SLES DHCP 动态 DNS:无法添加转发映射...:未找到

SLES DHCP 动态 DNS:无法添加转发映射...:未找到

我有一个基于官方 AMI 在 Amazon EC2 上运行的 SUSE Linux Enterprise Server 11.3 安装。

配置 DHCP 和 BIND(通过 yast)后,我遇到了动态 DNS 问题。

当客户端连接到 DHCP 服务器时,我收到错误消息:

Dec 31 04:26:41 ip-10-35-139-46 dhcpd: Unable to add forward map from XXXXXXX.containers.box to 192.168.2.8: not found

DHCP 和 DNS 服务器在同一台服务器上运行,桥接接口上的地址为 192.168.1.1,将其连接到 LXC。LXC 设置为 192.168.1.1 的 DHCP。(DHCP 日志似乎证实它们工作正常,它们目前可以正常访问互联网,并由 DHCP 服务器分配地址)

DNS 服务器似乎也可以通过 dig 命令(粘贴在下面)来运行

我正在运行 ISC dhcp-server 4.2.4.P2 和 Bind 9.9.3P2。

任何帮助将不胜感激。

谢谢,托德

粘贴我的 resolv.conf、named.conf 和 dhcpd.conf 文件。

解析配置文件

### /etc/resolv.conf file autogenerated by netconfig!
#
# Before you change this file manually, consider to define the
# static DNS configuration using the following variables in the
# /etc/sysconfig/network/config file:
#     NETCONFIG_DNS_STATIC_SEARCHLIST
#     NETCONFIG_DNS_STATIC_SERVERS
#     NETCONFIG_DNS_FORWARDER
# or disable DNS configuration updates via netconfig by setting:
#     NETCONFIG_DNS_POLICY=''
#
# See also the netconfig(8) manual page and other documentation.
#
# Note: Manual change of this file disables netconfig too, but
# may get lost when this file contains comments or empty lines
# only, the netconfig settings are same with settings in this
# file and in case of a "netconfig update -f" call.
#
### Please remove (at least) this line when you modify the file!
search containers.box ec2.internal
nameserver 127.0.0.1
nameserver 192.168.1.1
nameserver 172.16.0.23

dhcpd配置文件

option domain-name "containers.box";
option domain-name-servers 192.168.1.1;
option routers 192.168.1.1;
default-lease-time 14400;
include "/etc/named.d/ToddKey";
ddns-update-style interim;
ignore client-updates;
ddns-updates on;
subnet 192.168.0.0 netmask 255.255.0.0 {
  range 192.168.2.1 192.168.2.250;
  default-lease-time 14400;
  max-lease-time 172800;
  zone private.lan. { primary 192.168.1.1; key ToddKey; }
  zone 168.192.in-addr.arpa. { primary 192.168.1.1; key ToddKey; }

命名配置文件

# Copyright (c) 2001-2004 SuSE Linux AG, Nuernberg, Germany.
# All rights reserved.
#
# Author: Frank Bodammer, Lars Mueller <[email protected]>
#
# /etc/named.conf
#
# This is a sample configuration file for the name server BIND 9.  It works as
# a caching only name server without modification.
#
# A sample configuration for setting up your own domain can be found in
# /usr/share/doc/packages/bind/sample-config.
#
# A description of all available options can be found in
# /usr/share/doc/packages/bind/misc/options.

options {

        # The directory statement defines the name server's working directory

        directory "/var/lib/named";

        # Write dump and statistics file to the log subdirectory.  The
        # pathenames are relative to the chroot jail.

        dump-file "/var/log/named_dump.db";
        statistics-file "/var/log/named.stats";

        # The forwarders record contains a list of servers to which queries
        # should be forwarded.  Enable this line and modify the IP address to
        # your provider's name server.  Up to three servers may be listed.

        #forwarders { 192.0.2.1; 192.0.2.2; };

        # Enable the next entry to prefer usage of the name server declared in
        # the forwarders section.

        #forward first;

        # The listen-on record contains a list of local network interfaces to
        # listen on.  Optionally the port can be specified.  Default is to
        # listen on all interfaces found on your system.  The default port is
        # 53.

