ns1 上的配置

ns1 上的配置

我正在尝试在 Ubuntu 12.04.2 LTS(从 Ubuntu 11.04 升级)上使用 bind9(9.8.1-P1)设置权威 DNS 服务器,但遇到了一些问题。

外部问题

当我尝试使用以下工具 solvedns.com/biotechnics.ro 和 dnscheck.pingdom.com/?domain=biotechnics.ro 检查我的 DNS 配置时,它们会失败并输出类似“名称服务器 ns1.biotechnics.ro (89.36.94.53) 未响应查询“ 或者 ”您的名称服务器 ns1.biotechnics.ro 未响应 NS 记录查询!

此外,外部在线挖掘工具如返回以下输出:

;<<>> DiG 9.8.4-P1 <<>> @ns1.biotechnics.ro -t NS biotechnics.ro

;(找到 1 个服务器)

;; 全局选项: +cmd

;;连接超时;无法访问服务器

来自父级的主要 TLD

父级设置如下:

; <<>> DiG 9.8.4-P1 <<>> @primary.rotld.ro -t NS biotechnics.ro
; (2 servers found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 7740
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 2, ADDITIONAL: 2
;; WARNING: recursion requested but not available

;; QUESTION SECTION:
;biotechnics.ro.            IN  NS

;; AUTHORITY SECTION:
biotechnics.ro.     10800   IN  NS  ns2.biotechnics.ro.
biotechnics.ro.     10800   IN  NS  ns1.biotechnics.ro.

;; ADDITIONAL SECTION:
ns1.biotechnics.ro. 10800   IN  A   89.36.94.53
ns2.biotechnics.ro. 10800   IN  A   141.85.169.100

;; Query time: 279 msec
;; SERVER: 192.162.16.18#53(192.162.16.18)
;; WHEN: Tue Feb 12 05:40:50 2013
;; MSG SIZE  rcvd: 100

ns1 上的配置

rsavu@host:/etc/bind$ head -40 named.conf
// ----------------------- Options -----------------------
options {
    // all relative paths use this directory as a base
    directory "/var/cache/bind";
    // version statement changed for security (to avoid hacking known weaknesses)
    version "not currently available";
    // This prevents bind from serving other than authoritative requests:
    recursion no;
    // disables all zone transfer requests for performance as well as security reasons
    allow-transfer{none;};
    dnssec-enable no; // zone not signed
    minimal-responses yes; // optional - improved performance
    additional-from-auth no; // optional - improved performance
    additional-from-cache no; // optional - minimal performance change
};

// ----------------------- Logging -----------------------
// log to /var/log/named/zytrax-named all events from info UP in severity (no debug)
// uses 3 files in rotation swaps files when size reaches 250K
// failure messages up to this point are in (syslog) /var/log/messages
logging{
    channel custom_log{
        file "/var/log/bind9_info.log" versions 3 size 250k;
        severity debug;
    };
    category default{
        custom_log;
    };
};

// ----------------------- Zones -----------------------
zone "biotechnics.ro" in{
    type master;
    file "/etc/bind/db.biotechnics.ro";
    allow-transfer { 141.85.169.100; };
    also-notify {141.85.169.100; };
    allow-query { any; };
};

区域文件

$ORIGIN .
$TTL 36000      ; 10 hours
biotechnics.ro          IN SOA  ns1.biotechnics.ro. admin.biotechnics.ro. (
                                2013021201 ; serial
                                28800      ; refresh (8 hours)
                                7200       ; retry (2 hours)
                                604800     ; expire (1 week)
                                86400      ; minimum (1 day)
                                )
                        NS      ns1.biotechnics.ro.
                        NS      ns2.biotechnics.ro.
                        A       81.181.152.23
 $ORIGIN biotechnics.ro.
ftp                     A       81.181.152.23
ns1.biotechnics.ro.                     A       89.36.94.53
ns2.biotechnics.ro.                     A       141.85.169.100
www                     A       81.181.152.23

我检查了什么

  • 防火墙没有问题(我暂时禁用了它)
  • 从主机内部挖掘工作
  • 奴隶工地挖掘
  • 递归是;不能解决问题
  • Netstat 显示端口 53 正在由命名的 UDP 和 TCP 使用
  • named-checkconf 和 named-checkzone 没有发出警告。

问题可能出在哪里?有什么想法吗?我不明白发生了什么,为什么我的主机没有回复查询。

[后来的编辑] 从属设备在 Debian 4.0 上并且运行良好(正如您在上面的 dns 解析器中所看到的。

答案1

尝试添加选项

listen-on { 127.0.0.0/8; exter.nalip.addr.ess; };

相关内容