BIND9 出了点问题……从属区域为域中的所有查询提供 SERVAIL

我在 Debian Lenny 上设置了一个使用 bind9 的域，作为我的 DNS 托管提供商服务器的从属。我认为具体情况无关紧要，但我已允许在我的注册商/DNS 主机的 Web 界面上将数据转移到我的服务器的 IP。这是我的 /etc/bind/named.conf.local 中的：

zone "wanners.net" in{
  type slave;
  file "/etc/bind/zones/slave.wanners.net.db";
  masters {64.68.200.91;};
};

并在所述路径处有一个空文件。启动 bind9 后，我在 /etc/log/syslog 中看到以下内容：

Jan 23 22:09:46 wanners named[14828]: starting BIND 9.6-ESV-R3 -u bind
Jan 23 22:09:46 wanners named[14828]: built with '--prefix=/usr' '--build=arm-linux-gnueabi' '--host=arm-linux-gnueabi' '--mandir=/usr/share/man' '--infodir=/usr/share/info' '--sysconfdir=/etc/bind' '--localstatedir=/var/run/bind' '--enable-threads' '--enable-largefile' '--with-libtool' '--enable-shared' '--enable-static' '--with-openssl=/usr' '--with-gssapi=/usr' '--with-gnu-ld' '--with-dlz-postgres=no' '--with-dlz-mysql=no' '--with-dlz-bdb=yes' '--with-dlz-filesystem=yes' '--with-dlz-ldap=yes' '--with-dlz-stub=yes' '--enable-ipv6' 'build_alias=arm-linux-gnueabi' 'host_alias=arm-linux-gnueabi' 'CFLAGS=-fno-strict-aliasing -DDIG_SIGCHASE -DNS_RUN_PID_DIR=0 -O2' 'LDFLAGS=' 'CPPFLAGS='
Jan 23 22:09:46 wanners named[14828]: adjusted limit on open files from 1024 to 1048576
Jan 23 22:09:46 wanners named[14828]: found 1 CPU, using 1 worker thread
Jan 23 22:09:46 wanners named[14828]: using up to 4096 sockets
Jan 23 22:09:46 wanners named[14828]: loading configuration from '/etc/bind/named.conf'
Jan 23 22:09:46 wanners named[14828]: using default UDP/IPv4 port range: [1024, 65535]
Jan 23 22:09:46 wanners named[14828]: using default UDP/IPv6 port range: [1024, 65535]
Jan 23 22:09:46 wanners named[14828]: listening on IPv6 interfaces, port 53
Jan 23 22:09:46 wanners named[14828]: listening on IPv4 interface lo, 127.0.0.1#53
Jan 23 22:09:46 wanners named[14828]: listening on IPv4 interface eth0, 192.168.1.1#53
Jan 23 22:09:46 wanners named[14828]: listening on IPv4 interface eth1, 68.226.67.198#53
Jan 23 22:09:46 wanners named[14828]: listening on IPv4 interface tun0, 10.8.0.1#53
Jan 23 22:09:46 wanners named[14828]: automatic empty zone: 254.169.IN-ADDR.ARPA
Jan 23 22:09:46 wanners named[14828]: automatic empty zone: 2.0.192.IN-ADDR.ARPA
Jan 23 22:09:46 wanners named[14828]: automatic empty zone: 255.255.255.255.IN-ADDR.ARPA
Jan 23 22:09:46 wanners named[14828]: automatic empty zone: 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA
Jan 23 22:09:46 wanners named[14828]: automatic empty zone: 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA
Jan 23 22:09:46 wanners named[14828]: automatic empty zone: D.F.IP6.ARPA
Jan 23 22:09:46 wanners named[14828]: automatic empty zone: 8.E.F.IP6.ARPA
Jan 23 22:09:46 wanners named[14828]: automatic empty zone: 9.E.F.IP6.ARPA
Jan 23 22:09:46 wanners named[14828]: automatic empty zone: A.E.F.IP6.ARPA
Jan 23 22:09:46 wanners named[14828]: automatic empty zone: B.E.F.IP6.ARPA
Jan 23 22:09:46 wanners named[14828]: command channel listening on 127.0.0.1#953
Jan 23 22:09:46 wanners named[14828]: command channel listening on ::1#953
Jan 23 22:09:46 wanners named[14828]: zone 0.in-addr.arpa/IN: loaded serial 1
Jan 23 22:09:46 wanners named[14828]: zone 127.in-addr.arpa/IN: loaded serial 1
Jan 23 22:09:46 wanners named[14828]: zone 1.168.192.in-addr.arpa/IN: loaded serial 1
Jan 23 22:09:46 wanners named[14828]: zone 255.in-addr.arpa/IN: loaded serial 1
Jan 23 22:09:46 wanners named[14828]: zone lo/IN: loaded serial 1
Jan 23 22:09:46 wanners named[14828]: zone localhost/IN: loaded serial 2
Jan 23 22:09:46 wanners named[14828]: zone wanners.net/IN: has 0 SOA records
Jan 23 22:09:46 wanners named[14828]: zone wanners.net/IN: has no NS records
Jan 23 22:09:46 wanners named[14828]: running
Jan 23 22:09:46 wanners named[14828]: zone wanners.net/IN: Transfer started.
Jan 23 22:09:46 wanners named[14828]: transfer of 'wanners.net/IN' from 64.68.200.91#53: connected using 68.226.67.198#51368
Jan 23 22:09:46 wanners named[14828]: dumping master file: /etc/bind/zones/tmp-dysZfOWkDE: open: permission denied
Jan 23 22:09:46 wanners named[14828]: transfer of 'wanners.net/IN' from 64.68.200.91#53: failed while receiving responses: permission denied
Jan 23 22:09:46 wanners named[14828]: transfer of 'wanners.net/IN' from 64.68.200.91#53: Transfer completed: 0 messages, 13 records, 0 bytes, 0.130 secs (0 bytes/sec)
[snip cronjobs]
Jan 23 22:10:45 wanners named[14828]: zone wanners.net/IN: Transfer started.
Jan 23 22:10:45 wanners named[14828]: transfer of 'wanners.net/IN' from 64.68.200.91#53: connected using 68.226.67.198#42435
Jan 23 22:10:45 wanners named[14828]: dumping master file: /etc/bind/zones/tmp-lWrePAOaFH: open: permission denied
Jan 23 22:10:45 wanners named[14828]: transfer of 'wanners.net/IN' from 64.68.200.91#53: failed while receiving responses: permission denied
Jan 23 22:10:45 wanners named[14828]: transfer of 'wanners.net/IN' from 64.68.200.91#53: Transfer completed: 0 messages, 13 records, 0 bytes, 0.107 secs (0 bytes/sec)

因此，它可以很好地获取记录，甚至可以刷新记录；只是没有回答有关它们的查询。这是为什么？我应该怎么做才能解决这个问题？下面是证明这一点的挖掘：

marcus@wanners ~ $ dig -6 wanners.net

; <<>> DiG 9.6-ESV-R3 <<>> -6 wanners.net
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 33846
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;wanners.net.           IN  A

;; Query time: 2 msec
;; SERVER: ::1#53(::1)
;; WHEN: Sun Jan 23 22:18:46 2011
;; MSG SIZE  rcvd: 29

[我在测试中使用 IPv6，因为服务器将在 IPv6 上提供服务。对于 wanners.net 或子域下的任何记录，结果都是相同的，即使从站外查询也是如此]