如何在局域网中使用bind9来使用自己的自定义域?
我是DNS新手并制作DNS服务器。 我已经通过bind9服务器阅读了如何(在https://help.ubuntu.com/community/BIND9ServerHowto )以及在线教程如何在ubuntu中设置bind9服务器。 我还没有让他们中的任何一个工作。
我正在尝试将fivestones.desonia解析为我的计算机LAN IP地址192.168.1.139。
我的named.conf.options文件:
options { directory "/var/cache/bind"; // If there is a firewall between you and nameservers you want // to talk to, you may need to fix the firewall to allow multiple // ports to talk. See http://www.kb.cert.org/vuls/id/800113 // If your ISP provided one or more IP addresses for stable // nameservers, you probably want to use them as forwarders. // Uncomment the following block, and insert the addresses replacing // the all-0's placeholder. forwarders { 8.8.8.8; 8.8.4.4; }; //======================================================================== // If BIND logs error messages about the root key being expired, // you will need to update your keys. See https://www.isc.org/bind-keys //======================================================================== dnssec-validation auto; auth-nxdomain no; # conform to RFC1035 listen-on-v6 { any; }; }; 我的named.conf.local文件:
#// #// Do any local configuration here #// #// Consider adding the 1918 zones here, if they are not used in your #// organization #//include "/etc/bind/zones.rfc1918"; zone "fivestones.desonia" { type master; file "/etc/bind/zones/db.fivestones.desonia"; }; zone "1.168.192.in-addr.arpa" { type master; notify no; file "/etc/bind/zones/db.192"; };
我的/etc/bind/zones/db.192文件:
; ; BIND reverse data file for local loopback interface ; $TTL 604800 @ IN SOA ns.fivestones.desonia. root.fivestones.desonia. ( 2013012113 ; Serial 604800 ; Refresh 86400 ; Retry 2419200 ; Expire 604800 ) ; Negative Cache TTL ; @ IN NS ns. 10 IN PTR ns.fivestones.desonia.
我的/etc/bind/zones/db.fivestones.desonia文件
; ; BIND data file for local loopback interface ; $TTL 604800 @ IN SOA ns.fivestones.desonia. root.fivestones.desonia. ( 2013012110 ; Serial 604800 ; Refresh 86400 ; Retry 2419200 ; Expire 604800 ) ; Negative Cache TTL ; @ IN NS ns.fivestones.desonia. ns IN A 192.168.1.139 server IN A 192.168.1.139 www IN A 192.168.1.139
我sudo service bind9 restart然后这是我的tail -f /var/log/syslog :
Jan 21 23:47:25 media-server named[16726]: command channel listening on 127.0.0.1#953 Jan 21 23:47:25 media-server named[16726]: command channel listening on ::1#953 Jan 21 23:47:25 media-server named[16726]: zone 0.in-addr.arpa/IN: loaded serial 1 Jan 21 23:47:25 media-server named[16726]: zone 127.in-addr.arpa/IN: loaded serial 1 Jan 21 23:47:25 media-server named[16726]: zone 1.168.192.in-addr.arpa/IN: loaded serial 2013012113 Jan 21 23:47:25 media-server named[16726]: zone 255.in-addr.arpa/IN: loaded serial 1 Jan 21 23:47:25 media-server named[16726]: zone fivestones.desonia/IN: loaded serial 2013012110 Jan 21 23:47:25 media-server named[16726]: zone localhost/IN: loaded serial 2 Jan 21 23:47:25 media-server named[16726]: managed-keys-zone ./IN: loaded serial 2 Jan 21 23:47:25 media-server named[16726]: running
但当我尝试host -l fivestones.desonia我得到了
; Transfer failed. Host fivestones.desonia not found: 9(NOTAUTH) ; Transfer failed.
如果我尝试ping fivestones.desonia我会ping: unknown host fivestones.desonia 。 如果我host google.com我会得到
google.com has address 74.125.227.96 google.com has address 74.125.227.97 google.com has address 74.125.227.98 google.com has address 74.125.227.99 google.com has address 74.125.227.100 google.com has address 74.125.227.101 google.com has address 74.125.227.102 google.com has address 74.125.227.103 google.com has address 74.125.227.104 google.com has address 74.125.227.105 google.com has address 74.125.227.110 google.com has IPv6 address 2607:f8b0:4000:800::1004 google.com mail is handled by 20 alt1.aspmx.l.google.com. google.com mail is handled by 30 alt2.aspmx.l.google.com. google.com mail is handled by 40 alt3.aspmx.l.google.com. google.com mail is handled by 50 alt4.aspmx.l.google.com. google.com mail is handled by 10 aspmx.l.google.com.
所以至少那是有效的。 但host fivestones.desonia什么都不做。 如果我dig fivestones.desonia我得到了
; <> DiG 9.8.1-P1 <> fivestones.desonia ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 57727 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0 ;; QUESTION SECTION: ;fivestones.desonia. IN A ;; AUTHORITY SECTION: fivestones.desonia. 604800 IN SOA ns.fivestones.desonia. root.fivestones.desonia. 2013012110 604800 86400 2419200 604800 ;; Query time: 1 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) ;; WHEN: Mon Jan 21 23:51:40 2013 ;; MSG SIZE rcvd: 80
……似乎它正在发挥作用。 但它不起作用。 最后如果我wget fivestones.desonia (计算机正在运行apache),我得到了
Resolving fivestones.desonia (fivestones.desonia)... failed: Name or service not known. wget: unable to resolve host address `fivestones.desonia'
我究竟做错了什么? 或者你需要什么其他信息来帮助我解决这个问题? 非常感谢!
‘fivestones.desonia’不是您设置中的主机名。 请尝试以下方法。
ping www.fivestones.desonia
完全按照你的指南,让一切工作:)
命令host -l fivestones.desonia
应该返回你的DNS区域中的所有主机。
使用sudo tail -f /var/log/syslog检查你的配置,看看是否有任何错误
你的配置中最可能出现的错误是你的bind配置中没有“zones”子文件夹,你需要创建一个或从你的路径中删除它。
其他一切都是正确和有效的!
ns IN A 192.168.1.139 server IN A 192.168.1.139 www IN A 192.168.1.139
同一IP地址的多个A记录通常不是好的做法。
为主机选择一个名称,“规范”名称,然后为该规范名称创建替代“服务”名称(例如ns,ftp,www)的CNAME“别名”记录,如
server IN A 192.168.1.139
和
ns CNAME server ftp CNAME server www CNAME server
然后,当您将服务移动到第二个服务器时,您为该服务器2添加A记录,只需更改为CNAME条目以指向第二个主机名,例如
ftp CNAME server2
类似地,应该在反向区域文件中只有一个指向规范名称的PTR记录。
$ORIGIN 1.168.192.in-addr.arpa. 139 PTR server.fivestones.desonia.
(注意PTR条目的基本尾随期。)
良好的DNS实践意味着能够进行反向查找!