问个redhat,Dns-bind配置的问题.

玉碎残魂

问个redhat,Dns-bind配置的问题.
系统运行环境 Fedora1 bind 9.2.2   ,在一个192.168.0的局域网内.另外如果在windowsXP用VMware里的环境下,配置将\如何改变??
问题:nslookup后总有错误,不知问题出在哪里.还望高手们不吝您宝贵的时间,抽空儿 给看看怎回事,



运行nslookup
> www.pip.com
Server:         192.168.0.24
Address:        192.168.0.24#53

Non-authoritative answer:
*** Can't find www.pip.com: No answer

Authoritative answers can be found from:
pip.com
        origin = ns0.dnsmadeeasy.com
        mail addr = dns.dnsmadeeasy.com
        serial = 2004010156
        refresh = 43200
        retry = 3600
        expire = 1209600
        minimum = 180


> 192.168.0.24
Server:         192.168.0.24
Address:        192.168.0.24#53

** server can't find 24.0.168.192.in-addr.arpa: NXDOMAIN
>
下面贴上我的配置文件
---------分隔线----------------



[root@www root]# cat /etc/sysconfig/network
NETWORKING=yes                        //激活网络
HOSTNAME=www.pip.com                //本机名
GATEWAY=192.168.0.1                //网关


---------分隔线----------------
[root@www root]# cat /etc/hosts
# Do not remove the following line, or various programs
# that require network functionality will fail.
127.0.0.1               localhost.localdomain localhost
192.168.0.24            www.pip.com     www                //名为www.pip.com的服务器IP:192.168.0.24


---------分隔线----------------
[root@www root]# cat /etc/resolv.conf
nameserver 192.168.0.24
search pip.com

---------分隔线----------------



---------分隔线----------------
[root@www root]# cat /etc/named.conf
// generated by named-bootconf.pl

options {
        directory "/var/named";
        /*
         * If there is a firewall between you and nameservers you want
         * to talk to, you might need to uncomment the query-source
         * directive below.  Previous versions of BIND always asked
         * questions using port 53, but BIND 8.1 uses an unprivileged
         * port by default.
         */
        // query-source address * port 53;
};

//
// a caching only nameserver config
//
controls {
        inet 127.0.0.1 allow { localhost; } keys { rndckey; };
};
zone "." IN {
        type hint;
        file "named.ca";
};

zone "localhost" IN {
        type master;
        file "localhost.zone";
        allow-update { none; };
};

zone "0.0.127.in-addr.arpa" IN {
        type master;
        file "named.local";
        allow-update { none; };
};

zone "www.pip.com" IN {
        type master;
        file "named.pip.com";
};
zone "0.168.192.in-addr.arpa" IN {
        type master;
        file "rev.pip.com";
};

include "/etc/rndc.key";


---------分隔线----------------

[root@www root]# cat /var/named/named.pip.com                //正向文件
$TTL    86400
@       IN      SOA     www.pip.com. root.www.pip.com.  (
                                      1997022700 ; Serial
                                      28800      ; Refresh
                                      14400      ; Retry
                                      3600000    ; Expire
                                      86400 )    ; Minimum
        IN      NS      www.pip.com.
        IN      MX      www.pip.com.


---------分隔线----------------

[root@www root]# cat /var/named/rev.pip.com                //反向文件
$TTL    86400
@       IN      SOA     1.168.192.in-addr.arpa. root.www.pip.com.  (
                                      1997022700 ; Serial
                                      28800      ; Refresh
                                      14400      ; Retry
                                      3600000    ; Expire
                                      86400 )    ; Minimum
        IN        NS        www.pip.com.
24      IN      PTR        www.pip.com.


还不会把代码弄的容易看的格式,见凉.

memory

正向文件中没有指定dns server ip地址，在后边加一条：
IN A 192.168.0.24

玉碎残魂

Post by memory
正向文件中没有指定dns server ip地址，在后边加一条：
IN A 192.168.0.24

回复的真快!!先谢谢了.不过还是有问题.
照这作了之后是这样

[root@www root]# nslookup
Note:  nslookup is deprecated and may be removed from future releases.
Consider using the `dig' or `host' programs instead.  Run nslookup with
the `-sil[ent]' option to prevent this message from appearing.
> www.pip.com
Server:         192.168.0.24
Address:        192.168.0.24#53

Non-authoritative answer:
Name:   www.pip.com
Address: 64.79.174.148
> 192.168.0.24
Server:         192.168.0.24
Address:        192.168.0.24#53

** server can't find 24.0.168.192.in-addr.arpa: NXDOMAIN    //不懂这句的意思.
>

memory

@ IN SOA 1.168.192.in-addr.arpa. root.www.pip.com. (

玉碎残魂

Post by memory
@ IN SOA 1.168.192.in-addr.arpa. root.www.pip.com. (

谢谢您的回复,但我还是不明白.(本人很菜:help ,)

johnny_jiang

SOA Start of authority

添加反解zone文件

玉碎残魂

redhat,bind的配置问题,上一此用redhat9.0在vmware4.5里怎么也弄不好,
这次我在硬盘里(真机)安装的Fedora1,网络环境是在IP:192.168.0下的局域网, 无奈也配置不好.还望老大们指点一二,感激不尽,因为是老问题就还用原贴吧.顺便问一下,怎么把代码显示得格式好看些.


