DNS 反向域名解析怎么老有问题？请高手指点

yd518-cj

我用pc vmware搭建了一个linux环境，测试bind。
域名：test.com
bind:9.2.4


1、ifconfig
[root@redflag ~]# ifconfig
eth0      Link encap:Ethernet  HWaddr 00:0C:29:CF:14:5B  
          inet addr:192.168.63.140  Bcast:192.168.63.255  Mask:255.255.255.0
          inet6 addr: fe80::20c:29ff:fecf:145b/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:189 errors:0 dropped:0 overruns:0 frame:0
          TX packets:381 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:20260 (19.7 KiB)  TX bytes:25690 (25.0 KiB)
          Interrupt:10 Base address:0x1400

lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:488 errors:0 dropped:0 overruns:0 frame:0
          TX packets:488 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:42362 (41.3 KiB)  TX bytes:42362 (41.3 KiB)
2、more /etc/named.conf
[root@redflag ~]# more /etc/named.conf
//
// named.conf for Red Hat caching-nameserver
//

options {
        directory "/var/named";
        dump-file "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
        forward first;
        forwarders {
        61.128.99.133;
        };           

        /*
         * If there is a firewall between you and nameservers you want
         * to talk to, you might need to uncomment the query-source
         * directive below.  Previous versions of BIND always asked
         * questions using port 53, but BIND 8.1 uses an unprivileged
         * port by default.
         */
         // query-source address * port 53;
};

//
// a caching only nameserver config
//
logging{
      Channel syslog_info{
      File "/var/log/bindall.log" version 20 size 2M;
      Print-category yes;
      Print-time yes;
      Severity notice;
              };
      category default {
      syslog_info;
              };
};


controls {
        inet 127.0.0.1 allow { localhost; } keys { rndckey; };
};

zone "." IN {
        type hint;
        file "named.ca";
};

zone "localdomain" IN {
        type master;
        file "localdomain.zone";
        allow-update { none; };
};

zone "localhost" IN {
       type master;
       file "localhost.zone";
       allow-update { none; };
};

zone "0.0.127.in-addr.arpa" IN {
       type master;
       file "named.local";
       allow-update { none; };
};

zone "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN
{
        type master;
        file "named.ip6.local";
        allow-update { none; };
};

zone "255.in-addr.arpa" IN {
        type master;
        file "named.broadcast";
        allow-update { none; };
};


zone "test.com" IN {
        type master;
        file "db.example";
        allow-update { none; };
};


zone "63.168.192.in-addr.arpa" IN {
        type master;
        file "db.192.168.63";
        allow-update { none; };
};


include "/etc/rndc.key";

3、cat /var/named/chroot/var/named/db.example

[root@redflag named]# cat db.example
$TTL    86400
@       IN      SOA     yd.test.com. root.yd.test.com. (
                                      1997022703 ; Serial
                                      28800      ; Refresh
                                      14400      ; Retry
                                      3600000    ; Expire
                                      86400 )    ; Minimum
         IN      NS     test.com.
www      IN     A       192.168.63.140      
ftp      IN     A       192.168.63.110
oa       IN     A       192.168.63.20      

4、cat /var/named/chroot/var/named/db.192.168.63

[root@redflag named]# cat da.192.*
cat: da.192.*: No such file or directory
[root@redflag named]# cat db.192.*
$TTL    3600
@       IN      SOA     63.168.192.in-addr.arpa  root.yd.test.com. (
                                      9999       ; Serial
                                      28800      ; Refresh
                                      14400      ; Retry
                                      3600000    ; Expire
                                      86400 )    ; Minimum
@       IN      NS      test.com.
51       IN      PTR     ftp.test.com.
51       IN      PTR     www.test.com.

5、测试
[root@redflag named]# nslookup
> server
Default server: 192.168.63.140
Address: 192.168.63.140#53
> www.test.com
Server:         192.168.63.140
Address:        192.168.63.140#53

Name:   www.test.com
Address: 192.168.63.140
> ftp.test.com
Server:         192.168.63.140
Address:        192.168.63.140#53

Name:   ftp.test.com
Address: 192.168.63.110

6、问题
> 192.168.63.140
Server:         192.168.63.140
Address:        192.168.63.140#53

** server can't find 140.63.168.192.in-addr.arpa: NXDOMAIN
> 192.168.63.110  
Server:         192.168.63.140
Address:        192.168.63.140#53

