DNSKEY/IN': 2001:500:3::42#53
Apr  7 20:08:42 necacdnsone named[4507]: error (network unreachable) resolving './DNSKEY/IN': 2001:503:ba3e::2:30#53
Apr  7 20:08:42 necacdnsone named[4507]: error (network unreachable) resolving './DNSKEY/IN': 2001:500:2f::f#53
Apr  7 20:08:42 necacdnsone named[4507]: error (network unreachable) resolving './DNSKEY/IN': 2001:500:1::803f:235#53
Apr  7 20:08:42 necacdnsone named[4507]: managed-keys-zone ./IN: Unable to fetch DNSKEY set '.': timed out

錯誤的直接原因是db.10文件中的前導空格。正確的:

;
; BIND reverse data file for local loopback interface
;
$TTL    604800
@       IN      SOA     necacdnsone.necone.com. root.necone.com. (
                             1         ; Serial
                        604800         ; Refresh
                         86400         ; Retry
                       2419200         ; Expire
                        604800 )       ; Negative Cache TTL
;
       IN  NS  necacdnsone.
1    IN  PTR gateway.necone.com.
54   IN  PTR necacdnsone.necone.com.
52   IN  PTR dhcpserver.necone.com.

不正確:

;
       IN  NS  necacdnsone.
  1    IN  PTR gateway.necone.com.
  54   IN  PTR necacdnsone.necone.com.
  52   IN  PTR dhcpserver.necone.com.
^^^ spaces are the problem

請記住增加 SOASerial然後重新載入命名。

在不相關的問題上,您應該指定IN NS necacdnsone.necone.com.與您選擇不當的指南所建議的相反。

引用自:https://serverfault.com/questions/680857