{"id":49,"date":"2010-12-09T13:11:32","date_gmt":"2010-12-09T05:11:32","guid":{"rendered":"http:\/\/www.microwolf.net\/?p=49"},"modified":"2010-12-09T13:11:32","modified_gmt":"2010-12-09T05:11:32","slug":"bind9-%e7%9a%84%e5%ae%89%e8%a3%85%e4%b8%8e%e9%85%8d%e7%bd%ae-dnsnamed","status":"publish","type":"post","link":"http:\/\/www.microwolf.net\/?p=49","title":{"rendered":"BIND9 \u7684\u5b89\u88c5\u4e0e\u914d\u7f6e (DNS,named)"},"content":{"rendered":"\n\n
\n 1 bind\u7b80\u4ecb
\n BIND (Berkeley Internet Name Domain)\u662fDomain Name System (DNS) \u534f\u8bae\u7684\u4e00\u4e2a\u5b9e\u73b0\uff0c\u63d0\u4f9b\u4e86DNS\u4e3b\u8981\u529f\u80fd\u7684\u5f00\u653e\u5b9e\u73b0\uff0c\u5305\u62ec <\/p>\n

\n \u57df\u540d\u670d\u52a1\u5668 (named)
\n DNS\u89e3\u6790\u5e93\u51fd\u6570
\n DNS\u670d\u52a1\u5668\u8fd0\u884c\u8c03\u8bd5\u6240\u7528\u7684\u5de5\u5177 <\/p>\n

\u662f\u4e00\u6b3e\u5f00\u653e\u6e90\u7801\u7684DNS\u670d\u52a1\u5668\u8f6f\u4ef6\uff0c\u7531\u7f8e\u56fd\u52a0\u5dde\u5927\u5b66Berkeley\u5206\u6821\u5f00\u53d1\u548c\u7ef4\u62a4\u7684\uff0c<\/p>\n

\u6309\u7167ISC\u7684\u8c03\u67e5\u62a5\u544a\uff0cBIND\u662f\u4e16\u754c\u4e0a\u4f7f\u7528\u6700\u591a\u6700\u5e7f\u6cdb\u7684\u57df\u540d\u670d\u52a1\u7cfb\u7edf\u3002\u4e0d\u8bba\u4f60\u7684\u90ae\u4ef6\u670d\u52a1\u5668\uff0cWEB\u670d\u52a1\u5668\u6216\u8005\u5176\u4ed6\u7684services\u5982\u4f55\u7684\u5b89\u5168\u53ef\u9760\uff0cDNS\u7684\u6545\u969c\u4f1a\u7ed9\u4f60\u5e26\u6765\u7528\u6237\u6839\u672c\u65e0\u6cd5\u8bbf\u95ee\u8fd9\u4e9b\u670d\u52a1\u3002<\/p>\n

BIND\uff0c\u4e5f\u662f\u6211\u4eec\u5e38\u8bf4\u7684named\uff0c\u7531\u4e8e\u591a\u6570\u7f51\u7edc\u5e94\u7528\u7a0b\u5e8f\u4f7f\u7528\u5176\u529f\u80fd\uff0c\u6240\u4ee5\u5728\u5f88\u591aBIND\u7684\u5f31\u70b9\u53ca\u65f6\u88ab\u53d1\u73b0\u3002\u4e3b\u8981\u5206\u4e3a\u4e09\u4e2a\u7248\u672c\uff1a<\/p>\n

\n v4
\n 1998\u5e74\u591a\u6570UNIX\u6346\u7ed1\u7684\u662fBIND4\uff0c\u5df2\u7ecf\u88ab\u591a\u6570\u5382\u5546\u629b\u5f03\u4e86\uff0c\u9664\u4e86OpenBSD\u8fd8\u5728\u4f7f\u7528\u3002OpenBSD\u6838\u5fc3\u4eba\u4e3aBIND8\u8fc7\u4e8e\u590d\u6742\u548c\u4e0d\u5b89\u5168\uff0c\u6240\u4ee5\u7ee7\u7eed\u4f7f\u7528BIND4\u3002\u8fd9\u6837\u4e00\u6765BIND8\/9\u7684\u5f88\u591a\u4f18\u70b9\u90fd\u4e0d\u5305\u62ec\u5728v4\u4e2d\u3002<\/p>\n

v8
\n \u5c31\u662f\u5982\u4eca\u4f7f\u7528\u6700\u591a\u6700\u5e7f\u7684\u7248\u672c\uff0c\u5176\u8be6\u7ec6\u5185\u5bb9\u53ef\u4ee5\u53c2\u9605 BIND 8+ \u57df\u540d\u670d\u52a1\u5668\u5b89\u5168\u589e\u5f3a<\/p>\n

v9
\n \u6700\u65b0\u7248\u672c\u7684BIND\uff0c\u5168\u90e8\u91cd\u65b0\u5199\u8fc7\uff0c\u514d\u8d39\uff08\u4f46\u662f\u7531\u5546\u4e1a\u516c\u53f8\u8d44\u52a9\uff09\uff0c\u4e5f\u6dfb\u52a0\u4e86\u8bb8\u591a\u65b0\u7684\u529f\u80fd\uff08\u4f46\u662f\u5b89\u5168\u4e0a\u4e5f\u53ef\u80fd\u6709\u66f4\u591a\u7684\u95ee\u9898\uff09\u3002BIND9\u57282000\u5e74\u5341\u6708\u4efd\u63a8\u51fa\uff0c\u73b0\u5728\u7a33\u5b9a\u7248\u672c\u662f9.3.2\u3002<\/p>\n

\n 2 \u8f6f\u4ef6\u7684\u76f8\u5173\u8d44\u6e90
\n \u5b98\u65b9\u7f51\u7ad9\uff1a http:\/\/www.bind.com\/<\/p>\n

\u6700\u65b0\u7248\u672c: 9.3.2 http:\/\/www.isc.org\/sw\/bind\/bind9.3.php#download<\/p>\n

\u5e2e\u52a9\u6587\u6863\uff1a http:\/\/www.isc.org\/sw\/bind\/<\/p>\n

\u914d\u7f6e\u6587\u4ef6\u6837\u4f8b\uff1a http:\/\/www.bind.com\/bind.html<\/p>\n

