我使用 Ubuntu 20.04 和 webmin 构建了一个主绑定服务器。除了传输到从服务器外,主服务器正常工作。从服务器也是带有 webmin 的新 Ubuntu 20.04。我的序列号在任何更改时都会增加,并且它会向从服务器发送通知,但没有发生传输。我确信我做了一些愚蠢的事情,但我很茫然,需要一些帮助。
来自从属系统日志
client @0x7eff48044910 192.40.120.9#33471/key 1: received notify for zone 'telpage.net': TSIG '1': not authoritative
她是我的主人named.conf
// If you are just adding zones, please do that in /etc/bind/named.conf.local
include "/etc/bind/named.conf.options";
include "/etc/bind/named.conf.local";
include "/etc/bind/named.conf.default-zones";
key 1 {
algorithm hmac-md5;
secret "xxxxxxxxxxxxxxxxxxxxxxxx";
};
server 192.40.120.10 {
keys {
1;
};
transfer-format one-answer;
};
controls {
inet 'master ip' port 953 allow { "master ip"; "slave ip"; } keys { rndc-key; 1; };
};
key rndc-key {
algorithm hmac-sha256;
secret "xxxxxx";
};
命名的.conf.选项
//========================================================================
dnssec-validation auto;
listen-on-v6 { any; };
forwarders {
"forwarder 1";
"forwarder 2";
};
forward first;
allow-recursion {
"client ip";
"client ip";
};
allow-query {
any;
};
dnssec-enable yes;
also-notify {
"slave ip";
};
notify yes;
auth-nxdomain yes;
};
命名的.conf.本地
//
// Do any local configuration here
//
// Consider adding the 1918 zones here, if they are not used in your
// organization
//include "/etc/bind/zones.rfc1918";
zone "telpage.net" {
type master;
file "/var/lib/bind/telpage.net.hosts";
also-notify {
"slave ip";
};
allow-transfer {
"slave ip";
};
notify yes;
};
zone "amandajoneslaw.com" {
type master;
file "/var/lib/bind/amandajoneslaw.com.hosts";
also-notify {
"slave ip";
};
notify yes;
};
zone "brunswickco.com" {
type master;
file "/var/lib/bind/brunswickco.com.hosts";
also-notify {
"slave ip";
};
notify yes;
};
zone "buckwaterplantation.com" {
type master;
file "/var/lib/bind/buckwaterplantation.com.hosts";
also-notify {
"slave ip";
};
notify yes;
};
zone "chapmanlumber.com" {
type master;
file "/var/lib/bind/chapmanlumber.com.hosts";
also-notify {
"slave ip";
};
notify yes;
};
zone "consciencestream.com" {
type master;
file "/var/lib/bind/consciencestream.com.hosts";
also-notify {
"slave ip";
};
notify yes;
};
zone "dickensconstruction.com" {
type master;
file "/var/lib/bind/dickensconstruction.com.hosts";
also-notify {
"slave ip";
};
notify yes;
};
zone "elliottsadler.com" {
type master;
file "/var/lib/bind/elliottsadler.com.hosts";
also-notify {
"slave ip";
};
notify yes;
};
zone "emporiaciviccenter.org" {
type master;
file "/var/lib/bind/emporiaciviccenter.org.hosts";
also-notify {
"slave ip";
};
notify yes;
};
zone "emporiamedical.com" {
type master;
file "/var/lib/bind/emporiamedical.com.hosts";
also-notify {
"slave ip";
};
notify yes;
};
zone "emporianews.com" {
type master;
file "/var/lib/bind/emporianews.com.hosts";
also-notify {
"slave ip";
};
notify yes;
};
zone "flyemv.com" {
type master;
file "/var/lib/bind/flyemv.com.hosts";
also-notify {
"slave ip";
};
notify yes;
};
zone "flyemv.org" {
type master;
file "/var/lib/bind/flyemv.org.hosts";
also-notify {
"slave ip";
};
notify yes;
};
zone "franklinbraid.com" {
type master;
file "/var/lib/bind/franklinbraid.com.hosts";
also-notify {
"slave ip";
};
notify yes;
};
zone "goodearthpeanuts.com" {
type master;
file "/var/lib/bind/goodearthpeanuts.com.hosts";
also-notify {
"slave ip";
};
notify yes;
};
zone "greensvillecountyva.gov" {
type master;
file "/var/lib/bind/greensvillecountyva.gov.hosts";
also-notify {
"slave ip";
};
notify yes;
};
zone "jarrattfire.org" {
type master;
file "/var/lib/bind/jarrattfire.org.hosts";
also-notify {
"slave ip";
