求助,BIND9 无法解析配置好的资源记录

2018-06-25 16:09:11 +08:00
 plko345

有大大熟悉 DNS 的看到还麻烦解决下疑惑,花了一天排查都不知道问题出在哪里

环境:

options {
        listen-on port 53 { 192.168.4.95; };
        directory       "/var/named";
        dump-file       "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
        memstatistics-file "/var/named/data/named_mem_stats.txt";
        allow-query     { any; };
        recursion yes;
        pid-file "/run/named/named.pid";
        session-keyfile "/run/named/session.key";
};
logging {
        channel default_debug {
                file "data/named.run";
                severity dynamic;
        };
};

zone "." IN {
        type hint;
        file "named.ca";
};

include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";


zone "test" IN {
        type master;
        file "test.zone";
};


$TTL 100
@       IN      SOA     ns1.main.ccom.  mail.main.ccom. (
                        2018062201
                        1H
                        5M
                        7D
                        100 )
        IN      NS      ns1
        IN      MX 10   mx1
ns1     IN      A       192.168.4.95
mx1     IN      A       192.168.4.96
test    IN      A       172.16.4.4
www     IN      A       192.168.4.11
ftp     IN      CNAME   www

测试

systemctl start named.service # 启动正常

已监听在 53 端口上

ss -tunlp | grep 53
udp  UNCONN  0   0    192.168.4.95:53   *:*   users:(("named",pid=1893,fd=512))
tcp   LISTEN     0   10  192.168.4.95:53   *:*     users:(("named",pid=1893,fd=21))

dig 测试,在本机和其它机器上测试结果相同

dig -t A ftp.main.ccom @192.168.4.95

返回结果

; <<>> DiG 9.9.4-RedHat-9.9.4-61.el7 <<>> -t A ftp.main.ccom @192.168.4.95
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 46342
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;ftp.main.ccom.			IN	A

;; AUTHORITY SECTION:
.			9424	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2018062500 1800 900 604800 86400

;; Query time: 0 msec
;; SERVER: 192.168.4.95#53(192.168.4.95)
;; WHEN: Mon Jun 25 03:59:40 EDT 2018
;; MSG SIZE  rcvd: 117
3644 次点击
所在节点    Linux
6 条回复
plko345
2018-06-25 16:12:53 +08:00
tcpdump 抓包的情况
不知道为什么会有个 198.41.0.4.53


```
03:36:44.371510 IP 192.168.4.95.11813 > 198.41.0.4.53: 28451% [1au] A? ftp.main.ccom. (42)
03:36:44.371709 IP 192.168.4.95.51299 > 198.41.0.4.53: 32249% [1au] NS? . (28)
03:36:44.696767 IP 198.41.0.4.53 > 192.168.4.95.51299: 32249*- 14/0/27 NS e.root-servers.net., NS h.root-servers.net., NS l.root-servers.net., NS i.root-servers.net., NS a.root-servers.net., NS d.root-servers.net., NS c.root-servers.net., NS b.root-servers.net., NS j.root-servers.net., NS k.root-servers.net., NS g.root-servers.net., NS m.root-servers.net., NS f.root-servers.net., RRSIG (1097)
03:36:44.731744 IP 198.41.0.4.53 > 192.168.4.95.11813: 28451 NXDomain*- 0/6/1 (1027)
```
plko345
2018-06-25 16:22:43 +08:00
日志的错误:

Jun 25 04:20:10 nginx named[2505]: error (network unreachable) resolving './DNSKEY/IN': 2001:500:2d::d#53
Jun 25 04:20:10 nginx named[2505]: error (network unreachable) resolving './DNSKEY/IN': 2001:500:1::53#53
Jun 25 04:20:10 nginx named[2505]: error (network unreachable) resolving './DNSKEY/IN': 2001:7fd::1#53
Jun 25 04:20:10 nginx named[2505]: error (network unreachable) resolving './DNSKEY/IN': 2001:dc3::35#53
adrianzhang
2018-06-25 17:45:33 +08:00
```
@ IN SOA ns1.main.ccom. mail.main.ccom. (
```

ccom.??? 好好查查这句应该怎么写。
xfspace
2018-06-25 17:59:28 +08:00
zone "test"

加的记录都是 *.test

先学 zone 是什么概念
plko345
2018-06-25 19:10:52 +08:00
@adrianzhang 拜托,这样写没问题啊
plko345
2018-06-25 19:11:58 +08:00
@xfspace 谢谢,确实是 zone 的问题,非常感谢

这是一个专为移动设备优化的页面(即为了让你能够在 Google 搜索结果里秒开这个页面),如果你希望参与 V2EX 社区的讨论,你可以继续到 V2EX 上打开本讨论主题的完整版本。

https://www.v2ex.com/t/465700

V2EX 是创意工作者们的社区,是一个分享自己正在做的有趣事物、交流想法,可以遇见新朋友甚至新机会的地方。

V2EX is a community of developers, designers and creative people.

© 2021 V2EX