|
|
bind9 安装的是,下面是我的配置文件,目录:/etc/bind
db.0 db.255 db.lw named.conf.local rndc.key
db.127 db.empty db.root named.conf.options zones.rfc1918
db.192 db.local named.conf named.conf.options.bak
named.conf:内容:
// This is the primary configuration file for the BIND DNS server named.
//
// Please read /usr/share/doc/bind9/README.Debian.gz for information on the
// structure of BIND configuration files in Debian, *BEFORE* you customize
// this configuration file.
//
// If you are just adding zones, please do that in /etc/bind/named.conf.local
include "/etc/bind/named.conf.options";
// prime the server with knowledge of the root servers
zone "." {
type hint;
file "/etc/bind/db.root";
};
// be authoritative for the localhost forward and reverse zones, and for
// broadcast zones as per RFC 1912
zone "localhost" {
type master;
file "/etc/bind/db.local";
};
zone "127.in-addr.arpa" {
type master;
file "/etc/bind/db.127";
};
zone "0.in-addr.arpa" {
type master;
file "/etc/bind/db.0";
};
zone "255.in-addr.arpa" {
type master;
file "/etc/bind/db.255";
};
// zone "com" { type delegation-only; };
// zone "net" { type delegation-only; };
// From the release notes:
// Because many of our users are uncomfortable receiving undelegated answers
// from root or top level domains, other than a few for whom that behaviour
// has been trusted and expected for quite some length of time, we have now
// introduced the "root-delegations-only" feature which applies delegation-only
// logic to all top level domains, and to the root domain. An exception list
// should be specified, including "MUSEUM" and "DE", and any other top level
// domains from whom undelegated responses are expected and trusted.
// root-delegation-only exclude { "DE"; "MUSEUM"; };
include "/etc/bind/named.conf.local";
named.conf.local::内容是:
acl test192 {
192.168.0/24;
};
zone "lw" {
type master;
file "/etc/bind/db.lw";
allow-query{test192;};
};
zone "192.in-addr.arpa" {
type master;
file "/etc/bind/db.192";
};
name.conf.option::内容是:
options {
directory "/var/cache/bind";
// to talk to, you might need to uncomment the query-source
// directive below. Previous versions of BIND always asked
// questions using port 53, but BIND 8.1 and later use an unprivileged
// port by default.
// query-source address * port 53;
// If your ISP provided one or more IP addresses for stable
// nameservers, you probably want to use them as forwarders.
// Uncomment the following block, and insert the addresses replacing
// the all-0's placeholder.
// forwarders {
// 0.0.0.0;
// };
listen-on port 53{
127.0.0.1;
192.168.0.3;
};
auth-nxdomain no; # conform to RFC1035
listen-on-v6 { any; };
};
// If there is a firewall between you and nameservers you want
db.lw::内容是:
;
; BIND data file for local loopback interface
;
$TTL 604800
@ IN SOA localhost. root.localhost. (
1 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800 ) ; Negative Cache TTL
;
@ IN NS localhost.
@ IN A 192.168.0.3
gxg.lw. IN A 192.168.0.5
db.192:内容是:
;
; BIND reverse data file for local loopback interface
;
$TTL 604800
@ IN SOA localhost. root.localhost. (
1 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800 ) ; Negative Cache TTL
;
@ IN NS localhost.
3.0.168 IN PTR lw.
5.0.168 IN PTR gxg.lw.
我自己可以正常访问:http://lw:8080和http://192.168.0.3:8080
但其他主机只能访问:http://192.168.0.3:8080
并且:我可以访问:http://gxg.lw:8080和http://192.168.0.5:8080
但其他主机只能访问:http://192.168.0.5:8080
其它主机的DNS,我已经设定为:192.168.0.3,且为首先DNS,并且测试可以telent到53端口。
请高手指点一下思路?我该往那个地方考虑?
第一次发帖,发帖方式不足之处,恳请指出! |
|
IP卡
狗仔卡
发表于 2009-6-14 21:57:35
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
显身卡
楼主