Nie jesteś zalogowany.
Jeśli nie posiadasz konta, zarejestruj je już teraz! Pozwoli Ci ono w pełni korzystać z naszego serwisu. Spamerom dziękujemy!
Prosimy o pomoc dla małej Julki — przekaż 1% podatku na Fundacji Dzieciom zdazyć z Pomocą.
Więcej informacji na dug.net.pl/pomagamy/.
Witam serdecznie.
W czasie konfiguracji serwera DNS, dokładnie mówiąc chodzi o Bind;a. Tworzę serwer buforujący zapytania tzw. caching-only.
Plik konfiguracyjny:
include "/etc/rndc.key"; options { directory "/etc/bind/zones"; pid-file "/var/run/named/named.pig"; forwarders { 8.8.8.8; 8.8.4.4; 208.67.222.222; 208.67.220.220; 208.67.222.220; 208.67.220.222; }; listen-on port 53{ 127.0.0.1; 192.168.0.0/24; }; listen-on-v6 { any; }; allow-query{ 127.0.0.1; 192.168.0.0/24; }; auth-nxdomain no; # conform to RFC1035 query-source address * port 53; transfer-source * port 53; notify-source * port 53; version ""; recursion yes; }; zone "." IN { type hint; file "db.root"; }; zone "localhost" IN { type master; file "db.local"; allow-update { none; }; notify no; }; #zone "domena.pl" IN { # type master; # file "domena.zone"; # notify yes; #}; zone "0.0.127.in-addr.arpa" IN { type master; file "127.0.0.zone"; };
Plik 127.0.0.zone:
$TTL 86400 @ IN SOA localhost. root.localhost. ( 2006081446 ; Serial 28800 ; Refresh 604800 ; Retry 604800 ; Expire 8640 ; Minimum ) @ IN NS localhost. 1 IN PTR localhost.
Niestety bind nie wstaje z tą konfiguracją. Po niekomentowaniu stref wszystko działa.
Sprawdziłem poleceniem named-checkzone 127.0.0.1 /etc/bind/zones/127.0.0.zone i program wypluł OK.
Gdzie może leżeć problem?
Offline
W logach masz opisany problem.
Poszukaj w syslogu, co tam proces named ma do powiedzenia.
Jeżeli używasz Apparmora, SELinuxa czy innego ACL, to także dmesg, kernel.log , messages albo /var/log/auditd/*.
Ostatnio edytowany przez Jacekalex (2016-10-12 22:36:47)
Offline
W pliku strefy komentujemy podwójnym średnikiem
;; komentarz
. Przypadkiem nie komentowałeś #? :)
Ostatnio edytowany przez Piotr3ks (2016-10-12 19:18:15)
Offline
Piotr3ks napisał(-a):
W pliku strefy komentujemy podwójnym średnikiem
Kod:
;; komentarz. Przypadkiem nie komentowałeś #? :)
Zgadza się, chciałem go zakomentować :) poprawiłem, ale nie pomogło. Sprawdzę jeszcze syslog'a, ale muszę dopisać nowe reguły do konfiguracji syslog'a, ponieważ to moja autorska dystrybucja linux'a i przy kompilowaniu były tylko podstawowe(dokładnie 3) reguły. Zrobię i dam znać.
Offline
Możesz sprawdizć konfiguracje named-checkconf -z jak bedą jakieś błedy to powinno wypluć
Offline
Ok poprawiłem błędy dzięki syslog'owi. Jeden był z dostępem do katalogu i dwa błędy były w konfiguracji. Teraz działa, ale nie zupełnie do końca.
Problem mam z własną strefą domena.pl.
