服务器 Gind.cn
  1. 服务器 Gind.cn
  3. bind9区域传输问题 – 不授权
Intereting Posts
Apache更改代理请求的URL重写 通过自定义SSH命令的Virtmanager连接? 如何在Solaris 8中禁用finger服务 停止一个不可阻挡的openvz容器 如何configuration清漆不caching一个特定的文件夹? 无法远程访问Fedora服务器 使用FreeBSD在IPv4 WAN上隧道化IPv6 从Windows XP安装创buildISO /映像/安装 如何检测进程(和MySQL查询),使服务器负载较高? Zabbix:确定哪些项目检查负责存储大部分数据 Django的不可预知的行为 阻止用户search服务器pipe理页面 继续Bundler安装 Logrotate:如何在postrotate中访问输出文件 aws弹性路由请求如何通过轮循机制?

bind9区域传输问题 – 不授权

我一直在殴打自己试图弄清楚这一点。 ns1似乎正常工作。 ns2但是没有收到区域传输。 也许我只是需要在这个问题上的另一个眼球!

ns1 named.conf: 

include "/etc/bind/named.conf.options"; include "/etc/bind/named.conf.local"; include "/etc/bind/named.conf.default-zones"; //include "/etc/bind/named.conf.transfer"; //include "/etc/bind/rndc.key"; include "/etc/bind/tsig.key"; //controls { // inet 127.0.0.1 port 953 // allow { 127.0.0.1; } keys { "rndc-key"; }; //};

ns1 tsig.key(安全编辑密钥) 

 key "TRANSFER" { algorithm hmac-md5; secret "/QUbT7wtaTrCQUg4sNC9WA=="; }; server 24.119.63.195 { keys { TRANSFER; }; };

ns1 named.conf.options 

 options { directory "/var/cache/bind"; dnssec-validation auto; auth-nxdomain no; # conform to RFC1035 listen-on-v6 { any; }; dnssec-enable yes; };

ns1 named.conf.local示例(所有条目遵循模式) 

 zone "woodcreationsok.com" { type master; file "/etc/bind/zones/woodcreationsok.com.zone"; };

ns1示例区文件 

 $ORIGIN woodcreationsok.com $TTL 86400 woodcreationsok.com. IN SOA ns1.46-10.com. admin.46-10.com. ( 0000022510 ; Serial 3H ; refresh after 3 hours 1H ; retry after 1 hour 8W ; expire after 8 weeks 1D) ; minimum TTL of 1 day ; Name Server IN NS ns1.46-10.com. ; Joplin,MO USA IN NS ns2.46-10.com. ; Joplin,MO USA ; Mail Exchanger IN MX 50 mail.46-10.com. ; Joplin,MO USA ; Addresses woodcreationsok.com. IN A 24.119.63.196 www IN CNAME 24.119.63.196

ns2 named.conf 

 include "/etc/bind/named.conf.options"; include "/etc/bind/named.conf.local"; include "/etc/bind/named.conf.default-zones"; include "/etc/bind/tsig.key";

ns2 tsig.key(安全编辑密钥) 

 key "TRANSFER" { algorithm hmac-md5; secret "/QUbT7wtaTrCQUg4sNC9WA=="; }; server 24.119.63.194 { keys { TRANSFER; }; };

ns2 named.conf.options 

 options { directory "/var/cache/bind"; dnssec-validation auto; dnssec-enable yes; auth-nxdomain no; # conform to RFC1035 listen-on-v6 { any; }; };

ns2 syslog示例(提到的所有域都是我们提供的域) 

 Feb 26 10:47:43 ns2 named[12483]: client 24.119.63.194#39371: received notify for zone 'watsonandsonsconstruction.co': TSIG 'transfer': not authoritative Feb 26 10:47:43 ns2 named[12483]: client 24.119.63.194#39371: received notify for zone 'bigkeiths.com': TSIG 'transfer': not authoritative Feb 26 10:47:56 ns2 named[12483]: client 66.249.75.235#60473: query (cache) 'www.farmtireservice.com/A/IN' denied Feb 26 10:48:00 ns2 named[12483]: client 204.194.237.17#57552: query (cache) 'www.bigkeiths.com/AAAA/IN' denied Feb 26 10:48:00 ns2 named[12483]: client 204.194.237.17#12719: query (cache) 'www.bigkeiths.com/AAAA/IN' denied

任何帮助深表感谢! 另外,因为我是新来的DNSpipe理…所有这些查询(caching)domain.tld拒绝互联网土地计算机要求解决的领域?

您可能已经忘记了使用适当的辅助区域来configurationns2。 你应该在configuration(可能是named.conf.local )中有以下的地方: 

 zone "woodcreationsok.com" { type slave; file "woodcreationsok.com"; masters { 24.119.63.194; }; // primary nameserver IP }