当前位置: 文江博客话题详情

绑定区域良好实践

发布于 2024-11-10 08:22:36 字数 2375 浏览 0 评论 0原文

我对绑定/DNS 区域比较陌生,但最近阅读了很多内容,并通过了一个链接来检查 DNS。我运行了检查,可以通过以下方式查看: http://intodns.com/empireconqueror.com

问题该区域似乎仍然存在很多问题,互联网上似乎没有关于这些错误的信息,所以我来这里寻求帮助。

我的选项如下:

options {
    directory "/var/cache/bind";

    // If there is a firewall between you and nameservers you want
    // to talk to, you may need to fix the firewall to allow multiple
    // ports to talk.  See http://www.kb.cert.org/vuls/id/800113

    // If your ISP provided one or more IP addresses for stable
    // nameservers, you probably want to use them as forwarders.
    // Uncomment the following block, and insert the addresses replacing
    // the all-0's placeholder.

    //forwarders {
    //      199.115.230.239;
    //};

    allow-query {
            any;
    };

    auth-nxdomain no;    # conform to RFC1035
    listen-on-v6 { any; };

    allow-recursion { localhost; };
};

对于实际的区域选项:

include "/etc/bind/named.conf.options";

view "external-in" in {
    match-clients { any; };
    allow-query { none; };
    allow-query-cache { none; };
    recursion no;
    additional-from-auth yes;
    additional-from-cache yes;

    include "/etc/bind/named.conf.default-zones";
};

这是一个主区域示例:

zone "empireconqueror.com" {
    type master;
    file "/ect/bind/db.empireconqueror.com";
};

数据库文件:

$TTL    86400
$ORIGIN empireconqueror.com.
@       IN      SOA     ns2.webserverhome.com. hostmaster.empireconqueror.com. (
                          2002022401
                          28800
                          7200
                          864000
                          86400
                         )
; Root site
    IN      A       199.115.230.240

; Nameservers
    IN      NS      ns1.webserverhome.com.
    IN      NS      ns2.webserverhome.com.

; Aliases
www     IN      CNAME   empireconqueror.com.
fb      IN      CNAME   empireconqueror.com.
mail    IN      CNAME   ghs.google.com.

; MX Records
    IN      MX      1       aspmx.l.google.com.
    IN      MX      5       alt1.aspmx.l.google.com.
    IN      MX      5       alt2.aspmx.l.google.com.
    IN      MX      10      aspmx2.googlemail.com.
    IN      MX      10      aspmx3.googlemail.com.

非常感谢您的帮助, 肖恩

原文

I'm relatively new to Bind/DNS zones but have been reading a lot into it lately and was passed a link to check the DNS out. I ran the checks which can be seen via: http://intodns.com/empireconqueror.com

The issue is there seems to be a lot of issues still wrong with the zone, there seems to be no information regarding those errors on the Internet so I come here seeking help.

My options are as follows:

options {
    directory "/var/cache/bind";

    // If there is a firewall between you and nameservers you want
    // to talk to, you may need to fix the firewall to allow multiple
    // ports to talk.  See http://www.kb.cert.org/vuls/id/800113

    // If your ISP provided one or more IP addresses for stable
    // nameservers, you probably want to use them as forwarders.
    // Uncomment the following block, and insert the addresses replacing
    // the all-0's placeholder.

    //forwarders {
    //      199.115.230.239;
    //};

    allow-query {
            any;
    };

    auth-nxdomain no;    # conform to RFC1035
    listen-on-v6 { any; };

    allow-recursion { localhost; };
};

And for the actual zone options:

include "/etc/bind/named.conf.options";

view "external-in" in {
    match-clients { any; };
    allow-query { none; };
    allow-query-cache { none; };
    recursion no;
    additional-from-auth yes;
    additional-from-cache yes;

    include "/etc/bind/named.conf.default-zones";
};

Here's a master zone example:

zone "empireconqueror.com" {
    type master;
    file "/ect/bind/db.empireconqueror.com";
};

Database file:

$TTL    86400
$ORIGIN empireconqueror.com.
@       IN      SOA     ns2.webserverhome.com. hostmaster.empireconqueror.com. (
                          2002022401
                          28800
                          7200
                          864000
                          86400
                         )
; Root site
    IN      A       199.115.230.240

; Nameservers
    IN      NS      ns1.webserverhome.com.
    IN      NS      ns2.webserverhome.com.

; Aliases
www     IN      CNAME   empireconqueror.com.
fb      IN      CNAME   empireconqueror.com.
mail    IN      CNAME   ghs.google.com.

; MX Records
    IN      MX      1       aspmx.l.google.com.
    IN      MX      5       alt1.aspmx.l.google.com.
    IN      MX      5       alt2.aspmx.l.google.com.
    IN      MX      10      aspmx2.googlemail.com.
    IN      MX      10      aspmx3.googlemail.com.

Many thanks for helping out,
Shaun

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(1

我只土不豪 2024-11-17 08:22:36

问题是 ns1.webserverhome.com 和 n2.webserverhome.com 似乎不存在于区域文件或答案中。您需要首先解决该问题。如果您也拥有 webserverhome.com,则需要前往注册商添加 DNS 粘合记录或基于 webserverhome.com 构建 NS)。没有它们,您无法引用其他区域的名称服务器。

the problem is that that ns1.webserverhome.com and n2.webserverhome.com doesn't seem to exist in a zone file, or answer. You will need to fix that problem first. if you own webserverhome.com as well, you need to go to registrar and add DNS glue records or build NS based on webserverhome.com). Without them, you cannot reference the nameservers from other zones.

回复 原文
~没有更多了~

关于作者

沫尐诺

暂无简介

0 文章
0 评论
23 人气
发私信

相关话题

更多

热门标签

操作系统 程序设计 IT运维 Linux系统管理 JavaScript 服务器应用 solaris C/C++ PHP Shell BSD Vue.js aix Oracle Python HTML 系统管理 HTML5 CSS 前端
更多

推荐作者

謌踐踏愛綪

文章 0 评论 0

开始看清了

文章 0 评论 0

高速公鹿

文章 0 评论 0

alipaysp_PLnULTzf66

文章 0 评论 0

热情消退

文章 0 评论 0

白色月光

文章 0 评论 0

更多

友情链接

文江博客
    我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
    原文