DNS从服务器不能同步问题求助

ysping

主服务器设置：
[root@ys11rac1 etc]# hostname
ys11rac1
[root@ys11rac1 etc]# cat /etc/hosts
# Do not remove the following line, or various programs
# that require network functionality will fail.
127.0.0.1               localhost.localdomain localhost
::1             localhost6.localdomain6 localhost6

192.168.10.28 ys11rac1
192.168.10.29 ys11rac2

[root@ys11rac1 etc]# cat /etc/host.conf
order hosts,bind
[root@ys11rac1 etc]# cat /var/named/chroot/etc/named.conf
//
// named.caching-nameserver.conf
//
// Provided by Red Hat caching-nameserver package to configure the
// ISC BIND named( DNS server as a caching only nameserver
// (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
// DO NOT EDIT THIS FILE - use system-config-bind or an editor
// to create named.conf - edits to this file will be lost on
// caching-nameserver package upgrade.
//
options {
        listen-on port 53 { 192.168.10.100; };
        listen-on-v6 port 53 { ::1; };
        directory       "/var/named";
        dump-file       "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
        memstatistics-file "/var/named/data/named_mem_stats.txt";

        // Those options should be used carefully because they disable port
        // randomization
        // query-source    port 53;
        // query-source-v6 port 53;

        allow-query     { 192.168.10.0/24; };
        allow-query-cache { any; };
        notify yes;
        allow-transfer { 192.168.10.101; };
};
logging {
        channel default_debug {
                file "data/named.run";
                severity dynamic;
        };
};
view localhost_resolver {
        match-clients      { 192.168.10.0/24; };
        match-destinations { any; };
        recursion yes;
        include "/etc/named.rfc1912.zones";
};
[root@ys11rac1 etc]# cat /var/named/chroot/etc/named.rfc1912.zones
// named.rfc1912.zones:
//
// Provided by Red Hat caching-nameserver package
//
// ISC BIND named zone configuration for zones recommended by
// RFC 1912 section 4.1 : localhost TLDs and address zones
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
zone "." IN {
        type hint;
        file "named.ca";
};

zone "ys11rac.com" IN {
        type master;
        file "ys11rac.db";
        allow-update { none; };
};

zone "10.168.192.in-addr.arpa" IN {
         type master;
         file "192.168.10.db";
         allow-update { none; };
};

[root@ys11rac1 etc]# cat /var/named/chroot/var/named/ys11rac.db
$TTL    86400
@               IN SOA  dns.ys11rac.com. root (
                                        2014032503      ; serial (d. adams)
                                        2M              ; refresh
                                        2M              ; retry
                                        1W              ; expiry
                                        1D )            ; minimum

         IN NS dns.ys11rac.com
         IN NS dns1.ys11rac.com
dns   IN A  192.168.10.100
dns1  IN A  192.168.10.101
scan  IN A  192.168.10.111
scan  IN A  192.168.10.112
scan  IN A  192.168.10.113
www  IN A  192.168.10.110
[root@ys11rac1 etc]# cat /var/named/chroot/var/named/192.168.10.db
$TTL    86400
@       IN      SOA     dns.ys11rac.com. root  (
                                      2014032505 ; Serial
                                      2M      ; Refresh
                                      2M      ; Retry
                                      1W    ; Expire
                                      1D )    ; Minimum
        IN      NS      dns.ys11rac.com.
        IN      NS      dns1.ys11rac.com
100       IN      PTR     dns.ys11rac.com.
101       IN      PTR     dns1.ys11rac.com.
111       IN      PTR     scan.ys11rac.com.
112       IN      PTR     scan.ys11rac.com.
113       IN      PTR     scan.ys11rac.com.
100       IN      PTR     www.ys11rac.com.
[root@ys11rac1 etc]#

[root@ys11rac1 etc]# cat /etc/resolv.conf
nameserver 192.168.10.100
search ys11rac.com


------------------------------------------------------------------------------------------------------------
从服务器设置：

[root@ys11rac2 etc]# hostname
ys11rac2
[root@ys11rac2 etc]# cat /etc/hosts
# Do not remove the following line, or various programs
# that require network functionality will fail.
127.0.0.1               localhost.localdomain localhost
::1             localhost6.localdomain6 localhost6

