dnsserver
我在域中拥有带有 bind9 服务的机器ent.com
。我还启动了其他机器:firewall
和webserver
。所有机器均由 Ubuntu-server-22.04 操作。
我已经配置了这些文件:
/etc/bind/named.conf.options
listen-on {
192.168.0.0/24;
}
allow-query { any ;};
dnssec-validation auto;
forwarders {
192.168.0.1;
};
/etc/bind/named.conf.local
zone "ent.com" IN {
type master;
file "/etc/bind/forward.ent.com";
allow-transfer {192.168.0.211; };
also-notify {192.168.0.211; };
};
zone "0.168.192.in-addr.arpa" IN {
type master;
file "/etc/bind/reverse.ent.com";
};
区域文件。
/etc/bind/forward.ent.com
$TTL 604800
@ IN SOA dnsserver.ent.com. root.dnsserver.ent.com. (
5 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800 ) ; Negative Cache TTL
;
@ IN NS dnsserver.ent.com.
@ IN A 192.168.0.211
dnsserver IN A 192.168.0.211
firewall IN A 192.168.0.201
mailserver IN A 192.168.0.212
webserver IN A 192.168.0.213
vault IN A 192.168.0.214
/etc/bind/forward.ent.com
$TTL 604800
@ IN SOA dnsserver.ent.com. root.dnsserver.ent.com. (
2 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800 ) ; Negative Cache TTL
;
@ IN NS dnsserver.ent.com.
@ IN PTR ent.com.
211 IN PTR dnsserver.ent.com.
201 IN PTR firewall.ent.com.
212 IN PTR mailserver.ent.com.
213 IN PTR webserver.ent.com.
214 IN PTR vault.ent.com.
命令named
,checkconf
并且checkzone
可以正常工作。
firewall
因此,当我通过机器名称连接并 ping 机器时,它可以完美地运行:
ilya@firewall:~$ nslookup dnsserver
Server: 127.0.0.53
Address: 127.0.0.53#53
Non-authoritative answer:
Name: dnsserver.ent.com
Address: 192.168.0.211
ilya@firewall:~$ ping webserver
PING webserver.ent.com (192.168.0.213) 56(84) bytes of data.
64 bytes from webserver.ent.com (192.168.0.213): icmp_seq=1 ttl=64 time=0.567 ms
64 bytes from webserver.ent.com (192.168.0.213): icmp_seq=2 ttl=64 time=0.657 ms
64 bytes from webserver.ent.com (192.168.0.213): icmp_seq=3 ttl=64 time=0.514 ms
^C
--- webserver.ent.com ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2028ms
rtt min/avg/max/mdev = 0.514/0.579/0.657/0.059 ms
但是当我尝试 ping 名称时dnsserver
出现错误:
ilya@dnsserver:~$ ping webserver
ping: webserver: Temporary failure in name resolution
ilya@dnsserver:~$ ping firewall
ping: firewall: Temporary failure in name resolution
ilya@dnsserver:~$ nslookup webserver
Server: 127.0.0.53
Address: 127.0.0.53#53
** server can't find webserver: SERVFAIL
dnsserver
的 netplan 配置在这里:
network:
version: 2
ethernets:
ens33:
dhcp4: no
match:
macaddress: 00:0c:29:7b:56:ad
set-name: ext0
addresses:
- 192.168.0.211/24
gateway4: 192.168.0.1
nameservers:
addresses: [192.168.0.211]
search: [ent.com]
找不到我的 DNS 服务器配置中的错误。你能帮助我吗?