- 论坛徽章:
- 0
|
本帖最后由 ulovko 于 2013-03-05 10:14 编辑
困扰了N天,就是无法成功。配置如下:
named.conf
// $FreeBSD: src/etc/namedb/named.conf,v 1.29.2.3.4.1 2010/12/21 17:09:25 kensmith Exp $
//
// Refer to the named.conf(5) and named(8) man pages, and the documentation
// in /usr/share/doc/bind9 for more details.
//
// If you are going to set up an authoritative server, make sure you
// understand the hairy details of how DNS works. Even with
// simple mistakes, you can break connectivity for affected parties,
// or cause huge amounts of useless Internet traffic.
options {
// All file and path names are relative to the chroot directory,
// if any, and should be fully qualified.
directory "/etc/namedb/working";
pid-file "/var/run/named/pid";
dump-file "/var/dump/named_dump.db";
statistics-file "/var/stats/named.stats";
// If named is being used only as a local resolver, this is a safe default.
// For named to be accessible to the network, comment this option, specify
// the proper IP address, or delete this option.
listen-on { 127.0.0.1; 192.168.0.2;};
// If you have IPv6 enabled on this system, uncomment this option for
// use as a local resolver. To give access to the network, specify
// an IPv6 address, or the keyword "any".
// listen-on-v6 { ::1; };
// These zones are already covered by the empty zones listed below.
// If you remove the related empty zones below, comment these lines out.
disable-empty-zone "255.255.255.255.IN-ADDR.ARPA";
disable-empty-zone "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA";
disable-empty-zone "1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA";
// If you've got a DNS server around at your upstream provider, enter
// its IP address here, and enable the line below. This will make you
// benefit from its cache, thus reduce overall DNS traffic in the Internet.
/*
forwarders {
127.0.0.1;
};
*/
// If the 'forwarders' clause is not empty the default is to 'forward first'
// which will fall back to sending a query from your local server if the name
// servers in 'forwarders' do not have the answer. Alternatively you can
// force your name server to never initiate queries of its own by enabling the
// following line:
// forward only;
// If you wish to have forwarding configured automatically based on
// the entries in /etc/resolv.conf, uncomment the following line and
// set named_auto_forward=yes in /etc/rc.conf. You can also enable
// named_auto_forward_only (the effect of which is described above).
// include "/etc/namedb/auto_forward.conf";
/*
Modern versions of BIND use a random UDP port for each outgoing
query by default in order to dramatically reduce the possibility
of cache poisoning. All users are strongly encouraged to utilize
this feature, and to configure their firewalls to accommodate it.
AS A LAST RESORT in order to get around a restrictive firewall
policy you can try enabling the option below. Use of this option
will significantly reduce your ability to withstand cache poisoning
attacks, and should be avoided if at all possible.
Replace NNNNN in the example with a number between 49160 and 65530.
*/
// query-source address * port NNNNN;
};
// If you enable a local name server, don't forget to enter 127.0.0.1
// first in your /etc/resolv.conf so this server will be queried.
// Also, make sure to enable it in /etc/rc.conf.
// The traditional root hints mechanism. Use this, OR the slave zones below.
zone "." { type hint; file "/etc/namedb/named.root"; };
/* Slaving the following zones from the root name servers has some
significant advantages:
1. Faster local resolution for your users
2. No spurious traffic will be sent from your network to the roots
3. Greater resilience to any potential root server failure/DDoS
On the other hand, this method requires more monitoring than the
hints file to be sure that an unexpected failure mode has not
incapacitated your server. Name servers that are serving a lot
of clients will benefit more from this approach than individual
hosts. Use with caution.
To use this mechanism, uncomment the entries below, and comment
the hint zone above.
*/
/* Serving the following zones locally will prevent any queries
for these zones leaving your network and going to the root
name servers. This has two significant advantages:
1. Faster local resolution for your users
2. No spurious traffic will be sent from your network to the roots
*/
// RFC 1912 (and BCP 32 for localhost)
// RFC 1912-style zone for IPv6 localhost address
// "This" Network (RFCs 1912 and 3330)
// Private Use Networks (RFC 1918)
// Link-local/APIPA (RFCs 3330 and 3927)
// TEST-NET-[1-3] for Documentation (RFC 5737)
// Router Benchmark Testing (RFC 3330)
// IANA Reserved - Old Class E Space
zone "zyhx.com" {
type master;
file "master/zyhx.com";
};
zyhx.com
$TTL 172800
@ IN SOA zyhx.com. root.zyhx.com. (
2005100301 ; Serial
172800 ; Refresh
900 ; Retry
3600000 ; Expire
3600 ) ; Minimum
IN NS zyhx.com.
IN A 192.168.0.2
web IN A 192.168.0.2
DNS# tail /var/log/messages
Mar 4 04:45:05 DNS named[2525]: Inc. (ISC), a non-profit 501(c)(3) public-benefit
Mar 4 04:45:05 DNS named[2525]: corporation. Support and training for BIND 9 are
Mar 4 04:45:05 DNS named[2525]: available at https://www.isc.org/support
Mar 4 04:45:05 DNS named[2525]: ----------------------------------------------------
Mar 4 04:45:05 DNS named[2525]: command channel listening on 127.0.0.1#953
Mar 4 04:45:05 DNS named[2525]: command channel listening on ::1#953
Mar 4 04:45:05 DNS named[2525]: zone zyhx.com/IN: has no NS records
Mar 4 04:45:05 DNS named[2525]: zone zyhx.com/IN: not loaded due to errors.
Mar 4 04:45:05 DNS named[2525]: all zones loaded
Mar 4 04:45:05 DNS named[2525]: running
没有任何错误提示。
|
|
免费注册
发表于 2013-03-03 20:55
发表于 2013-03-04 09:10