FAQ: http:\/\/www.nominum.com\/getOpenSourceResource.php?id=6<\/p>\n

3 \u914d\u7f6e\u73af\u5883 <\/p>\n

\u73af\u5883\uff1aGNU\/Linux Debian\/testing Linux 2.6.8-2-386<\/p>\n

\u7248\u672c\uff1abind9 9.3.2-2<\/p>\n

\u6d4b\u8bd5\u57df\u540d\uff1amydebian.org<\/p>\n

\u6d4b\u8bd5ip: 192.168.102.47 \u4e3b\u57df\u540d\u670d\u52a1\u5668
\n 192.168.102.48 \u7eaf\u7f13\u5b58\u57df\u540d\u670d\u52a1\u5668

\n 192.168.102.49 \u8f85\u52a9\u57df\u540d\u670d\u52a1\u5668

\n 192.168.102.49 \u6d4b\u8bd5\u5ba2\u6237\u673a<\/p>\n

\n 4 \u914d\u7f6e\u6587\u4ef6\u8bf4\u660e
\n \u5b89\u88c5bind9\u7684\u547d\u4ee4\uff1a<\/p>\n

\n ~# aptitude update

\n ~# aptitude install bind9 bind9-host dnsutils<\/p>\n

\n \u914d\u7f6e\u6587\u4ef6\u65cf\uff1a<\/p>\n

\n # ls \/etc\/bind\/ -l

\n total 44

\n -rw-r–r– 1 root root 237 Jan 16 2006 db.0

\n -rw-r–r– 1 root root 271 Jan 16 2006 db.127

\n -rw-r–r– 1 root root 237 Jan 16 2006 db.255

\n -rw-r–r– 1 root root 353 Jan 16 2006 db.empty

\n -rw-r–r– 1 root root 256 Jan 16 2006 db.local

\n -rw-r–r– 1 root root 1507 Jan 16 2006 db.root

\n -rw-r–r– 1 root bind 1611 Jan 16 2006 named.conf

\n -rw-r–r– 1 root bind 165 Jan 16 2006 named.conf.local

\n -rw-r–r– 1 root bind 672 Jan 16 2006 named.conf.options

\n -rw-r—– 1 bind bind 77 Aug 4 08:41 rndc.key

\n -rw-r–r– 1 root root 1317 Jan 16 2006 zones.rfc1918<\/p>\n

\n \u914d\u7f6e\u6587\u4ef6\u8bf4\u660e\uff1a<\/p>\n

\n named.conf
\n \u8bbe\u7f6e\u4e00\u822c\u7684named\u53c2\u6570\uff0c\u6307\u5411\u8be5\u670d\u52a1\u5668\u4f7f\u7528\u7684\u57df\u6570\u636e\u5e93\u7684\u4fe1\u606f\u6e90<\/p>\n

named.conf.options
\n \u5168\u5c40\u9009\u9879<\/p>\n

db.root
\n \u6839\u670d\u52a1\u5668\u6307\u5411\u6587\u4ef6\uff0c \u7531Internet NIC\u521b\u5efa\u548c\u7ef4\u62a4\uff0c \u65e0\u9700\u4fee\u6539\uff0c \u4f46\u662f\u9700\u8981\u5b9a\u671f\u66f4\u65b0<\/p>\n

db.local
\n localhost\u6b63\u5411\u533a\u6587\u4ef6\uff0c\u7528\u4e8e\u5c06\u540d\u5b57localhost\u8f6c\u6362\u4e3a\u672c\u5730\u56de\u9001IP\u5730\u5740 (127.0.0.1)<\/p>\n

db.127
\n localhost\u53cd\u5411\u533a\u6587\u4ef6\uff0c\u7528\u4e8e\u5c06\u672c\u5730\u56de\u9001IP\u5730\u5740(127.0.0.1)\u8f6c\u6362\u4e3a\u540d\u5b57localhost<\/p>\n

\n \u5176\u4e2d\uff0c\u4e3b\u914d\u7f6e\u6587\u4ef6\/etc\/named.conf\u7684\u914d\u7f6e\u8bed\u53e5 <\/p>\n

\n \u3000\u547d\u4ee4 \u7528\u6cd5
\n \u3000acl \u5b9a\u4e49IP\u5730\u5740\u7684\u8bbf\u95ee\u63a7\u5236\u6e05\u5355
\n \u3000control \u5b9a\u4e49ndc\u4f7f\u7528\u7684\u63a7\u5236\u901a\u9053
\n \u3000include \u628a\u5176\u4ed6\u6587\u4ef6\u5305\u542b\u5230\u914d\u7f6e\u6587\u4ef6\u4e2d
\n \u3000key \u5b9a\u4e49\u6388\u6743\u7684\u5b89\u5168\u5bc6\u94a5
\n \u3000logging \u5b9a\u4e49\u65e5\u5fd7\u5199\u4ec0\u4e48\uff0c\u5199\u5230\u54ea
\n opitons \u5b9a\u4e49\u5168\u5c40\u914d\u7f6e\u9009\u9879\u548c\u7f3a\u7701\u503c\u3000
\n \u3000server \u5b9a\u4e49\u8fdc\u7a0b\u670d\u52a1\u5668\u7684\u7279\u5f81
\n \u3000trunsted-keys \u4e3a\u670d\u52a1\u5668\u5b9a\u4e49DNSSEC\u52a0\u5bc6\u5bc6\u94a5
\n \u3000zone \u5b9a\u4e49\u4e00\u4e2a\u533a<\/p>\n

\n \u9ed8\u8ba4\u60c5\u51b5\u4e0b\uff0c \u5185\u5bb9\u5982\u4e0b\uff1a<\/p>\n

\n include “\/etc\/bind\/named.conf.options”;<\/p>\n

zone “.” {

\n type hint;

\n file “\/etc\/bind\/db.root”;

\n };<\/p>\n

zone “localhost” {

\n type master;

\n file “\/etc\/bind\/db.local”;

\n };<\/p>\n

zone “127.in-addr.arpa” {

\n type master;

\n file “\/etc\/bind\/db.127”;

\n };<\/p>\n

zone “0.in-addr.arpa” {

\n type master;

\n file “\/etc\/bind\/db.0”;

\n };<\/p>\n

zone “255.in-addr.arpa” {

\n type master;

\n file “\/etc\/bind\/db.255”;

