论坛徽章:: 0

电梯直达

1楼 [收藏(0)] [报告]

发表于 2011-09-08 20:13 |只看该作者 |倒序浏览

本帖最后由 cyzhu 于 2011-09-08 20:16 编辑

bind新版本是不是有什么新规则？
查自己发布的域名，公网dns server也能解析。
但是不能做递归查询。

[root@test ~]# dig @xxx.xxx.xxx.xxx www.sina.com.cn

; <<>> DiG 9.6.-ESV-R3 <<>> @114.113.149.66 www.sina.com.cn
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 16629
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;www.sina.com.cn.             IN    A

;; Query time: 2777 msec
;; SERVER: xxx.xxx.xxx.xxx#53

named.conf文件没错误：
acl bogusnets { 0.0.0.0/8;1.0.0.0/8;2.0.0.0/8;169.254.0.0/16;224.0.0.0/3; };

options {
      directory "/data/named";
      pid-file "named.pid";
      version "BIND9";
      max-cache-size 0;
      recursion yes;
      cleaning-interval 30;
      recursive-clients 50000;
      max-ncache-ttl       3600;
      tcp-clients 500;
      files 65535;
      blackhole { bogusnets; };
      allow-recursion { any; };
      allow-query-cache { any; };
      allow-transfer { none; };
};

logging {
      channel warning {
file "log/named.log" versions 3 size 200m;
        severity warning;
        print-category yes;
        print-severity yes;
        print-time yes;
      };
      channel query_log {
            file "log/query.log" versions 3 size 200m;
            severity info;
            print-severity yes;
            print-time yes;
            print-category yes;
      };
      channel default_log {
            file "log/default.log" versions 3 size 200m;
            severity info;
            print-severity yes;
            print-time yes;
            print-category yes;
      };
category config { default_log; };
category queries { query_log; };
category security { default_log; };
category client { default_log; };
category lame-servers { default_log; };
category default { default_log; };
};

key "rndc-key" {
algorithm hmac-md5;
secret "nUl2bJUdfdfkjlasd5FPeqAHySv5Q59A==+++";
};
controls {
inet 127.0.0.1 port 953
allow { 127.0.0.1; } keys { "rndc-key"; };
};

include "master/acl.conf";

view "chinamobile" {
match-clients { chinamobile; };
zone "." IN {
   type hint;
   file "named.root";
};

zone "localhost" IN {
   type master;
   file "localhost.zone";
};
include "master/chinamobile.def";
};

view "unicom" {
match-clients { unicom; };
zone "." IN {
   type hint;
   file "named.root";
};

zone "localhost" IN {
   type master;
   file "localhost.zone";
};
include "master/unicom.def";
};

view "telcom" {
match-clients { telcom; };
zone "." IN {
   type hint;
   file "named.root";
};

zone "localhost" IN {
   type master;
   file "localhost.zone";
};
include "master/telcom.def";
};

view "any" {
match-clients { any; };
zone "." IN {
   type hint;
   file "named.root";
};

zone "localhost" IN {
   type master;
   file "localhost.zone";
};

include "master/any.def";
};

我把bind view取消了，换成最简单的配置也一样。view定义文件很简单。不贴了。
有经验的朋友，请指点一下。谢谢了

文库|博客

llzqq

广告杀手

论坛徽章:: 0

2楼 [报告]

发表于 2011-09-20 08:46 |只看该作者

query.log里面怎么说的

实战分享：从技术角度谈机器学习入门| 【大话IT】RadonDB低门槛向MySQL集群下战书 | ChinaUnix打赏功能已上线！ | 新一代分布式关系型数据库RadonDB知多少？

返回列表

Chinaunix › 论坛 › IT运维 › 服务器应用 › bind9.8 servfail

[DNS] bind9.8 servfail [复制链接]