服务器 Gind.cn
  1. 服务器 Gind.cn
  3. 绑定没有响应出服务器
Intereting Posts
对于cobbler,RHEL文档中的iptables命令在RHEL 7中失败 Exchange 2010 – 将电子邮件转发给外部联系人,而不保留原始邮箱日历 如何使用命令行在IIS7 +中重新启动单个网站? SQL服务器pipe理工​​作室没有连接到新笔记本电脑上的远程数据库 Ubuntu Server 14.04 LTS与KVM的虚拟化限制? ZFS L2ARC用于镜像池 Windows 7紧凑型dynamicVHD 无线上网,3g Windows 7上的互联网 需要关于SBS 2008的build议:Premium还是Standard? WSS和/或MOSS? 正确的方式来连接思科小型企业交换机? 桑巴回收站每个用户? NTP:如何知道NTP中的完整时间同步 企业磁盘来源 Nginx + php-fpm auth_base上的url 通过telnet会话执行net use命令

绑定没有响应出服务器

我有绑定服务器configuration的问题。

在8.8.4.4上查找的结果: 

root@server1:~# dig @8.8.4.4 webexamplesite.com ; <<>> DiG 9.8.4-rpz2+rl005.12-P1 <<>> @8.8.4.4 webexamplesite.com ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 5563 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;webexamplesite.com. IN A ;; Query time: 2428 msec ;; SERVER: 8.8.4.4#53(8.8.4.4) ;; WHEN: Sat Feb 15 15:16:02 2014 ;; MSG SIZE rcvd: 30

在182.64.31.121上查找的结果 

 root@server1:~# dig @182.64.31.121 webexamplesite.com ; <<>> DiG 9.8.4-rpz2+rl005.12-P1 <<>> @182.64.31.121 webexamplesite.com ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 11402 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2 ;; QUESTION SECTION: ;webexamplesite.com. IN A ;; ANSWER SECTION: webexamplesite.com. 14400 IN A 182.64.31.121 ;; AUTHORITY SECTION: webexamplesite.com. 14400 IN NS ns1.webexamplesite.com. webexamplesite.com. 14400 IN NS ns2.webexamplesite.com. ;; ADDITIONAL SECTION: ns1.webexamplesite.com. 14400 IN A 182.64.31.121 ns2.webexamplesite.com. 14400 IN A 182.64.31.121 ;; Query time: 1 msec ;; SERVER: 182.64.31.121#53(182.64.31.121) ;; WHEN: Sat Feb 15 15:17:39 2014

还检查了端口53以检查防火墙访问。 

  sweb@sweb-laptop:~$ telnet 182.64.31.121 53 Trying 182.64.31.121... Connected to 182.64.31.121. Escape character is '^]'.

Firewalconfiguration 

 root@server1:~# iptables -F ; iptables -X ; iptables -P INPUT ACCEPT ; iptables -P FORWARD ACCEPT ; iptables -P OUTPUT ACCEPT root@server1:~# iptables-save # Generated by iptables-save v1.4.14 on Sat Feb 15 15:22:39 2014 *filter :INPUT ACCEPT [7:508] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [4:592] COMMIT # Completed on Sat Feb 15 15:22:39 2014 # Generated by iptables-save v1.4.14 on Sat Feb 15 15:22:39 2014 *nat :PREROUTING ACCEPT [37:2400] :INPUT ACCEPT [1004:70326] :OUTPUT ACCEPT [11:760] :POSTROUTING ACCEPT [11:760] -A PREROUTING -d 182.64.31.121/32 -p udp -m udp --dport 53 -j REDIRECT --to-ports 1194 -A POSTROUTING -s 10.8.0.0/24 -j SNAT --to-source 182.64.31.121 COMMIT # Completed on Sat Feb 15 15:22:39 2014

我的问题是什么?

尝试使用netstat找出什么是监听端口1194 

 netstat -tlpne

如果它不是DNS服务,请务必删除这个可疑的NAT: 

 iptables -D PREROUTING -d 182.64.31.121/32 -p udp -m udp --dport 53 -j REDIRECT --to-ports 1194