\n };<\/p>\n

include “\/etc\/bind\/named.conf.local”;<\/p>\n

\n \u5176\u4e2dtype\u9879\u7684\u503c\uff1a<\/p>\n

master:\u8868\u793a\u5b9a\u4e49\u7684\u662f\u4e3b\u57df\u540d\u670d\u52a1\u5668 <\/p>\n

slave :\u8868\u793a\u5b9a\u4e49\u7684\u662f\u8f85\u52a9\u57df\u540d\u670d\u52a1\u5668 <\/p>\n

hint:\u8868\u793a\u662f\u4e92\u8054\u7f51\u4e2d\u6839\u57df\u540d\u670d\u52a1\u5668 <\/p>\n

\u5728Debian\u73af\u5883\u4e2d\uff0coptions\u8bed\u53e5\u7684\u914d\u7f6e\u5185\u5bb9\uff0c \u88ab\u79fb\u81f3named.conf.options\u6587\u4ef6\u4e2d\uff1a<\/p>\n

\n options {

\n directory “\/var\/cache\/bind”;<\/p>\n

\/\/ If there is a firewall between you and nameservers you want

\n \/\/ to talk to, you might need to uncomment the query-source

\n \/\/ directive below. Previous versions of BIND always asked

\n \/\/ questions using port 53, but BIND 8.1 and later use an unprivileged

\n \/\/ port by default.<\/p>\n

\/\/ query-source address * port 53;<\/p>\n

\/\/ If your ISP provided one or more IP addresses for stable

\n \/\/ nameservers, you probably want to use them as forwarders.

\n \/\/ Uncomment the following block, and insert the addresses replacing

\n \/\/ the all-0’s placeholder.<\/p>\n

\/\/ forwarders {

\n \/\/ 0.0.0.0;

\n \/\/ };<\/p>\n

auth-nxdomain no; # conform to RFC1035<\/p>\n

};<\/p>\n

\n 5 \u521b\u5efa\u4e3b\u57df\u540d\u670d\u52a1\u5668
\n a. \u9996\u5148, \u5728\u5728192.168.102.47\u673a\u5668\u4e0a\u5b89\u5168bind9<\/p>\n

b. \u4f7f\u7528\u7f16\u8f91\u5668\uff0c\u6bd4\u5982vi\uff0c \u7f16\u8f91\u914d\u7f6e\u6587\u4ef6\/etc\/bind\/named.conf<\/p>\n

\u52a0\u5165\u5982\u4e0b\u5185\u5bb9<\/p>\n

\n zone “mydebian.org” {

\n type master; \/\/\u5b9a\u4e49\u6b64\u533a\u4e3a\u4e3b\u670d\u52a1\u5668

\n file “\/etc\/bind\/db.mydebian”; \u6307\u5b9a\u533a\u8d44\u6e90\u6587\u4ef6\u7684\u4f4d\u7f6e

\n };<\/p>\n

\n zone “102.168.192.in-addr.arpa” {

\n type master; \/\/\u5b9a\u4e49\u6b64\u533a\u4e3a\u4e3b\u670d\u52a1\u5668

\n file “\/etc\/bind\/db.192”; \/\/\u6307\u5b9a\u533a\u8d44\u6e90\u6587\u4ef6\u7684\u4f4d\u7f6e

\n };<\/p>\n

\n c. \u521b\u5efa\u533a\u8d44\u6e90\u6587\u4ef6:<\/p>\n

\u521b\u5efa\u533a\u8d44\u6e90\u6587\u4ef6\/etc\/bind\/db.mydebian\u5185\u5bb9\u5982\u4e0b<\/p>\n

\n ;
\n ; BIND data file for local loopback interface

\n ;
\n $TTL 604800

\n $ORIGIN mydebian.org.

\n @ IN SOA mydebian.org. root.mydebian.org. (

\n 2006080401 ; Serial

\n 604800 ; Refresh

\n 86400 ; Retry

\n 2419200 ; Expire

\n 604800 ) ; Negative Cache TTL

\n ;<\/p>\n

IN NS ns

\n IN MX 0 mail.mydebian.org.

\n @ IN A 192.168.102.47

\n ns IN A 192.168.102.47

\n www IN A 192.168.102.47

\n webserver IN CNAME www

\n mail IN A 192.168.102.47

\n ftp IN A 192.168.102.48

\n ns2 IN A 192.168.102.48

\n ns3 IN A 192.168.102.49<\/p>\n

\n \u7b2c\u4e00\u884c\u662fTTL\u8bbe\u5b9a\uff0c\u751f\u5b58\u65f6\u95f4\u8bb0\u5f55\u5b57\u6bb5\u3002\u5b83\u4ee5\u79d2\u4e3a\u5355\u4f4d\u5b9a\u4e49\u8be5\u8d44\u6e90\u8bb0\u5f55\u4e2d\u7684\u4fe1\u606f\u5b58\u653e\u5728\u9ad8\u901f\u7f13\u5b58\u4e2d\u7684\u65f6\u95f4\u957f\u5ea6\u3002\u8fd9\u91cc\u5b9a\u4e49\u4e3a604800\u79d2\uff0c\u4e5f\u5c31\u662f1\u5468.<\/p>\n

\u7b2c\u4e8c\u884c\u662f$ORIGIN\u8bbe\u5b9a,\u8bf4\u660e\u4e0b\u9762\u7684\u8bb0\u5f55\u51fa\u81ea\u4f55\u5904.\u8bf7\u60a8\u52a0\u500d\u7559\u610f\u6700\u540e\u7684\u4e00\u4e2a\u5c0f\u5c0f\u6570\u70b9”.”<\/p>\n

\u7136\u540e,\u7b2c\u4e09\u884c,\u662f\u4e00\u4e2a SOA \u8bb0\u5f55\u7684\u8bbe\u5b9a,\u5728\u8fd9\u91cc\u6211\u4eec\u770b\u5230\u4e00\u4e2a\u7279\u6b8a\u5b57\u7b26 @ ,\u5b83\u5c31\u662f ORIGIN \u7684\u610f\u601d,\u4e5f\u5c31\u662f\u521a\u521a\u6240\u5b9a\u4e49\u7684$ ORIGIN mydebian.org. \u7684\u5185\u5bb9\uff0c\u60a8\u53ef\u4ee5\u5199\u6210 mydebian.org. \u4e5f\u53ef\u4ee5\u7528 @ \u6765\u4ee3\u66ff\u3002<\/p>\n

\u5047\u5982\u8fd9\u4e2a\u6587\u4ef6\u524d\u9762\u6ca1\u6709\u5b9a\u4e49 $ ORIGIN \u7684\u8bdd, \u90a3\u9019\u4e2a @ \u7684\u503c\u5c31\u4ee5 named.conf \u91cc\u7684 zone . <\/p>\n

