在使用bind过程中一些测试、修正技巧:
1:动态测试(如果是同步slave会同步相关数据并且serial会+1,allow-update 设置key不会同步)
|
0 1 2 3 4 5 6 |
[root@ns1 named]# grep "allow-update { key cmcc; }" named.rfc1912.zones #必须支持key才可以 allow-update { key cmcc; }; [root@ns1 named]# /usr/local/named/bin/nsupdate -k /var/named/keys/cmcc.key > server 1.1.1.19 > update add test.t4x.org 600 IN A 127.9.9.1 > send > |
master日志:
|
0 1 2 |
client 1.1.1.19#9402/key cmcc: view CMCC: signer "cmcc" approved client 1.1.1.19#9402/key cmcc: view CMCC: updating zone 't4x.org/IN': adding an RR at 'test.t4x.org' A client 1.1.1.20#37551/key cmcc: view CMCC: received notify for zone 't4x.org': TSIG 'cmcc' |
slave日志:
|
0 1 2 3 4 |
client 1.1.1.19#60582/key cmcc: view CMCC: received notify for zone 't4x.org': TSIG 'cmcc' zone t4x.org/IN/CMCC: Transfer started. transfer of 't4x.org/IN/CMCC' from 1.1.1.19#53: connected using 1.1.1.20#52510 zone t4x.org/IN/CMCC: transferred serial 2015050414: TSIG 'cmcc' transfer of 't4x.org/IN/CMCC' from 1.1.1.19#53: Transfer status: success |
2:重新加载zone
|
0 1 |
[root@ns1 named]# /usr/local/named/sbin/rndc reload #全局方式 [root@ns1 named]# /usr/local/named/sbin/rndc reload t4x.org IN LOCAL #有view的情况下启动方式VIEW LOCAL下的域名 |
3:需修改权限
|
0 1 2 |
1:/usr/local/named/etc/bind.keys #named要读取key信息 2:/usr/local/named/var/ #要生成pid 3:/var/named/data/ #配置文件中查询文件日志存放目录 |
申明:除非注明Byrd's Blog内容均为原创,未经许可禁止转载!详情请阅读版权申明!
