DNS不能開始服務
我的DNS 伺服器不能工作,用
dig baidu.com
; <<>> DiG 9.4.2 <<>> baidu.com
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 23198
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 4, ADDITIONAL: 4
;; QUESTION SECTION:
;baidu.com. IN A
;; ANSWER SECTION:
baidu.com. 5319 IN A 202.108.22.46
baidu.com. 5319 IN A 220.181.38.84
;; AUTHORITY SECTION:
baidu.com. 77327 IN NS dns.baidu.com.
baidu.com. 77327 IN NS ns3.baidu.com.
baidu.com. 77327 IN NS ns4.baidu.com.
baidu.com. 77327 IN NS ns2.baidu.com.
;; ADDITIONAL SECTION:
ns2.baidu.com. 164187 IN A 61.135.165.235
ns3.baidu.com. 166662 IN A 220.181.37.10
ns4.baidu.com. 77530 IN A 220.181.38.10
dns.baidu.com. 166662 IN A 202.108.22.220
;; Query time: 1188 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Fri Nov 14 17:38:16 2008
;; MSG SIZE rcvd: 195
=====================================================================================================
但是我
dig 39c.org axfr
卻提示
; <<>> DiG 9.4.2 <<>> 39c.org axfr
;; global options: printcmd
; Transfer failed.
查詢 /var/log/messages 文件。說:
Nov 14 16:45:39 dev named: starting BIND 9.4.2 -t /var/named -u bind
Nov 14 16:45:40 dev named: command channel listening on 127.0.0.1#953
Nov 14 16:45:40 dev named: command channel listening on ::1#953
Nov 14 16:45:40 dev named: master/39c.org:3: ignoring out-of-zone data (39c.org)
Nov 14 16:45:40 dev named: master/39c.org:11: ignoring out-of-zone data (39c.org)
Nov 14 16:45:40 dev named: master/39c.org:14: ignoring out-of-zone data (dev.39c.org)
Nov 14 16:45:40 dev named: master/39c.org:20: ignoring out-of-zone data (39c.org)
Nov 14 16:45:40 dev named: zone 39.org/IN: has 0 SOA records
Nov 14 16:45:40 dev named: zone 39.org/IN: has no NS records
Nov 14 16:45:40 dev named: running
=====================================================================================================
我的 master/39c.org 文件內容如下:
$TTL 3600
39c.org. IN SOA dev.39c.org. root.39c.org. (
1 ; Serial
10800 ; Refresh
3600 ; Retry
604800 ; Expire
86400 ) ; Minimum TTL
;DNS Servers
39c.org. IN NS dev.39c.org.
;Machine Names
dev.39c.org. IN A 192.168.0.80
;Aliases
www IN CNAME dev.39c.org.
;MX Record
39c.org. IN MX 10 dev.39c.org.
=====================================================================================================
我判斷是我的39c.org 域文件有問題,可是我對照教程上的源碼,沒有錯誤。我只是把教程中的 example.com 替換成我的域名 39c.org 。
請幫下我!
《解決方案》
將配置文件/etc/named.conf貼出來 ?
《解決方案》
named.conf 文件
// $FreeBSD: src/etc/namedb/named.conf,v 1.26.4.1 2008/01/13 20:48:23 dougb Exp $
//
// Refer to the named.conf(5) and named(8) man pages, and the documentation
// in /usr/share/doc/bind9 for more details.
//
// If you are going to set up an authoritative server, make sure you
// understand the hairy details of how DNS works. Even with
// simple mistakes, you can break connectivity for affected parties,
// or cause huge amounts of useless Internet traffic.
options {
// Relative to the chroot directory, if any
directory "/etc/namedb";
pid-file "/var/run/named/pid";
dump-file "/var/dump/named_dump.db";
statistics-file "/var/stats/named.stats";
// If named is being used only as a local resolver, this is a safe default.
// For named to be accessible to the network, comment this option, specify
// the proper IP address, or delete this option.
// listen-on { 127.0.0.1; };
// If you have IPv6 enabled on this system, uncomment this option for
// use as a local resolver. To give access to the network, specify
// an IPv6 address, or the keyword "any".
// listen-on-v6 { ::1; };
// These zones are already covered by the empty zones listed below.