\u63a5\u7740 SOA \u540e\u9762\uff0c\u6307\u5b9a\u4e86\u8fd9\u4e2a\u533a\u57df\u7684\u6388\u6743\u4e3b\u673a\u548c\u7ba1\u7406\u8005\u7684\u4fe1\u7bb1\uff0c\u8fd9\u91cc\u5206\u522b\u662f”mydebian.org.” \u548c”root.mydebian.org.”\u3002\u6211\u4eec\u5e73\u65f6\u4f7f\u7528\u7684\u4fe1\u7bb1\u901a\u5e38\u662f\u201cuser@host\u201d\u8fd9\u6837\u7684\u683c\u5f0f\uff0c\u4f46\u56e0\u4e3a@\u5728 DNS \u8bb0\u5f55\u4e2d\u662f\u4e2a\u4fdd\u7559\u5b57\u7b26\uff0c\u6240\u4ee5\u5728 SOA \u4e2d\u5c31\u7528\u201c.\u201d\u6765\u4ee3\u66ff\u4e86@\u3002\u76ee\u524d\u8fd9\u4e2a\u4fe1\u7bb1\u662f “root@mydebian.org.”\u3002 <\/p>\n

\u63a5\u4e0b\u6765\u7684 SOA \u8bbe\u7f6e\uff0c\u662f\u88ab\u62ec\u5728\u201c( )\u201d\u4e4b\u95f4\u7684 5 \u7ec4\u6570\u5b57\uff0c\u4e3b\u8981\u4f5c\u4e3a\u548c slave \u670d\u52a1\u5668\u540c\u6b65 DNS \u8d44\u6599\u6240\u4f7f\u7528\u7684\u8d44\u6599\uff1a <\/p>\n

Serial\uff1a\u5176\u683c\u5f0f\u901a\u5e38\u4f1a\u662f\u201c\u5e74\u6708\u65e5+\u4fee\u6539\u6b21\u5e8f\u201d(\u4f46\u4e5f\u4e0d\u4e00\u5b9a\u5982\u6b64\uff0c\u60a8\u81ea\u5df1\u80fd\u591f\u8bb0\u5f97\u5c31\u884c)\u3002\u5f53 slave \u8981\u8fdb\u884c\u8d44\u6599\u540c\u6b65\u7684\u65f6\u5019\uff0c\u4f1a\u6bd4\u8f83\u8fd9\u4e2a\u53f7\u7801\u3002\u5982\u679c\u53d1\u73b0\u5728\u8fd9\u91cc\u7684\u53f7\u7801\u6bd4\u5b83\u90a3\u8fb9\u7684\u6570\u503c\u201c\u5927\u201d\uff0c\u5c31\u8fdb\u884c\u66f4\u65b0\uff0c\u5426\u5219\u5ffd\u7565\u3002\u4e0d\u8fc7\u8bbe serial \u6709\u4e00\u4e2a\u5730\u65b9\u60a8\u8981\u7559\u610f\uff1a\u4e0d\u80fd\u8d85\u8fc7 10 \u4f4d\u6570\u5b57\uff01<\/p>\n

Refresh\uff1a\u8fd9\u91cc\u662f\u662f\u544a\u8bc9 slave \u8981\u9694\u591a\u4e45\u8981\u8fdb\u884c\u8d44\u6599\u540c\u6b65(\u662f\u5426\u540c\u6b65\u8981\u770b Serial \u7684\u6bd4\u8f83\u7ed3\u679c)\u3002<\/p>\n

Retry\uff1a\u5982\u679c slave \u5728\u8fdb\u884c\u66f4\u65b0\u5931\u8d25\u540e\uff0c\u8981\u9694\u591a\u4e45\u518d\u8fdb\u884c\u91cd\u8bd5\u3002<\/p>\n

Expire\uff1a\u8fd9\u662f\u8bb0\u5f55\u903e\u671f\u65f6\u95f4\uff1a\u5f53 slave \u4e00\u76f4\u672a\u80fd\u6210\u529f\u4e0e master \u53d6\u5f97\u8054\u7cfb\uff0c\u90a3\u5230\u8fd9\u91cc\u5c31\u653e\u5f03 retry\uff0c\u540c\u65f6\u8fd9\u91cc\u7684\u8d44\u6599\u4e5f\u5c06\u6807\u8bc6\u4e3a\u8fc7\u671f( <\/p>\n

expired )\u3002<\/p>\n

Minimum\uff1a\u8fd9\u662f\u6700\u5c0f\u9ed8\u8ba4 TTL \u503c\uff0c\u5982\u679c\u60a8\u5728\u524d\u9762\u6ca1\u6709\u7528\u201c$TTL\u201d\u6765\u5b9a\u4e49\uff0c\u5c31\u4f1a\u4ee5\u6b64\u503c\u4e3a\u51c6\u3002 <\/p>\n

