我已经使用以下文件创建了一个 DNS 服务器,将我的域地址映射sudia.com到我的 VPS 服务器,但它不起作用,我无法使用我的域地址访问我的服务器。还必须说有一个 NginX 在运行ttp://136.243.197.164:3200。
/etc/named.conf:目录“/var/named”;转储文件“/var/named/data/cache_dump.db”;统计文件“/var/named/data/named_stats.txt”;memstatistics 文件“/var/named/data/named_mem_stats.txt”;secroots 文件“/var/named/data/named.secroots”;递归文件“/var/named/data/named.recursing”;允许查询 {localhost;136.243.197.164;};
/*
- If you are building an AUTHORITATIVE DNS server, do NOT enable recursion.
- If you are building a RECURSIVE (caching) DNS server, you need to enable
recursion.
- If your recursive DNS server has a public IP address, you MUST enable access
control to limit queries to your legitimate users. Failing to do so will
cause your server to become part of large scale DNS amplification
attacks. Implementing BCP38 within your network would greatly
reduce such attack surface
*/
recursion yes;
dnssec-enable yes;
dnssec-validation yes;
managed-keys-directory "/var/named/dynamic";
pid-file "/run/named/named.pid";
session-keyfile "/run/named/session.key";
/* https://fedoraproject.org/wiki/Changes/CryptoPolicy */
include "/etc/crypto-policies/back-ends/bind.config";
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
zone "." IN {
type hint;
file "named.ca";
};
include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";
//forward zone
zone "sudia.com" IN {
type master;
file "fwd.sudia.com.db";
allow-update { none; };
allow-query { any; };
};
//backward zone
zone "197.243.136.in-addr.arpa" IN {
type master;
file "sudia.com.rev";
allow-update { none; };
allow-query { any; };
};
/var/named/fwd.sudia.com.db:
$TTL 86400
@ IN SOA ns1.sudia.com. root.sudia.com. (
3 ;Serial
3600 ;Refresh
1800 ;Retry
604800 ;Expire
86400 ;Minimum TTL
)
;Name Server Information
@ IN NS ns1.sudia.com.
;IP address of Name Server
ns1 IN A 136.243.197.164
;A - Record HostName To Ip Address
www IN A 136.243.197.164
;CNAME record
ftp IN CNAME www.sudsuz.com.
/var/named/sudia.com.rev:
$TTL 86400
@ IN SOA ns1.sudia.com. root.itzgeek.local. (
3 ;Serial
3600 ;Refresh
1800 ;Retry
604800 ;Expire
86400 ;Minimum TTL
)
;Name Server Information
@ IN NS ns1.sudia.com.
;Reverse lookup for Name Server
164 IN PTR ns1.sudia.com.
;PTR Record IP address to HostName
164 IN PTR www.sudia.com
编辑:这是结果host www.sudia.com:
www.sudia.com has address 136.243.197.164
但host sudia.com(没有www)不起作用!
答案1
您的区域文件没有正确的记录www.sudia.com. 将其添加到您的区域。例如通过更改此文件/var/named/fwd.sudia.com.db或通过 nsupdate:
方法 1(更新文件/var/named/fwd.sudia.com.db,不要忘记更新序列号):
@ IN A 136.243.197.164
方法 2(nsupdate)例如:
[root@ns1 ~]# nsupdate -k /etc/rndc.key
> server localhost
> zone sudia.com.
> update add sudia.com. 3600 IN A 136.243.197.164
> send
[root@ns1 ~]#
然后您的名称服务器可以将根域(例如 sudia.com)解析为正确的 IP 地址。