- 积分
- 4
- 鸿鹄币
- 个
- 好评度
- 点
- 精华
- 注册时间
- 2009-2-15
- 最后登录
- 1970-1-1
- 阅读权限
- 10
- 听众
- 收听
网络小学徒
|
好郁闷啊,公司搭建了一个DNS服务器,现在邮件配置域名一直不好用。
求助大家帮我看一下,哪里出问题? 小弟万分感谢!
我的DNS服务器域名是www.ichengsi.com
先 贴 解析的 DNS 记录:
nslookup www.ichengsi.com
Server: 192.168.100.200
Address: 192.168.100.200#53
Non-authoritative answer:
Name: www.ichengsi.com
Address: 210.83.203.111
nslookup www.baidu.com
Server: 192.168.100.200
Address: 192.168.100.200#53
Non-authoritative answer:
www.baidu.com canonical name = www.a.shifen.com.
Name: www.a.shifen.com
Address: 202.108.22.5
Name: www.a.shifen.com
Address: 202.108.22.142
Non-authoritative answer 这里应该显示内部的IP ,可现在却一直显示外网IP,也就是说我的DNS服务器有问题,解析到外网去了。。
贴 named.conf :
//
// Sample named.conf BIND DNS server 'named' configuration file
// for the Red Hat BIND distribution.
//
// See the BIND Administrator's Reference Manual (ARM) for details, in:
// file:///usr/share/doc/bind-*/arm/Bv9ARM.html
// Also see the BIND Configuration GUI : /usr/bin/system-config-bind and
// its manual.
//
options
{
/* make named use port 53 for the source of all queries, to allow
* firewalls to block all ports except 53:
query-source port 53;
query-source-v6 port 53;
listen-on port 53 { any; };
listen-on-v6 port 53 { ::1; };
allow-query { any; };
// Put files that named is allowed to write in the data/ directory:
directory "/var/named"; // the default
dump-file "data/cache_dump.db";
statistics-file "data/named_stats.txt";
memstatistics-file "data/named_mem_stats.txt";
};
logging
{
/* If you want to enable debugging, eg. using the 'rndc trace' command,
* named will try to write the 'named.run' file in the $directory (/var/named).
* By default, SELinux policy does not allow named to modify the /var/named directory,
* so put the default debug log file in data/ :
channel default_debug
{
file "data/named.run";
severity dynamic;
};
};
//
// All BIND 9 zones are in a "view", which allow different zones to be served
// to different types of client addresses, and for options to be set for groups
// of zones.
//
// By default, if named.conf contains no "view" clauses, all zones are in the
// "default" view, which matches all clients.
//
// If named.conf contains any "view" clause, then all zones MUST be in a view;
// so it is recommended to start off using views to avoid having to restructure
// your configuration files in the future.
//
view "localhost_resolver"
{
/* This view sets up named to be a localhost resolver ( caching only nameserver ).
* If all you want is a caching-only nameserver, then you need only define this view localhost_resol
ver:
match-clients { any; };
match-destinations { any; };
recursion yes;
# all views must contain the root hints zone:
include "/etc/named.rfc1912.zones";
/* these are zones that contain definitions for all the localhost
* names and addresses, as recommended in RFC1912 - these names should
* ONLY be served to localhost clients:
*/
};
//acl acl-name {
// address_match_list;
//};
//view "internal"
//{
/* This view will contain zones you want to serve only to "internal" clients
that connect via your directly attached LAN inte**ces - "localnets" .
*/
// match-clients { localnets; };
// match-destinations { localnets; };
// recursion yes;
// all views must contain the root hints zone:
// include "/etc/named.root.hints";
// include "named.rfc1912.zones";
// you should not serve your rfc1912 names to non-localhost clients.
// These are your "authoritative" internal zones, and would probably
// also be included in the "localhost_resolver" view above :
// zone "my.internal.zone" {
// type master;
// file "my.internal.zone.db";
// };
// zone "my.slave.internal.zone" {
// type slave;
// file "slaves/my.slave.internal.zone.db";
// masters { /* put master nameserver IPs here */ 127.0.0.1; } ;
// put slave zones in the slaves/ directory so named can update them
// };
// zone "my.ddns.internal.zone" {
// type master;
// allow-update { key ddns_key; };
// file "slaves/my.ddns.internal.zone.db";
// put dynamically updateable zones in the slaves/ directory so named can update the
m
// };
//};
//key ddns_key
//{
// algorithm hmac-md5;
// secret "use /usr/sbin/dns-keygen to generate TSIG keys";
//};
//view "external"
//{
/* This view will contain zones you want to serve only to "external" clients
* that have addresses that are not on your directly attached LAN inte**ce subnets:
*/
// match-clients { !localnets; !localhost; };
// match-destinations { !localnets; !localhost; };
// recursion no;
// you'd probably want to deny recursion to external clients, so you don't
// end up providing free DNS service to all takers
// all views must contain the root hints zone:
// include "/etc/named.root.hints";
// These are your "authoritative" external zones, and would probably
// contain entries for just your web and mail servers:
// zone "my.external.zone" {
// type master;
// file "my.external.zone.db";
// };
//};
cd /var/named/chroot/var/named
vi ichengsi.com.zone 如下:
$TTL 86400
@ IN SOA www.ichengsi.com. root.ichengsi.com. (
42 ; serial (d. adams)
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum
ichengsi.com. IN NS www.ichengsi.com.
www IN A 192.168.100.200
ftp IN CNAME ichengsi
mail IN CNAME ichengsi
在/etc/resolv.conf 里
我只写了一句话 namedserver 192.168.100.200 (192.168.100.200 就是本机的IP地址)
为什么我的DNS解析 会出现无授权认证呢? 哎~
其实正确结果 应该是: (我怎么才能解析成一下的结果呢?)
nslookup www.ichengsi.com
Server: 192.168.100.200
Address: 192.168.100.200#53
Name: www.ichengsi.com
Address: 192.168.100.200 |
|
简体中文
英语
日语
韩语
法语
西班牙语
越南语
泰语
阿拉伯语
俄语
葡萄牙语
德语
意大利语
希腊语
荷兰语
波兰语
保加利亚语
爱沙尼亚语
丹麦语
芬兰语
捷克语
罗马尼亚语
斯洛文尼亚语
瑞典语
匈牙利语
繁体中文
文言文
发表于 2010-5-28 11:16:02
置顶卡
喧嚣卡
变色卡
千斤顶
知道的朋友快来帮忙解答。
发表于 2010-5-28 14:04:39
成长值: 63460
发表于 2010-5-28 14:13:06