Komenda
ping domena.pl
wyrzuca ping: unknown host domena.pl
Oct 13 11:03:17 WolakOS named[277]: ---------------------------------------------------- Oct 13 11:03:17 WolakOS named[277]: BIND 9 is maintained by Internet Systems Consortium, Oct 13 11:03:17 WolakOS named[277]: Inc. (ISC), a non-profit 501(c)(3) public-benefit Oct 13 11:03:17 WolakOS named[277]: corporation. Support and training for BIND 9 are Oct 13 11:03:17 WolakOS named[277]: available at https://www.isc.org/support Oct 13 11:03:17 WolakOS named[277]: ---------------------------------------------------- Oct 13 11:03:17 WolakOS named[277]: adjusted limit on open files from 4096 to 1048576 Oct 13 11:03:17 WolakOS named[277]: found 1 CPU, using 1 worker thread Oct 13 11:03:17 WolakOS named[277]: using 1 UDP listener per interface Oct 13 11:03:17 WolakOS named[277]: using up to 4096 sockets Oct 13 11:03:17 WolakOS named[277]: loading configuration from '/etc/bind/named.conf' Oct 13 11:03:17 WolakOS named[277]: reading built-in trusted keys from file '/etc/bind.keys' Oct 13 11:03:17 WolakOS named[277]: using default UDP/IPv4 port range: [32768, 61000] Oct 13 11:03:17 WolakOS named[277]: using default UDP/IPv6 port range: [32768, 61000] Oct 13 11:03:17 WolakOS named[277]: listening on IPv6 interfaces, port 53 Oct 13 11:03:17 WolakOS named[277]: listening on IPv4 interface eth1, 192.168.0.101#53 Oct 13 11:03:17 WolakOS named[277]: generating session key for dynamic DNS Oct 13 11:03:17 WolakOS named[277]: sizing zone task pool based on 4 zones Oct 13 11:03:17 WolakOS named[277]: /etc/bind/named.conf:32: using specific query-source port suppresses port randomization and can be insecure. Oct 13 11:03:17 WolakOS named[277]: set up managed keys zone for view _default, file 'managed-keys.bind' Oct 13 11:03:17 WolakOS named[277]: automatic empty zone: 10.IN-ADDR.ARPA Oct 13 11:03:17 WolakOS named[277]: automatic empty zone: 16.172.IN-ADDR.ARPA Oct 13 11:03:17 WolakOS named[277]: automatic empty zone: 17.172.IN-ADDR.ARPA Oct 13 11:03:17 WolakOS named[277]: automatic empty zone: 18.172.IN-ADDR.ARPA Oct 13 11:03:17 WolakOS named[277]: automatic empty zone: 19.172.IN-ADDR.ARPA Oct 13 11:03:17 WolakOS named[277]: automatic empty zone: 20.172.IN-ADDR.ARPA Oct 13 11:03:17 WolakOS named[277]: automatic empty zone: 21.172.IN-ADDR.ARPA Oct 13 11:03:17 WolakOS named[277]: automatic empty zone: 22.172.IN-ADDR.ARPA Oct 13 11:03:17 WolakOS named[277]: automatic empty zone: 23.172.IN-ADDR.ARPA Oct 13 11:03:17 WolakOS named[277]: automatic empty zone: 24.172.IN-ADDR.ARPA Oct 13 11:03:17 WolakOS named[277]: automatic empty zone: 25.172.IN-ADDR.ARPA Oct 13 11:03:17 WolakOS named[277]: automatic empty zone: 26.172.IN-ADDR.ARPA Oct 13 11:03:17 WolakOS named[277]: automatic empty zone: 27.172.IN-ADDR.ARPA Oct 13 11:03:17 WolakOS named[277]: automatic empty zone: 28.172.IN-ADDR.ARPA Oct 13 11:03:17 WolakOS named[277]: automatic empty zone: 29.172.IN-ADDR.ARPA Oct 13 11:03:17 WolakOS named[277]: automatic empty zone: 30.172.IN-ADDR.ARPA Oct 13 11:03:17 WolakOS