Bind & FORMERR resolving domain
Mam problem u ktereho nedokazu vygooglit reseni. To samo o sobe je celkem zajimave.
Popis:
Na lokalni siti jsem si zaridil dns pomoci prg. bind na gentoo.
Postupoval jsem v zasade dle tohoto HowTo.
konfiguracni soubor:
Ted k problemu: resolving na lokale beha tak jak predpokladano. Stejne tak i valna vetsina internetu. Ovsem nektere adresy mi neni schopen prelozit. Napr. www.phoenix.cz obcas taktez www.google.com nebo microsoft.com - ale to jen obcas. Tech adres je vicero. V logu to vypada takto:Kód:cat /etc/bind/named.conf options { directory "/var/bind"; // uncomment the following lines to turn on DNS forwarding, // and change the forwarding ip address(es) : //forward first; forwarders { 77.48.254.254; 77.48.100.254; 212.24.128.8; }; statistics-file "/var/bind/named.stats"; // stats are your friend dump-file "/var/bind/named.dump"; zone-statistics yes; //}; listen-on-v6 { none; }; listen-on { 127.0.0.1; 192.168.1.50; }; // to allow only specific hosts to use the DNS server: //allow-query { // 127.0.0.1; //}; // if you have problems and are behind a firewall: //query-source address * port 53; pid-file "/var/run/named/named.pid"; }; logging { channel default_file { file "/var/log/bind/default.log" versions 3 size 5m; severity dynamic; print-time yes; }; channel general_file { file "/var/log/bind/general.log" versions 3 size 5m; severity dynamic; print-time yes; }; channel database_file { file "/var/log/bind/database.log" versions 3 size 5m; severity dynamic; print-time yes; }; channel security_file { file "/var/log/bind/security.log" versions 3 size 5m; severity dynamic; print-time yes; }; channel config_file { file "/var/log/bind/config.log" versions 3 size 5m; severity dynamic; print-time yes; }; channel resolver_file { file "/var/log/bind/resolver.log" versions 3 size 5m; severity dynamic; print-time yes; }; channel xfer-in_file { file "/var/log/bind/xfer-in.log" versions 3 size 5m; severity dynamic; print-time yes; }; channel xfer-out_file { file "/var/log/bind/xfer-out.log" versions 3 size 5m; severity dynamic; print-time yes; }; channel notify_file { file "/var/log/bind/notify.log" versions 3 size 5m; severity dynamic; print-time yes; }; channel client_file { file "/var/log/bind/client.log" versions 3 size 5m; severity dynamic; print-time yes; }; channel unmatched_file { file "/var/log/bind/unmatched.log" versions 3 size 5m; severity dynamic; print-time yes; }; channel queries_file { file "/var/log/bind/queries.log" versions 3 size 5m; severity dynamic; print-time yes; }; channel network_file { file "/var/log/bind/network.log" versions 3 size 5m; severity dynamic; print-time yes; }; channel update_file { file "/var/log/bind/update.log" versions 3 size 5m; severity dynamic; print-time yes; }; channel dispatch_file { file "/var/log/bind/dispatch.log" versions 3 size 5m; severity dynamic; print-time yes; }; channel dnssec_file { file "/var/log/bind/dnssec.log" versions 3 size 5m; severity dynamic; print-time yes; }; channel lame-servers_file { file "/var/log/bind/lame-servers.log" versions 3 size 5m; severity dynamic; print-time yes; }; category default { default_file; }; category general { general_file; }; category database { database_file; }; category security { security_file; }; category config { config_file; }; category resolver { resolver_file; }; category xfer-in { xfer-in_file; }; category xfer-out { xfer-out_file; }; category notify { notify_file; }; category client { client_file; }; category unmatched { unmatched_file; }; category queries { queries_file; }; category network { network_file; }; category update { update_file; }; category dispatch { dispatch_file; }; category dnssec { dnssec_file; }; category lame-servers { lame-servers_file; }; }; // Briefly, a zone which has been declared delegation-only will be effectively // limited to containing NS RRs for subdomains, but no actual data beyond its // own apex (for example, its SOA RR and apex NS RRset). This can be used to // filter out "wildcard" or "synthesized" data from NAT boxes or from // authoritative name servers whose undelegated (in-zone) data is of no // interest. // See http://www.isc.org/products/BIND/delegation-only.html for more info //zone "COM" { type delegation-only; }; //zone "NET" { type delegation-only; }; zone "." IN { type hint; file "named.ca"; }; zone "localhost" IN { type master; file "pri/localhost.zone"; allow-update { none; }; notify no; }; zone "127.in-addr.arpa" IN { type master; file "pri/127.zone"; allow-update { none; }; notify no; }; zone "gj" { type master; file "gj.named"; }; zone "1.168.192.in-addr.arpa" { type master; file "gj.rev"; };