\u8bf7\u6ce8\u610f\uff1aSOA \u8bb0\u5f55\u4e2d\u8fd9\u5bf9 \u201c ( ) \u201d\u7b26\u53f7\u4e4b\u7b2c\u4e00\u4e2a \u201c (\u201d\u62ec\u53f7\u4e00\u5b9a\u8981\u548c SOA \u5199\u5728\u540c\u4e00\u884c\uff0c\u800c\u4e0d\u80fd\u7528 Enter \u65ad\u884c\u5230\u4e0b\u4e00\u884c\u53bb,\u800c\u4e14\u5176\u5de6\u8fb9\u6700\u597d\u6709\u4e00\u4e2a\u7a7a\u683c\u952e\u6216 tab \u5efa\u3002\u800c\u6700\u540e\u4e00\u4e2a \u201c )\u201d\u62ec\u53f7\u4e5f\u4e0d\u80fd\u5199\u5728\u6ce8\u89e3\u7b26\u53f7 \u201c \uff1b\u201d\u7684\u53f3\u8fb9\u3002 \u7f6e DNS \u7684 RR \u8bb0\u5f55\u6863\uff0c\u5176\u683c\u5f0f\u8981\u6c42\u975e\u5e38\u4e25\u683c\uff0c\u6211\u4eec\u4e1d\u6beb\u4e0d\u80fd\u6389\u4ee5\u8f7b\u5fc3\u3002\u6bd4\u65b9\u8bf4\uff1a\u5982\u679c\u53e5\u5b50\u4e0d\u662f\u4ee5\u7a7a\u683c\u952e\u3001Tab \u952e\u3001 \u6216\u6ce8\u89e3\u7b26\u53f7 ( ; )\u5f00\u5934\uff0c\u4e5f\u4e0d\u5728 SOA \u7684 \u201c ( ) \u201d\u4e4b\u5185\uff0c \u5219\u8868\u793a\u8981\u5b9a\u4e49\u4e00\u4e2a\u201c\u65b0\u8bb0\u5f55\u9879 (Entry) \u201d\uff1b\u5982\u679c\u53e5\u5b50\u662f\u4ee5\u7a7a\u683c\u952e\u6216 tab \u952e\u5f00\u59cb\u7684\u8bdd\uff0c\u5176\u8bbe\u7f6e\u88ab\u89c6\u4e3a\u4e0a\u4e00\u4e2a\u201c\u8bb0\u5f55\u9879\u201d\u7684\u5185\u5bb9\u3002\u6240\u4ee5\uff0c\u5982\u679c\u60a8\u8981\u4e3a\u201c\u540c\u4e00\u4e2a\u8bb0\u5f55\u9879\u201d\u5b9a\u4e49\u591a\u4e2a\u8bb0\u5f55\u8bbe\u7f6e\uff0c\u800c\u4e0d\u60f3\u91cd\u590d\u6253\u5b57\uff0c\u60a8\u5012\u53ef\u4ee5\u5077\u61d2\uff1a\u5728\u63a5\u7740\u5b83\u7684\u540e\u9762\u51e0\u884c\u7528\u7a7a\u767d\u6216 Tab \u6765\u7f29\u6392\u5c31\u53ef\u4ee5\u4e86\u3002<\/p>\n

NS\u8868\u660e\u8d1f\u8d23mydebian.org.\u8fd9\u4e2a\u57df\u7684Name Server\u662fmydebian.org\u8fd9\u53f0\u4e3b\u673a<\/p>\n

MX\u8bb0\u5f55\u6807\u660e\u53d1\u5f80mydebian.org\u57df\u7684\u90ae\u4ef6\u7531mail.mydebian.org\u8fd9\u53f0\u670d\u52a1\u5668\u63a5\u6536<\/p>\n

A\u8bb0\u5f55\u6807\u660e\u4e86IP\u5730\u5740\u548c\u57df\u540d\u4e4b\u95f4\u7684\u5bf9\u5e94\u5173\u7cfb<\/p>\n

\u63a5\u4e0b\u6765\u521b\u5efa\u8be5\u533a\u7684\u53cd\u5411\u6620\u5c04\u8d44\u6e90\u6587\u4ef6<\/p>\n

\/etc\/bind\/db.192\u5185\u5bb9\u5982\u4e0b\uff1a<\/p>\n

\n ;
\n ; BIND reverse data file for local loopback interface

\n ;
\n $TTL 604800

\n @ IN SOA mydebian.org. root.mydebian.org. (

\n 2006080401 ; Serial

\n 604800 ; Refresh

\n 86400 ; Retry

\n 2419200 ; Expire

\n 604800 ) ; Negative Cache TTL

\n ;
\n @ IN NS mydebian.org.

\n 47 IN PTR mail.mydebian.org.

\n 47 IN PTR www.mydebian.org.

\n 47 IN PTR ns.mydebian.org.

\n 48 IN PTR ftp.mydebian.org.

\n 48 IN PTR ns2.mydebian.org.

\n 49 IN PTR ns3.mydebian.org.<\/p>\n

\n \u5176\u4e2dPTR\u8bb0\u5f55\u7528\u6765\u89e3\u6790IP\u5730\u5740\u5bf9\u5e94\u7684\u57df\u540d<\/p>\n

d. \u91cd\u542fDNS\u670d\u52a1<\/p>\n

\n \/etc\/init.d\/bind9 restart<\/p>\n

\n \u6b64\u65f6\u67e5\u770b\u7cfb\u7edf\u65e5\u5fd7\uff0c\u53ef\u4e86\u89e3BIND\u7684\u542f\u52a8\u60c5\u51b5\uff0c\u6bd4\u5982\u5982\u4e0b\u8f93\u51fa\uff0c\u5219\u8bf4\u660e\u5f15\u5bfc\u6b63\u5e38<\/p>\n

\n tonybox:~# tail \/var\/log\/syslog

\n Aug 14 08:36:45 localhost named[2792]: zone 127.in-addr.arpa\/IN: loaded serial 1

\n Aug 14 08:36:45 localhost named[2792]: zone 102.168.192.in-addr.arpa\/IN: loaded serial 2006080801

\n Aug 14 08:36:45 localhost named[2792]: zone 255.in-addr.arpa\/IN: loaded serial 1

\n Aug 14 08:36:45 localhost named[2792]: zone localhost\/IN: loaded serial 1

\n Aug 14 08:36:45 localhost named[2792]: zone mydebian.org\/IN: loaded serial 2006080801

\n Aug 14 08:36:45 localhost named[2792]: running

\n Aug 14 08:36:45 localhost named[2792]: zone mydebian.org\/IN: sending notifies (serial 2006080801)

\n Aug 14 08:36:45 localhost named[2792]: zone 102.168.192.in-addr.arpa\/IN: sending notifies (serial 2006080801)

\n Aug 14 08:36:45 localhost named[2792]: client 192.168.102.47#1030: received notify for zone ‘mydebian.org’

\n Aug 14 08:36:45 localhost named[2792]: client 192.168.102.47#1030: received notify for zone ‘102.168.192.in-addr.arpa’<\/p>\n

\n e. \u5728\u5ba2\u6237\u673a\u4e0a\u7684\u8bbe\u7f6e<\/p>\n

\n # cat \/etc\/resolv.conf

\n search mydebian.org

\n nameserver 192.168.102.47<\/p>\n

\n f. \u6d4b\u8bd5\uff1a<\/p>\n

\u4f7f\u7528nslookup \u6d4b\u8bd5<\/p>\n

\n tonybox2:~# nslookup

\n > set type=any

\n > mydebian.org

\n Server: 192.168.102.47

\n Address: 192.168.102.47#53<\/p>\n

mydebian.org
\n origin = mydebian.org

\n mail addr = root.mydebian.org

\n serial = 2006080801

\n refresh = 604800

\n retry = 86400

\n expire = 2419200

\n minimum = 604800

\n mydebian.org nameserver = ns.mydebian.org.