192.168.10.28 ys11rac1
192.168.10.29 ys11rac2

[root@ys11rac2 etc]# cat /etc/host.conf
order hosts,bind
[root@ys11rac2 etc]# cat /var/named/chroot/etc/named.conf
//
// named.caching-nameserver.conf
//
// Provided by Red Hat caching-nameserver package to configure the
// ISC BIND named( DNS server as a caching only nameserver
// (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
// DO NOT EDIT THIS FILE - use system-config-bind or an editor
// to create named.conf - edits to this file will be lost on
// caching-nameserver package upgrade.
//
options {
        listen-on port 53 { 192.168.10.101; };
        listen-on-v6 port 53 { ::1; };
        directory       "/var/named";
        dump-file       "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
        memstatistics-file "/var/named/data/named_mem_stats.txt";

        // Those options should be used carefully because they disable port
        // randomization
        // query-source    port 53;
        // query-source-v6 port 53;

        allow-query     { 192.168.10.0/24; };
        allow-query-cache { any; };
};
logging {
        channel default_debug {
                file "data/named.run";
                severity dynamic;
        };
};
view localhost_resolver {
        match-clients      { 192.168.10.0/24; };
        match-destinations { any; };
        recursion yes;
        include "/etc/named.rfc1912.zones";
};
[root@ys11rac2 etc]# cat /var/named/chroot/etc/named.rfc1912.zones
// named.rfc1912.zones:
//
// Provided by Red Hat caching-nameserver package
//
// ISC BIND named zone configuration for zones recommended by
// RFC 1912 section 4.1 : localhost TLDs and address zones
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
zone "." IN {
        type hint;
        file "named.ca";
};

zone "localdomain" IN {
        type master;
        file "localdomain.zone";
        allow-update { none; };
};

zone "localhost" IN {
        type master;
        file "localhost.zone";
        allow-update { none; };
};

zone "0.0.127.in-addr.arpa" IN {
        type master;
        file "named.local";
        allow-update { none; };
};

zone "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN {
        type master;
        file "named.ip6.local";
        allow-update { none; };
};

zone "255.in-addr.arpa" IN {
        type master;
        file "named.broadcast";
        allow-update { none; };
};

zone "0.in-addr.arpa" IN {
        type master;
        file "named.zero";
        allow-update { none; };
};

zone "ys11rac.com" IN {
        type slave;
        file "slaves/slave.ys11rac.db";
        masters { 192.168.10.100; };
};

zone "10.168.192.in-addr.arpa" IN {
         type slave;
         file "slaves/slave.192.168.10.db";
         masters { 192.168.10.100; };
};
[root@ys11rac2 etc]# cat /etc/resolv.conf
search ys11rac.com
nameserver 192.168.10.100
[root@ys11rac2 etc]#

[root@ys11rac2 named]# ll /var/named
total 12
drwxr-xr-x 6 named named 4096 Mar 25 11:44 chroot
drwxr-xr-x 2 named named 4096 Sep  3  2009 data
lrwxrwxrwx 1 named named   45 Mar 24 12:58 localdomain.zone -> /var/named/chroot//var/named/localdomain.zone
lrwxrwxrwx 1 named named   43 Mar 24 12:58 localhost.zone -> /var/named/chroot//var/named/localhost.zone
lrwxrwxrwx 1 named named   44 Mar 24 12:58 named.broadcast -> /var/named/chroot//var/named/named.broadcast
lrwxrwxrwx 1 named named   37 Mar 24 12:58 named.ca -> /var/named/chroot//var/named/named.ca
lrwxrwxrwx 1 named named   44 Mar 24 12:58 named.ip6.local -> /var/named/chroot//var/named/named.ip6.local
lrwxrwxrwx 1 named named   40 Mar 24 12:58 named.local -> /var/named/chroot//var/named/named.local
lrwxrwxrwx 1 named named   39 Mar 24 12:58 named.zero -> /var/named/chroot//var/named/named.zero
drwxr-xr-x 2 named named 4096 Sep  3  2009 slaves

ysping

现在nslookup测试域名解析没有问题，但是从服务器配置成功后，第一次执行service named restart后在slaves目录自动复制了主服务器的区域文件，当从手动删除后，无论怎么操作都再同步了！