// If you remove the related empty zones below, comment these lines out.
disable-empty-zone "255.255.255.255.IN-ADDR.ARPA";
disable-empty-zone "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA";
disable-empty-zone "1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA";
// In addition to the "forwarders" clause, you can force your name
// server to never initiate queries of its own, but always ask its
// forwarders only, by enabling the following line:
//
// forward only;
// If you've got a DNS server around at your upstream provider, enter
// its IP address here, and enable the line below. This will make you
// benefit from its cache, thus reduce overall DNS traffic in the Internet.
forwarders {
202.103.44.150;202.103.24.68;
};
/*
* If there is a firewall between you and nameservers you want
* to talk to, you might need to uncomment the query-source
* directive below. Previous versions of BIND always asked
* questions using port 53, but BIND versions 8 and later
* use a pseudo-random unprivileged UDP port by default.
*/
// query-source address * port 53;
};
// If you enable a local name server, don't forget to enter 127.0.0.1
// first in your /etc/resolv.conf so this server will be queried.
// Also, make sure to enable it in /etc/rc.conf.
// The traditional root hints mechanism. Use this, OR the slave zones below.
zone "." { type hint; file "named.root"; };
/* Slaving the following zones from the root name servers has some
significant advantages:
1. Faster local resolution for your users
2. No spurious traffic will be sent from your network to the roots
3. Greater resilience to any potential root server failure/DDoS
On the other hand, this method requires more monitoring than the
hints file to be sure that an unexpected failure mode has not
incapacitated your server. Name servers that are serving a lot
of clients will benefit more from this approach than individual
hosts. Use with caution.
To use this mechanism, uncomment the entries below, and comment
the hint zone above.
*/
zone "." {
type slave;
file "slave/root.slave";
masters {
192.5.5.241; // F.ROOT-SERVERS.NET.
};
notify no;
};
zone "arpa" {
type slave;
file "slave/arpa.slave";
masters {
192.5.5.241; // F.ROOT-SERVERS.NET.
};
notify no;
};
zone "in-addr.arpa" {
type slave;
file "slave/in-addr.arpa.slave";
masters {
192.5.5.241; // F.ROOT-SERVERS.NET.
};
notify no;
};
/* Serving the following zones locally will prevent any queries
for these zones leaving your network and going to the root
name servers. This has two significant advantages:
1. Faster local resolution for your users
2. No spurious traffic will be sent from your network to the roots
*/
// RFC 1912
zone "localhost" { type master; file "master/localhost-forward.db"; };
zone "127.in-addr.arpa" { type master; file "master/localhost-reverse.db"; };
zone "255.in-addr.arpa" { type master; file "master/empty.db"; };
// RFC 1912-style zone for IPv6 localhost address
zone "0.ip6.arpa" { type master; file "master/localhost-reverse.db"; };
// "This" Network (RFCs 1912 and 3330)
zone "0.in-addr.arpa" { type master; file "master/empty.db"; };
// Private Use Networks (RFC 1918)
zone "10.in-addr.arpa" { type master; file "master/empty.db"; };
zone "16.172.in-addr.arpa" { type master; file "master/empty.db"; };
zone "17.172.in-addr.arpa" { type master; file "master/empty.db"; };
zone "18.172.in-addr.arpa" { type master; file "master/empty.db"; };
zone "19.172.in-addr.arpa" { type master; file "master/empty.db"; };
zone "20.172.in-addr.arpa" { type master; file "master/empty.db"; };
zone "21.172.in-addr.arpa" { type master; file "master/empty.db"; };
zone "22.172.in-addr.arpa" { type master; file "master/empty.db"; };
zone "23.172.in-addr.arpa" { type master; file "master/empty.db"; };
zone "24.172.in-addr.arpa" { type master; file "master/empty.db"; };
zone "25.172.in-addr.arpa" { type master; file "master/empty.db"; };
zone "26.172.in-addr.arpa" { type master; file "master/empty.db"; };
zone "27.172.in-addr.arpa" { type master; file "master/empty.db"; };
zone "28.172.in-addr.arpa" { type master; file "master/empty.db"; };
zone "29.172.in-addr.arpa" { type master; file "master/empty.db"; };
zone "30.172.in-addr.arpa" { type master; file "master/empty.db"; };
zone "31.172.in-addr.arpa" { type master; file "master/empty.db"; };
zone "168.192.in-addr.arpa" { type master; file "master/empty.db"; };
// Link-local/APIPA (RFCs 3330 and 3927)