\n mydebian.org mail exchanger = 0 mail.mydebian.org.

\n Name: mydebian.org

\n Address: 192.168.102.47<\/p>\n

\n \u4f7f\u7528dig\u6d4b\u8bd5<\/p>\n

\n tonybox2:~# dig @192.168.102.47 mydebian.org<\/p>\n

; <<>> DiG 9.3.2 <<>> @192.168.102.47 mydebian.org

\n ; (1 server found)

\n ;; global options: printcmd

\n ;; Got answer:

\n ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 41793

\n ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1<\/p>\n

;; QUESTION SECTION:

\n ;mydebian.org. IN A<\/p>\n

;; ANSWER SECTION:

\n mydebian.org. 604800 IN A 192.168.102.47<\/p>\n

;; AUTHORITY SECTION:

\n mydebian.org. 604800 IN NS ns.mydebian.org.<\/p>\n

;; ADDITIONAL SECTION:

\n ns.mydebian.org. 604800 IN A 192.168.102.47<\/p>\n

;; Query time: 31 msec

\n ;; SERVER: 192.168.102.47#53(192.168.102.47)

\n ;; WHEN: Mon Aug 14 09:16:27 2006

\n ;; MSG SIZE rcvd: 79<\/p>\n

\n tonybox2:~# dig @192.168.102.47 ftp.mydebian.org<\/p>\n

; <<>> DiG 9.3.2 <<>> @192.168.102.47 ftp.mydebian.org

\n ; (1 server found)

\n ;; global options: printcmd

\n ;; Got answer:

\n ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 63890

\n ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1<\/p>\n

;; QUESTION SECTION:

\n ;ftp.mydebian.org. IN A<\/p>\n

;; ANSWER SECTION:

\n ftp.mydebian.org. 604800 IN A 192.168.102.48<\/p>\n

;; AUTHORITY SECTION:

\n mydebian.org. 604800 IN NS ns.mydebian.org.<\/p>\n

;; ADDITIONAL SECTION:

\n ns.mydebian.org. 604800 IN A 192.168.102.47<\/p>\n

;; Query time: 22 msec

\n ;; SERVER: 192.168.102.47#53(192.168.102.47)

\n ;; WHEN: Mon Aug 14 09:16:41 2006

\n ;; MSG SIZE rcvd: 83<\/p>\n

\n \u53cd\u5411\u67e5\u8be2<\/p>\n

\n tonybox2:~# dig @192.168.102.47 -x 192.168.102.47<\/p>\n

; <<>> DiG 9.3.2 <<>> @192.168.102.47 -x 192.168.102.47

\n ; (1 server found)

\n ;; global options: printcmd

\n ;; Got answer:

\n ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 21885

\n ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 1, ADDITIONAL: 1<\/p>\n

;; QUESTION SECTION:

\n ;47.102.168.192.in-addr.arpa. IN PTR<\/p>\n

;; ANSWER SECTION:

\n 47.102.168.192.in-addr.arpa. 604800 IN PTR www.mydebian.org.

\n 47.102.168.192.in-addr.arpa. 604800 IN PTR mail.mydebian.org.

\n 47.102.168.192.in-addr.arpa. 604800 IN PTR mydebian.org.<\/p>\n

;; AUTHORITY SECTION:

\n 102.168.192.in-addr.arpa. 604800 IN NS mydebian.org.<\/p>\n

;; ADDITIONAL SECTION:

\n mydebian.org. 604800 IN A 192.168.102.47<\/p>\n

;; Query time: 33 msec

\n ;; SERVER: 192.168.102.47#53(192.168.102.47)

\n ;; WHEN: Mon Aug 14 09:17:00 2006

\n ;; MSG SIZE rcvd: 138<\/p>\n

\n 6 \u7eaf\u7f13\u5b58\u57df\u540d\u670d\u52a1\u5668
\n 192.168.102.48 \u4e3a\u6211\u4eec\u7684dns \u7f13\u5b58\u670d\u52a1\u5668\uff0c\u9996\u5148, \u5728\u5728192.168.102.48 \u673a\u5668\u4e0a\u5b89\u5168bind9, \u5728\u914d\u7f6e\u524d\u6211\u4eec\u7528dig \u8fdb\u884c\u6d4b\u8bd5<\/p>\n

\n tonybox2:\/etc\/bind# dig @192.168.102.48 www.mydebian.org<\/p>\n

; <<>> DiG 9.3.2 <<>> @192.168.102.48 www.mydebian.org

\n ; (1 server found)

\n ;; global options: printcmd

\n ;; Got answer:

\n ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 34137

\n ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0<\/p>\n

;; QUESTION SECTION:

\n ;www.mydebian.org. IN A<\/p>\n

;; Query time: 1844 msec

\n ;; SERVER: 192.168.102.48#53(192.168.102.48)

\n ;; WHEN: Tue Aug 8 12:05:17 2006

\n ;; MSG SIZE rcvd: 34<\/p>\n

\n \u4fee\u6539named.conf.options\u6587\u4ef6<\/p>\n

\n tonybox2:\/etc\/bind# cat named.conf.options

\n options {

\n directory “\/var\/cache\/bind”;<\/p>\n

\/\/ If there is a firewall between you and nameservers you want

\n \/\/ to talk to, you might need to uncomment the query-source

\n \/\/ directive below. Previous versions of BIND always asked

\n \/\/ questions using port 53, but BIND 8.1 and later use an unprivileged

\n \/\/ port by default.<\/p>\n

\/\/ query-source address * port 53;<\/p>\n

\/\/ If your ISP provided one or more IP addresses for stable

\n \/\/ nameservers, you probably want to use them as forwarders.

