- 论坛徽章:
- 0
|
前天,因为我在solaris中打补丁,导致了sendmail无法发邮件到外网,我以为是dns出问题了,原来只有一个主dns,所以重新配置了一下。
Bind
# /usr/sbin/in.named -v
in.named BIND 8.2.2-P5 Mon Apr 12 05:38:46 PDT 2004
Generic Patch-5.8-April 2004
主dns配置文件如下
Named.conf
# more named.conf
options {
directory "/var/named";
};
zone "0.0.127.in-addr.arpa" in {
type master;
file "db.local";
};
zone "." in {
type hint;
file "db.cache";
};
zone "mnu.edu.cn" in {
type master;
file "db.mnu.edu.cn";
};
zone "152.41.210.in-addr.arpa" in {
type master;
file "db.152.41.210";
};
zone "94.139.61.in-addr.arpa" in {
type master;
file "db.94.139.61";
};
Zone文件配置(db.mnu.edu.cn)只写一个,其它的类似
# more db.mnu.edu.cn
; Created Wed Apr 7 20:15:00 CST 2004 by services/ns-admin
; from setup@10.10.0.34
;
@ IN SOA pridns.mnu.edu.cn. root.mnu.edu.cn. (
3992954999 ; serial
10800 ; refresh
3600 ; retry
604800 ; expire
86400 ) ; min ttl
mnu.edu.cn. IN NS pridns ;primary
mnu.edu.cn. IN MX 10 second
mnu.edu.cn. IN NS second ;secondary 1
mnu.edu.cn. IN A 210.41.152.10
mnu.edu.cn. IN A 210.41.152.5
www IN A 61.139.94.206
jwc IN A 61.139.94.205
lib IN A 61.139.94.204
second IN A 210.41.152.5
pridns IN A 210.41.152.10
mail IN CNAME second
辅dns配置
Named.conf
# more named.conf
options {
directory "/var/named";
};
zone "0.0.127.in-addr.arpa" in {
type master;
file "db.local";
};
zone "." in {
type hint;
file "db.cache";
};
zone "mnu.edu.cn" in {
type slave;
file "mnu.edu.cn.backup";
masters {
210.41.152.10;
};
};
zone "152.41.210.in-addr.arpa" in {
type slave;
file "152.41.210.backup";
masters {
210.41.152.10;
};
};
zone "94.139.61.in-addr.arpa" in {
type slave;
file "94.139.61.backup";
masters {
210.41.152.10;
};
};
配置时要注意以下几点
首选要保证主dns在启动时没有错误发生。可看/var/adm/messages文件的记录信息。
1.辅dns配置时,需要从主dns传送的zone,type类型为slave,注意下面zone "94.139.61.in-addr.arpa" in {
type slave;
file "94.139.61.backup";
masters {
210.41.152.10;
};
};
表示辅dns中 94.139.61.in-addr.arpa 的zone是从主dns传送过来,文件名为94.139.61.backupy主dns的地址是210.41.152.10。这里是masters不是master不然辅dns启动会报错如下:.
Jul 23 11:27:37 second named[178]: [ID 295310 daemon.error] no 'masters' stateme
nt for non-master zone '152.41.210.in-addr.arpa'
我就在这里出问题了,找了很久没有找到错误。
2.不需要从主dns传送的,type类型为master。Zone文件需要自己手工建立。
3.主dns的zone文件内一定要有辅dns的ns记录及A记录,这点非常重要,我有找这个问题是花了不少时间的。
主dns会报错:
Jul 23 11:32:28 pridns named[174]: [ID 295310 daemon.warning] master zone "mnu.e
du.cn" (IN) rejected due to errors (serial 2992953982)
辅dns会报错如下:
Jul 23 11:27:37 second named-xfer[481]: [ID 364785 daemon.notice] [210.41.152.10
] not authoritative for mnu.edu.cn, SOA query got rcode 0, aa 0, ancount 1, auco
unt 0
4.在主反向zone文件内一定要有@ IN NS pridns.mnu.edu.cn
不然主dns的zone文件会传送不到辅dns中去,且会在主dns日志文件内出现在如下信息,.
Jul 20 10:33:52 pridns named[181]: [ID 295310 daemon.warning] Zone "94.139.61.in
-addr.arpa" (file db.94.139.61): no NS RRs found at zone top
Jul 20 10:33:52 pridns named[181]: [ID 295310 daemon.warning] master zone "94.13
9.61.in-addr.arpa" (IN) rejected due to errors (serial 2081340100)
辅dns中日志文件内出现在如下信息,
Jul 23 14:51:23 second named-xfer[340]: [ID 364785 daemon.notice] [210.41.152.10
] not authoritative for 94.139.61.in-addr.arpa, SOA query got rcode 0, aa 0, anc
ount 1, aucount 0
Jul 23 15:01:23 second named-xfer[371]: [ID 364785 daemon.notice] [210.41.152.10
] not authoritative for 94.139.61.in-addr.arpa, SOA query got rcode 0, aa 0, anc
ount 1, aucount 0
如果要求辅dns立即和主dns同步,在辅dns上删除需要传送的文件,重新启动in.named即可 |
|
免费注册
发表于 2004-07-26 12:56