        #listen-on port 53 { 127.0.0.1; };

        # The listen-on-v6 record enables or disables listening on IPv6
        # interfaces.  Allowed values are 'any' and 'none' or a list of
        # addresses.

        listen-on-v6 { any; };

        # The next three statements may be needed if a firewall stands between
        # the local server and the internet.

        #query-source address * port 53;
        #transfer-source * port 53;
        #notify-source * port 53;

        # The allow-query record contains a list of networks or IP addresses
        # to accept and deny queries from. The default is to allow queries
        # from all hosts.

        #allow-query { 127.0.0.1; };

        # If notify is set to yes (default), notify messages are sent to other
        # name servers when the the zone data is changed.  Instead of setting
        # a global 'notify' statement in the 'options' section, a separate
        # 'notify' can be added to each zone definition.

        notify no;
        include "/etc/named.d/forwarders.conf";
};

# To configure named's logging remove the leading '#' characters of the
# following examples.
#logging {
#       # Log queries to a file limited to a size of 100 MB.
#       channel query_logging {
#               file "/var/log/named_querylog"
#                       versions 3 size 100M;
#               print-time yes;                 // timestamp log entries
#       };
#       category queries {
#               query_logging;
#       };
#
#       # Or log this kind alternatively to syslog.
#       channel syslog_queries {
#               syslog user;
#               severity info;
#       };
#       category queries { syslog_queries; };
#
#       # Log general name server errors to syslog.
#       channel syslog_errors {
#               syslog user;
#               severity error;
#       };
#       category default { syslog_errors;  };
#
#       # Don't log lame server messages.
#       category lame-servers { null; };
#};

# The following zone definitions don't need any modification.  The first one
# is the definition of the root name servers.  The second one defines
# localhost while the third defines the reverse lookup for localhost.

zone "." in {
        type hint;
        file "root.hint";
};

zone "localhost" in {
        type master;
        file "localhost.zone";
};

zone "0.0.127.in-addr.arpa" in {
        type master;
        file "127.0.0.zone";
};

# Include the meta include file generated by createNamedConfInclude.  This
# includes all files as configured in NAMED_CONF_INCLUDE_FILES from
# /etc/sysconfig/named

include "/etc/named.conf.include";
zone "private.lan" in {
        file "dyn/private.lan";
        type master;
        allow-update { key ToddKey; };
        allow-transfer { any; };
};
logging {
        category default { log_syslog; };
        channel log_syslog { syslog; };
};
zone "168.192.in-addr.arpa" in {
        allow-update { key ToddKey; };
        allow-transfer { any; };
        file "dyn/168.192.in-addr.arpa";
        type master;
};

# You can insert further zone records for your own domains below or create
# single files in /etc/named.d/ and add the file names to
# NAMED_CONF_INCLUDE_FILES.
# See /usr/share/doc/packages/bind/README.SUSE for more details.

以及BIND启动的系统日志:

Dec 31 04:35:09 ip-10-35-139-46 named[25012]: starting BIND 9.9.3-P2 -t /var/lib/named -u named
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: built with '--prefix=/usr' '--bindir=/usr/bin' '--sbindir=/usr/sbin' '--sysconfdir=/etc' '--localstatedir=/var' '--libdir=/usr/lib64' '--includedir=/usr/include/bind' '--mandir=/usr/share/man' '--infodir=/usr/share/info' '--with-openssl' '--enable-threads' '--with-libtool' '--enable-runidn' '--with-libxml2=/usr' '--with-gssapi' 'CFLAGS=-fmessage-length=0 -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector -funwind-tables -fasynchronous-unwind-tables -g -fno-strict-aliasing' 'LDFLAGS=-L/usr/lib64'
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: ----------------------------------------------------
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: BIND 9 is maintained by Internet Systems Consortium,
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: Inc. (ISC), a non-profit 501(c)(3) public-benefit
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: corporation.  Support and training for BIND 9 are
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: available at https://www.isc.org/support
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: ----------------------------------------------------
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: adjusted limit on open files from 8192 to 1048576
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: found 4 CPUs, using 4 worker threads
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: using 4 UDP listeners per interface
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: using up to 4096 sockets
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: loading configuration from '/etc/named.conf'
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: using default UDP/IPv4 port range: [1024, 65535]
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: using default UDP/IPv6 port range: [1024, 65535]
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: no IPv6 interfaces found
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: listening on IPv4 interface lo, 127.0.0.1#53
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: listening on IPv4 interface lo, 127.0.0.2#53
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: listening on IPv4 interface eth0, 10.35.139.46#53
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: listening on IPv4 interface br0, 192.168.1.1#53
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: generating session key for dynamic DNS
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: sizing zone task pool based on 5 zones
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: set up managed keys zone for view _default, file 'managed-keys.bind'
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 10.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 16.172.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 17.172.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 18.172.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 19.172.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 20.172.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 21.172.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 22.172.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 23.172.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 24.172.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 25.172.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 26.172.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 27.172.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 28.172.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 29.172.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 30.172.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 31.172.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 64.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 65.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 66.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 67.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 68.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 69.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 70.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 71.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 72.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 73.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 74.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 75.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 76.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 77.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 78.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 79.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 80.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 81.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 82.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 83.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 84.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 85.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 86.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 87.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 88.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 89.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 90.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 91.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 92.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 93.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 94.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 95.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 96.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 97.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 98.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 99.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 100.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 101.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 102.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 103.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 104.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 105.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 106.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 107.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 108.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 109.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 110.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 111.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 112.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 113.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 114.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 115.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 116.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 117.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 118.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 119.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 120.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 121.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 122.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 123.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 124.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 125.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 126.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 127.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 0.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 127.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 254.169.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 2.0.192.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 100.51.198.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 113.0.203.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 255.255.255.255.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: D.F.IP6.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 8.E.F.IP6.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 9.E.F.IP6.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: A.E.F.IP6.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: B.E.F.IP6.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 8.B.D.0.1.0.0.2.IP6.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: command channel listening on 127.0.0.1#953
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: managed-keys-zone: loaded serial 0
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: zone localhost/IN: loaded serial 42
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: zone 0.0.127.in-addr.arpa/IN: loaded serial 42
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: zone 168.192.in-addr.arpa/IN: loaded serial 2013123100
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: zone private.lan/IN: loaded serial 2013123100
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: all zones loaded
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: running
Dec 31 04:36:12 ip-10-35-139-46 named[25012]: received control channel command 'reload'
Dec 31 04:36:12 ip-10-35-139-46 named[25012]: loading configuration from '/etc/named.conf'
Dec 31 04:36:12 ip-10-35-139-46 named[25012]: using default UDP/IPv4 port range: [1024, 65535]
Dec 31 04:36:12 ip-10-35-139-46 named[25012]: using default UDP/IPv6 port range: [1024, 65535]
Dec 31 04:36:12 ip-10-35-139-46 named[25012]: no IPv6 interfaces found
Dec 31 04:36:12 ip-10-35-139-46 named[25012]: sizing zone task pool based on 5 zones
Dec 31 04:36:12 ip-10-35-139-46 named[25012]: reloading configuration succeeded
Dec 31 04:36:12 ip-10-35-139-46 named[25012]: reloading zones succeeded
Dec 31 04:36:12 ip-10-35-139-46 named[25012]: all zones loaded
Dec 31 04:36:12 ip-10-35-139-46 named[25012]: running

完整的 DHCP 服务器日志:

Dec 31 04:22:49 ip-10-35-139-46 dhcpd: Internet Systems Consortium DHCP Server 4.2.4-P2
Dec 31 04:22:49 ip-10-35-139-46 dhcpd: Copyright 2004-2012 Internet Systems Consortium.
Dec 31 04:22:49 ip-10-35-139-46 dhcpd: All rights reserved.
Dec 31 04:22:49 ip-10-35-139-46 dhcpd: For info, please visit https://www.isc.org/software/dhcp/
Dec 31 04:22:49 ip-10-35-139-46 dhcpd: Not searching LDAP since ldap-server, ldap-port and ldap-base-dn were not specified in the config file
Dec 31 04:22:49 ip-10-35-139-46 dhcpd: Wrote 8 leases to leases file.
Dec 31 04:22:49 ip-10-35-139-46 dhcpd: Listening on LPF/br0/0e:a1:29:d9:32:41/192.168.0.0/16
Dec 31 04:22:49 ip-10-35-139-46 dhcpd: Sending on   LPF/br0/0e:a1:29:d9:32:41/192.168.0.0/16
Dec 31 04:22:49 ip-10-35-139-46 dhcpd: Sending on   Socket/fallback/fallback-net
Dec 31 04:26:40 ip-10-35-139-46 dhcpd: DHCPDISCOVER from 22:a1:31:2e:29:d9 (XXXXXXX) via br0
Dec 31 04:26:41 ip-10-35-139-46 dhcpd: DHCPOFFER on 192.168.2.8 to 22:a1:31:2e:29:d9 (XXXXXXX) via br0
Dec 31 04:26:41 ip-10-35-139-46 dhcpd: DHCPREQUEST for 192.168.2.8 (192.168.1.1) from 22:a1:31:2e:29:d9 (XXXXXXX) via br0
Dec 31 04:26:41 ip-10-35-139-46 dhcpd: DHCPACK on 192.168.2.8 to 22:a1:31:2e:29:d9 (XXXXXXX) via br0
Dec 31 04:26:41 ip-10-35-139-46 dhcpd: Unable to add forward map from XXXXXXX.containers.box to 192.168.2.8: not found