\n \/\/ Uncomment the following block, and insert the addresses replacing

\n \/\/ the all-0’s placeholder.<\/p>\n

forwarders {

\n 192.168.102.47; \/\/\u4e3b\u57df\u540d\u670d\u52a1\u5668\u7684IP\u5730\u5740

\n };<\/p>\n

auth-nxdomain no; # conform to RFC1035<\/p>\n

};<\/p>\n

\n \u7136\u540e\u518d\u8fdb\u884c\u6d4b\u8bd5<\/p>\n

\n tonybox2:\/etc\/bind# dig @192.168.102.48 www.mydebian.org<\/p>\n

; <<>> DiG 9.3.2 <<>> @192.168.102.48 www.mydebian.org

\n ; (1 server found)

\n ;; global options: printcmd

\n ;; Got answer:

\n ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 54332

\n ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1<\/p>\n

;; QUESTION SECTION:

\n ;www.mydebian.org. IN A<\/p>\n

;; ANSWER SECTION:

\n www.mydebian.org. 604800 IN A 192.168.102.47<\/p>\n

;; AUTHORITY SECTION:

\n mydebian.org. 604800 IN NS mydebian.org.<\/p>\n

;; ADDITIONAL SECTION:

\n mydebian.org. 604800 IN A 192.168.102.47<\/p>\n

;; Query time: 44 msec

\n ;; SERVER: 192.168.102.48#53(192.168.102.48)

\n ;; WHEN: Tue Aug 8 12:05:47 2006

\n ;; MSG SIZE rcvd: 80<\/p>\n

\n \u6240\u8c13\u7684 forwarder\uff0c\u5c31\u662f\u5f53\u67d0\u4e00\u53f0 NS \u4e3b\u673a\u9047\u5230\u975e\u672c\u673a\u8d1f\u8d23\u7684 zone ( slave zone \u4e5f\u5c5e\u4e8e\u672c\u673a\u8d1f\u8d23\u7684\u8303\u56f4) \u67e5\u8be2\u8bf7\u6c42\u7684\u65f6\u5019\uff0c\u5c06\u4e0d\u76f4\u63a5\u5411 “.” zone \u67e5\u8be2\u800c\u628a\u8bf7\u6c42\u8f6c\u4ea4\u7ed9\u6307\u5b9a\u7684 forwarder (\u4e00\u53f0\u6216\u591a\u53f0) \u4e3b\u673a\u4ee3\u4e3a\u67e5\u8be2\u3002<\/p>\n

\u6211\u4eec\u77e5\u9053\uff0c\u5f53DNS\u670d\u52a1\u5668\u63a5\u5230\u5ba2\u6237\u7aef\u4e3b\u673a\u7684\u67e5\u8be2\u8bf7\u6c42\u65f6\uff0c\u9996\u5148\u4f1a\u68c0\u67e5\u8fd9\u4e2a\u67e5\u8be2\u662f\u5426\u5c5e\u4e8e\u672c\u673a\u7ba1\u8f96\uff0c\u5426\u5219\u5c06\u8f6c\u5411 “.” zone \u518d\u9010\u7ea7\u7684\u67e5\u8be2\u4e0b\u53bb\uff0c\u6700\u540e\u518d\u628a\u67e5\u8be2\u7ed3\u679c\u544a\u8bc9\u5ba2\u6237\u7aef\u3002<\/p>\n

\u5728\u8fd9\u4e2a\u8fc7\u7a0b\u4e4b\u4e2d\uff0cDNS\u670d\u52a1\u5668\u8fd8\u4f1a\u5c06\u67e5\u8be2\u5230\u7684\u7ed3\u679c\u5b58\u653e\u5230\u7f13\u5b58\u4e2d\u3002\u53ea\u8981\u7f13\u5b58\u4e2d\u7684 TTL \u6ca1\u8fc7\u671f\uff0c\u5728\u4e0b\u6b21\u9047\u5230\u540c\u6837\u67e5\u8be2\u7684\u65f6\u5019\uff0c\u5c31\u53ef\u4ee5\u76f4\u63a5\u5c06\u7ed3\u679c\u54cd\u5e94\u7ed9\u5ba2\u6237\u7aef\uff0c\u800c\u65e0\u9700\u518d\u91cd\u590d\u4e0a\u6b21\u7684\u67e5\u8be2\u6d41\u7a0b\u3002<\/p>\n

\u5982\u679cDNS\u670d\u52a1\u5668\u4e0a\u6307\u5b9a\u4e86forwarder\uff0c\u90a3\u8fd9\u4e2aDNS\u53d1\u73b0\u7f13\u5b58\u4e2d\u6ca1\u6709\u8bb0\u5f55\u65f6\uff0c\u5c06\u4e0d\u5411 “.” \u67e5\u8be2\uff0c\u800c\u662f\u5411 forwarder \u9001\u51fa\u540c\u6837\u7684\u8bf7\u6c42\uff08\u8f6c\u53d1\uff09\uff0c\u7136\u540e\u7b49\u5f85\u67e5\u8be2\u7ed3\u679c\uff0c\u5373\u628a\u9010\u7ea7\u5f80\u4e0b\u67e5\u8be2\u8fd9\u4e2a\u8017\u8d39\u7cbe\u529b\u7684\u52a8\u4f5c\uff0c\u4ea4\u7ed9 forwarder \u8d1f\u8d23\u3002\u4f46\u65e0\u8bba\u8fd9\u4e2a\u7ed3\u679c\u662f\u81ea\u5df1\u76f4\u63a5\u67e5\u8be2\u5f97\u6765\u7684\uff0c\u8fd8\u662f forwarder \u9001\u56de\u6765\u7684\uff0cDNS\u670d\u52a1\u5668\u90fd\u4f1a\u4fdd\u5b58\u4e00\u4efd\u6570\u636e\u5728\u7f13\u5b58\u4e2d\u3002<\/p>\n

\u8fd9\u6837\uff0c\u4ee5\u540e\u7684\u76f8\u540c\u67e5\u8be2\u5c31\u5feb\u591a\u4e86\uff0c\u8fd9\u5bf9\u4e8eDNS\u6240\u670d\u52a1\u7684 \u5ba2\u6237\u7aef\u800c\u8a00\u67e5\u8be2\u6548\u7387\u4f1a\u63d0\u9ad8\u5f88\u591a\u3002 <\/p>\n

\n \/var\/named\/named.ca
\n dig @a.root-servers.net . ns > \/var\/named\/named.ca<\/p>\n

\n 7 \u8f85\u52a9\u57df\u540d\u670d\u52a1\u5668
\n a. 192.168.102.49 \u4e3a\u6211\u4eec\u7684dns \u7f13\u5b58\u670d\u52a1\u5668\uff0c\u9996\u5148, \u5728\u5728192.168.102.49 \u673a\u5668\u4e0a\u5b89\u5168bind9,<\/p>\n

b. \u5728\u4e3b\u914d\u7f6e\u6587\u4ef6\/etc\/named.conf\u4e2d\u52a0\u5165\u5982\u4e0b\u5185\u5bb9\uff1a<\/p>\n

\n zone “mydebian.org” {

\n type slave;

\n file “\/etc\/bind\/slaves\/db.mydebian”;

