我的DNS服务器配完后，不能反向解析。大家帮忙看看！(已经解决)

liwei6998

我现在正在学习配置linux服务器，现在配置DNS服务器。配置完成后，好像能正向解析，但不能反向解析。下面是我的配置文件
及测试结果，大家帮忙看看，指出错误在哪儿呢！先谢谢大家！！！

我的linux版本是 FC4

服务器ip地址：192.168.1.5  ，用作web服务器和mail服务器。

这是正向解析文件，在 /var/named/chroot/var/named 目录下

[root@weiyj named]# more cherry.com.zone
$TTL 86400
$ORIGIN cherry.com.
@ IN SOA www.cherry.com. master.cherry.com. (
20040730 ;serial
28800 ;refresh
14400 ;retry
3600000 ;expire
86400 ) ;minmum
cherry.com. IN NS www.cherry.com.
IN MX 10 mail.cherry.com.

nameserver IN A 192.168.1.5
webserver IN A 192.168.1.5
www IN CNAME webserver
mail IN A 192.168.1.5

[root@weiyj named]#



这是反向解析文件，与正向解析文件在同一个目录下。

[root@weiyj named]# more 1.168.192.in-addr.arpa.zone
$TTL 86400
@ IN SOA www.cherry.com. master.cherry.com. (
20040730 ;serial
28800 ;refresh
14400 ;retry
3600000 ;expire
86400 ) ;minum
@ IN NS www.cherry.com.
@ IN MX 10 mail.cherry.com.
5 IN PTR mail.cherry.com.
5 IN PTR www.cherry.com.
[root@weiyj named]#


这是nslookup测试结果：

[root@weiyj named]# nslookup www.cherry.com
Server:         192.168.1.5
Address:        192.168.1.5#53

www.cherry.com  canonical name = webserver.cherry.com.
Name:   webserver.cherry.com
Address: 192.168.1.5

[root@weiyj named]# nslookup 192.168.1.5
Server:         192.168.1.5
Address:        192.168.1.5#53

** server can't find 5.1.168.192.in-addr.arpa: SERVFAIL


这是/var/log/messages结果

[root@weiyj named]# tail -20 /var/log/messages
Jun  6 20:41:50 weiyj named[2890]: no longer listening on 192.168.1.5#53
Jun  6 20:41:50 weiyj named[2890]: exiting
Jun  6 20:41:53 weiyj named[3248]: starting BIND 9.3.1 -u named -t /var/named/chroot
Jun  6 20:41:53 weiyj named[3248]: found 1 CPU, using 1 worker thread
Jun  6 20:41:53 weiyj named[3248]: loading configuration from '/etc/named.conf'
Jun  6 20:41:53 weiyj named[3248]: listening on IPv4 interface lo, 127.0.0.1#53
Jun  6 20:41:53 weiyj named[3248]: listening on IPv4 interface eth0, 192.168.1.5#53
Jun  6 20:41:53 weiyj named[3248]: command channel listening on 127.0.0.1#953
Jun  6 20:41:53 weiyj named[3248]: zone 0.in-addr.arpa/IN: loaded serial 42
Jun  6 20:41:53 weiyj named[3248]: zone 0.0.127.in-addr.arpa/IN: loaded serial 1997022700
Jun  6 20:41:53 weiyj named[3248]: zone 255.in-addr.arpa/IN: loaded serial 42
Jun  6 20:41:53 weiyj named[3248]: zone 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN: loaded serial 1997022700
Jun  6 20:41:53 weiyj named[3248]: zone cherry.com/IN: loaded serial 20040730
Jun  6 20:41:53 weiyj named[3248]: zone localdomain/IN: loaded serial 42
Jun  6 20:41:53 weiyj named[3248]: zone localhost/IN: loaded serial 42
Jun  6 20:41:53 weiyj named[3248]: zone 1.168.192.in-addr.arpa.zone/IN: loaded serial 20040730
Jun  6 20:41:53 weiyj named[3248]: running
Jun  6 20:42:21 weiyj iiimd[2199]: status has not been enabled yet. (1, 1)
Jun  6 20:42:23 weiyj iiimd[2199]: status has not been enabled yet. (1, 9)
Jun  6 20:43:03 weiyj iiimd[2199]: status has not been enabled yet. (1, 1)
[root@weiyj named]#


这是named.conf文件

[root@weiyj named]# more /etc/named.conf
//
// named.conf for Red Hat caching-nameserver
//

options {
        directory "/var/named";
        dump-file "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
        /*
         * If there is a firewall between you and nameservers you want
         * to talk to, you might need to uncomment the query-source
         * directive below.  Previous versions of BIND always asked
         * questions using port 53, but BIND 8.1 uses an unprivileged
         * port by default.
         */
         // query-source address * port 53;
};

