- 论坛徽章:
- 0
|
|
前天,因为我在solaris中打补丁,导致了sendmail无法发邮件到外网,我以为是dns出问题了,原来只有一个主dns,所以重新配置了一下。\r\nBind\r\n# /usr/sbin/in.named -v\r\nin.named BIND 8.2.2-P5 Mon Apr 12 05:38:46 PDT 2004\r\n Generic Patch-5.8-April 2004\r\n主dns配置文件如下\r\nNamed.conf\r\n# more named.conf\r\noptions {\r\ndirectory \"/var/named\";\r\n};\r\n\r\nzone \"0.0.127.in-addr.arpa\" in {\r\ntype master;\r\nfile \"db.local\";\r\n};\r\n\r\nzone \".\" in {\r\ntype hint;\r\nfile \"db.cache\";\r\n};\r\n\r\nzone \"mnu.edu.cn\" in {\r\ntype master;\r\nfile \"db.mnu.edu.cn\";\r\n};\r\n\r\nzone \"152.41.210.in-addr.arpa\" in {\r\ntype master;\r\nfile \"db.152.41.210\";\r\n};\r\n\r\nzone \"94.139.61.in-addr.arpa\" in {\r\ntype master;\r\nfile \"db.94.139.61\";\r\n};\r\n\r\nZone文件配置(db.mnu.edu.cn)只写一个,其它的类似\r\n# more db.mnu.edu.cn\r\n; Created Wed Apr 7 20:15:00 CST 2004 by services/ns-admin\r\n; from setup@10.10.0.34\r\n;\r\n@ IN SOA pridns.mnu.edu.cn. root.mnu.edu.cn. (\r\n 3992954999 ; serial\r\n 10800 ; refresh\r\n 3600 ; retry\r\n 604800 ; expire\r\n 86400 ) ; min ttl\r\n\r\nmnu.edu.cn. IN NS pridns ;primary\r\nmnu.edu.cn. IN MX 10 second\r\nmnu.edu.cn. IN NS second ;secondary 1\r\n\r\nmnu.edu.cn. IN A 210.41.152.10\r\nmnu.edu.cn. IN A 210.41.152.5\r\nwww IN A 61.139.94.206\r\njwc IN A 61.139.94.205\r\nlib IN A 61.139.94.204\r\nsecond IN A 210.41.152.5\r\npridns IN A 210.41.152.10\r\nmail IN CNAME second\r\n\r\n辅dns配置\r\nNamed.conf\r\n\r\n# more named.conf\r\noptions {\r\ndirectory \"/var/named\";\r\n};\r\n\r\nzone \"0.0.127.in-addr.arpa\" in {\r\ntype master;\r\nfile \"db.local\";\r\n};\r\n\r\nzone \".\" in {\r\ntype hint;\r\nfile \"db.cache\";\r\n};\r\n\r\nzone \"mnu.edu.cn\" in {\r\ntype slave;\r\nfile \"mnu.edu.cn.backup\";\r\nmasters {\r\n 210.41.152.10;\r\n };\r\n};\r\n\r\nzone \"152.41.210.in-addr.arpa\" in {\r\ntype slave;\r\nfile \"152.41.210.backup\";\r\nmasters {\r\n 210.41.152.10;\r\n };\r\n};\r\n\r\nzone \"94.139.61.in-addr.arpa\" in {\r\ntype slave;\r\nfile \"94.139.61.backup\";\r\nmasters {\r\n 210.41.152.10;\r\n };\r\n};\r\n\r\n配置时要注意以下几点\r\n首选要保证主dns在启动时没有错误发生。可看/var/adm/messages文件的记录信息。\r\n1.辅dns配置时,需要从主dns传送的zone,type类型为slave,注意下面zone \"94.139.61.in-addr.arpa\" in {\r\ntype slave;\r\nfile \"94.139.61.backup\";\r\nmasters {\r\n 210.41.152.10;\r\n };\r\n};\r\n\r\n表示辅dns中 94.139.61.in-addr.arpa 的zone是从主dns传送过来,文件名为94.139.61.backupy主dns的地址是210.41.152.10。这里是masters不是master不然辅dns启动会报错如下:.\r\n\r\nJul 23 11:27:37 second named[178]: [ID 295310 daemon.error] no \'masters\' stateme\r\nnt for non-master zone \'152.41.210.in-addr.arpa\'\r\n\r\n我就在这里出问题了,找了很久没有找到错误。\r\n2.不需要从主dns传送的,type类型为master。Zone文件需要自己手工建立。\r\n3.主dns的zone文件内一定要有辅dns的ns记录及A记录,这点非常重要,我有找这个问题是花了不少时间的。\r\n主dns会报错:\r\nJul 23 11:32:28 pridns named[174]: [ID 295310 daemon.warning] master zone \"mnu.e\r\ndu.cn\" (IN) rejected due to errors (serial 2992953982)\r\n辅dns会报错如下:\r\nJul 23 11:27:37 second named-xfer[481]: [ID 364785 daemon.notice] [210.41.152.10\r\n] not authoritative for mnu.edu.cn, SOA query got rcode 0, aa 0, ancount 1, auco\r\nunt 0\r\n\r\n4.在主反向zone文件内一定要有@ IN NS pridns.mnu.edu.cn\r\n不然主dns的zone文件会传送不到辅dns中去,且会在主dns日志文件内出现在如下信息,.\r\n\r\nJul 20 10:33:52 pridns named[181]: [ID 295310 daemon.warning] Zone \"94.139.61.in\r\n-addr.arpa\" (file db.94.139.61): no NS RRs found at zone top\r\nJul 20 10:33:52 pridns named[181]: [ID 295310 daemon.warning] master zone \"94.13\r\n9.61.in-addr.arpa\" (IN) rejected due to errors (serial 2081340100)\r\n\r\n辅dns中日志文件内出现在如下信息,\r\n\r\nJul 23 14:51:23 second named-xfer[340]: [ID 364785 daemon.notice] [210.41.152.10\r\n] not authoritative for 94.139.61.in-addr.arpa, SOA query got rcode 0, aa 0, anc\r\nount 1, aucount 0\r\nJul 23 15:01:23 second named-xfer[371]: [ID 364785 daemon.notice] [210.41.152.10\r\n] not authoritative for 94.139.61.in-addr.arpa, SOA query got rcode 0, aa 0, anc\r\nount 1, aucount 0\r\n\r\n如果要求辅dns立即和主dns同步,在辅dns上删除需要传送的文件,重新启动in.named即可 |
|
免费注册
发表于 2004-07-26 12:56