named[277]: automatic empty zone: 31.172.IN-ADDR.ARPA Oct 13 11:03:17 WolakOS named[277]: automatic empty zone: 168.192.IN-ADDR.ARPA Oct 13 11:03:17 WolakOS named[277]: automatic empty zone: 64.100.IN-ADDR.ARPA Oct 13 11:03:17 WolakOS named[277]: automatic empty zone: 65.100.IN-ADDR.ARPA Oct 13 11:03:17 WolakOS named[277]: automatic empty zone: 66.100.IN-ADDR.ARPA Oct 13 11:03:17 WolakOS named[277]: automatic empty zone: 67.100.IN-ADDR.ARPA Oct 13 11:03:17 WolakOS named[277]: automatic empty zone: 68.100.IN-ADDR.ARPA Oct 13 11:03:17 WolakOS named[277]: automatic empty zone: 69.100.IN-ADDR.ARPA Oct 13 11:03:17 WolakOS named[277]: automatic empty zone: 70.100.IN-ADDR.ARPA Oct 13 11:03:17 WolakOS named[277]: automatic empty zone: 71.100.IN-ADDR.ARPA Oct 13 11:03:17 WolakOS named[277]: automatic empty zone: 72.100.IN-ADDR.ARPA Oct 13 11:03:17 WolakOS named[277]: automatic empty zone: 73.100.IN-ADDR.ARPA Oct 13 11:03:17 WolakOS named[277]: automatic empty zone: 74.100.IN-ADDR.ARPA Oct 13 11:03:17 WolakOS named[277]: automatic empty zone: 75.100.IN-ADDR.ARPA Oct 13 11:03:17 WolakOS named[277]: automatic empty zone: 76.100.IN-ADDR.ARPA Oct 13 11:03:17 WolakOS named[277]: automatic empty zone: 77.100.IN-ADDR.ARPA Oct 13 11:03:17 WolakOS named[277]: automatic empty zone: 78.100.IN-ADDR.ARPA Oct 13 11:03:17 WolakOS named[277]: automatic empty zone: 79.100.IN-ADDR.ARPA Oct 13 11:03:17 WolakOS named[277]: automatic empty zone: 80.100.IN-ADDR.ARPA Oct 13 11:03:17 WolakOS named[277]: automatic empty zone: 81.100.IN-ADDR.ARPA Oct 13 11:03:17 WolakOS named[277]: automatic empty zone: 82.100.IN-ADDR.ARPA Oct 13 11:03:17 WolakOS named[277]: automatic empty zone: 83.100.IN-ADDR.ARPA Oct 13 11:03:17 WolakOS named[277]: automatic empty zone: 84.100.IN-ADDR.ARPA Oct 13 11:03:17 WolakOS named[277]: automatic empty zone: 85.100.IN-ADDR.ARPA Oct 13 11:03:17 WolakOS named[277]: automatic empty zone: 86.100.IN-ADDR.ARPA Oct 13 11:03:17 WolakOS named[277]: automatic empty zone: 87.100.IN-ADDR.ARPA Oct 13 11:03:17 WolakOS named[277]: automatic empty zone: 88.100.IN-ADDR.ARPA Oct 13 11:03:17 WolakOS named[277]: automatic empty zone: 89.100.IN-ADDR.ARPA Oct 13 11:03:17 WolakOS named[277]: automatic empty zone: 90.100.IN-ADDR.ARPA Oct 13 11:03:17 WolakOS named[277]: automatic empty zone: 91.100.IN-ADDR.ARPA Oct 13 11:03:17 WolakOS named[277]: automatic empty zone: 92.100.IN-ADDR.ARPA Oct 13 11:03:17 WolakOS named[277]: automatic empty zone: 93.100.IN-ADDR.ARPA Oct 13 11:03:17 WolakOS named[277]: automatic empty zone: 94.100.IN-ADDR.ARPA Oct 13 11:03:17 WolakOS named[277]: automatic empty zone: 95.100.IN-ADDR.ARPA Oct 13 11:03:17 WolakOS named[277]: automatic empty zone: 96.100.IN-ADDR.ARPA Oct 13 11:03:17 WolakOS named[277]: automatic empty zone: 97.100.IN-ADDR.ARPA Oct 13 11:03:17 WolakOS named[277]: automatic empty zone: 98.100.IN-ADDR.ARPA Oct 13 11:03:17 WolakOS named[277]: automatic empty zone: 99.100.IN-ADDR.ARPA Oct 13 11:03:17 WolakOS named[277]: automatic empty zone: 100.100.IN-ADDR.ARPA Oct 13 11:03:17 WolakOS