Centos 7 바인드는 아무것도 반환하지 않습니다.

tag-icon tag-icon linux dns centos bind dig
Centos 7 바인드는 아무것도 반환하지 않습니다.

DNS 서버를 만들려고 시도했지만 dig 명령을 수행하면 서버가 아무것도 반환하지 않습니다. 저는 이전 경험이 없으며 이 튜토리얼만 따르고 있습니다.http://www.itzgeek.com/how-tos/linux/centos-how-tos/configure-dns-bind-server-on-centos-7-rhel-7.html.

명명된.conf 파일:

//
// named.conf
//
// Provided by Red Hat bind package to configure the ISC BIND named(8) DNS
// server as a caching only nameserver (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//

options {
        listen-on port 53 { 127.0.0.1;192.168.38.103; };
        listen-on-v6 port 53 { ::1; };
        directory       "/var/named";
        dump-file       "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
        memstatistics-file "/var/named/data/named_mem_stats.txt";
        allow-query     { localhost; 192.168.38.0/24; };

        /*
         - If you are building an AUTHORITATIVE DNS server, do NOT enable recursion.
         - If you are building a RECURSIVE (caching) DNS server, you need to enable
           recursion.
         - If your recursive DNS server has a public IP address, you MUST enable access
           control to limit queries to your legitimate users. Failing to do so will
           cause your server to become part of large scale DNS amplification
           attacks. Implementing BCP38 within your network would greatly
           reduce such attack surface
        */
        recursion yes;

        dnssec-enable yes;
        dnssec-validation yes;
        dnssec-lookaside auto;

        /* Path to ISC DLV key */
        bindkeys-file "/etc/named.iscdlv.key";

        managed-keys-directory "/var/named/dynamic";

        pid-file "/run/named/named.pid";
        session-keyfile "/run/named/session.key";
};

logging {
        channel default_debug {
                file "data/named.run";
                severity dynamic;
        };
};

zone "." IN {
        type hint;
        file "named.ca";
};

zone "dynavio.coop" IN {
        type master;
        file "fwd.dynavio.coop.db";
        dnssec-enable yes;
        dnssec-validation yes;
        dnssec-lookaside auto;

        /* Path to ISC DLV key */
        bindkeys-file "/etc/named.iscdlv.key";

        managed-keys-directory "/var/named/dynamic";

        pid-file "/run/named/named.pid";
        session-keyfile "/run/named/session.key";
};

logging {
        channel default_debug {
                file "data/named.run";
                severity dynamic;
        };
};

zone "." IN {
        type hint;
        file "named.ca";
};

zone "dynavio.coop" IN {
        type master;
        file "fwd.dynavio.coop.db";
        allow-update { none; };
};

zone "38.168.192.in-addr.arpa" IN {
        type master;
        file "38.168.192.db";
        allow-update { none; };
};

include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";

fwd.dynavio.coop.db 파일:

$TTL 86400
@   IN  SOA         primary.dynavio.coop. root.dynavio.coop. (
2014112511      ;Serial
3600            ;Refresh
1800            ;Retry
604800          ;Expire
86400           ;MinimumTTL
)
;Name Server Information
@       IN      NS primary.dynavio.coop.
;IP Address of Name Server
primary IN  A      192.168.38.8
;Mail exchanger
dynavio.coop.  IN  MX 10   mail.dynavio.coop.
;A - Record HostName To Ip Address
www     IN  A       192.168.38.100
mail    IN  A       192.168.38.150
;CNAME record
ftp     IN CNAME        www.dynavio.coop.

38.168.192.db 파일:

$TTL 86400
@   IN  SOA         primary.dynavio.coop. root.dynavio.coop. (
2014112511      ;Serial
3600            ;Refresh
1800            ;Retry
604800          ;Expire
86400           ;Minimum TTL
)
;Name Server Information
@ IN  NS      primary.dynavio.coop.
;Reverse lookup for Name Server
8       IN   PTR     primary.dynavio.coop.
;PTR Record IP address to HostName
100     IN   PTR     www.dynavio.coop.
150     IN   PTR     mail.dynavio.coop.

Dig 명령은 다음을 반환합니다.

; <<>> DiG 9.9.4-RedHat-9.9.4-18.el7_1.5 <<>> www.dynavio.coop
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 43498
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;www.dynavio.coop.              IN      A

;; AUTHORITY SECTION:
coop.                   1272    IN      SOA     coop1.dyntld.net. support.nic.coop. 2015099691 900 1800 6048000 3600

;; Query time: 3 msec
;; SERVER: 192.168.38.1#53(192.168.38.1)
;; WHEN: Mon Dec 07 16:36:55 EET 2015
;; MSG SIZE  rcvd: 98

업데이트:/etc/resolv.conf네트워크 관리자가 다시 시작될 때마다 덮어쓰여지 는 문제인 것 같습니다 . 나중에 if-cfg 파일을 얻을 수 있게 되면 이를 다시 업데이트하겠습니다.

답변1

귀하의 영역을 테스트 상자에 로드했는데 제게는 효과가 있었습니다.

[test@server ~]# dig www.dynavio.coop

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.37.rc1.el6_7.4 <<>> www.dynavio.coop
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 23763
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1

;; QUESTION SECTION:
;www.dynavio.coop.              IN      A

;; ANSWER SECTION:
www.dynavio.coop.       86400   IN      A       192.168.38.100

;; AUTHORITY SECTION:
dynavio.coop.           86400   IN      NS      ns0.test.int.

;; ADDITIONAL SECTION:
ns0.test.int.           3600    IN      A       172.16.0.2

;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Tue Dec  8 20:30:27 2015
;; MSG SIZE  rcvd: 92

다른 서브넷 등에 대해 구성되었으므로 내 주소를 사용해야 했으며 NSDNS 키가 설정되어 있지 않아 테스트할 수 없습니다.

확인해야 할 몇 가지 사항;

무엇을 설정했습니까? /etc/resolv.conf다음과 같은 줄이 있어야 합니다. nameserver 127.0.0.1귀하의 상자가 자체적으로 NS 조회를 요청하도록 귀하의 컴퓨터가 다른 DNS 서버를 사용하도록 구성된 것 같습니다.

상자의 IP 주소는 무엇입니까? 원래 질문에 primary역방향 주소 .8와 역방향 주소가 포함되어 오류가 있었습니다..103

관련 정보