V dusledku tudiz se dane stranky nenactou v prohlizeci apod. Pokud se ale polozi dotaz nadrazenemu dns - napr. 77.48.254.254 - tak neni problem a IP adresa je zjistena ihned.Kód:cat /var/log/bind/lame-servers.log |tail -60 14-Feb-2008 13:37:04.449 FORMERR resolving 'www.microsoft.com/A/IN': 77.48.100.254#53 14-Feb-2008 13:37:04.758 FORMERR resolving 'www.microsoft.com/A/IN': 77.48.254.254#53 14-Feb-2008 13:37:04.932 FORMERR resolving 'www.microsoft.com/A/IN': 212.24.128.8#53 14-Feb-2008 13:37:05.128 FORMERR resolving 'www.microsoft.com/A/IN': 198.32.64.12#53 14-Feb-2008 13:37:05.206 FORMERR resolving 'www.microsoft.com/A/IN': 192.36.148.17#53 14-Feb-2008 13:37:05.217 FORMERR resolving 'www.microsoft.com/A/IN': 193.0.14.129#53 14-Feb-2008 13:37:05.225 FORMERR resolving 'www.microsoft.com/A/IN': 192.112.36.4#53 14-Feb-2008 13:37:05.237 FORMERR resolving 'www.microsoft.com/A/IN': 128.63.2.53#53 14-Feb-2008 13:37:05.248 FORMERR resolving 'www.microsoft.com/A/IN': 198.41.0.4#53 14-Feb-2008 13:37:05.266 FORMERR resolving 'www.microsoft.com/A/IN': 128.8.10.90#53 14-Feb-2008 13:37:05.285 FORMERR resolving 'www.microsoft.com/A/IN': 192.5.5.241#53 14-Feb-2008 13:37:05.298 FORMERR resolving 'www.microsoft.com/A/IN': 192.228.79.201#53 14-Feb-2008 13:37:05.308 FORMERR resolving 'www.microsoft.com/A/IN': 202.12.27.33#53 14-Feb-2008 13:37:05.318 FORMERR resolving 'www.microsoft.com/A/IN': 192.58.128.30#53 14-Feb-2008 13:37:05.328 FORMERR resolving 'www.microsoft.com/A/IN': 192.33.4.12#53 14-Feb-2008 13:37:05.347 FORMERR resolving 'www.microsoft.com/A/IN': 192.203.230.10#53 14-Feb-2008 13:37:53.345 FORMERR resolving 'windowsupdate.microsoft.com/A/IN': 77.48.100.254#53 14-Feb-2008 13:37:53.578 FORMERR resolving 'windowsupdate.microsoft.com/A/IN': 212.24.128.8#53 14-Feb-2008 13:37:55.812 FORMERR resolving 'windowsupdate.microsoft.com/A/IN': 193.0.14.129#53 14-Feb-2008 13:37:55.947 FORMERR resolving 'windowsupdate.microsoft.com/A/IN': 192.112.36.4#53 14-Feb-2008 13:37:57.955 FORMERR resolving 'windowsupdate.microsoft.com/A/IN': 192.36.148.17#53 14-Feb-2008 13:37:57.962 FORMERR resolving 'windowsupdate.microsoft.com/A/IN': 198.41.0.4#53 14-Feb-2008 13:37:57.970 FORMERR resolving 'windowsupdate.microsoft.com/A/IN': 198.32.64.12#53 14-Feb-2008 13:37:57.978 FORMERR resolving 'windowsupdate.microsoft.com/A/IN': 192.5.5.241#53 14-Feb-2008 13:37:57.991 FORMERR resolving 'windowsupdate.microsoft.com/A/IN': 128.8.10.90#53 14-Feb-2008 13:37:58.001 FORMERR resolving 'windowsupdate.microsoft.com/A/IN': 202.12.27.33#53 14-Feb-2008 13:37:58.014 FORMERR resolving 'windowsupdate.microsoft.com/A/IN': 192.228.79.201#53 14-Feb-2008 13:37:58.026 FORMERR resolving 'windowsupdate.microsoft.com/A/IN': 192.58.128.30#53 14-Feb-2008 13:37:58.034 FORMERR resolving 'windowsupdate.microsoft.com/A/IN': 192.33.4.12#53 14-Feb-2008 13:37:58.044 FORMERR resolving 'windowsupdate.microsoft.com/A/IN': 192.203.230.10#53 14-Feb-2008 13:37:58.050 FORMERR resolving 'windowsupdate.microsoft.com/A/IN': 77.48.254.254#53 14-Feb-2008 13:37:58.056 FORMERR resolving 'windowsupdate.microsoft.com/A/IN': 128.63.2.53#53 14-Feb-2008 13:38:50.238 FORMERR resolving 'edge.quantserve.com/A/IN': 77.48.254.254#53 14-Feb-2008 13:38:50.393 FORMERR resolving 'edge.quantserve.com/A/IN': 212.24.128.8#53 14-Feb-2008 13:38:50.436 FORMERR resolving 'edge.quantserve.com/A/IN': 77.48.100.254#53 14-Feb-2008 13:38:53.664 FORMERR resolving 'edge.quantserve.com/A/IN': 192.36.148.17#53 14-Feb-2008 13:38:54.213 FORMERR resolving 'edge.quantserve.com/A/IN': 198.41.0.4#53 14-Feb-2008 13:38:54.471 FORMERR resolving 'edge.quantserve.com/A/IN': 192.5.5.241#53 14-Feb-2008 13:38:54.509 FORMERR resolving 'edge.quantserve.com/A/IN': 128.8.10.90#53 14-Feb-2008 13:38:54.553 FORMERR resolving 'edge.quantserve.com/A/IN': 202.12.27.33#53 14-Feb-2008 13:38:54.596 FORMERR resolving 'edge.quantserve.com/A/IN': 192.228.79.201#53 14-Feb-2008 13:38:54.652 FORMERR resolving 'edge.quantserve.com/A/IN': 192.58.128.30#53 14-Feb-2008 13:38:54.693 FORMERR resolving 'edge.quantserve.com/A/IN': 192.112.36.4#53 14-Feb-2008 13:38:54.728 FORMERR resolving 'edge.quantserve.com/A/IN': 192.33.4.12#53 14-Feb-2008 13:38:55.041 FORMERR resolving 'edge.quantserve.com/A/IN': 192.203.230.10#53 14-Feb-2008 13:38:55.368 FORMERR resolving 'edge.quantserve.com/A/IN': 193.0.14.129#53 14-Feb-2008 13:38:57.441 FORMERR resolving 'edge.quantserve.com/A/IN': 198.32.64.12#53
Odpověď s citací