\n masters {192.168.102.47;};

\n };<\/p>\n

zone “102.168.192.in-addr.arpa” {

\n type slave;

\n file “\/etc\/bind\/slaves\/db.192”;

\n masters {192.168.102.47;};

\n };<\/p>\n

\n type\u540e\u9762\u7684\u503c\u5df2\u7ecf\u6210\u4e3aslave; \u8868\u793a\u5b9a\u4e49\u7684\u662f\u8f85\u52a9\u57df\u540d\u670d\u52a1\u5668 <\/p>\n

file\u3000\u540e\u9762\u4e5f\u53ef\u4ee5\u662f\u522b\u7684\u6587\u4ef6\u540d\u4e0d\u5fc5\u4e0e\u4e3b\u57dfDNS\u670d\u52a1\u5668\u7684\u8bbe\u7f6e\u4e00\u6837 <\/p>\n

masters \u540e\u4e3a\u4e3b\u57dfDNS\u670d\u52a1\u5668\u7684IP\u5730\u5740\uff0c \u53ef\u4ee5\u662f\u591a\u4e2aIP\uff0c\u578b\u5982<\/p>\n

\n masters {ip1;ip2;ip3;};<\/p>\n

\n c. \u521b\u5efa\/etc\/bind\/slaves\/\u76ee\u5f55<\/p>\n

\n tonybox2:\/etc\/bind# mkdir slaves<\/p>\n

tonybox2:\/etc\/bind# chown bind.bind slaves<\/p>\n

\n d. \u91cd\u542fdns\u670d\u52a1<\/p>\n

\n tonybox2:\/etc\/bind\/slaves# \/etc\/init.d\/bind9 restart<\/p>\n

\n named\u8fdb\u7a0b\u7b2c\u4e00\u6b21\u542f\u52a8\u65f6\uff0c\u8f85\u52a9\u57df\u540d\u670d\u52a1\u5668\u5c31\u4e0b\u8f7d\u4e3b\u57df\u540d\u670d\u52a1\u5668\u7684\u4fe1\u606f\uff1b\u8f85\u52a9\u57df\u540d\u670d\u52a1\u5668\u6839\u636e\u4e3b\u57df\u540d\u670d\u52a1\u5668\u7684\u5bf9\u5e94SOA\u8bb0\u5f55\u89c4\u5b9a\u7684\u5237\u65b0\u65f6\u95f4\u95f4\u9694\uff0c\u53bb\u4e3b\u57df\u540d\u670d\u52a1\u5668\u67e5\u8be2\u76f8\u5173\u4fe1\u606f\u3002<\/p>\n

\n tonybox2:\/etc\/bind\/slaves# ls -l

\n total 8

\n -rw-r–r– 1 bind bind 410 2006-08-08 12:23 db.192

\n -rw-r–r– 1 bind bind 430 2006-08-08 12:23 db.mydebian<\/p>\n

\n \u67e5\u770b \/etc\/bind\/slaves \u76ee\u5f55\uff0c\u6211\u95e8\u4f1a\u53d1\u73b0\u5df2\u7ecf\u4ece\u4e3b\u57df\u540d\u670d\u52a1\u5668\u83b7\u53d6\u4e86\u76f8\u5e94\u7684\u8d44\u6e90\u6587\u4ef6<\/p>\n

\u5982\u679c\u7528\u6237bind\u5bf9\u4e8e\/etc\/bind\/slaves\u76ee\u5f55\u6ca1\u6709\u5199\u6743\u9650\uff0c \u5219\u67e5\u770b \/var\/log\/syslog \u4f1a\u51fa\u73b0\u5982\u4e0b\u7c7b\u4f3c\u9519\u8bef\uff1a<\/p>\n

\n tonybox:~# tail \/var\/log\/syslog<\/p>\n

Aug 8 12:30:09 tonybox2 named[3849]: zone mydebian.org\/IN: Transfer started.

\n Aug 8 12:30:09 tonybox2 named[3849]: transfer of ‘mydebian.org\/IN’ from 192.168.102.47#53: connected using 192.168.102.15#1075

\n Aug 8 12:30:09 tonybox2 named[3849]: dumping master file: \/etc\/bind\/tmp-VHTxU6CT5n: open: permission denied

\n Aug 8 12:30:09 tonybox2 named[3849]: transfer of ‘mydebian.org\/IN’ from 192.168.102.47#53: failed while receiving responses: permission denied

\n Aug 8 12:30:09 tonybox2 named[3849]: transfer of ‘mydebian.org\/IN’ from 192.168.102.47#53: end of transfer

\n Aug 8 12:30:10 tonybox2 named[3849]: zone 102.168.192.in-addr.arpa\/IN: Transfer started.

\n Aug 8 12:30:10 tonybox2 named[3849]: transfer of ‘102.168.192.in-addr.arpa\/IN’ from 192.168.102.47#53: connected using 192.168.102.15#1076

\n Aug 8 12:30:10 tonybox2 named[3849]: dumping master file: \/etc\/bind\/tmp-dxbiD1JtTK: open: permission denied

\n Aug 8 12:30:10 tonybox2 named[3849]: transfer of ‘102.168.192.in-addr.arpa\/IN’ from 192.168.102.47#53: failed while receiving responses: permission denied

\n Aug 8 12:30:10 tonybox2 named[3849]: transfer of ‘102.168.192.in-addr.arpa\/IN’ from 192.168.102.47#53: end of transfer<\/p>\n<\/td>\n<\/tr>\n<\/table>\n","protected":false},"excerpt":{"rendered":"

1 bind\u7b80\u4ecb BIND (Berkeley Internet Name Domain)\u662fDomain Na […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4],"tags":[],"_links":{"self":[{"href":"http:\/\/www.microwolf.net\/index.php?rest_route=\/wp\/v2\/posts\/49"}],"collection":[{"href":"http:\/\/www.microwolf.net\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.microwolf.net\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.microwolf.net\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/www.microwolf.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=49"}],"version-history":[{"count":1,"href":"http:\/\/www.microwolf.net\/index.php?rest_route=\/wp\/v2\/posts\/49\/revisions"}],"predecessor-version":[{"id":50,"href":"http:\/\/www.microwolf.net\/index.php?rest_route=\/wp\/v2\/posts\/49\/revisions\/50"}],"wp:attachment":[{"href":"http:\/\/www.microwolf.net\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=49"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.microwolf.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=49"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.microwolf.net\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=49"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}