//
// a caching only nameserver config
//
controls {
        inet 127.0.0.1 allow { localhost; } keys { rndckey; };
};

zone "." IN {
        type hint;
        file "named.ca";
};

zone "localdomain" IN {
        type master;
        file "localdomain.zone";
        allow-update { none; };
};

zone "localhost" IN {
        type master;
        file "localhost.zone";
        allow-update { none; };
};

zone "0.0.127.in-addr.arpa" IN {
        type master;
        file "named.local";
        allow-update { none; };
};

zone "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN {
        type master;
        file "named.ip6.local";
        allow-update { none; };
};

zone "255.in-addr.arpa" IN {
        type master;
        file "named.broadcast";
        allow-update { none; };
};

zone "0.in-addr.arpa" IN {
        type master;
        file "named.zero";
        allow-update { none; };
};

zone "cherry.com" IN {
      type master;
      file "cherry.com.zone";
      allow-update { none; };
};

zone "1.168.192.in-addr.arpa.zone" IN {
      type master;
      file "1.168.192.in-addr.arpa.zone";
      allow-update { none; };
};
include "/etc/rndc.key";
[root@weiyj named]#

lanyao

用named-checkzone查查看

kevin.tan

[QUOTE=liwei6998]我现在正在学习配置linux服务器，现在配置DNS服务器。配置完成后，好像能正向解析，但不能反向解析。下面是我的配置文件
及测试结果，大家帮忙看看，指出错误在哪儿呢！先谢谢大家！！！

我的linux版本是 FC4

服务器ip地址：192.168.1.5  ，用作web服务器和mail服务器。

这是正向解析文件，在 /var/named/chroot/var/named 目录下

[root@weiyj named]# more cherry.com.zone
$TTL 86400
$ORIGIN cherry.com.
@ IN SOA www.cherry.com. master.cherry.com. (
20040730 ;serial
28800 ;refresh
14400 ;retry
3600000 ;expire
86400 ) ;minmum
cherry.com. IN NS www.cherry.com.
IN MX 10 mail.cherry.com.

************************************************************
1.先将mail.cherry.com作正向解析看看

2.在正向解析文件中IN MX 10 mail.cherry.com.修为

@ IN MX 10 mail.cherry.com.

其实在messages文件中没看到任何出错提示，挺奇怪的

liwei6998

回家试试，谢谢 lanyao 和 kevin.tan!!!

orphen

Post by liwei6998

这是named.conf文件

[root@weiyj named]# more /etc/named.conf
//
// named.conf for Red Hat caching-nameserver
//

options {
        directory "/var/named";
        dump-file "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
        /*
         * If there is a firewall between you and nameservers you want
         * to talk to, you might need to uncomment the query-source
         * directive below.  Previous versions of BIND always asked
         * questions using port 53, but BIND 8.1 uses an unprivileged
         * port by default.
         */
         // query-source address * port 53;
};

//
// a caching only nameserver config
//
controls {
        inet 127.0.0.1 allow { localhost; } keys { rndckey; };
};

zone "." IN {
        type hint;
        file "named.ca";
};

zone "localdomain" IN {
        type master;
        file "localdomain.zone";
        allow-update { none; };
};

zone "localhost" IN {
        type master;
        file "localhost.zone";
        allow-update { none; };
};

zone "0.0.127.in-addr.arpa" IN {
        type master;
        file "named.local";
        allow-update { none; };
};

zone "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN {
        type master;
        file "named.ip6.local";
        allow-update { none; };
};

zone "255.in-addr.arpa" IN {
        type master;
        file "named.broadcast";
        allow-update { none; };
};

zone "0.in-addr.arpa" IN {
        type master;
        file "named.zero";
        allow-update { none; };
};

zone "cherry.com" IN {
      type master;
      file "cherry.com.zone";
      allow-update { none; };
};

[color="Red"]zone "1.168.192.in-addr.arpa.zone" IN {
      type master;
      file "1.168.192.in-addr.arpa.zone";
      allow-update { none; };
};
include "/etc/rndc.key";
[root@weiyj named]#

上面红字处错误
修改为

1. zone "1.168.192.in-addr.arpa" IN {

复制代码

orphen

网络卡，发重了

liwei6998

多谢orphen，我回去后试试！！！

liwei6998

十分感谢orphen，正是他的回答，才解决了问题。