};
notify yes;
};
zone "jlwalston.com" {
type master;
file "/var/lib/bind/jlwalston.com.hosts";
also-notify {
"slave ip";
};
notify yes;
};
zone "jrallpc.com" {
type master;
file "/var/lib/bind/jrallpc.com.hosts";
also-notify {
"slave ip";
};
notify yes;
};
zone "lakegastonassoc.com" {
type master;
file "/var/lib/bind/lakegastonassoc.com.hosts";
also-notify {
"slave ip";
};
notify yes;
};
zone "lastday.net" {
type master;
file "/var/lib/bind/lastday.net.hosts";
also-notify {
"slave ip";
};
notify yes;
};
zone "lgaston.org" {
type master;
file "/var/lib/bind/lgaston.org.hosts";
also-notify {
"slave ip";
};
notify yes;
};
zone "midatlanticinfosec.com" {
type master;
file "/var/lib/bind/midatlanticinfosec.com.hosts";
also-notify {
"slave ip";
};
notify yes;
};
zone "midatlantictower.com" {
type master;
file "/var/lib/bind/midatlantictower.com.hosts";
also-notify {
"slave ip";
};
notify yes;
};
zone "modsbyus.com" {
type master;
file "/var/lib/bind/modsbyus.com.hosts";
also-notify {
"slave ip";
};
notify yes;
};
zone "motorolaradio.com" {
type master;
file "/var/lib/bind/motorolaradio.com.hosts";
also-notify {
"slave ip";
};
notify yes;
};
zone "naynaysartbox.com" {
type master;
file "/var/lib/bind/naynaysartbox.com.hosts";
also-notify {
"slave ip";
};
notify yes;
};
zone "omnitowers.com" {
type master;
file "/var/lib/bind/omnitowers.com.hosts";
also-notify {
"slave ip";
};
notify yes;
};
zone "osg-armor.com" {
type master;
file "/var/lib/bind/osg-armor.com.hosts";
also-notify {
"slave ip";
};
notify yes;
};
zone "sadlerbrosoil.com" {
type master;
file "/var/lib/bind/sadlerbrosoil.com.hosts";
also-notify {
"slave ip";
};
notify yes;
};
zone "sadlerfanclub.com" {
type master;
file "/var/lib/bind/sadlerfanclub.com.hosts";
also-notify {
"slave ip";
};
notify yes;
};
zone "southsideccjb.com" {
type master;
file "/var/lib/bind/southsideccjb.com.hosts";
also-notify {
"slave ip";
};
notify yes;
};
zone "telpage.com" {
type master;
file "/var/lib/bind/telpage.com.hosts";
also-notify {
"slave ip";
};
notify yes;
};
zone "thevirginiapeanutfestival.com" {
type master;
file "/var/lib/bind/thevirginiapeanutfestival.com.hosts";
also-notify {
"slave ip";
};
notify yes;
};
zone "virginiacarolina.com" {
type master;
file "/var/lib/bind/virginiacarolina.com.hosts";
also-notify {
"slave ip";
};
notify yes;
};
zone "whitman-properties.com" {
type master;
file "/var/lib/bind/whitman-properties.com.hosts";
also-notify {
"slave ip";
};
notify yes;
};
zone "wrobinsonlaw.com" {
type master;
file "/var/lib/bind/wrobinsonlaw.com.hosts";
also-notify {
"slave ip";
};
notify yes;
};
zone "ymcaofeg.org" {
type master;
file "/var/lib/bind/ymcaofeg.org.hosts";
also-notify {
"slave ip";
};
notify yes;
};
命名的.conf.默认区域
// prime the server with knowledge of the root servers
zone "." {
type hint;
file "/usr/share/dns/root.hints";
};
// be authoritative for the localhost forward and reverse zones, and for
// broadcast zones as per RFC 1912
zone "localhost" {
type master;
file "/etc/bind/db.local";
also-notify {
"slave ip";
};
allow-transfer {
"slave ip";
};
};
zone "127.in-addr.arpa" {
type master;
file "/etc/bind/db.127";
also-notify {
"slave ip";
};
allow-transfer {
"slave ip";
};
};
zone "0.in-addr.arpa" {
type master;
file "/etc/bind/db.0";
also-notify {
"slave ip";
};
allow-transfer {
"slave ip";
};
};
zone "255.in-addr.arpa" {
type master;
file "/etc/bind/db.255";
also-notify {
"slave ip";
};
allow-transfer {
"slave ip";
};
};
在从服务器上:
命名配置文件
// This is the primary configuration file for the BIND DNS server named.