DNS 服务器挖掘测试

dig google.com 192.168.1.1

; <<>> DiG 9.9.3-P2 <<>> google.com 192.168.1.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 51212
;; flags: qr rd ra; QUERY: 1, ANSWER: 11, AUTHORITY: 13, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;google.com.                    IN      A

;; ANSWER SECTION:
google.com.             127     IN      A       74.125.228.134
google.com.             127     IN      A       74.125.228.129
google.com.             127     IN      A       74.125.228.137
google.com.             127     IN      A       74.125.228.131
google.com.             127     IN      A       74.125.228.136
google.com.             127     IN      A       74.125.228.135
google.com.             127     IN      A       74.125.228.142
google.com.             127     IN      A       74.125.228.130
google.com.             127     IN      A       74.125.228.128
google.com.             127     IN      A       74.125.228.132
google.com.             127     IN      A       74.125.228.133

;; AUTHORITY SECTION:
.                       203245  IN      NS      a.root-servers.net.
.                       203245  IN      NS      g.root-servers.net.
.                       203245  IN      NS      h.root-servers.net.
.                       203245  IN      NS      k.root-servers.net.
.                       203245  IN      NS      b.root-servers.net.
.                       203245  IN      NS      f.root-servers.net.
.                       203245  IN      NS      c.root-servers.net.
.                       203245  IN      NS      i.root-servers.net.
.                       203245  IN      NS      l.root-servers.net.
.                       203245  IN      NS      m.root-servers.net.
.                       203245  IN      NS      j.root-servers.net.
.                       203245  IN      NS      e.root-servers.net.
.                       203245  IN      NS      d.root-servers.net.

;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Tue Dec 31 04:45:29 UTC 2013
;; MSG SIZE  rcvd: 426

;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 6633
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;192.168.1.1.                   IN      A

;; AUTHORITY SECTION:
.                       10800   IN      SOA     a.root-servers.net. nstld.verisign-grs.com. 2013123001 1800 900 604800 86400

;; Query time: 10 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Tue Dec 31 04

是否配置

br0       Link encap:Ethernet  HWaddr FE:C7:44:8A:7C:53
          inet addr:192.168.1.1  Bcast:192.168.255.255  Mask:255.255.0.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:7 errors:0 dropped:0 overruns:0 frame:0
          TX packets:5 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:820 (820.0 b)  TX bytes:830 (830.0 b)

eth0      Link encap:Ethernet  HWaddr 22:00:0A:23:8B:2E
          inet addr:10.35.139.46  Bcast:10.35.139.63  Mask:255.255.255.192
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:333542 errors:0 dropped:3 overruns:0 frame:0
          TX packets:271272 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:106476543 (101.5 Mb)  TX bytes:375013813 (357.6 Mb)

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:399587 errors:0 dropped:0 overruns:0 frame:0
          TX packets:399587 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:380974099 (363.3 Mb)  TX bytes:380974099 (363.3 Mb)

vethqEZAM Link encap:Ethernet  HWaddr FE:C7:44:8A:7C:53
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:7 errors:0 dropped:0 overruns:0 frame:0
          TX packets:14 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:918 (918.0 b)  TX bytes:1244 (1.2 Kb)

答案1

解决了我的问题。

我在 DHCP 服务器“containers.box”的全局选项中使用的域与我在 DNS 服务器“private.lan”中命名的区域的域不同。我以为,由于我在 dhcpd.conf 文件中指定了要更新的区域,所以这无关紧要,但显然有关系。

谢谢!

答案2

问题出在 iptables 中,您忘记指定选项 -o

相关内容