和主机有关的配置
[root@www root]# cat /etc/sysconfig/network
NETWORKING=yes
HOSTNAME=www.pip.com
GATEWAY=192.168.0.1


------------------分隔线------------------------------------

[root@www root]# cat /etc/hosts
# Do not remove the following line, or various programs
# that require network functionality will fail.
127.0.0.1 localhost.localdomain localhost
192.168.0.24 www.pip.com www


-------------------分隔线-----------------------------------
bind核心配置文件

[root@www root]# cat /etc/named.conf
// generated by named-bootconf.pl

options {
directory "/var/named";
/*
* If there is a firewall between you and nameservers you want
* to talk to, you might need to uncomment the query-source
* directive below. Previous versions of BIND always asked
* questions using port 53, but BIND 8.1 uses an unprivileged
* port by default.
*/
// query-source address * port 53;
};

//
// a caching only nameserver config
//
controls {
inet 127.0.0.1 allow { localhost; } keys { rndckey; };
};
zone "." IN {
type hint;
file "named.ca";
};

zone "localhost" IN {
type master;
file "localhost.zone";
allow-update { none; };
};

zone "0.0.127.in-addr.arpa" IN {
type master;
file "named.local";
allow-update { none; };
};

zone "www.pip.com" IN {
type master;
file "pip.com.zone";
};
zone "0.168.192.in-addr.arpa" IN {
type master;
file "0.168.192.in-addr.arpa";
};

include "/etc/rndc.key";

-------------------分隔线--------------------------------
linux作服务器端时:
[root@www root]# cat /etc/resolv.conf
nameserver 192.168.0.24
search pip.com


---------------分隔线-------------------------------------
正向解析文件
[root@www root]# cat /var/named/pip.com.zone
$TTL 86400
$ORIGIN pip.com
@ IN SOA www.pip.com. root.pip.com. (
1997022700 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS www.pip.com.
pip.com IN A 127.0.0.1.
www IN A 192.168.0.24.
web CNAME www


---------------------分隔线----------------------------------------

反向解析文件
[root@www root]# cat /var/named/0.168.192.in-addr.arpa
$TTL 86400
@ IN SOA 0.168.192.in-addr.arpa. root.www.pip.com. (
1997022700 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS www.pip.com.

24 IN PTR www.pip.com.



---------------分隔线-----------------------------
关于chroot目录配置文件的一致性使用了下面的命令
[root@www named]# cp /var/named/* /var/named/chroot/var/named/
[root@www named]# cp /etc/*.* /var/named/chroot/etc


---------------分隔线-----------------------------------
netstat命令查看53端口
[root@www root]# netstat -an | grep 53
tcp 0 0 192.168.0.24:53 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:953 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:953 127.0.0.1:32812 TIME_WAIT
udp 0 0 192.168.0.24:53 0.0.0.0:*
udp 0 0 127.0.0.1:53 0.0.0.0:*




----------------分隔线---------------------------------------

nslookup命令结果
[root@www root]# nslookup
Note: nslookup is deprecated and may be removed from future releases.
Consider using the `dig' or `host' programs instead. Run nslookup with
the `-sil[ent]' option to prevent this message from appearing.
> www.pip.com
Server: 192.168.0.24
Address: 192.168.0.24#53

** server can't find www.pip.com: SERVFAIL
> 192.168.0.24
Server: 192.168.0.24
Address: 192.168.0.24#53

24.0.168.192.in-addr.arpa name = www.pip.com.





-----------------分隔线-----------------------------------
日志: 看不明白问题出在了哪.
[root@www root]# tail -f /var/log/messages
Dec 15 04:08:44 www named[4941]: listening on IPv4 interface lo, 127.0.
0.1#53
Dec 15 04:08:44 www named[4941]: listening on IPv4 interface eth0, 192.
168.0.24#53
Dec 15 04:08:44 www named[4941]: command channel listening on 127.0.0.1
#953
Dec 15 04:08:44 www named[4941]: zone 0.0.127.in-addr.arpa/IN: loaded s erial 1997022700
Dec 15 04:08:44 www named[4941]: zone 0.168.192.in-addr.arpa/IN: loaded serial 1997022700
Dec 15 04:08:44 www named[4941]: dns_master_load: pip.com.zone:9: pip.c om.www.pip.com: not at top of zone
Dec 15 04:08:44 www named[4941]: zone www.pip.com/IN: loading master fi le pip.com.zone: not at top of zone
Dec 15 04:08:44 www named[4941]: zone localhost/IN: loaded serial 42
Dec 15 04:08:44 www named[4941]: running
Dec 15 04:08:44 www named[4941]: zone 0.168.192.in-addr.arpa/IN: sendin g notifies (serial 1997022700)

memory

/etc/named.conf文件中下面行：
zone "www.pip.com" IN {
改为：
zone "pip.com" IN {

/var/named/pip.com.zone文件改为：
$TTL 86400
$ORIGIN pip.com.
@ IN SOA www.pip.com. root.pip.com. (
1997022700 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum

IN NS www.pip.com.
IN A 192.168.0.24
www IN A 192.168.0.24
web CNAME www

玉碎残魂

谢谢memory兄弟的回复,
   
    按你的指点我修改了,反向解析之后的结果是正确的,但正向解析还是有问题.
    另外我把所配置过的配置文件里的www.pip.com都改成了www.ppp.com
    希望能得到你的帮助.


[root@www root]# nslookup www.ppp.com
Note:  nslookup is deprecated and may be removed from future releases.
Consider using the `dig' or `host' programs instead.  Run nslookup with
the `-sil[ent]' option to prevent this message from appearing.
Server:         192.168.0.24
Address:        192.168.0.24#53

** server can't find www.ppp.com: SERVFAIL




[root@www root]# nslookup 192.168.0.24
Note:  nslookup is deprecated and may be removed from future releases.
Consider using the `dig' or `host' programs instead.  Run nslookup with
the `-sil[ent]' option to prevent this message from appearing.
Server:         192.168.0.24
Address:        192.168.0.24#53

24.0.168.192.in-addr.arpa       name = www.ppp.com.