Bind9 不会为某些域名提供 txt 记录,但会为其他域名提供

Bind9 不会为某些域名提供 txt 记录,但会为其他域名提供

从标题来看,bind9 不会为一个域提供 txt 记录,而为其他域提供该记录。区域几乎相等。

系统 Ubuntu 14.04 Bind9 来自发行版(也从源代码尝试了 9.10)

我有两个域名:www.filippo.fake 和 www.mimmo.fake

Filippo 的区域和 Mimmo 的区域基本相等:

cat pri.filippo.fake

$TTL        3600
@       IN      SOA     ns-1.myserver.net. email.hotmail.com. (
                        2016100403       ; serial, todays date + todays serial #
                        7200              ; refresh, seconds
                        540              ; retry, seconds
                        604800              ; expire, seconds
                        86400 )            ; minimum, seconds
;

filippo.fake. 3600 A        1.2.3.4
mail 3600 A        1.2.3.4
webmail.filippo.fake 86400 A        1.2.3.4
www 3600 A        1.2.3.5
filippo.fake. 3600      MX    10   mail.filippo.fake.
filippo.fake. 3600      NS        ns-2.myserver.net.
filippo.fake. 3600      NS        ns-1.myserver.net.
default._domainkey.filippo.fake. 3600      TXT        "v=DKIM1; t=s; p=MIdsBdsasfdsiG9w0BAQEFAfsddsfsfCgKCAQEAsPNZmpYj9ozmRtCUIbVa8uviqMaxLkT+oQ+Et1FaHGmajDYr1TrRpyj0xu/cVJb5RutV2OFHy9X+qcw0PhOoZva4I6jqbV/xqBCG823ZoyyLAodeB0ilq94wtf8MW52iMR422HMCLuR3estBOKelBr4ptptZqojK5/btJlQT/JiGkPA2YbuiEdl9QkvbZQ/JGfN" "0OpoQWKy6iy597DGj68syZDnbL+c45IWIq6Ai7U7TlRPyuwmEer3ryRbWC7DdQBp4E/5U36YBfXLSgY4L2VBZzoBSUL2MWO/VUUfcn5LegIA4ZBK/juC2br4Rv06Tm9YWtgDsYrp6Srit/8UV7wIDAQAB"
filippo.fake. 86400      TXT        "v=spf1 +a +mx +ip4:1.2.3.4 ?all"

cat pri.mimmo.fake

$TTL        3600
@       IN      SOA     ns-1.myserver.net. email.hotmail.com. (
                        2016100403       ; serial, todays date + todays serial #
                        7200              ; refresh, seconds
                        540              ; retry, seconds
                        604800              ; expire, seconds
                        86400 )            ; minimum, seconds
;

mimmo.fake. 3600 A        1.2.3.4
mail 3600 A        1.2.3.4
webmail.mimmo.fake 86400 A        1.2.3.4
www 3600 A        1.2.3.5
mimmo.fake. 3600      MX    10   mail.mimmo.fake.
mimmo.fake. 3600      NS        ns-2.myserver.net.
mimmo.fake. 3600      NS        ns-1.myserver.net.
default._domainkey.mimmo.fake. 3600      TXT        "v=DKIM1; t=s; p=MIdsBdsasffdsfsdEFAfsddsfsfCgKCAQEAsPNZmpYj9ozmRtCUIbVa8uvi32321FaHGmajDYr1TrRpyj0xu/cVJb5RutV2OFHy9X+qcw0PhOoZva4I6jqbV/xqBCGfdsfdsfdslq94wtf8MW52iMR422HMCLuR3estBOKelBr4ptptZqojK5/btJlQT/JiGkPA2YbuiEdl9QkvbZQ/JGfN" "0OpoQWKy6iy597DGj68syZDnbL+c45IWIq6Ai7U7TlRPyuwmEer3ryRbWC7DdQBp4E/5U36YBfXLSgY4L2VBZzoBSUL2MWO/VUUfcn5LegIA4ZBK/juC2br4Rv06Tm9YWtgDsYrp6Srit/8UV7wIDAQAB"
mimmo.fake. 86400      TXT        "v=spf1 +a +mx +ip4:1.2.3.4 ?all"