//
// Please read /usr/share/doc/bind9/README.Debian.gz for information on the
// structure of BIND configuration files in Debian, *BEFORE* you customize
// this configuration file.
//
// If you are just adding zones, please do that in /etc/bind/named.conf.local
include "/etc/bind/named.conf.options";
include "/etc/bind/named.conf.local";
include "/etc/bind/named.conf.default-zones";
key rndc-key {
algorithm hmac-sha256;
secret "xxxxxxx";
};
controls {
inet "slave ip" port 953 allow { "slave ip"; "master ip"; } keys { rndc-key; 1; };
};
server "master ip" {
keys {
1;
};
};
key 1 {
algorithm hmac-md5;
secret "xxxxxxxx";
};
logging {
channel bind_log {
null;
};
};
命名的.conf.选项
options {
directory "/var/cache/bind";
// If there is a firewall between you and nameservers you want
// to talk to, you may need to fix the firewall to allow multiple
// ports to talk. See http://www.kb.cert.org/vuls/id/800113
// If your ISP provided one or more IP addresses for stable
// nameservers, you probably want to use them as forwarders.
// Uncomment the following block, and insert the addresses replacing
// the all-0's placeholder.
// forwarders {
// 0.0.0.0;
// };
//========================================================================
// If BIND logs error messages about the root key being expired,
// you will need to update your keys. See https://www.isc.org/bind-keys
//========================================================================
dnssec-validation auto;
listen-on-v6 { any; };
transfer-source "master ip";
allow-query {
any;
};
forwarders {
"forwarder 1";
"forwarder 2";
};
allow-transfer {
"master ip";
};
transfer-format one-answer;
};
命名的.conf.本地
//
// Do any local configuration here
//
// Consider adding the 1918 zones here, if they are not used in your
// organization
//include "/etc/bind/zones.rfc1918";
zone "telpage.net" {
type slave;
file "/var/lib/bind/telpage.net.hosts";
masters {
<master ip>;
};
};
zone "amandajoneslaw.com" {
type slave;
file "/var/lib/bind/amandajoneslaw.com.hosts";
masters {
<master ip>;
};
};
zone "brunswickco.com" {
type slave;
file "/var/lib/bind/brunswickco.com.hosts";
masters {
<master ip>;
};
};
zone "buckwaterplantation.com" {
type slave;
file "/var/lib/bind/buckwaterplantation.com.hosts";
masters {
<master ip>;
};
};
zone "chapmanlumber.com" {
type slave;
file "/var/lib/bind/chapmanlumber.com.hosts";
masters {
<master ip>;
};
};
zone "consciencestream.com" {
type slave;
file "/var/lib/bind/consciencestream.com.hosts";
masters {
<master ip>;
};
};
zone "dickensconstruction.com" {
type slave;
file "/var/lib/bind/dickensconstruction.com.hosts";
masters {
<master ip>;
};
};
zone "elliottsadler.com" {
type slave;
file "/var/lib/bind/elliottsadler.com.hosts";
masters {
<master ip>;
};
};
zone "emporiaciviccenter.org" {
type slave;
file "/var/lib/bind/emporiaciviccenter.org.hosts";
masters {
<master ip>;
};
};
zone "emporiamedical.com" {
type slave;
file "/var/lib/bind/emporiamedical.com.hosts";
masters {
<master ip>;
};
};
zone "emporianews.com" {
type slave;
file "/var/lib/bind/emporianews.com.hosts";
masters {
<master ip>;
};
};
zone "flyemv.com" {
type slave;
file "/var/lib/bind/flyemv.com.hosts";
masters {
<master ip>;
};
};
zone "flyemv.org" {
type slave;
file "/var/lib/bind/flyemv.org.hosts";
masters {
<master ip>;
};
};
zone "franklinbraid.com" {
type slave;
file "/var/lib/bind/franklinbraid.com.hosts";
masters {
<master ip>;
};
};
