DNS子域授权问题

fush_linux · 发表于 2006-12-1 17:06:56

1。首先配置了一个域fush.com，现在想配置一个子域domain.fush.com;
fush.com域的区域文件为：

[root@testing24 root]# cat /var/named/fush.com.zone
$TTL 86400
@ 1D IN SOA @ root (
42 ; serial (d. adams)
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum
1D IN NS @
1D IN MX 10 mails.fush.com.
1D IN A 127.0.0.1
www IN A 172.16.1.135
mails IN A 172.16.1.24
news IN A 192.168.10.35
trul IN A 172.16.1.11
online IN A 172.16.1.27
www1 IN CNAME www
domain.fush.com. IN NS h7.domain.fush.com.
h7.domain.fush.com. IN A 172.16.1.7

复制代码

*注：h7为172.16.1.7的主机名

2。测试，fush.com域的DNSZ设置为nameserver 127.0.0.1 ;
该域(fush.com)运行正常，如：

[root@testing24 root]# host [url]www.fush.com[/url]
[url]www.fush.com[/url] has address 172.16.1.135

复制代码

3。登陆到子域服务器h7，且测试该DNS情况，host www.domain.fush.com运行正常。

[root@testing24 root]# ssh 172.16.1.7
The authenticity of host '172.16.1.7 (172.16.1.7)' can't be established.
RSA key fingerprint is dc:a6:e3:99:05:10:2a:62:18:ba:6e:99:68:1f:14:f4.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '172.16.1.7' (RSA) to the list of known hosts.
root@172.16.1.7's password:
Last login: Fri Dec 1 16:13:51 2006 from 172.16.1.135
[root@h7 root]# cat /etc/resolv.conf
#nameserver 61.139.2.69
nameserver 127.0.0.1
[root@h7 root]# host [url]www.domain.fush.com[/url]
[url]www.domain.fush.com[/url] has address 172.16.1.237
[root@h7 root]# exit
logout
Connection to 172.16.1.7 closed.

复制代码

4.但是回到fush.com域去查找它的子域www.domain.fush.com时却不成功：

[root@testing24 root]# host [url]www.domain.fush.com[/url]
;; connection timed out; no servers could be reached
[root@testing24 root]#

复制代码

麻烦你们帮我看看怎么回事哈，整了一天都没搞懂。谢谢拉

52violin · 发表于 2006-12-2 16:02:23

h7上的named.conf贴上看看？

fush_linux · 发表于 2006-12-3 16:01:32

Post by 52violin
h7上的named.conf贴上看看？

[root@h7 root]# cat /etc/named.conf
// generated by named-bootconf.pl
options {
directory "/var/named";
/*
* If there is a firewall between you and nameservers you want
* to talk to, you might need to uncomment the query-source
* directive below. Previous versions of BIND always asked
* questions using port 53, but BIND 8.1 uses an unprivileged
* port by default.
*/
// query-source address * port 53;
};
//
// a caching only nameserver config
//
controls {
inet 127.0.0.1 allow { localhost; } keys { rndckey; };
};
zone "." IN {
type hint;
file "named.ca";
};
zone "localhost" IN {
type master;
file "localhost.zone";
allow-update { none; };
};
zone "0.0.127.in-addr.arpa" IN {
type master;
file "named.local";
allow-update { none; };
};
zone "domain.fush.com" {
type master;
file "domain.fush.com.zone";
};
include "/etc/rndc.key";

复制代码

可h7上DNS运行应该是正常的啊。

[root@h7 root]# host www.domain.fush.com
www.domain.fush.com has address 172.16.1.237

复制代码

52violin · 发表于 2006-12-4 10:49:47

h7也是主dns?
觉得设为辅dns比较好,
类似
zone "somedomain" {
      type slave;
      file "db.somedomain";
      master { your master dns ip; };
}

fush_linux · 发表于 2006-12-4 10:53:57

Post by 52violin
h7也是主dns?
觉得设为辅dns比较好,
类似
zone "somedomain" {
      type slave;
      file "db.somedomain";
      master { your master dns ip; };
}

我主要是想设置子域哈

		自动登录	找回密码
密码			注册

DNS子域授权问题

浏览过的版块