我正在尝试实现 DDns,其中 DHCP 守护进程代替我更新 dns 记录。据我所知,它应该可以工作。但事实并非如此。如果有人指出我的错误配置,我将不胜感激。
文件权限正确,两个服务器上的密钥相同。使用的是 Centos 7。NATed KVM 内部一切正常。
DNS:192.168.1.10
DHCP:192.168.1.100
子网:192.168.1.0/24
和我的配置:
命名的.conf:
acl good_guys {
192.168.1.0/24;
};
include "/etc/rndc.key";
controls {
inet 127.0.0.1 allow {192.168.1.10; localhost;} keys {"rndc-key";};
};
options {
listen-on port 53 { 127.0.0.1; 192.168.1.10; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { localhost; good_guys; };
allow-query-cache { localhost; any; };
recursion no;
dnssec-enable no;
dnssec-validation no;
/* Path to ISC DLV key */
bindkeys-file "/etc/named.iscdlv.key";
managed-keys-directory "/var/named/dynamic";
pid-file "/run/named/named.pid";
session-keyfile "/run/named/session.key";
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
zone "." IN {
type hint;
file "named.ca";
};
zone "matrix.lab" IN {
type master;
file "matrix.lab.zone";
allow-update { key "rndc-key"; };
notify yes;
};
include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";
区域文件
; Authoritative data for matrix.lab zone
;
$TTL 1D
@ IN SOA mistrz.matrix.lab. root.mistrz.matrix.lab. (
2018120202 ; serial
1D ;refresh
1H ;retry
1W ;expire
3H ) ;minimum
IN NS mistrz.matrix.lab.
mistrz IN A 192.168.1.10
dhcpd配置文件
include "/etc/rndc.key";
ddns-updates on;
ddns-update-style interim;
ddns-domainname "matrix.lab.";
option domain-name-servers 192.168.1.10;
option domain-name "matrix.lab";
authoritative;
subnet 192.168.1.0 netmask 255.255.255.0 {
range 192.168.1.200 192.168.1.240;
option routers 192.168.1.1;
option subnet-mask 255.255.255.0;
default-lease-time 600;
max-lease-time 7200;
ddns-domainname "matrix.lab";
}
zone matrix.lab. {
primary 192.168.1.10;
key rndc-key;
}
rndc.密钥
key "rndc-key" {
algorithm hmac-sha256;
secret "8OpW4HhkzT6yvkMMhB9kcsE0xfB/NHkaOtbDRSdIARI=";
};
和输出rndc 状态:
version: 9.9.4-RedHat-9.9.4-61.el7_5.1 <id:8f9657aa>
CPUs found: 1
worker threads: 1
UDP listeners per interface: 1
number of zones: 7
debug level: 0
xfers running: 0
xfers deferred: 0
soa queries in progress: 0
query logging is OFF
recursive clients: 0/0/1000
tcp clients: 0/100
server is up and running
root@mistrz:~#