DNS 서버를 만들려고 시도했지만 dig 명령을 수행하면 서버가 아무것도 반환하지 않습니다. 저는 이전 경험이 없으며 이 튜토리얼만 따르고 있습니다.http://www.itzgeek.com/how-tos/linux/centos-how-tos/configure-dns-bind-server-on-centos-7-rhel-7.html.
명명된.conf 파일:
//
// named.conf
//
// Provided by Red Hat bind package to configure the ISC BIND named(8) DNS
// server as a caching only nameserver (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
options {
listen-on port 53 { 127.0.0.1;192.168.38.103; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { localhost; 192.168.38.0/24; };
/*
- If you are building an AUTHORITATIVE DNS server, do NOT enable recursion.
- If you are building a RECURSIVE (caching) DNS server, you need to enable
recursion.
- If your recursive DNS server has a public IP address, you MUST enable access
control to limit queries to your legitimate users. Failing to do so will
cause your server to become part of large scale DNS amplification
attacks. Implementing BCP38 within your network would greatly
reduce such attack surface
*/
recursion yes;
dnssec-enable yes;
dnssec-validation yes;
dnssec-lookaside auto;
/* Path to ISC DLV key */
bindkeys-file "/etc/named.iscdlv.key";
managed-keys-directory "/var/named/dynamic";
pid-file "/run/named/named.pid";
session-keyfile "/run/named/session.key";
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
zone "." IN {
type hint;
file "named.ca";
};
zone "dynavio.coop" IN {
type master;
file "fwd.dynavio.coop.db";
dnssec-enable yes;
dnssec-validation yes;
dnssec-lookaside auto;
/* Path to ISC DLV key */
bindkeys-file "/etc/named.iscdlv.key";
managed-keys-directory "/var/named/dynamic";
pid-file "/run/named/named.pid";
session-keyfile "/run/named/session.key";
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
zone "." IN {
type hint;
file "named.ca";
};
zone "dynavio.coop" IN {
type master;
file "fwd.dynavio.coop.db";
allow-update { none; };
};
zone "38.168.192.in-addr.arpa" IN {
type master;
file "38.168.192.db";
allow-update { none; };
};
include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";
fwd.dynavio.coop.db 파일:
$TTL 86400
@ IN SOA primary.dynavio.coop. root.dynavio.coop. (
2014112511 ;Serial
3600 ;Refresh
1800 ;Retry
604800 ;Expire
86400 ;MinimumTTL
)
;Name Server Information
@ IN NS primary.dynavio.coop.
;IP Address of Name Server
primary IN A 192.168.38.8
;Mail exchanger
dynavio.coop. IN MX 10 mail.dynavio.coop.
;A - Record HostName To Ip Address
www IN A 192.168.38.100
mail IN A 192.168.38.150
;CNAME record
ftp IN CNAME www.dynavio.coop.
38.168.192.db 파일:
$TTL 86400
@ IN SOA primary.dynavio.coop. root.dynavio.coop. (
2014112511 ;Serial
3600 ;Refresh
1800 ;Retry
604800 ;Expire
86400 ;Minimum TTL
)
;Name Server Information
@ IN NS primary.dynavio.coop.
;Reverse lookup for Name Server
8 IN PTR primary.dynavio.coop.
;PTR Record IP address to HostName
100 IN PTR www.dynavio.coop.
150 IN PTR mail.dynavio.coop.
Dig 명령은 다음을 반환합니다.
; <<>> DiG 9.9.4-RedHat-9.9.4-18.el7_1.5 <<>> www.dynavio.coop
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 43498
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;www.dynavio.coop. IN A
;; AUTHORITY SECTION:
coop. 1272 IN SOA coop1.dyntld.net. support.nic.coop. 2015099691 900 1800 6048000 3600
;; Query time: 3 msec
;; SERVER: 192.168.38.1#53(192.168.38.1)
;; WHEN: Mon Dec 07 16:36:55 EET 2015
;; MSG SIZE rcvd: 98
업데이트:/etc/resolv.conf
네트워크 관리자가 다시 시작될 때마다 덮어쓰여지 는 문제인 것 같습니다 . 나중에 if-cfg 파일을 얻을 수 있게 되면 이를 다시 업데이트하겠습니다.
답변1
귀하의 영역을 테스트 상자에 로드했는데 제게는 효과가 있었습니다.
[test@server ~]# dig www.dynavio.coop
; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.37.rc1.el6_7.4 <<>> www.dynavio.coop
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 23763
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1
;; QUESTION SECTION:
;www.dynavio.coop. IN A
;; ANSWER SECTION:
www.dynavio.coop. 86400 IN A 192.168.38.100
;; AUTHORITY SECTION:
dynavio.coop. 86400 IN NS ns0.test.int.
;; ADDITIONAL SECTION:
ns0.test.int. 3600 IN A 172.16.0.2
;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Tue Dec 8 20:30:27 2015
;; MSG SIZE rcvd: 92
다른 서브넷 등에 대해 구성되었으므로 내 주소를 사용해야 했으며 NS
DNS 키가 설정되어 있지 않아 테스트할 수 없습니다.
확인해야 할 몇 가지 사항;
무엇을 설정했습니까? /etc/resolv.conf
다음과 같은 줄이 있어야 합니다. nameserver 127.0.0.1
귀하의 상자가 자체적으로 NS 조회를 요청하도록 귀하의 컴퓨터가 다른 DNS 서버를 사용하도록 구성된 것 같습니다.
상자의 IP 주소는 무엇입니까? 원래 질문에 primary
역방향 주소 .8
와 역방향 주소가 포함되어 오류가 있었습니다..103