** server can't find 110.63.168.192.in-addr.arpa: NXDOMAIN
>

yd518-cj

[root@redflag named]# grep named /var/log/messages |tail -50
Aug 26 00:05:05 redflag named[4600]: zone 63.168.192.in-addr.arpa/IN: loaded serial 9999
Aug 26 00:05:05 redflag named[4600]: zone 255.in-addr.arpa/IN: loaded serial 42
Aug 26 00:05:05 redflag named[4600]: zone 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN: loaded serial 1997022700
Aug 26 00:05:05 redflag named[4600]: zone test.com/IN: loaded serial 1997022703
Aug 26 00:05:05 redflag named[4600]: zone localdomain/IN: loaded serial 42
Aug 26 00:05:05 redflag named[4600]: running
Aug 26 00:05:05 redflag named[4600]: zone 63.168.192.in-addr.arpa/IN: sending notifies (serial 9999)
Aug 26 00:05:05 redflag named[4600]: zone test.com/IN: sending notifies (serial 1997022703)
Aug 26 00:13:23 redflag named[4600]: shutting down: flushing changes
Aug 26 00:13:23 redflag named[4600]: stopping command channel on 127.0.0.1#953
Aug 26 00:13:23 redflag named[4600]: no longer listening on 127.0.0.1#53
Aug 26 00:13:23 redflag named[4600]: no longer listening on 192.168.63.140#53
Aug 26 00:13:23 redflag named[4600]: exiting
Aug 26 00:13:23 redflag named:  succeeded
Aug 26 00:13:26 redflag named[4659]: starting BIND 9.2.4 -u named -t /var/named/chroot
Aug 26 00:13:26 redflag named[4659]: using 1 CPU
Aug 26 00:13:26 redflag named: named startup succeeded
Aug 26 00:13:26 redflag named[4659]: loading configuration from '/etc/named.conf'
Aug 26 00:13:26 redflag named[4659]: listening on IPv4 interface lo, 127.0.0.1#53
Aug 26 00:13:26 redflag named[4659]: listening on IPv4 interface eth0, 192.168.63.140#53
Aug 26 00:13:26 redflag named[4659]: command channel listening on 127.0.0.1#953
Aug 26 00:13:26 redflag named[4659]: zone 63.168.192.in-addr.arpa/IN: loaded serial 9999
Aug 26 00:13:26 redflag named[4659]: zone 255.in-addr.arpa/IN: loaded serial 42
Aug 26 00:13:26 redflag named[4659]: zone 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN: loaded serial 1997022700
Aug 26 00:13:26 redflag named[4659]: zone test.com/IN: loaded serial 1997022703
Aug 26 00:13:26 redflag named[4659]: zone localdomain/IN: loaded serial 42
Aug 26 00:13:26 redflag named[4659]: running
Aug 26 00:13:26 redflag named[4659]: zone test.com/IN: sending notifies (serial 1997022703)
Aug 26 00:13:26 redflag named[4659]: zone 63.168.192.in-addr.arpa/IN: sending notifies (serial 9999)
Aug 26 00:20:43 redflag named[4659]: shutting down: flushing changes
Aug 26 00:20:43 redflag named[4659]: stopping command channel on 127.0.0.1#953
Aug 26 00:20:43 redflag named[4659]: no longer listening on 127.0.0.1#53
Aug 26 00:20:43 redflag named[4659]: no longer listening on 192.168.63.140#53
Aug 26 00:20:43 redflag named[4659]: exiting
Aug 26 00:20:44 redflag named:  succeeded
Aug 26 00:20:46 redflag named[4708]: starting BIND 9.2.4 -u named -t /var/named/chroot
Aug 26 00:20:46 redflag named[4708]: using 1 CPU
Aug 26 00:20:46 redflag named: named startup succeeded
Aug 26 00:20:47 redflag named[4708]: loading configuration from '/etc/named.conf'
Aug 26 00:20:47 redflag named[4708]: listening on IPv4 interface lo, 127.0.0.1#53
Aug 26 00:20:47 redflag named[4708]: listening on IPv4 interface eth0, 192.168.63.140#53
Aug 26 00:20:47 redflag named[4708]: command channel listening on 127.0.0.1#953
Aug 26 00:20:47 redflag named[4708]: zone 63.168.192.in-addr.arpa/IN: loaded serial 9999
Aug 26 00:20:47 redflag named[4708]: zone 255.in-addr.arpa/IN: loaded serial 42
Aug 26 00:20:47 redflag named[4708]: zone 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN: loaded serial 1997022700
Aug 26 00:20:47 redflag named[4708]: zone test.com/IN: loaded serial 1997022703
Aug 26 00:20:47 redflag named[4708]: zone localdomain/IN: loaded serial 42
Aug 26 00:20:47 redflag named[4708]: running
Aug 26 00:20:47 redflag named[4708]: zone 63.168.192.in-addr.arpa/IN: sending notifies (serial 9999)
Aug 26 00:20:47 redflag named[4708]: zone test.com/IN: sending notifies (serial 1997022703)
[root@redflag named]#

yd518-cj

参考帖子http://bbs.chinaunix.net/viewthr ... B4%CF%F2&page=1

yd518-cj

着急中，等待高手的回答，一定要搞清楚答案。

ailms

唉，都已经提示 NXDOMAIN 了！

为什么不检查一下反向文件中是否存在 140 这个 PTR 呢？

正解和反解走的是不同路径。说明 lz 对反向查询的概念不清楚。

yd518-cj

请明示如何修改？添加一个140 的PTR？

yd518-cj

万分感谢