我们在 DNS 上部署了一个新区域:
新区域的 named.conf(与其他区域一样)
zone "db.0.30.10.in-addr.arpa" {
type master;
file "/etc/named/internal/db.0.30.10.in-addr.arpa";
notify yes;
allow-transfer {
dns2-int; key "int-key";
};
check-names warn;
};
这是该区域的新文件(与其他文件一样):
[root@dns-1 zones]# cat db.0.30.10.in-addr.arpa
$ORIGIN 0.30.10.in-addr.arpa.
$TTL 3600
@ IN SOA ns1.0.30.10.in-addr.arpa. domainmaster.0.30.10.in-addr.arpa. 2021072301 10800 3600 2419200 900
@ IN NS ns1
ns1 IN A 10.25.16.7
@ IN NS ns2
ns2 IN A 10.25.16.8
@ IN NS ns3
ns3 IN A 10.20.1.15
@ IN NS ns4
ns4 IN A 10.20.9.15
当我尝试重新启动命名时,区域出现问题,并且命名无法启动:
Feb 15 08:13:36 dns-1 bash[root]: systemctl restart named
Feb 15 08:13:36 dns-1 bash[3211663]: /etc/named/internal/db.6.30.10.in-addr.arpa:10: ignoring out-of-zone data (6.30.10.in-addr.arpa)
Feb 15 08:13:36 dns-1 bash[3211663]: /etc/named/internal/db.6.30.10.in-addr.arpa:11: ignoring out-of-zone data (ns4.6.30.10.in-addr.arpa)
Feb 15 08:13:36 dns-1 bash[3211663]: /etc/named/internal/db.6.30.10.in-addr.arpa: file does not end with newline
Feb 15 08:13:36 dns-1 bash[3211663]: zone db.6.30.10.in-addr.arpa/IN: has 0 SOA records
Feb 15 08:13:36 dns-1 bash[3211663]: zone db.6.30.10.in-addr.arpa/IN: has no NS records
Feb 15 08:13:36 dns-1 bash[3211663]: zone db.6.30.10.in-addr.arpa/IN: not loaded due to errors.
Feb 15 08:13:36 dns-1 bash[3211663]: internal/db.6.30.10.in-addr.arpa/IN: bad zone
您能否告知是否有问题以及如何解决?谢谢
答案1
你说:
zone "db.0.30.10.in-addr.arpa"
因此,您定义的区域db.0.30.10.in-addr.arpa可能db不正确。
然后在区域中你说:
$ORIGIN 0.30.10.in-addr.arpa.
这可能是正确的,但与zone上面的陈述不一致,因为这个新区域“位于”前一个区域“之上”(它会在相反的方向起作用)。
这也是绑定日志消息告诉您的内容,只是它们对应于的区域声明db.6.30.10.in-addr.arpa而不是db.0.30.10.in-addr.arpa,因此您要么同时遇到了两个问题,要么只是在混淆时创建了一个错误。
简而言之,区域名称中必须包含 。您可能将区域名称和文件名混合在一起(这 100% 是任意的,名称中任何地方db.都不需要包含)db
答案2
您总共有两种配置:
1.named.conf配置
2.区域文件配置
对于 named.conf,我将提供一个示例,您可能会看到其中包含主要的命名配置和区域名称。
区域文件保存在单独的文件中
样本:
options {
directory "/zones";
pid-file "/var/run/named/pid";
statistics-file "/var/stats/named.stats";
listen-on { 127.0.0.1; 1.2.3.4;};
allow-transfer {127.0.0.1; 2.3.4.5;};
recursive-clients 20;
disable-empty-zone "255.255.255.255.IN-ADDR.ARPA";
disable-empty-zone "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA";
disable-empty-zone "1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA";
};
key "rndc-key" {
algorithm hmac-md5;
secret "HashedContent";
};
controls {
inet 127.0.0.1 port 953
allow { 127.0.0.1; } keys { "rndc-key"; };
};
zone "." {
type slave;
file "/etc/namedb/slave/root.slave";
masters {
192.5.5.241; // F.ROOT-SERVERS.NET.
};
notify no;
};
zone "arpa" {
type slave;
file "/etc/namedb/slave/arpa.slave";
masters {
192.5.5.241; // F.ROOT-SERVERS.NET.
};
notify no;
};
zone "in-addr.arpa" {
type slave;
file "/etc/namedb/slave/in-addr.arpa.slave";
masters {
192.5.5.241; // F.ROOT-SERVERS.NET.
};
notify no;
};
zone "localhost" { type master; file "/etc/namedb/master/localhost-forward.db"; };
zone "127.in-addr.arpa" { type master; file "/etc/namedb/master/localhost-reverse.db"; };
zone "255.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
zone "0.ip6.arpa" { type master; file "/etc/namedb/master/localhost-reverse.db"; };
zone "0.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
zone "10.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
zone "16.172.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
zone "17.172.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
zone "18.172.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
zone "19.172.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
zone "20.172.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
zone "21.172.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
zone "22.172.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
zone "23.172.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
zone "24.172.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
zone "25.172.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
zone "26.172.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
zone "27.172.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
zone "28.172.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
zone "29.172.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
zone "30.172.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
zone "31.172.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
zone "168.192.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
zone "254.169.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
zone "2.0.192.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
zone "100.51.198.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
zone "113.0.203.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
zone "0.0.0.0.0.0.0.0.8.b.d.0.1.0.0.2.ip6.arpa" { type master; file "/etc/namedb/master/empty.db"; };
zone "test" { type master; file "/etc/namedb/master/empty.db"; };
zone "example" { type master; file "/etc/namedb/master/empty.db"; };
zone "invalid" { type master; file "/etc/namedb/master/empty.db"; };
zone "example.com" { type master; file "/etc/namedb/master/empty.db"; };
zone "example.net" { type master; file "/etc/namedb/master/empty.db"; };
zone "example.org" { type master; file "/etc/namedb/master/empty.db"; };
zone "18.198.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
zone "19.198.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
zone "240.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
zone "241.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
zone "242.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
zone "243.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
zone "244.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
zone "245.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
zone "246.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
zone "247.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
zone "248.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
zone "249.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
zone "250.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
zone "251.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
zone "252.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
zone "253.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
zone "254.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
// Customers Zones
zone "domain1.com" { type master; file "db.domain1.com.hosts"; };
zone "domain2.net" { type master; file "db.domain2.net.hosts"; };
正如您所观察到的,我在 named.conf 中提到了区域文件的名称,并将其存储在“/zones”目录中。每个区域文件名必须对应于您在此处提到的相同名称。
例如,区域文件名必须完全是“db.domain1.com.主机“然后在文件内部,您就定义了记录。
使用此文件时您可能会发现一些问题,但通过阅读日志文件,您可以编辑和删除不必要的选项。这只是一个示例,旨在指导您如何将主配置和区域文件放在两个独立的配置文件中,以简化操作。