我有一个设置,在其中一个Bind9 recursor转发所有请求的特定区域(* .sslocal)和匹配的反向区域到PowerDNS 4.0.4权威服务器。
转发工作正常,因为它回复了正确的值,但是当我挖掘一个registry,我得到的根服务器为SOA,因为我粘贴下一个:
dmayan@bind1:~$ dig tt.sslocal @localhost ; <<>> DiG 9.9.5-9+deb8u11-Debian <<>> tt.sslocal @localhost ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 31925 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 13, ADDITIONAL: 27 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ;; QUESTION SECTION: ;tt.sslocal. IN A ;; ANSWER SECTION: tt.sslocal. 3303 IN A 10.20.22.28 ;; AUTHORITY SECTION: . 503777 IN NS l.root-servers.net. . 503777 IN NS m.root-servers.net. . 503777 IN NS h.root-servers.net. . 503777 IN NS a.root-servers.net. . 503777 IN NS j.root-servers.net. . 503777 IN NS d.root-servers.net. . 503777 IN NS c.root-servers.net. . 503777 IN NS i.root-servers.net. . 503777 IN NS g.root-servers.net. . 503777 IN NS f.root-servers.net. . 503777 IN NS k.root-servers.net. . 503777 IN NS e.root-servers.net. . 503777 IN NS b.root-servers.net. ;; ADDITIONAL SECTION: a.root-servers.net. 590177 IN A 198.41.0.4 a.root-servers.net. 503777 IN AAAA 2001:503:ba3e::2:30 b.root-servers.net. 595788 IN A 192.228.79.201 b.root-servers.net. 503777 IN AAAA 2001:500:200::b c.root-servers.net. 503777 IN A 192.33.4.12 c.root-servers.net. 503777 IN AAAA 2001:500:2::c d.root-servers.net. 503777 IN A 199.7.91.13 d.root-servers.net. 503777 IN AAAA 2001:500:2d::d e.root-servers.net. 503777 IN A 192.203.230.10 e.root-servers.net. 503777 IN AAAA 2001:500:a8::e f.root-servers.net. 503777 IN A 192.5.5.241 f.root-servers.net. 503777 IN AAAA 2001:500:2f::f g.root-servers.net. 503777 IN A 192.112.36.4 g.root-servers.net. 503777 IN AAAA 2001:500:12::d0d h.root-servers.net. 503777 IN A 198.97.190.53 h.root-servers.net. 503777 IN AAAA 2001:500:1::53 i.root-servers.net. 503777 IN A 192.36.148.17 i.root-servers.net. 503777 IN AAAA 2001:7fe::53 j.root-servers.net. 503777 IN A 192.58.128.30 j.root-servers.net. 503777 IN AAAA 2001:503:c27::2:30 k.root-servers.net. 503777 IN A 193.0.14.129 k.root-servers.net. 503777 IN AAAA 2001:7fd::1 l.root-servers.net. 503777 IN A 199.7.83.42 l.root-servers.net. 503777 IN AAAA 2001:500:9f::42 m.root-servers.net. 590334 IN A 202.12.27.33 m.root-servers.net. 503777 IN AAAA 2001:dc3::35 ;; Query time: 0 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) ;; WHEN: Fri Oct 06 14:44:31 -03 2017 ;; MSG SIZE rcvd: 838 如果我做同样的要求,但为权威,我得到以下几点:
dmayan@bind1:~$ dig tt.sslocal @172.16.2.248 ; <<>> DiG 9.9.5-9+deb8u11-Debian <<>> tt.sslocal @172.16.2.248 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 21978 ;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1 ;; WARNING: recursion requested but not available ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 1680 ;; QUESTION SECTION: ;tt.sslocal. IN A ;; ANSWER SECTION: tt.sslocal. 3600 IN A 10.20.22.28 ;; Query time: 1 msec ;; SERVER: 172.16.2.248#53(172.16.2.248) ;; WHEN: Fri Oct 06 14:47:29 -03 2017 ;; MSG SIZE rcvd: 55
这里是我的Poweradminconfiguration,对于该区域, bind2.sslocal是172.16.2.248的权威服务器, bind3.sslocal是另一个PowerDNS,但是作为权威的recursor和superslave。
[ https://i.imgur.com/Jfj3KNV.png]
这里是我的绑定named.conf.local的configuration片段
zone "sslocal" { type forward; forward only; forwarders { 172.16.2.248; }; };
这是一种常见的行为,或者我错误地configuration了一些东西?
预先感谢,对于英语不好,感到抱歉