<![CDATA[Latest posts for the topic "Slave DNS không lấy được thông tin từ master DNS"]]> /hvaonline/posts/list/24.html JForum - http://www.jforum.net Slave DNS không lấy được thông tin từ master DNS Cấu hình cho cả 2 máy: - Cả 2 máy mình đều đã cài các gói bind cần thiết (không cài bind-chroot để test thử trước đã) - Cả 2 máy đều cấu hình iptables như sau: Code:
# Generated by iptables-save v1.4.7 on Wed Aug  7 00:19:08 2013
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -p udp -m multiport --dports 111,662,875,892,2049,32769 -j ACCEPT 
-A INPUT -p tcp -m multiport --dports 111,662,875,892,2049,32803 -j ACCEPT 
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT 
-A INPUT -p icmp -j ACCEPT 
-A INPUT -i lo -j ACCEPT 
-A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT 
-A INPUT -j REJECT --reject-with icmp-host-prohibited 
-A FORWARD -j REJECT --reject-with icmp-host-prohibited 

-A INPUT -p udp -m state --state NEW --dport 53 -j ACCEPT
-A INPUT -p tcp -m state --state NEW --dport 53 -j ACCEPT
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

COMMIT
# Completed on Wed Aug  7 00:19:08 2013
- File /etc/resolv.conf Code:
search server.com
name server 192.168.104
name server 192.168.105
- Ping cả 2 máy cho nhau đều được. Thông tin mình setup DNS cho server: File /etc/named.conf Code:
options {
	listen-on port 53 { 127.0.0.1; 192.168.1.104;};		// Master DNS
	listen-on-v6 port 53 { ::1; };
	directory 	"/var/named";
	dump-file 	"/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
        memstatistics-file "/var/named/data/named_mem_stats.txt";
	allow-query     { localhost; 192.168.1.0/24;};		// IP Range 
	allow-transfer	{ localhost; 192.168.1.105;};		// Slave DNS
	recursion yes;

	dnssec-enable yes;
	dnssec-validation yes;
	dnssec-lookaside auto;

	/* Path to ISC DLV key */
	bindkeys-file "/etc/named.iscdlv.key";

	managed-keys-directory "/var/named/dynamic";
};

logging {
        channel default_debug {
                file "data/named.run";
                severity dynamic;
        };
};

zone "." IN {
	type hint;
	file "named.ca";
};

zone "server.com" IN {
	type master;
	file "fwd.server.com";
	allow-update { 192.168.1.105; };
	allow-transfer { 192.168.1.105; };
};

zone "1.168.192.in-addr.arpa" IN {
	type master;
	file "rev.server.com";
	allow-update { 192.168.1.105; };
	allow-transfer { 192.168.1.105; };
};


include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";
File /var/named/fwd.server.com Code:
$TTL 1D
@		IN SOA	 	masterdns.server.com. root.server.com. (
					2013090802	; serial
					3600		; refresh
					1800		; retry
					604800		; expire
					86400 		; minimum
)
@		IN NS		masterdns.server.com.
@		IN NS		slavedns.server.com.
masterdns	IN A		192.168.1.104
		IN MX 1		mail.server.com.
slavedns	IN A		192.168.1.105
www		IN CNAME	masterdns.server.com.
mail		IN CNAME	masterdns.server.com.
ftp		IN CNAME	masterdns.server.com.
proxy		IN CNAME	masterdns.server.com.
itdep		IN NS		itdns.server.com.
itdns		IN A		192.168.1.106
File /var/named/rev.server.com Code:
$TTL 1D
@		IN SOA	 	masterdns.server.com. root.server.com. (
					2013090802	; serial
					3600		; refresh
					1800		; retry
					604800		; expire
					86400 		; minimum
)
@		IN NS		masterdns.server.com.
@		IN NS		slavedns.server.com.
104		IN PTR		masterdns.server.com.
105		IN PTR		slavedns.server.com.
106		IN PTR		itdep.server.com.
		IN PTR		mail.itdep.server.com.
Cấu hình cho slave DNS: File /etc/named.conf Code:
options {
	listen-on port 53 { 127.0.0.1; 192.168.1.105;};
	listen-on-v6 port 53 { ::1; };
	directory 	"/var/named";
	dump-file 	"/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
        memstatistics-file "/var/named/data/named_mem_stats.txt";
	allow-query     { localhost; };
	recursion yes;

	dnssec-enable yes;
	dnssec-validation yes;
	dnssec-lookaside auto;

	/* Path to ISC DLV key */
	bindkeys-file "/etc/named.iscdlv.key";

	managed-keys-directory "/var/named/dynamic";
};

logging {
        channel default_debug {
                file "data/named.run";
                severity dynamic;
        };
};

zone "." IN {
	type hint;
	file "named.ca";
};

zone "server.com" IN {
	type slave;
	file "fwd_slave.server.com";
	masters {192.168.1.104;};
};

zone "1.168.192.in-addr.arpa" IN {
	type slave;
	file "rev_slave.server.com";
	masters {192.168.1.104;};
};

include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";
Thế nhưng mình vẫn không nhận được file từ serve truyền qua cho slave Đây là file /var/log/messages của slavedns Code:
Aug 11 09:50:26 slavedns named[3466]: zone 1.168.192.in-addr.arpa/IN: refresh: retry limit for master 192.168.1.104#53 exceeded (source 0.0.0.0#0)
Aug 11 09:50:26 slavedns named[3466]: zone 1.168.192.in-addr.arpa/IN: Transfer started.
Aug 11 09:50:26 slavedns named[3466]: transfer of '1.168.192.in-addr.arpa/IN' from 192.168.1.104#53: failed to connect: host unreachable
Aug 11 09:50:26 slavedns named[3466]: transfer of '1.168.192.in-addr.arpa/IN' from 192.168.1.104#53: Transfer completed: 0 messages, 0 records, 0 bytes, 0.001 secs (0 bytes/sec)
Aug 11 09:50:27 slavedns named[3466]: zone server.com/IN: refresh: retry limit for master 192.168.1.104#53 exceeded (source 0.0.0.0#0)
]]>
/hvaonline/posts/list/45063.html#278066 /hvaonline/posts/list/45063.html#278066 GMT
Slave DNS không lấy được thông tin từ master DNS /hvaonline/posts/list/45063.html#278111 /hvaonline/posts/list/45063.html#278111 GMT Slave DNS không lấy được thông tin từ master DNS /hvaonline/posts/list/45063.html#278166 /hvaonline/posts/list/45063.html#278166 GMT Slave DNS không lấy được thông tin từ master DNS /hvaonline/posts/list/45063.html#278339 /hvaonline/posts/list/45063.html#278339 GMT