zone "254.169.in-addr.arpa" { type master; file "master/empty.db"; };
// TEST-NET for Documentation (RFC 3330)
zone "2.0.192.in-addr.arpa" { type master; file "master/empty.db"; };
// Router Benchmark Testing (RFC 3330)
zone "18.198.in-addr.arpa" { type master; file "master/empty.db"; };
zone "19.198.in-addr.arpa" { type master; file "master/empty.db"; };
// IANA Reserved - Old Class E Space
zone "240.in-addr.arpa" { type master; file "master/empty.db"; };
zone "241.in-addr.arpa" { type master; file "master/empty.db"; };
zone "242.in-addr.arpa" { type master; file "master/empty.db"; };
zone "243.in-addr.arpa" { type master; file "master/empty.db"; };
zone "244.in-addr.arpa" { type master; file "master/empty.db"; };
zone "245.in-addr.arpa" { type master; file "master/empty.db"; };
zone "246.in-addr.arpa" { type master; file "master/empty.db"; };
zone "247.in-addr.arpa" { type master; file "master/empty.db"; };
zone "248.in-addr.arpa" { type master; file "master/empty.db"; };
zone "249.in-addr.arpa" { type master; file "master/empty.db"; };
zone "250.in-addr.arpa" { type master; file "master/empty.db"; };
zone "251.in-addr.arpa" { type master; file "master/empty.db"; };
zone "252.in-addr.arpa" { type master; file "master/empty.db"; };
zone "253.in-addr.arpa" { type master; file "master/empty.db"; };
zone "254.in-addr.arpa" { type master; file "master/empty.db"; };
// IPv6 Unassigned Addresses (RFC 4291)
zone "1.ip6.arpa" { type master; file "master/empty.db"; };
zone "3.ip6.arpa" { type master; file "master/empty.db"; };
zone "4.ip6.arpa" { type master; file "master/empty.db"; };
zone "5.ip6.arpa" { type master; file "master/empty.db"; };
zone "6.ip6.arpa" { type master; file "master/empty.db"; };
zone "7.ip6.arpa" { type master; file "master/empty.db"; };
zone "8.ip6.arpa" { type master; file "master/empty.db"; };
zone "9.ip6.arpa" { type master; file "master/empty.db"; };
zone "a.ip6.arpa" { type master; file "master/empty.db"; };
zone "b.ip6.arpa" { type master; file "master/empty.db"; };
zone "c.ip6.arpa" { type master; file "master/empty.db"; };
zone "d.ip6.arpa" { type master; file "master/empty.db"; };
zone "e.ip6.arpa" { type master; file "master/empty.db"; };
zone "0.f.ip6.arpa" { type master; file "master/empty.db"; };
zone "1.f.ip6.arpa" { type master; file "master/empty.db"; };
zone "2.f.ip6.arpa" { type master; file "master/empty.db"; };
zone "3.f.ip6.arpa" { type master; file "master/empty.db"; };
zone "4.f.ip6.arpa" { type master; file "master/empty.db"; };
zone "5.f.ip6.arpa" { type master; file "master/empty.db"; };
zone "6.f.ip6.arpa" { type master; file "master/empty.db"; };
zone "7.f.ip6.arpa" { type master; file "master/empty.db"; };
zone "8.f.ip6.arpa" { type master; file "master/empty.db"; };
zone "9.f.ip6.arpa" { type master; file "master/empty.db"; };
zone "a.f.ip6.arpa" { type master; file "master/empty.db"; };
zone "b.f.ip6.arpa" { type master; file "master/empty.db"; };
zone "0.e.f.ip6.arpa" { type master; file "master/empty.db"; };
zone "1.e.f.ip6.arpa" { type master; file "master/empty.db"; };
zone "2.e.f.ip6.arpa" { type master; file "master/empty.db"; };
zone "3.e.f.ip6.arpa" { type master; file "master/empty.db"; };
zone "4.e.f.ip6.arpa" { type master; file "master/empty.db"; };
zone "5.e.f.ip6.arpa" { type master; file "master/empty.db"; };
zone "6.e.f.ip6.arpa" { type master; file "master/empty.db"; };
zone "7.e.f.ip6.arpa" { type master; file "master/empty.db"; };
// IPv6 ULA (RFC 4193)
zone "c.f.ip6.arpa" { type master; file "master/empty.db"; };
zone "d.f.ip6.arpa" { type master; file "master/empty.db"; };
// IPv6 Link Local (RFC 4291)
zone "8.e.f.ip6.arpa" { type master; file "master/empty.db"; };
zone "9.e.f.ip6.arpa" { type master; file "master/empty.db"; };
zone "a.e.f.ip6.arpa" { type master; file "master/empty.db"; };
zone "b.e.f.ip6.arpa" { type master; file "master/empty.db"; };
// IPv6 Deprecated Site-Local Addresses (RFC 3879)
zone "c.e.f.ip6.arpa" { type master; file "master/empty.db"; };
zone "d.e.f.ip6.arpa" { type master; file "master/empty.db"; };
zone "e.e.f.ip6.arpa" { type master; file "master/empty.db"; };
zone "f.e.f.ip6.arpa" { type master; file "master/empty.db"; };
// IP6.INT is Deprecated (RFC 4159)
zone "ip6.int" { type master; file "master/empty.db"; };
// NB: Do not use the IP addresses below, they are faked, and only
// serve demonstration/documentation purposes!