named[277]: automatic empty zone: 101.100.IN-ADDR.ARPA Oct 13 11:03:17 WolakOS named[277]: automatic empty zone: 102.100.IN-ADDR.ARPA Oct 13 11:03:17 WolakOS named[277]: automatic empty zone: 103.100.IN-ADDR.ARPA Oct 13 11:03:17 WolakOS named[277]: automatic empty zone: 104.100.IN-ADDR.ARPA Oct 13 11:03:17 WolakOS named[277]: automatic empty zone: 105.100.IN-ADDR.ARPA Oct 13 11:03:17 WolakOS named[277]: automatic empty zone: 106.100.IN-ADDR.ARPA Oct 13 11:03:17 WolakOS named[277]: automatic empty zone: 107.100.IN-ADDR.ARPA Oct 13 11:03:17 WolakOS named[277]: automatic empty zone: 108.100.IN-ADDR.ARPA Oct 13 11:03:17 WolakOS named[277]: automatic empty zone: 109.100.IN-ADDR.ARPA Oct 13 11:03:17 WolakOS named[277]: automatic empty zone: 110.100.IN-ADDR.ARPA Oct 13 11:03:17 WolakOS named[277]: automatic empty zone: 111.100.IN-ADDR.ARPA Oct 13 11:03:17 WolakOS named[277]: automatic empty zone: 112.100.IN-ADDR.ARPA Oct 13 11:03:17 WolakOS named[277]: automatic empty zone: 113.100.IN-ADDR.ARPA Oct 13 11:03:17 WolakOS named[277]: automatic empty zone: 114.100.IN-ADDR.ARPA Oct 13 11:03:17 WolakOS named[277]: automatic empty zone: 115.100.IN-ADDR.ARPA Oct 13 11:03:17 WolakOS named[277]: automatic empty zone: 116.100.IN-ADDR.ARPA Oct 13 11:03:17 WolakOS named[277]: automatic empty zone: 117.100.IN-ADDR.ARPA Oct 13 11:03:17 WolakOS named[277]: automatic empty zone: 118.100.IN-ADDR.ARPA Oct 13 11:03:17 WolakOS named[277]: automatic empty zone: 119.100.IN-ADDR.ARPA Oct 13 11:03:17 WolakOS named[277]: automatic empty zone: 120.100.IN-ADDR.ARPA Oct 13 11:03:17 WolakOS named[277]: automatic empty zone: 121.100.IN-ADDR.ARPA Oct 13 11:03:17 WolakOS named[277]: automatic empty zone: 122.100.IN-ADDR.ARPA Oct 13 11:03:17 WolakOS named[277]: automatic empty zone: 123.100.IN-ADDR.ARPA Oct 13 11:03:17 WolakOS named[277]: automatic empty zone: 124.100.IN-ADDR.ARPA Oct 13 11:03:17 WolakOS named[277]: automatic empty zone: 125.100.IN-ADDR.ARPA Oct 13 11:03:17 WolakOS named[277]: automatic empty zone: 126.100.IN-ADDR.ARPA Oct 13 11:03:17 WolakOS named[277]: automatic empty zone: 127.100.IN-ADDR.ARPA Oct 13 11:03:17 WolakOS named[277]: automatic empty zone: 0.IN-ADDR.ARPA Oct 13 11:03:17 WolakOS named[277]: automatic empty zone: 127.IN-ADDR.ARPA Oct 13 11:03:17 WolakOS named[277]: automatic empty zone: 254.169.IN-ADDR.ARPA Oct 13 11:03:17 WolakOS named[277]: automatic empty zone: 2.0.192.IN-ADDR.ARPA Oct 13 11:03:17 WolakOS named[277]: automatic empty zone: 100.51.198.IN-ADDR.ARPA Oct 13 11:03:17 WolakOS named[277]: automatic empty zone: 113.0.203.IN-ADDR.ARPA Oct 13 11:03:17 WolakOS named[277]: automatic empty zone: 255.255.255.255.IN-ADDR.ARPA Oct 13 11:03:17 WolakOS named[277]: automatic empty zone: 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA Oct 13 11:03:17 WolakOS named[277]: automatic empty zone: 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA Oct 13 11:03:17 WolakOS named[277]: automatic empty zone: D.F.IP6.ARPA Oct 13 11:03:17 WolakOS named[277]: automatic empty zone: 8.E.F.IP6.ARPA Oct 13 