在 ubuntu 上设置 bind9

tag-icon tag-icon dns syslog bind
在 ubuntu 上设置 bind9

我正在尝试在家中的 Linksys 路由器后面的 ubuntu 服务器上设置 bind9。我按照网上的许多教程/文章操作,但似乎仍然不起作用。这是我的named.conf.options:

acl "trusted" {
    192.168.1.129; # geppubuntu (local dns)
    192.168.1.140; # printer
    192.168.1.100; # other ubuntu
    192.168.1.1  ; # router
};
options {
    directory "/var/cache/bind/";


forwarders {        
    8.8.8.8;
    8.8.4.4;        
};

recursion yes;
allow-recursion {trusted; };
listen-on {192.168.1.129; };        
allow-transfer {none; };    

dnssec-validation auto;

auth-nxdomain no;    # conform to RFC1035
listen-on-v6 { any; };
};

然后我有我的named.conf.local

zone "mainserver.geppo" {
    type master;
    file "/etc/bind/zone/db.mainserver.geppo";      
};

zone "1.168.192.in-addr.arpa" {
    type master;
    file "/etc/bind/zones/db.192";  
};

这是我的db.mainserver.geppo文件

$TTL    604800
@   IN  SOA geppubuntu.mainserver.geppo. admin.mainserver.geppo. (
           20160821     ; Serial
         604800     ; Refresh
          86400     ; Retry
        2419200     ; Expire
         604800 )   ; Negative Cache TTL
;
IN  NS  geppubuntu.mainserver.geppo.

geppubuntu.mainserver.geppo.      IN      A       192.168.1.129

router.mainserver.geppo.          IN      A       192.168.1.1
geppubuntus1.mainserver.geppo.    IN      A       192.168.1.100
printer.mainserver.geppo.         IN      A       192.168.1.140

db.192

$TTL    604800
@   IN  SOA geppubuntu.mainserver.geppo. admin.mainserver.geppo. (
        20160821    ; Serial
         604800     ; Refresh
          86400     ; Retry
        2419200     ; Expire
         604800 )   ; Negative Cache TTL
;
IN  NS  geppubuntu.

129     IN      PTR     geppubuntu.mainserver.geppo.
1       IN      PTR     router.mainserver.geppo.
100     IN      PTR     geppubuntus1.mainserver.geppo.
140     IN      PTR     printer.mainserver.geppo.

如果我运行sudo named-checkconf,没有问题,如果我运行sudo named-checkzone mainserver.main /etc/bind/zones/db.mainserver.geppo,我会看到以下内容:

 zone mainserver.geppo/IN: loaded serial 20160821
OK

如果我运行sudo named-checkzone mainserver.main /etc/bind/zones/db.192,我会看到以下内容:

zone mainserver.geppo/IN: loaded serial 20160821
OK

但是,我可以 ping 和 nslookup IP 地址,例如,如果我运行

nslookup 192.168.1.129

这是我看到的服务器:192.168.1.129 地址:192.168.1.129#53 129.1.168.192.in-addr.arpa 名称 = geppubuntu.mainserver.geppo。

我可以 ping 名称,但无法 nslookup

nslookup geppubuntu.mainserver.geppo

这就是我所看到的

;; Got SERVFAIL reply from 192.168.1.129, trying next server
Server:     75.75.75.75
Address:    75.75.75.75#53

** server can't find geppubuntu.mainserver.geppo: NXDOMAIN

另外,如果我查看/etc/var/syslog文件以查找 bind9 问题,我可以看到几行内容

 Aug 21 16:18:45 geppubuntu named[5662]: zone 0.in-addr.arpa/IN:   
 loaded serial 1
 Aug 21 16:18:45 geppubuntu named[5662]: zone 127.in-addr.arpa/IN: 
 loaded serial 1
 Aug 21 16:18:45 geppubuntu named[5662]: zone localhost/IN: loaded 
 serial 2
 Aug 21 16:18:45 geppubuntu named[5662]: zone 1.168.192.in-  
 addr.arpa/IN: loaded serial 20160821
 Aug 21 16:18:45 geppubuntu named[5662]: zone mainserver.geppo/IN: 
 loading from master file /etc/bind/zone/db.mainserver.geppo failed: 
 file not found
 Aug 21 16:18:45 geppubuntu named[5662]: zone mainserver.geppo/IN: not 
 loaded due to errors.
 Aug 21 16:18:45 geppubuntu named[5662]: zone 255.in-addr.arpa/IN:     
 loaded serial 1
 Aug 21 16:18:45 geppubuntu named[5662]: all zones loaded
 Aug 21 16:18:45 geppubuntu named[5662]: running
 Aug 21 16:18:45 geppubuntu named[5662]: zone 1.168.192.in-
 addr.arpa/IN:     
 sending notifies (serial 20160821)

我已经努力了一段时间了,非常感谢您的帮助!

答案1

如果我named-checkzone按照您编写的方式运行,我会在您的文件上收到一堆错误:

$ sudo named-checkzone mainserver.main db.mainserver.geppo.original
db.mainserver.geppo.original:11: ignoring out-of-zone data (geppubuntu.mainserver.geppo)
db.mainserver.geppo.original:13: ignoring out-of-zone data (router.mainserver.geppo)
db.mainserver.geppo.original:14: ignoring out-of-zone data (geppubuntus1.mainserver.geppo)
db.mainserver.geppo.original:15: ignoring out-of-zone data (printer.mainserver.geppo)
zone mainserver.main/IN: has no NS records
zone mainserver.main/IN: not loaded due to errors.

如果我按照named-checkzone我认为应该运行的方式运行,我仍然会收到错误:

$ sudo named-checkzone mainserver.geppo db.mainserver.geppo.original
zone mainserver.geppo/IN: has no NS records
zone mainserver.geppo/IN: not loaded due to errors.

如果我修复该文件然后运行named-checkzone,似乎没问题:

$ sudo named-checkzone mainserver.geppo db.mainserver.geppo.doug
zone mainserver.geppo/IN: loaded serial 20160821
OK

文件 db.mainserver.geppo.doug:

$TTL    604800
@               IN      SOA mainserver.geppo. admin.mainserver.geppo. (
                20160821        ; Serial
                604800          ; Refresh
                86400           ; Retry
                2419200         ; Expire
                604800 )        ; Negative Cache TTL
                IN      A       192.168.1.129
;
@               IN      NS      geppubuntu.mainserver.geppo.
geppubuntu      IN      A       192.168.1.129

router          IN      A       192.168.1.1
geppubuntus1    IN      A       192.168.1.100
printer         IN      A       192.168.1.140

相关内容