主服务器的序列号改过很多次了，日志文件也没发现异常：
主服务器日志：
Mar 25 16:07:51 ys11rac1 named[7190]: zone ys11rac.com/IN/localhost_resolver: loaded serial 2014032503
Mar 25 16:07:51 ys11rac1 named[7190]: running
Mar 25 16:07:51 ys11rac1 named[7190]: zone ys11rac.com/IN/localhost_resolver: sending notifies (serial 2014032503)
Mar 25 16:07:51 ys11rac1 named[7190]: zone 10.168.192.in-addr.arpa/IN/localhost_resolver: sending notifies (serial 2014032505)
Mar 25 16:26:31 ys11rac1 named[7190]: loading configuration from '/etc/named.conf'
Mar 25 16:26:31 ys11rac1 named[7190]: using default UDP/IPv4 port range: [1024, 65535]
Mar 25 16:26:31 ys11rac1 named[7190]: using default UDP/IPv6 port range: [1024, 65535]
Mar 25 16:26:31 ys11rac1 named[7190]: the working directory is not writable
Mar 25 16:26:31 ys11rac1 named[7190]: zone 10.168.192.in-addr.arpa/IN/localhost_resolver: loaded serial 2014032506
Mar 25 16:26:31 ys11rac1 named[7190]: zone ys11rac.com/IN/localhost_resolver: loaded serial 2014032508
Mar 25 16:26:31 ys11rac1 named[7190]: zone 10.168.192.in-addr.arpa/IN/localhost_resolver: sending notifies (serial 2014032506)
Mar 25 16:26:31 ys11rac1 named[7190]: zone ys11rac.com/IN/localhost_resolver: sending notifies (serial 201403250

ysping

从服务器日志：
Mar 25 16:10:59 ys11rac2 named[7294]: zone 10.168.192.in-addr.arpa/IN/localhost_resolver: loaded serial 2014032505
Mar 25 16:10:59 ys11rac2 named[7294]: zone 255.in-addr.arpa/IN/localhost_resolver: loaded serial 42
Mar 25 16:10:59 ys11rac2 named[7294]: zone 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN/localhost_resolver: loaded serial 1997022700
Mar 25 16:10:59 ys11rac2 named[7294]: zone ys11rac.com/IN/localhost_resolver: loaded serial 2014032503
Mar 25 16:10:59 ys11rac2 named[7294]: zone localdomain/IN/localhost_resolver: loaded serial 42
Mar 25 16:10:59 ys11rac2 named[7294]: zone localhost/IN/localhost_resolver: loaded serial 42
Mar 25 16:10:59 ys11rac2 named[7294]: zone ys11rac.com/IN/localhost_resolver: sending notifies (serial 2014032503)
Mar 25 16:10:59 ys11rac2 named[7294]: running
Mar 25 16:26:04 ys11rac2 named[7294]: loading configuration from '/etc/named.conf'
Mar 25 16:26:04 ys11rac2 named[7294]: using default UDP/IPv4 port range: [1024, 65535]
Mar 25 16:26:04 ys11rac2 named[7294]: using default UDP/IPv6 port range: [1024, 65535]
Mar 25 16:26:04 ys11rac2 named[7294]: the working directory is not writable


开始怀疑是the working directory is not writable这个问题，但是各个目录的权限我已经改了很大还是不行，并且第一次启动能够成功从主服务器同步。

ysping

主、从服务器都有四块网卡，两个网段。

q1208c

回复 3# ysping

Mar 25 16:26:04 ys11rac2 named[7294]: the working directory is not writable


你的目录权限不是越大越好, 关键是owner是 谁.
   

ysping

回复 5# q1208c


    我把/var/named整个目录（包括子目录）都改成named:named了，还是会有这个错误。好像有人说可以忽略这个错误。
不直到到底是哪个目录的问题。
我觉得和这个没多大关系，第一次可以自动生成的。

ysping

晕了！目录搞错了，是/var/named/chroot/var/named/slaves，不是在/var/named/slaves目录！能更新！

q1208c

回复 7# ysping


      一般 named 都是 chroot 的.