zone "goodearthpeanuts.com" {
type slave;
file "/var/lib/bind/goodearthpeanuts.com.hosts";
masters {
<master ip>;
};
};
zone "greensvillecountyva.gov" {
type slave;
file "/var/lib/bind/greensvillecountyva.gov.hosts";
masters {
<master ip>;
};
};
zone "jarrattfire.org" {
type slave;
file "/var/lib/bind/jarrattfire.org.hosts";
masters {
<master ip>;
};
};
zone "jlwalston.com" {
type slave;
file "/var/lib/bind/jlwalston.com.hosts";
masters {
<master ip>;
};
};
zone "jrallpc.com" {
type slave;
file "/var/lib/bind/jrallpc.com.hosts";
masters {
<master ip>;
};
};
zone "lakegastonassoc.com" {
type slave;
file "/var/lib/bind/lakegastonassoc.com.hosts";
masters {
<master ip>;
};
};
zone "lastday.net" {
type slave;
file "/var/lib/bind/lastday.net.hosts";
masters {
<master ip>;
};
};
zone "lgaston.org" {
type slave;
file "/var/lib/bind/lgaston.org.hosts";
masters {
<master ip>;
};
};
zone "midatlanticinfosec.com" {
type slave;
file "/var/lib/bind/midatlanticinfosec.com.hosts";
masters {
<master ip>;
};
};
zone "midatlantictower.com" {
type slave;
file "/var/lib/bind/midatlantictower.com.hosts";
masters {
<master ip>;
};
};
zone "modsbyus.com" {
type slave;
file "/var/lib/bind/modsbyus.com.hosts";
masters {
<master ip>;
};
};
zone "motorolaradio.com" {
type slave;
file "/var/lib/bind/motorolaradio.com.hosts";
masters {
<master ip>;
};
};
zone "naynaysartbox.com" {
type slave;
file "/var/lib/bind/naynaysartbox.com.hosts";
masters {
<master ip>;
};
};
zone "omnitowers.com" {
type slave;
file "/var/lib/bind/omnitowers.com.hosts";
masters {
<master ip>;
};
};
zone "osg-armor.com" {
type slave;
file "/var/lib/bind/osg-armor.com.hosts";
masters {
<master ip>;
};
};
zone "sadlerbrosoil.com" {
type slave;
file "/var/lib/bind/sadlerbrosoil.com.hosts";
masters {
<master ip>;
};
};
zone "sadlerfanclub.com" {
type slave;
file "/var/lib/bind/sadlerfanclub.com.hosts";
masters {
<master ip>;
};
};
zone "southsideccjb.com" {
type slave;
file "/var/lib/bind/southsideccjb.com.hosts";
masters {
<master ip>;
};
};
zone "telpage.com" {
type slave;
file "/var/lib/bind/telpage.com.hosts";
masters {
<master ip>;
};
};
zone "thevirginiapeanutfestival.com" {
type slave;
file "/var/lib/bind/thevirginiapeanutfestival.com.hosts";
masters {
<master ip>;
};
};
zone "virginiacarolina.com" {
type slave;
file "/var/lib/bind/virginiacarolina.com.hosts";
masters {
<master ip>;
};
};
zone "whitman-properties.com" {
type slave;
file "/var/lib/bind/whitman-properties.com.hosts";
masters {
<master ip>;
};
};
zone "wrobinsonlaw.com" {
type slave;
file "/var/lib/bind/wrobinsonlaw.com.hosts";
masters {
<master ip>;
};
};
zone "ymcaofeg.org" {
type slave;
file "/var/lib/bind/ymcaofeg.org.hosts";
masters {
<master ip>;
};
};
命名的.conf.默认区域
// prime the server with knowledge of the root servers
zone "." {
type hint;
file "/usr/share/dns/root.hints";
};
// be authoritative for the localhost forward and reverse zones, and for
// broadcast zones as per RFC 1912
zone "127.in-addr.arpa" {
type slave;
file "/etc/bind/db.127";
};
zone "0.in-addr.arpa" {
type master;
file "/etc/bind/db.0";
};
zone "255.in-addr.arpa" {
type master;
file "/etc/bind/db.255";
};
答案1
您尚未在从属服务器上定义任何从属区域named.conf.local(该文件为空)。
你需要:
zone "telpage.net" {
type slave;
file "/var/lib/bind/telpage.net.hosts.slave";
masters {
<ip_of_master>;
};
};
对于您希望在那里托管的剩余区域,也是如此。
请参阅绑定 ARM 以了解从属区域定义(https://downloads.isc.org/isc/bind9/9.11.13/doc/arm/Bv9ARM.ch06.html#zone_statement_grammar)。