想在linux 下实现dns动态解释
照着网上设置
在service named restart 出现问题如下:
[root@localhost etc]# service named restart
停止 named:
启动 named:/etc/named.conf:39: unknown option ' algorithm'
/etc/named.conf:41: unknown option ' secret'
Jun 25 09:04:13.810 starting BIND 9.2.4 -g
Jun 25 09:04:13.812 using 1 CPU
Jun 25 09:04:13.835 loading configuration from '/etc/named.conf'
Jun 25 09:04:13.835 none:0: open: /etc/named.conf: permission denied
Jun 25 09:04:13.836 loading configuration: permission denied
Jun 25 09:04:13.836 exiting (due to fatal error)
Error in configuration file /etc/named.conf : [失败]
[root@localhost etc]#
配置/etc/named.conf 如下:
[root@localhost etc]# vi named.conf
//
// named.conf for Red Hat caching-nameserver
//
options {
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
/*
* If there is a firewall between you and nameservers you want
* to talk to, you might need to uncomment the query-source
* directive below. Previous versions of BIND always asked
* questions using port 53, but BIND 8.1 uses an unprivileged
* port by default.
*/
// query-source address * port 53;
};
//
// a caching only nameserver config
//
"named.conf" 75L, 1562C 1,1 顶端
//
// named.conf for Red Hat caching-nameserver
//
options {
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
/*
* If there is a firewall between you and nameservers you want
* to talk to, you might need to uncomment the query-source
* directive below. Previous versions of BIND always asked
* questions using port 53, but BIND 8.1 uses an unprivileged
* port by default.
*/
// query-source address * port 53;
};
//
// a caching only nameserver config
//
controls {
inet 127.0.0.1 allow { localhost; } keys { rndckey; };
};
zone "." IN {
type hint;
file "named.ca";
};
zone "localdomain" IN {
type master;
file "localdomain.zone";
allow-update { none; };
};
/* 算法函数*/
key myddns {
/* 指明生成密钥的算法 */
algorithm HMAC-MD5.SIG-ALG.REG.INT;
/* 指明密钥*/
secret VbJf6KC3Q4eU2KeFGopFhQ==;};
[root@localhost etc]# cat named.conf
//
// named.conf for Red Hat caching-nameserver
//
options {
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
/*
* If there is a firewall between you and nameservers you want
* to talk to, you might need to uncomment the query-source
* directive below. Previous versions of BIND always asked
* questions using port 53, but BIND 8.1 uses an unprivileged
* port by default.
*/
// query-source address * port 53;
};
//
// a caching only nameserver config
//
controls {
inet 127.0.0.1 allow { localhost; } keys { rndckey; };
};
zone "." IN {
type hint;
file "named.ca";
};
zone "localdomain" IN {
type master;
file "localdomain.zone";
allow-update { none; };
};
/* 算法函数*/
key myddns {
/* 指明生成密钥的算法 */
algorithm HMAC-MD5.SIG-ALG.REG.INT;
/* 指明密钥*/
secret VbJf6KC3Q4eU2KeFGopFhQ==;};
# 正向解释IP->DNS
zone "trytest.com" IN {
type master;
file "trytest.com";
allow-update { Kroot.+157+14564.key; };
};
# 反向解释DNS->IP
zone "0.0.127.in-addr.arpa" IN {
type master;
file "trytest.ddns.ip";
allow-update { Kroot.+157+14564.key; };
};
zone "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN {
type master;
file "named.ip6.local";
allow-update { none; };
};
zone "255.in-addr.arpa" IN {
type master;
file "named.broadcast";
allow-update { none; };
};
zone "0.in-addr.arpa" IN {
type master;
file "named.zero";
allow-update { none; };
};
include "/etc/rndc.key";
请问怎么将算法可以使用?
还有后面报权限的问题又是什么原因?
请高手指教!!感激不尽!!
--------------------next---------------------
阅读(714) | 评论(0) | 转发(0) |