11:03:17 WolakOS named[277]: automatic empty zone: 9.E.F.IP6.ARPA Oct 13 11:03:17 WolakOS named[277]: automatic empty zone: A.E.F.IP6.ARPA Oct 13 11:03:17 WolakOS named[277]: automatic empty zone: B.E.F.IP6.ARPA Oct 13 11:03:17 WolakOS named[277]: automatic empty zone: 8.B.D.0.1.0.0.2.IP6.ARPA Oct 13 11:03:17 WolakOS named[277]: automatic empty zone: EMPTY.AS112.ARPA Oct 13 11:03:17 WolakOS named[277]: /etc/bind/named.conf:32: using specific query-source port suppresses port randomization and can be insecure. Oct 13 11:03:17 WolakOS named[277]: configuring command channel from '/etc/rndc.key' Oct 13 11:03:17 WolakOS named[277]: couldn't add command channel 127.0.0.1#953: address not available Oct 13 11:03:17 WolakOS named[277]: configuring command channel from '/etc/rndc.key' Oct 13 11:03:17 WolakOS named[277]: couldn't add command channel ::1#953: address not available Oct 13 11:03:17 WolakOS named[277]: managed-keys-zone: loaded serial 0 Oct 13 11:03:17 WolakOS named[277]: zone 0.0.127.in-addr.arpa/IN: loaded serial 2006081446 Oct 13 11:03:17 WolakOS named[277]: zone localhost/IN: loaded serial 2 Oct 13 11:03:17 WolakOS named[277]: zone domena.pl/IN: loaded serial 2002052101 Oct 13 11:03:17 WolakOS named[277]: all zones loaded Oct 13 11:03:17 WolakOS named[277]: running
Zapewne problem z:
... Oct 13 11:03:17 WolakOS named[277]: couldn't add command channel 127.0.0.1#953: address not available ... Oct 13 11:03:17 WolakOS named[277]: couldn't add command channel ::1#953: address not available ...
I jeszcze jedna informacja:
root@debian:/home/wolacinio# dig domena.pl ; <<>> DiG 9.9.5-9+deb8u7-Debian <<>> domena.pl ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 20841 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ;; QUESTION SECTION: ;domena.pl. IN A ;; AUTHORITY SECTION: domena.pl. 86400 IN SOA main.domena.pl. admin.domena.pl. 2002052101 259200 21600 864000 86400 ;; Query time: 1 msec ;; SERVER: 192.168.0.101#53(192.168.0.101) ;; WHEN: Thu Oct 13 13:20:56 CEST 2016 ;; MSG SIZE rcvd: 85
---------------
Edit.
Dodanie ustawień do named.conf nie pomogło:
controls { inet 127.0.0.1 allow { 127.0.0.1; } keys { "rndc-key"; }; };
Zmienił się log:
Oct 13 11:28:04 WolakOS named[371]: /etc/bind/named.conf:36: using specific query-source port suppresses port randomization and can be insecure. Oct 13 11:28:04 WolakOS named[371]: /etc/bind/named.conf:4: couldn't add command channel 127.0.0.1#953: address not available Oct 13 11:28:04 WolakOS named[371]: managed-keys-zone: loaded serial 0 Oct 13 11:28:04 WolakOS named[371]: zone domena.pl/IN: loaded serial 2002052101 Oct 13 11:28:04 WolakOS named[371]: zone 0.0.127.in-addr.arpa/IN: loaded serial 2006081446 Oct 13 11:28:04 WolakOS named[371]: zone localhost/IN: loaded serial 2 Oct 13 11:28:04 WolakOS named[371]: all zones loaded Oct 13 11:28:04 WolakOS named[371]: running
-------------
Edit2.
Wszystko działa. Wystarczyło dołączyć regułę:
domena.pl. IN A 192.168.0.101
Dziękuje za pomoc.
Ostatnio edytowany przez wolacinio (2016-10-13 14:19:44)
Offline