但是,从 ns-1、ns-2 和世界其他地方运行“host -t txt domain localhost”会得到以下结果

显然,世界其他地方没有以“localhost”结尾的:

root@ns-1:/var/log/named# host -t txt filippo.fake localhost
Using domain server:
Name: localhost
Address: ::1#53
Aliases:

filippo.fake descriptive text "v=spf1 +a +mx +ip4:1.2.3.4 ?all"

 root@ns-1:/var/log/named# host -t txt mimmo.fake localhost
Using domain server:
Name: localhost
Address: ::1#53
Aliases:

mimmo.fake has no TXT record

还有更多像 filippo.fake 这样的域名正常工作。有或没有 dkim 记录都无所谓。我已经尝试更改绑定版本,使用 ispconfig 删除并重新创建区域,手动创建 pri.mimmo.fake 区域文件。它没有改变任何东西。

日志。

直到我更改绑定版本,我才在域不起作用的日志中收到此信息:

04-Oct-2016 14:52:01.746 zone mimmo.faje/IN: 'mimmo.fake' found SPF/TXT record but no SPF/SPF record found, add matching type SPF record

但请考虑从来源安装 bind 9.10 后,警告不再显示在日志中,而 txt 的问题仍然存在。如果我创建 spf 记录,它不会改变任何东西。

每次服务重新启动时,日志中都不会显示与错误或警告相关的特定消息。无论如何,由于绑定日志记录的复杂性,我将向您展示用于记录的规则,也许我没有查看我应该查看的内容?

 logging {
     channel default_file {
        file "/var/log/named/default.log" versions 3 size 5m;
        severity dynamic;
        print-time yes;
    };
    channel general_file {
        file "/var/log/named/general.log" versions 3 size 5m;
        severity dynamic;
        print-time yes;
    };
   channel database_file {
       file "/var/log/named/database.log" versions 3 size 5m;
       severity dynamic;
       print-time yes;
   };
   channel security_file {
       file "/var/log/named/security.log" versions 3 size 5m;
       severity dynamic;
       print-time yes;
   };
   channel config_file {
       file "/var/log/named/config.log" versions 3 size 5m;
       severity dynamic;
       print-time yes;
   };
   channel resolver_file {
       file "/var/log/named/resolver.log" versions 3 size 5m;
       severity dynamic;
       print-time yes;
   };
    channel xfer-in_file {
        file "/var/log/named/xfer-in.log" versions 3 size 5m;
        severity dynamic;
        print-time yes;
    };
    channel xfer-out_file {
        file "/var/log/named/xfer-out.log" versions 3 size 5m;
        severity dynamic;
        print-time yes;
    };
   channel notify_file {
        file "/var/log/named/notify.log" versions 3 size 5m;
        severity dynamic;
        print-time yes;
   };
   channel client_file {
       file "/var/log/named/client.log" versions 3 size 5m;
      severity dynamic;
       print-time yes;
   };
    channel unmatched_file {
        file "/var/log/named/unmatched.log" versions 3 size 5m;
        severity dynamic;
        print-time yes;
    };
    channel queries_file {
        file "/var/log/named/queries.log" versions 3 size 5m;
        severity dynamic;
        print-time yes;
    };
    channel network_file {
        file "/var/log/named/network.log" versions 3 size 5m;
        severity dynamic;
        print-time yes;
    };
    channel update_file {
        file "/var/log/named/update.log" versions 3 size 5m;
        severity dynamic;
        print-time yes;
    };
    channel dispatch_file {
        file "/var/log/named/dispatch.log" versions 3 size 5m;
        severity dynamic;
        print-time yes;
    };
    channel dnssec_file {
        file "/var/log/named/dnssec.log" versions 3 size 5m;
        severity dynamic;
        print-time yes;
    };
   channel lame-servers_file {
        file "/var/log/named/lame-servers.log" versions 3 size 5m;
        severity dynamic;
        print-time yes;
    };

    category default { default_file; };
    category general { general_file; };
    category database { database_file; };
    category security { security_file; };
    category config { config_file; };
    category resolver { resolver_file; };
    category xfer-in { xfer-in_file; };
    category xfer-out { xfer-out_file; };
    category notify { notify_file; };
    category client { client_file; };
    category unmatched { unmatched_file; };
    category queries { queries_file; };
    category network { network_file; };
    category update { update_file; };
    category dispatch { dispatch_file; };
    category dnssec { dnssec_file; };
    category lame-servers { lame-servers_file; };
};

相关内容