//
// Example slave zone config entries. It can be convenient to become
// a slave at least for the zone your own domain is in. Ask
// your network administrator for the IP address of the responsible
// master name server.
//
// Do not forget to include the reverse lookup zone!
// This is named after the first bytes of the IP address, in reverse
// order, with ".IN-ADDR.ARPA" appended, or ".IP6.ARPA" for IPv6.
//
// Before starting to set up a master zone, make sure you fully
// understand how DNS and BIND work. There are sometimes
// non-obvious pitfalls. Setting up a slave zone is usually simpler.
//
// NB: Don't blindly enable the examples below. :-) Use actual names
// and addresses instead.
/* An example dynamic zone
key "exampleorgkey" {
algorithm hmac-md5;
secret "sf87HJqjkqh8ac87a02lla==";
};
zone "example.org" {
type master;
allow-update {
key "exampleorgkey";
};
file "dynamic/example.org";
};
*/
/* Example of a slave reverse zone
zone "1.168.192.in-addr.arpa" {
type slave;
file "slave/1.168.192.in-addr.arpa";
masters {
192.168.1.1;
};
};
*/
zone "39c.org" {
type master;
file "master/39c.org";
allow-transfer { localhost; };
allow-update { key rndc-key; };
};
zone "0.168.192.in-addr.arpa" {
type master;
file "master/39c.org.rev";
allow-transfer { localhost; };
allow-update { key rndc-key; };
};
key "rndc-key" {
algorithm hmac-md5;
secret "eWZnMum7UcVdQxGkjp71IA==";
};
[ 本帖最後由 indian 於 2008-11-15 10:49 編輯 ]
《解決方案》
回復 #1 indian 的帖子
看到ignoring這個提示了么
你要使用bind的自帶的檢查工具對named.conf進行一下判斷,看看語法上是否有問題存在
《解決方案》
原帖由 kns1024wh 於 2008-11-16 10:36 發表 http://bbs.chinaunix.net/images/common/back.gif
看到ignoring這個提示了么
你要使用bind的自帶的檢查工具對named.conf進行一下判斷,看看語法上是否有問題存在
看見了。我以為是3、 11、 14、 20行出錯。結果查看下,沒有問題。 ignoring 提示後面有 master/39c.org:3: 這個數字3 是什麼意思?
還有,請問怎麼用bind自帶的檢查工具對named.conf進行判斷? 用 dig example.com axfr ?
我是FreeBSD新手,煩請指點,謝謝!
《解決方案》
Nov 14 16:45:40 dev named: zone 39.org/IN: has 0 SOA records
Nov 14 16:45:40 dev named: zone 39.org/IN: has no NS records
從這兩行來看,你的named.conf中應該有 zone "39.org" { 這個語句,可是你貼出的配置中沒有。幫不了你了,自己檢查一下吧。
參考鏈接:
http://marc.info/?l=bind-users&m=121095201104277&w=2
可能是同一個文件有多個區引用。
--
為了讓大家更好地幫助你解決問題,同時也節約別人的時間,請盡量將你的信息放上來。盡量避免下列情況的發生:
A: 我有一個域名問題xxx.com不能解析
A: 怎麼沒有人回答呀
A: 看來CU太冷清
A: ...
--
話說某校動物系某學科期末考試。老教授提著一個用黑布罩著的鳥籠,只露出兩條鳥腿。考試題目就是:由觀察到的鳥腿寫下此鳥的種類。某學生辛苦準備考試數周,結果啥都沒考,就考出這樣的鳥試,他又不會…火大了,就拍一下桌子,提前交白卷了(不寫姓名學號)!!老教授因而很生氣,要那位學生留下姓名來…那學生只把褲管拉了起來,露出毛腿來,對老教授說:你猜我是誰。
